Agregador de canales de noticias

Attacks on Linux Servers Rose 75% Over Last Year, Warn Security Researchers

Slashdot -

"There's been a big rise in ransomware attacks targeting Linux," reports ZDNet, "as cyber criminals look to expand their options and exploit an operating system that is often overlooked when businesses think about security." According to analysis by cybersecurity researchers at Trend Micro, Linux servers are "increasingly coming under fire" from ransomware attacks, with detections up by 75% over the course of the last year as cyber criminals look to expand their attacks beyond Windows operating systems. Linux powers important enterprise IT infrastructure including servers, which makes it an attractive target for ransomware gangs — particularly when a perceived lack of threat to Linux systems compared with Windows means that cybersecurity teams might choose to focus on defending Windows networks against cybercrime. Researchers note that ransomware groups are increasingly tailoring their attacks to focus specifically on Linux systems. For example, LockBit is one of the most prolific and successful ransomware operations of recent times and now offers the option of a Linux-based variant that is designed to target Linux systems and has been used to conduct attacks in the wild.... And it isn't just ransomware groups that are increasingly turning their attentions towards Linux — according to Trend Micro, there's been a 145% increase in Linux-based cryptocurrency-mining malware attacks, where cyber criminals secretly exploit the power of infected computers and servers to mine for cryptocurrency for themselves. One of the ways cyber criminals are compromising Linux systems is by exploiting unpatched vulnerabilities. According to the report, these flaws include CVE-2022-0847 — also known as Dirty Pipe — a bug that affects the Linux kernel from versions 5.8 and up, which attackers can use to escalate their privileges and run code. Researchers warn that this bug is "relatively easy to exploit". The article recommends installing all security patches as soon as they're available — and implementing multi-factor authentication across your organization. And yes, it's the real ZDNet. They've just re-designed their web site...

Read more of this story at Slashdot.

'What Happened with CentOS Will Not Happen with Rocky Linux'

Slashdot -

Here's a Linux distro scoop from IT World Canada. "Gregory Kurtzer, who founded and once led the former open-source project CentOS Linux as well as The cAos Foundation, the organization where early development of it took place, said today a governance structure has been put in place that will keep Rocky Linux in the public domain forever." Development of Rocky Linux began shortly after, in late 2020, Red Hat terminated development of CentOS, a community-based Linux distribution derived from Red Hat Enterprise Linux (RHEL) that had been in existence since 2004. It is named after Jason Dale "Rocky" McGaugh, a talented programmer involved in CentOS development, who passed away in December 2004 at the age of only 30. Asked what McGaugh might have thought of the OS being named after him, Kurtzer told IT World Canada, "to be honest, he was a shy guy. I don't know if he would have liked the attention, but at the same token, he was a huge advocate of open source and a big fan of open source. "Personally, I don't think he would have liked what happened with CentOS." Kurtzer added that "what we are doing with Rocky Linux is really where he would have liked to see the project and open source going. When we named it Rocky Linux, it was a hat tip to him for everything he has done, not only in open source and high-performance computing (HPC), but also with the CentOS project. "One of the last e-mails that he wrote to the e-mail list was that he was 99 per cent done development of CentOS. It was pretty much ready to go when he passed, but he never saw it released." The key for an open-source initiative to grow and flourish, said Kurtzer, lies with registering it as a non-profit organization, which was the case with The cAos Foundation. He has done the same with Rocky Linux. It's official name is the Rocky Enterprise Software Foundation, "backed by an advisory board of trusted individuals and team leads from the Rocky Linux community."

Read more of this story at Slashdot.

Páginas

Subscribe to EcuaLUG agregador