Month: March 2024

Enlarge (credit: Getty Images)

Researchers have unearthed Linux malware that circulated in the wild for at least two years before being identified as a credential stealer that’s installed by the exploitation of recently patched vulnerabilities.

The newly identified malware is a Linux variant of NerbianRAT, a remote access Trojan first described in 2022 by researchers at security firm Proofpoint. Last Friday, Checkpoint Research revealed that the Linux version has existed since at least the same year, when it was uploaded to the VirusTotal malware identification site. Checkpoint went on to conclude that Magnet Goblin—the name the security firm uses to track the financially motivated threat actor using the malware—has installed it by exploiting “1-days,” which are recently patched vulnerabilities. Attackers in this scenario reverse engineer security updates, or copy associated proof-of-concept exploits, for use against devices that have yet to install the patches.

Checkpoint also identified MiniNerbian, a smaller version of NerbianRAT for Linux that’s used to backdoor servers running the Magento ecommerce server, primarily for use as command and control servers that devices infected by NerbianRAT connect to. Researchers elsewhere have reported encountering servers that appear to have been compromised with MiniNerbian, but Checkpoint Research appears to have been the first to identify the underlying binary.

Enlarge (credit: Getty Images)

Researchers have unearthed Linux malware that circulated in the wild for at least two years before being identified as a credential stealer that’s installed by the exploitation of recently patched vulnerabilities.

The newly identified malware is a Linux variant of NerbianRAT, a remote access Trojan first described in 2022 by researchers at security firm Proofpoint. Last Friday, Checkpoint Research revealed that the Linux version has existed since at least the same year, when it was uploaded to the VirusTotal malware identification site. Checkpoint went on to conclude that Magnet Goblin—the name the security firm uses to track the financially motivated threat actor using the malware—has installed it by exploiting “1-days,” which are recently patched vulnerabilities. Attackers in this scenario reverse engineer security updates, or copy associated proof-of-concept exploits, for use against devices that have yet to install the patches.

Checkpoint also identified MiniNerbian, a smaller version of NerbianRAT for Linux that’s used to backdoor servers running the Magento ecommerce server, primarily for use as command and control servers that devices infected by NerbianRAT connect to. Researchers elsewhere have reported encountering servers that appear to have been compromised with MiniNerbian, but Checkpoint Research appears to have been the first to identify the underlying binary.

Enlarge / This image of NGC 5468, about 130 million light-years from Earth, combines data from the Hubble and Webb space telescopes. (credit: NASA/ESA/CSA/STScI/A. Riess (JHU))

Astronomers have made new measurements of the Hubble Constant, a measure of how quickly the Universe is expanding, by combining data from the Hubble Space Telescope and the James Webb Space Telescope. Their results confirmed the accuracy of Hubble's earlier measurement of the constant's value, according to their recent paper published in The Astrophysical Journal Letters, with implications for a long-standing discrepancy in values obtained by different observational methods known as the "Hubble tension."

There was a time when scientists believed the Universe was static, but that changed with Albert Einstein's general theory of relativity. Alexander Friedmann published a set of equations showing that the Universe might actually be expanding in 1922, with Georges Lemaitre later making an independent derivation to arrive at that same conclusion. Edwin Hubble confirmed this expansion with observational data in 1929. Prior to this, Einstein had been trying to modify general relativity by adding a cosmological constant in order to get a static universe from his theory; after Hubble's discovery, legend has it, he referred to that effort as his biggest blunder.

As previously reported, the Hubble constant is a measure of the universe's expansion expressed in units of kilometers per second per megaparsec. So, each second, every megaparsec of the Universe expands by a certain number of kilometers. Another way to think of this is in terms of a relatively stationary object a megaparsec away: Each second, it gets a number of kilometers more distant.

Enlarge / NASA Administrator Bill Nelson is putting a positive spin on NASA's budget. (credit: NASA)

It's budget-palooza, NASA nerds. For the first time in more than a decade, the US space agency is grappling with budget cuts. Be forewarned, there will be a lot of numbers in this story, but we'll do our best to make sense of them.

First of all, the space agency only just received its budget for the current fiscal year (October 1, 2023, to September 30, 2024) last Friday. If it seems weird that a federal agency should find out how much money it has to spend nearly halfway through that budget year, well, it is. But this is the world we live in, with a fractious Congress unable to agree on much of anything, including budgets.

In any case, NASA's budget for fiscal year 2024 came to $24.9 billion. This represents an approximately 2 percent cut in the space agency's funding relative to the final budget for fiscal year 2023. It's worth noting that the last time NASA's budget decreased from year to year came more than a decade ago, from fiscal year 2012 to 2013. This was due, in large part, to the end of the Space Shuttle program.