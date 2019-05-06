Security: Unsecured Servers, NSA Back-Doored Microsoft Servers, and Docker Image of Alpine Linux
Two crypto-mining groups are fighting a turf war over unsecured Linux servers [Ed: This isn't about Linux but about bad passwords etc.]
Both groups operate mass-scanning operations that look for open or unpatched cloud services and servers to infect them with a multi-functional Linux-based malware strain.
Researchers in the Dark on Powerful LightNeuron Malware for Years
LightNeuron, a backdoor specifically designed to target Microsoft Exchange mail servers, has flown under the radar since at least 2014, despite being the malware linchpin at the center of several targeted campaigns.
A fresh analysis of the recently uncovered code shows that it’s the first publicly known malware to use a malicious Microsoft Exchange Transport Agent – but the extraordinarily clever way that LightNeuron conceals itself is the most notable aspect of the report.
Phishing Attacks Mostly Impersonate Microsoft, Netflix & PayPal Accounts [Ed: Microsoft itself is phishing; it is giving all your passwords to the NSA and its affiliates]
Phishing attacks are evolving in their approach. The latest report from Trend Micro concludes that big consumer software companies like Microsoft, Netflix, and Payal were impersonated by hackers to carry out the most phishing attacks.
Phishing attacks in 2018 utilized social engineering to steal people’s credentials. The steps involved in phishing attacks remain the same. However, these fake-warning phishing emails contain, sound more convincing than ever before.
Alpine Linux Docker Images Shipped for 3 Years with Root Accounts Unlocked
Alpine Linux Docker images available via the Docker Hub contained a critical flaw allowing attackers to authenticate on systems using the root user and no password.
For three years, some Alpine Linux Docker images have shipped with a root account and no password, opening the door for attackers to easily access vulnerable servers and workstations provisioned for the images.
