Microsoft and Microsoft-Connected Media Are Slandering SSH, OpenSSH, and Linux
-
Hackers Attack Linux SSH Servers with Tsunami DDoS Malware [Ed: Microsoft has this new FUD campaign against Linux and SSH. It boils down to bad passwords and helps distract from Windows being utterly horrendous, causing countless billions in damages each year.]
An attack campaign has been recently uncovered by AhnLab ASEC, where poorly controlled Linux SSH servers are targeted and infiltrated with the Tsunami DDoS Bot.
In addition to Tsunami, the threat actor installed several other types of malware, including:-
-
New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices [Ed: Microsoft spreads FUD through Microsoft-connected site, trying to stigmatise "Linux" and "SSH" as lacking in security when in fact they have nothing to do with it]
"The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal device resources for mining operations," Microsoft threat intelligence researcher Rotem Sde-Or said.
-
Microsoft: Hackers hijack Linux systems using trojanized OpenSSH version [Ed: While Microsoft puts back doors in everything for NSA et al it's trying to defame the secure alternatives as "back doors"]
"The patches install hooks that intercept the passwords and keys of the device's SSH connections, whether as a client or a server," Microsoft said.
-
Linux Patch Management: Tools, Issues & Best Practices
Compared to other operating systems, Linux patch management is unique because of its open-source nature, which enables a sizable community of developers and security professionals to find vulnerabilities, examine the code, and submit patches.
Linux distributions use package managers to make it easier for users to install software packages and updates. These packages automate the download, installation, and dependency resolution process, which simplifies the process of patch application. While popular Linux distributions can be as easy as Windows to update, many enterprises and organizations prefer to test patches and manage their distribution, creating many of the same issues that admins face with closed-source operating systems.