Security News

Linux and open source: The biggest issue in 2020
2020-11-18 17:00

See what Jack Wallen considers to be the biggest issue for Linux in 2020. Enterprise-level companies embraced open source software even further, containers and the cloud became even more crucial to both businesses and consumers, the Linux community found a larger piece of the support pie from large manufacturers like Microsoft, and distributions continued to wow.

Microsoft previews Linux endpoint detection and response capabilities
2020-11-17 14:02

Microsoft has announced today the public preview of endpoint detection and response capabilities on Linux servers running Microsoft Defender Advanced Threat Protection - now known as Microsoft Defender for Endpoint. "This builds on the existing preventative antivirus capabilities and centralized reporting available via the Microsoft Defender Security Center," Microsoft Senior Product Manager Tomer Hevlin said.

Schneider Electric Warns Customers of Drovorub Linux Malware
2020-11-14 12:37

One of the security bulletins released this week by Schneider Electric warns customers about Drovorub, a piece of Linux malware that was recently detailed by the NSA and the FBI. The U.S. agencies issued a joint advisory in mid-August to warn organizations that the cyber-espionage group known as APT28, which has been linked to Russia's General Staff Main Intelligence Directorate, has been using a piece of Linux malware named Drovorub. Schneider Electric has advised customers to implement defense-in-depth recommendations in order to protect their Trio Q Data Radio and Trio J Data Radio devices against the malware.

SAD DNS cache poisoning: A temporarily fix for Linux servers and desktops
2020-11-13 15:51

Jack Wallen walks you through the process of putting in place a temporary fix against SAD DNS for your Linux servers and desktops. There's a new DNS cache poisoning threat in town and it goes by the name of Side-channel AttackeD DNS. This new attack works like so: SAD DNS makes it possible for hackers to reroute traffic destined to a specific domain to a server under their control.

DNS cache poisoning attacks return due to Linux weakness
2020-11-12 15:55

Researchers from Tsinghua University and the University of California have identified a new method that can be used to conduct DNS cache poisoning attacks. DNS cache poisoning attacks refer to polluting this very cache existing on intermediary servers.

RansomEXX trojan variant is being deployed against Linux systems, warns Kaspersky
2020-11-09 17:12

A trojan targeting Linux and deployed by a known ransomware gang has been discovered by Russian antivirus firm Kaspersky. The trojan was, so the two said, similar to the existing RansomEXX trojan, which they said had been deployed only last week against Brazil's courts, as well as targets in the US and elsewhere.

Gitpaste-12 Worm Targets Linux Servers, IoT Devices
2020-11-06 17:34

Researchers have uncovered a new worm targeting Linux based x86 servers, as well as Linux internet of things devices. Of note, the malware utilizes GitHub and Pastebin for housing malicious component code, and has at least 12 different attack modules available - leading researchers to call it "Gitpaste-12." It was first detected by Juniper Threat Labs in attacks on Oct. 15, 2020.

How to view your SSH keys in Linux, macOS, and Windows
2020-11-06 15:36

There are two easy ways to view your SSH public key in Linux. The above command will print out your SSH key on your Linux machine, without prompting you for your key authentication password.

RansomExx ransomware also encrypts Linux systems
2020-11-06 13:57

With companies commonly using a mixed environment of Windows and Linux servers, ransomware operations have increasingly started to create Linux versions of their malware to ensure they encrypt all critical data. A new report today by Kaspersky takes a look at the Linux version of the RansomExx ransomware, also known as Defray777.

Red Hat Enterprise Linux 8.3 delivers new security profiles and enhanced performance
2020-10-30 08:46

Red Hat announced Red Hat Enterprise Linux 8.3, the latest version of its enterprise Linux platform. To support these needs, Red Hat Enterprise Linux 8.3 further expands Red Hat System Roles which provide prescriptive and automated ways for operating system-specific configurations.