All news with #linux tag

01flip: Rust-Based Multi-Platform Ransomware Targeting APAC

🔐 Unit 42 identified 01flip, a new Rust‑based ransomware family observed in June 2025 that targets both Windows and Linux via Rust cross‑compilation. The malware enumerates writable directories, drops RECOVER-YOUR-FILE.TXT ransom notes, renames files with a .01flip extension, and encrypts victims with AES‑128‑CBC while protecting session keys with an embedded RSA‑2048 public key. Observed victims are a limited set in the Asia‑Pacific region, and an alleged data dump appeared on a dark‑web forum after at least one infection.

Kaspersky Launches Kaspersky for Linux for Home Users

🛡️ Kaspersky has introduced Kaspersky for Linux, extending its award-winning home security lineup to 64-bit Linux desktops and laptops. The product adapts the vendor's enterprise-grade Linux solution for home users and combines real-time monitoring, behavior-based detection, removable-media scanning, anti-phishing, online payment protection, and anti-cryptojacking. Distributed as DEB and RPM packages, installation requires a My Kaspersky account and a 30-day trial is available; subscription tier does not change Linux feature availability while GDPR readiness is pending.

Microsoft Tops Modern Endpoint Security Market Share

🔒 Microsoft Defender has been ranked number one in modern endpoint security market share for the third consecutive year, according to IDC’s 2024 report. Market share rose from 25.8% in 2023 to 28.6% in 2024, reflecting a 28.2% growth rate. Defender emphasizes cross-platform protection—Windows, macOS, Linux, iOS, Android, and IoT—leveraging AI-powered detection and built-in exposure management to enable rapid SOC response and attack disruption.

Linux Backdoor Delivered via Malicious RAR Filenames

🛡️ Trellix researchers describe a Linux-focused infection chain that uses a malicious RAR filename to trigger command execution. The filename embeds a Base64-encoded Bash payload that leverages shell command injection when untrusted filenames are parsed, allowing an ELF downloader to fetch and run an architecture-specific binary. The chain ultimately delivers the VShell backdoor, which runs in memory to evade disk-based detection.