this post was submitted on 19 Sep 2023
120 points (93.5% liked)

Technology

68495 readers
3404 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
120
Chinese hackers have unleashed a never-before-seen Linux backdoor (arstechnica.com)
submitted 2 years ago by [email protected] to c/[email protected]
16 comments fedilink hide all child comments
 

Chinese hackers have unleashed a never-before-seen Linux backdoor::SprySOCKS borrows from open source Windows malware and adds new tricks.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 34 points 2 years ago (2 children)

CVE-2022-40684 An authentication bypass vulnerability in Fortinet FortiOS, FortiProxy and FortiSwitchManager

CVE-2022-39952 An unauthenticated remote code execution (RCE) vulnerability in Fortinet FortiNAC

CVE-2021-22205 An unauthenticated RCE vulnerability in GitLab CE/EE

CVE-2019-18935 An unauthenticated remote code execution vulnerability in Progress Telerik UI for ASP.NET AJAX

CVE-2019-9670 / CVE-2019-9621 A bundle of two vulnerabilities for unauthenticated RCE in Zimbra Collaboration Suite

ProxyShell (CVE-2021-34473, CVE-2021-34523v, CVE-2021-31207) A set of three chained vulnerabilities that perform unauthenticated RCE in Microsoft Exchange

[–] [email protected] 35 points 2 years ago (1 children)

Thanks. I read the article but (from my reading) they left out the most important part out: how it spreads and infects a machine. Sometimes they make a huge deal about a Linux backdoor and then it's revealed right at the end (if at all) that it requires local access. Wah whaa. Now I have to scan every article to see what the actual method is.

[–] [email protected] 3 points 2 years ago

They’re doing some CYA, but still: “including (but not limited to)”.