Security News

Kali Linux 2020.4 was released yesterday by Offensive Security, and it takes the big step of changing the default shell from Bash to ZSH. Kali Linux comes with numerous software packages and tools that allow cybersecurity professionals and ethical hackers to perform penetration testing and security audits. In August, we reported that Kali Linux was switching from Bash to ZSH so that users could benefit from the numerous plugins, themes, and new features, including path expansions, auto directory changing, and auto-suggestions.

Linux endpoint detection and response will help Microsoft Defender customers secure Linux servers and networks against security nasties. Linux EDR will help Defender for Endpoint customers better protect Linux servers and networks and quickly take action against threats, Microsoft said.

Microsoft has included support for the latest six most common Linux server distributions within Defender for Endpoint, namely RHEL 7.2+, CentOS Linux 7.2+, Ubuntu 16 LTS or higher LTS, SLES 12+, Debian 9+, and Oracle Linux 7.2. The Microsoft Defender for Endpoint public preview capabilities are available for customers with the preview features enabled in Defender Security Center.

Offensive Security has released Kali Linux 2020.4, the latest version of its popular open source penetration testing platform. ZSH is now Kali's new default shell on desktop images and cloud, Bash remains the default shell for other platforms for the time being.

See what Jack Wallen considers to be the biggest issue for Linux in 2020. Enterprise-level companies embraced open source software even further, containers and the cloud became even more crucial to both businesses and consumers, the Linux community found a larger piece of the support pie from large manufacturers like Microsoft, and distributions continued to wow.

Microsoft has announced today the public preview of endpoint detection and response capabilities on Linux servers running Microsoft Defender Advanced Threat Protection - now known as Microsoft Defender for Endpoint. "This builds on the existing preventative antivirus capabilities and centralized reporting available via the Microsoft Defender Security Center," Microsoft Senior Product Manager Tomer Hevlin said.

One of the security bulletins released this week by Schneider Electric warns customers about Drovorub, a piece of Linux malware that was recently detailed by the NSA and the FBI. The U.S. agencies issued a joint advisory in mid-August to warn organizations that the cyber-espionage group known as APT28, which has been linked to Russia's General Staff Main Intelligence Directorate, has been using a piece of Linux malware named Drovorub. Schneider Electric has advised customers to implement defense-in-depth recommendations in order to protect their Trio Q Data Radio and Trio J Data Radio devices against the malware.

Jack Wallen walks you through the process of putting in place a temporary fix against SAD DNS for your Linux servers and desktops. There's a new DNS cache poisoning threat in town and it goes by the name of Side-channel AttackeD DNS. This new attack works like so: SAD DNS makes it possible for hackers to reroute traffic destined to a specific domain to a server under their control.

Researchers from Tsinghua University and the University of California have identified a new method that can be used to conduct DNS cache poisoning attacks. DNS cache poisoning attacks refer to polluting this very cache existing on intermediary servers.

A trojan targeting Linux and deployed by a known ransomware gang has been discovered by Russian antivirus firm Kaspersky. The trojan was, so the two said, similar to the existing RansomEXX trojan, which they said had been deployed only last week against Brazil's courts, as well as targets in the US and elsewhere.