Security News

See what Jack Wallen considers to be the biggest issue for Linux in 2020. Enterprise-level companies embraced open source software even further, containers and the cloud became even more crucial to both businesses and consumers, the Linux community found a larger piece of the support pie from large manufacturers like Microsoft, and distributions continued to wow.

Microsoft has announced today the public preview of endpoint detection and response capabilities on Linux servers running Microsoft Defender Advanced Threat Protection - now known as Microsoft Defender for Endpoint. "This builds on the existing preventative antivirus capabilities and centralized reporting available via the Microsoft Defender Security Center," Microsoft Senior Product Manager Tomer Hevlin said.

One of the security bulletins released this week by Schneider Electric warns customers about Drovorub, a piece of Linux malware that was recently detailed by the NSA and the FBI. The U.S. agencies issued a joint advisory in mid-August to warn organizations that the cyber-espionage group known as APT28, which has been linked to Russia's General Staff Main Intelligence Directorate, has been using a piece of Linux malware named Drovorub. Schneider Electric has advised customers to implement defense-in-depth recommendations in order to protect their Trio Q Data Radio and Trio J Data Radio devices against the malware.

Jack Wallen walks you through the process of putting in place a temporary fix against SAD DNS for your Linux servers and desktops. There's a new DNS cache poisoning threat in town and it goes by the name of Side-channel AttackeD DNS. This new attack works like so: SAD DNS makes it possible for hackers to reroute traffic destined to a specific domain to a server under their control.

Researchers from Tsinghua University and the University of California have identified a new method that can be used to conduct DNS cache poisoning attacks. DNS cache poisoning attacks refer to polluting this very cache existing on intermediary servers.

A trojan targeting Linux and deployed by a known ransomware gang has been discovered by Russian antivirus firm Kaspersky. The trojan was, so the two said, similar to the existing RansomEXX trojan, which they said had been deployed only last week against Brazil's courts, as well as targets in the US and elsewhere.

Researchers have uncovered a new worm targeting Linux based x86 servers, as well as Linux internet of things devices. Of note, the malware utilizes GitHub and Pastebin for housing malicious component code, and has at least 12 different attack modules available - leading researchers to call it "Gitpaste-12." It was first detected by Juniper Threat Labs in attacks on Oct. 15, 2020.

There are two easy ways to view your SSH public key in Linux. The above command will print out your SSH key on your Linux machine, without prompting you for your key authentication password.

With companies commonly using a mixed environment of Windows and Linux servers, ransomware operations have increasingly started to create Linux versions of their malware to ensure they encrypt all critical data. A new report today by Kaspersky takes a look at the Linux version of the RansomExx ransomware, also known as Defray777.

Red Hat announced Red Hat Enterprise Linux 8.3, the latest version of its enterprise Linux platform. To support these needs, Red Hat Enterprise Linux 8.3 further expands Red Hat System Roles which provide prescriptive and automated ways for operating system-specific configurations.