The antivirus software company Doctor Web has issued an alert about a new form of crypto-ransomware that targets users of Linux-based operating systems. The malware largely targets Web servers, encrypting their contents and demanding a ransom of one Bitcoin.
Many of the systems that have been affected by the malware were infected when attackers exploited a vulnerability in the Magento CMS. Researchers currently place the number of victims in the "at least tens" range, but attacks on other vulnerable content management systems could increase the number of victims dramatically. The malware has to be executed with administrator-level privileges.Read more
Linus Torvalds was at hacked event, but organisers say payment details safe. The names, phone numbers and street and email addresses of delegates for Linux Australia conferences and PyCon have been exposed in a server breach.
The March attack was detected two weeks ago and is revealed in an email to Linux Australia members. Linux Australia's server held information on delegates to its popular annual conferences for 2013, 2014, and the most recent event held January in Auckland. PyCon delegates for the conferences are also affected. Delegates are urged to change their passwords.Read more
A lot of security vulnerabilities were reported every day in 2014. The number of vulnerabilities discovered each year in operating systems, applications, and hardware has skyrocketed in a nasty trend, according to analysis by GFI Software.
The top spot for vulnerabilities in operating systems no longer goes to Microsoft Windows. 2014 was a tough year for Linux users from internet security point of view, coupled with the fact that some of the most important security issues of the year were reported for applications that usually run on Linux systems. GFI said the worst offender in 2014 for having security flaws was third-party applications.Read more
The funkily-named bug of the week is GHOST. It's a vulnerability caused by a buffer overflow in a system library that is used in many, if not most, Linux distributions. As it happens, the vulnerability is connected with network names and numbers.
The spooky name comes from the system functions where the vulnerable code was found. An attacker may be able to rig up messages or network requests that crash your program; and with a bit of trial and error, they might be able to trigger that crash in a way that gives them control over your computer. That's known as a Remote Code Execution exploit, similar to the bug recently found in the super-secure Blackphone.Read more
Researchers have uncovered an extremely stealthy trojan for Linux systems that attackers have been using to siphon sensitive data from governments and pharmaceutical companies around the world.
The previously undiscovered malware represents a missing puzzle piece tied to Turla, a so-called advanced persistent threat disclosed in August. For at least four years, the campaign targeted government institutions, embassies, military, education, research, and pharmaceutical companies in more than 45 countries. The unknown attackers have infected several hundred Windows-based computers by exploiting a variety of vulnerabilities.Read more