The "Linux Threat Report 2021 1H" from Trend Micro found that Linux cloud operating systems are heavily targeted for cyberattacks, with nearly 13 million detections in the first half of this year. As organizations expand their footprint in the cloud, correspondingly, they are exposed to the pervasive threats that exist in the Linux landscape.
Top Linux Vulnerabilities Exploited by Hackers softpedia.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from softpedia.com Daily Mail and Mail on Sunday newspapers.
Patching, data breaches and a spoiled racing car announcement.
Welcome to Cyber Security Today. It’s Monday, March 8th. I’m Howard Solomon, contributing reporter on cybersecurity for
ITWorldCanada.com
Users of D-Link and Citrix network devices as well as those using the Liferay Portal for managing that company’s applications are being urged to patch their products immediately. This follows the discovery of a new botnet exploiting their vulnerabilities. This is particularly important because the D-Link and Citrix bugs date back to 2019 and patches have been issued. A security company called 360Netlab says the botnet is using a variant of the Gafgyt family of malware. It’s not only exploiting the three vulnerabilities, it also taking advantage of weak remote login passwords using the Telnet protocol. Network administrators who use Telnet need to make sure their employees’ passwords are strong. Botnets are chains of hacked devices used to spread malware.
Researchers at Zscaler who recently analyzed the threat described DreamBus as a modular piece of malware targeting Linux applications running on hardware systems with powerful CPUs and large amounts of memory.
The DreamBus botnet that has been assembled from systems the malware has compromised is currently being used to deploy the XMRig CPU miner to mine Monero cryptocurrency. But the same malware can be easily repurposed to deliver other more dangerous payloads, such as ransomware and malware, for stealing and holding data at ransom, says Brett Stone-Gross, director of threat intelligence at Zscaler. DreamBus can deploy arbitrary modules and execute arbitrary commands on a remote system, he says. Given the prevalence of the software applications that are targeted and the aggressive worm-like spreading techniques, the number [of compromised systems is] likely in the tens of thousands.