Security and Fear, Uncertainty, and Doubt (FUD) Against Linux
New malware plants backdoor on Microsoft web server software
Security researchers have discovered malware that can install a backdoor on Microsoft’s web server software Internet Information Services (IIS).
[Repeat] BlackMatter Group Debuts Linux-Targeting Ransomware [Ed: This targets proprietary software, not "Linux"]
Synology NAS devices are being hacked to target Linux systems [Ed: This is not a "Linux" issue but a weak password issue; stop blaming Linux for things it has nothing to do with, like brute-force password guessing]
Synology, the Taiwan-based maker of network-attached storage (NAS) devices, has put out a security advisory warning customers of an increase in brute-force attacks on its devices.
Sharing their observations, the hardware vendor’s Product Security Incident Response Team (PSIRT) says that it appears the attacks are orchestrated by the StealthWorker botnet.
Furthermore, the PSIRT adds that the attacks don’t seem to exploit any software vulnerabilities running on the NAS, and appear to be purely brute force in nature.
[...]
To ward off the current attack, Synology is advising its users to ensure that the devices have strong administrative credentials. Additionally, Synology users should enable the auto block and account protection features on their NAS devices, and enable multi-step authentication to add another layer of security in addition to the passwords.
Funded open source security work at the Linux Foundation - Linux Foundation [Ed: Wheeler is one of the few in LF who are not compromised]
Open source software (OSS) is vitally important to the functioning of society today; it underpins much of the global economy. However, some OSS is highly secure, while others are not as secure as they need to be.
