Security News

Seven vulnerabilities affecting Dnsmasq, a caching DNS and DHCP server used in a variety of networking devices and Linux distributions, could be leveraged to mount DNS cache poisoning attack and/or to compromise vulnerable devices. "Some of the bigger users of Dnsmasq are Android/Google, Comcast, Cisco, Red Hat, Netgear, and Ubiquiti, but there are many more. All major Linux distributions offer Dnsmasq as a package, but some use it more than others, e.g., in OpenWRT it is used a lot, Red Hat use it as part of their virtualization platforms, Google uses it for Android hotspots, while, for example Ubuntu just has it as an optional package," Shlomi Oberman, CEO and researcher at JSOF, told Help Net Security.

An active malicious campaign is currently targeting Linux devices running software with critical vulnerabilities that is powering network-attached storage devices or for developing web applications and portals. The purpose is to infect machines with vulnerable versions of the popular TerraMaster operating system, the Zend Framework, or Liferay Portal with FreakOut malware, which can help deploy a wide variety of cyberattacks.

An ongoing malware campaign has been found exploiting recently disclosed vulnerabilities in network-attached storage devices running on Linux systems to co-opt the machines into an IRC botnet for launching distributed denial-of-service attacks and mining Monero cryptocurrency. Regardless of the vulnerabilities exploited, the end goal of the attacker appears to be to download and execute a Python script named "Out.py" using Python 2, which reached end-of-life last year - implying that the threat actor is banking on the possibility that that victim devices have this deprecated version installed.

Parasoft announced its C/C++test update to support IAR Systems' build tools for Linux for Arm. IAR Build Tools for Linux inspired the update of Parasoft's unified testing solution for C/C++test software development.

Microsoft on Monday announced that Microsoft Defender for Endpoint on Linux now provides endpoint detection and response capabilities to all users. Initially available on Windows only, Microsoft Defender for Endpoint has received support for all major platforms, and is now available on macOS, Linux, Android, and iOS, the Redmond, Wash.

After a few months in preview, Microsoft has made Defender Endpoint Detection and Response generally available for Linux servers. Microsoft has extended its Defender product over multiple platforms throughout the last year or so, having shaved the "Windows" prefix from the system.

Microsoft announced today that Microsoft Defender for Endpoint's detection and response capabilities are now generally available on Linux servers. Microsoft Defender for Endpoint was first showcased during the Ignite 2019 conference, entered public preview in February 2020, and it was made generally available in June 2020.

The good news is that software exists that can automatically mute your microphone while typing or suppress background noise so that others are not annoyed by the sound of your keyboard. If you commonly talk while typing, are using Windows, or want to suppress all background noise, background noise suppression apps are a better solution.

NVIDIA has released security updates to address six security vulnerabilities found in Windows and Linux GPU display drivers, as well as ten additional flaws affecting the NVIDIA Virtual GPU management software. NVIDIA has addressed the security issues in all affected software products and platforms with the exception of those tracked as CVE‑2021‑1052, CVE‑2021‑1053, and CVE‑2021‑1056 impacting the Linux GPU Display Driver for Tesla GPUs which will receive an update driver version starting with January 18, 2021.

Jack Wallen shows you an easy way to determine if your Linux server is under a DDoS attack and how to quickly stop it. How? In this piece I'm going to show you a few commands that can help you discern if your server is being hit by a denial of service attack, which comes from a single IP address and attempts to cripple a website to render its server inaccessible.