ThreatsHub.org
The Microsoft Defender for IoT research team analyzed a cross-platform botnet that infects both Windows and Linux systems from PCs to IoT devices, to launch distributed denial of service (DDoS) attacks against private Minecraft servers.
The post MCCrash: Cross-platform DDoS botnet targets private Minecraft servers appeared first on Microsoft Security Blog. READ MORE HERE…
Malware targeting Linux environments has increased massively in the past year, with threat actors using a variety of techniques to carry out operations. READ MORE HERE…
Observing a 254% increase in activity over the last six months from a versatile Linux trojan called XorDdos, the Microsoft 365 Defender research team provides in-depth analysis into this stealthy malware’s capabilities and key infection signs.
The post Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could be chained together, allowing an attacker to elevate privileges to root on many Linux desktop endpoints. Leveraging Nimbuspwn as a vector for root access could allow attackers to achieve greater impact on vulnerable devices by deploying payloads and performing other malicious actions via arbitrary root code execution.
The post Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn appeared first on Microsoft Security Blog. READ MORE HERE…
Enterprises can look for more transparency from software vendors after the Biden Administration’s recent mandate that software bills of materials be provided by companies attempting to do business with the federal government.Software bills of materials, frequently abbreviated to SBOMs, aren’t a new concept. The idea comes from the manufacturing sector, where it’s often crucial for buyers to fully understand the components and materials that were used to make a particular piece of equipment.The 10 most powerful companies in enterprise networking 2021
For example, a train engine might contain parts that aren’t rated for certain levels of vibration stress, making it unsuitable for use on a particular type of track. The goal of an SBOM is similar, listing all the proprietary, open source, and licensed components being used in a particular piece of software, so that a buyer can review it and check whether any of those components are outdated or insecure.To read this article in full, please click here READ MORE HERE…
Deploying password-quality checking on your Debian-based Linux servers can help ensure that your users assign reasonably secure passwords to their accounts, but the settings themselves can be a bit misleading.For example, setting a minimum password length of 12 characters does not necessarily mean that all your users’ passwords will actually have 12 or more characters.Let’s stroll down Complexity Boulevard and see how the settings work and examine some that are worth considering.[Get regularly scheduled insights by signing up for Network World newsletters.]
The files that contain the settings we’re going to look at will be:To read this article in full, please click here READ MORE HERE…
IBM continued to reshape the mainframe with an eye toward further integrating it within hybrid clouds and securing Linux-based workloads.On the hardware side, IBM rolled out two entry-level, 19” single-frame, air-cooled platforms, the z15 Model T02 and LinuxONE III Model LT2. The new machines are extensions of the IBM z15 family that Big Blue rolled out in September of last year. To read this article in full, please click here READ MORE HERE…
Three Common Vulnerabilities and Exposures (CVEs) opened yesterday track three flaws in certain Intel processors, which, if exploited, can put sensitive data at risk.Of the flaws reported, the newly discovered Intel processor flaw is a variant of the Zombieload attack discovered earlier this year and is only known to affect Intel’s Cascade Lake chips.[Get regularly scheduled insights by signing up for Network World newsletters.]
Red Hat strongly suggests that all Red Hat systems be updated even if they do not believe their configuration poses a direct threat, and it is providing resources to their customers and to the enterprise IT community.To read this article in full, please click here READ MORE HERE…
While not nearly commonly seen on Linux systems, library (shared object files on Linux) injections are still a serious threat. On interviewing Jaime Blasco from AT&T’s Alien Labs, I’ve become more aware of how easily some of these attacks are conducted.In this post, I’ll cover one method of attack and some ways that it can be detected. I’ll also provide some links that will provide more details on both attack methods and detection tools. First, a little background. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ]
Shared library vulnerability
Both DLL and .so files are shared library files that allow code (and sometimes data) to be shared by various processes. Commonly used code might be put into one of these files so that it can be reused rather than rewritten many times over for each process that requires it. This also facilitates management of commonly used code.To read this article in full, please click here READ MORE HERE…
Four vulnerabilities were publicly disclosed related to Intel microprocessors. These vulnerabilities allow unprivileged attackers to bypass restrictions to gain read access to privileged memory. They include these common vulnerabilities and exposures (CVEs):
CVE-2018-12126 – a flaw that could lead to information disclosure from the processor store buffer
CVE-2018-12127 – an exploit of the microprocessor load operations that can provide data to an attacker about CPU registers and operations in the CPU pipeline
CVE-2018-12130 – the most serious of the three issues and involved the implementation of the microprocessor fill buffers and can expose data within that buffer
CVE-2019-11091 – a flaw in the implementation of the “fill buffer,” a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache
[ Also read: Linux hardening: a 15-step checklist for a secure Linux server ]
Red Hat customers should update their systems
Security updates will degrade system performance, but Red Hat strongly suggests that customers update their systems whether or not they believe themselves to be at risk.To read this article in full, please click here READ MORE HERE…