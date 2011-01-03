Security and FUD
-
Reminder for Critical Infrastructure to Stay Vigilant Against Threats During Holidays and Weekends | CISA
As Americans prepare to hit the highways and airports this Thanksgiving holiday, CISA and the Federal Bureau of Investigation (FBI) are reminding critical infrastructure partners that malicious cyber actors aren’t making the same holiday plans as you. Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways—big and small—to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure.
There are actions that executives, leaders, and workers in any organization can take proactively to protect themselves against cyberattacks, including possible ransomware attacks, during the upcoming holiday season—a time during which offices are often closed, and employees are home with their friends and families. Although neither CISA nor the FBI currently have identified any specific threats, recent 2021 trends show malicious cyber actors launching serious and impactful ransomware attacks during holidays and weekends, including Independence Day and Mother’s Day weekends.
-
Imunify360 Bug Leaves Linux Web Servers Open to Code Execution, Takeover | Threatpost [Ed: So-called 'security' as security hole]
CloudLinux’s security platform for Linux-based websites and web servers contains a high-severity PHP deserialization bug.
A high-severity security vulnerability in CloudLinux’s Imunify360 cybersecurity platform could lead to arbitrary code execution and web-server takeover, according to researchers.
-
Security updates for Monday
Security updates have been issued by Debian (firebird3.0, libmodbus, and salt), Fedora (js-jquery-ui and wordpress), Mageia (arpwatch, chromium-browser-stable, php, rust, and wireshark), openSUSE (barrier, firefox, hylafax+, opera, postgresql12, postgresql13, postgresql14, and tomcat), SUSE (ardana-ansible, ardana-monasca, crowbar-openstack, influxdb, kibana, openstack-cinder, openstack-ec2-api, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-keystone, openstack-neutron-gbp, openstack-nova, python-eventlet, rubygem-redcarpet, rubygem-puma, ardana-ansible, ardana-monasca, documentation-suse-openstack-cloud, openstack-ec2-api, openstack-heat-templates, python-Django, python-monasca-common, rubygem-redcarpet, rubygem-puma, firefox, kernel, postgresql, postgresql13, postgresql14, postgresql10, postgresql12, postgresql13, postgresql14, postgresql96, and samba), and Ubuntu (libreoffice).
-
“Crypto” Means “Cryptography,” not “Cryptocurrency” - Schneier on Security
I have long been annoyed that the word “crypto” has been co-opted by the blockchain people, and no longer refers to “cryptography.” I’m not the only one.
-
WAZUH Detecting and removing malware - Virus Total integration - Unixcop the Unix / Linux the admins deams
VirusTotal is an online portal, owned by Google, that uses many antivirus engines to check for viruses and malware. It provides an API service that Wazuh uses to scan file hashes, domain names, IP addresses, or URLs. For this integration we use the wazuh-integratord component that runs on the Wazuh manager. Check our VirusTotal documentation for more information about this integration.
In this use case, we monitor a directory in real time and do a VirusTotal scan to every new or recently modified file. If a file is classified as malicious, an active response is triggered and the file is removed.
-
Wazuh Blocking attacks with Active Response - Unixcop the Unix / Linux the admins deams
Active response allows Wazuh to run commands on an agent in response to certain triggers. In this use case, we simulate an SSH Brute Force attack and configure an active response to block the IP of the attacker. So, in this post you will learn how blocking attacks with active response.
-
New Golang-based Linux Malware Targeting eCommerce Websites [Ed: This is not the fault of "Linux" or "Go"; it's a good example of FUD and misinformation with an agenda]
Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that's capable of stealing payment information from compromised websites.
"The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common online store platforms," researchers from Sansec Threat Research said in an analysis. "After a day and a half, the attacker found a file upload vulnerability in one of the store's plugins." The name of the affected vendor was not revealed.
-
- Login or register to post comments
- Printer-friendly version
- 235 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
Free Software Leftovers
Programming Leftovers
Videos: AlmaLinux, Linux Essentials, Enterprise Linux Security
IBM/Red Hat Leftovers
Recent comments
1 hour 45 min ago
1 hour 48 min ago
1 hour 55 min ago
8 hours 28 min ago
9 hours 11 min ago
9 hours 18 min ago
10 hours 35 min ago
16 hours 2 min ago
16 hours 17 min ago
1 day 9 hours ago