Language Selection

English French German Italian Portuguese Spanish

Security Patches and FUD/Drama

Filed under
Security

This is a Web site issue

New ACBackdoor Malware Targeting Both Linux and Windows Systems

By HackRead

  • Meet ACbackdoor malware targeting Linux and Windows devices [Ed: They call it "backdoor" but it targets machines that are already compromised some other way]

    Furthermore, the Linux variant comes across as more complex with extra capabilities such as process renaming. This is also evident through a search of the Linux binary on VirusTotal where it is detected by only one anti-malware scanning engine whereas the Windows version yielded a significantly higher detection rate of 37/70.

ZDNet: Linux is terrorism

ZDNet meme

ZDNet FUD

More scare-mongering

  • Servers Running Linux May Get Riskier for Enterprises Next Year [Ed: GNU/Linux FUD to increase next year. Or this year. Say people who sell security as a product]

    Enterprises using Linux for their cloud or data center servers may be faced with a larger threat from advanced security attackers in the near future. Based on the Linux Foundation’s estimates back in 2014, 75% of enterprises reported using Linux for the cloud and 79% for application deployments.

ACBbackdoor trojan designed to hit Linux...

  • ACBbackdoor trojan designed to hit Linux and Windows systems

    Intezer Security has found a new backdoor, ACBackdoor, that has no known connection to an operating threat group creating the possibility it could be a harbinger of a new gang’s formation.

    ACBackdoor is primarily a Linux malware, but Intezer has spotted a Windows variant and the company believes it was created by an experienced group of threat actors.

    One piece of evidence pointing toward the ACBackdoor developers being experienced with Linux is that version has a lower detection rate, is written better than the Windows implant, with a higher quality persistence mechanism, along with the different backdoor commands and additional features not seen in the Windows version such as independent process creation and process renaming.

More FUD and More anti-Linux

  • Chinese Hackers Break Into Chrome, Safari, Edge; Reveal Browsers' Vulnerabilities

    Popular vendors received terrible news over the weekend as reports claimed that Chinese hackers were able to exploit vulnerabilities in major browsers, apps, and common utilities. At the recent Tianfu cup held in Chengdu, China, Chinese China's top white-hat hackers have converged in to test zero-days against top software available in the market today. During the first day of the event, Chinese security researchers were able to break into major browsers such as Safari, Microsoft Edge, and Google Chrome.

    Since Mar. 2018, the Chinese government has officially discouraged security researchers from joining hacking competitions outside the county. The recent Tianfu Cup is the venue for hackers to showcase their skills and even earn six-figure bounties for successful exploits. Former Pwn2Own winner Team 360 Vulcan took home $382,500 for successfully hacking the old version of Office 365, Microsoft Edge, Adobe PDF Reader, VMWare Workstation, and gemu+ Ubuntu during the two days event, reports ZDNet.

  • New Roboto botnet emerges targeting Linux servers running Webmin [Ed: ZDNet again goes out of its way to ignore back doors in #proprietarysoftware such as Windows and instead promote the stigma of "Linux" having "back doors" and being super dangerous, courtesy of By Catalin Cimpanu as usual]

Webmin

Again trying to associate "Linux" with "ISIS"

Chrome, Edge, and Safari are not as safe as you might think

  • Your web browsers including Chrome, Edge, and Safari are not as safe as you might think

    Recently, Chrome, Edge, Safari were hacked at a Security event in China named Tianfu Cup. Our lives are being more dependable on digital devices than ever and there’s nothing scarier than the fear of losing your personal information to some third parties. To know about the loopholes of various web browsers a Security-focused event was held at China aimed to exploit various web browsers and to reward the researchers. Various researchers test some hidden loopholes presented within some known apps including Google Chrome, Microsoft Edge and even Apple’s Safari as well as Office 365 and Adobe PDF Reader. Security Researchers were even able to hack these apps and softwar during the contest and earned thousands of dollars in rewards.

More from the same 'script'

  • The awaiting Roboto Botnet

    On August 26, 2019, our 360Netlab Unknown Threat Detection System highlighted a suspicious ELF file (4cd7bcd0960a69500aa80f32762d72bc) and passed along to our researchers to take a closer look, upon further analysis, we determined it is a P2P bot program.

  • Linux Servers Running Webmin App Targeted By DDoS Attacks

    A new botnet named Roboto is targeting Linux servers running Webmin app, according to security researchers at 360 Netlab. Roboto is a peer-to-peer botnet that has been active since summer and is exploiting a vulnerability in the Webmin app. The app offers a web-based remote management system for Linux servers and is installed on as many as 215,000 servers.

    The vulnerability, identified as CVE-2019-15107, allows bad actors to compromise older Webmin servers by running malicious code and gaining root privileges. The vulnerability was identified and patched by the company behind Webmin. However, many users have not installed the latest version with the patch, and Roboto botnet is targeting such servers.

Slashdot joins the drama a week late

NextCloud Linux Servers Targetted by NextCry Ransomware

  • NextCloud Linux Servers Targetted by NextCry Ransomware

    Ransomware hunter and creator of ID Ransomware Michael Gillespie notes that the NextCry ransomware, which is a Python script compiled in a Linux ELF binary utilizing pyInstaller, oddly makes use of Base64 to encode file names in addition to the content material of information which have already been encrypted. Gillespie has additionally confirmed that NextCry encrypts information utilizing the AES algorithm with a 256-bit key.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.