news
Windows TCO, Security Issues, FUD, and Running Proprietary Things in GNU/Linux
-
Hacker News ☛ New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto [Ed: This is not a Linux issue but a bad password issue; they try to blame this in SSH also; see: Military-Grade Anti-Linux Microsoft Propaganda Using Microsoft LLMs in Fake 'News' Sites (Slopfarms)]
The botnet malware is designed to obtain initial access via successfully brute-forcing SSH credentials across a list of harvested IP addresses with open SSH ports. The list of IP addresses to target is retrieved from an external server ("ssh.ddos-cc[.]org").
-
The Register UK ☛ Three ways to run Windows apps on a Linux box
Windows 10 is staring down the barrel of Microsoft's gun. The "End of 10" is nigh. But when Windows 10 reaches its end of its life on October 14th, there are a wealth of free options available that will run on anything going. (As the meme puts it, Windows 11 has a list of specifications it requires, but the list for Linux is "electricity.") The snag is that many Windows users will have some app which they just can't live without. You are not alone. You might be able to take it with you.
There are two main routes open: run a copy of real Windows in a VM, or run a tool that lets Windows programs run under Linux. Both lead to further choices: if you use a VM, what VM? And if you use a runtime, which one?
-
Entrapment (Microsoft GitHub)
-
The Record ☛ LexisNexis Risk Solutions says 364,000 impacted by breach involving GitHub data | The Record from Recorded Future News
A spokesperson for the company told Recorded Future News that on April 1, officials at LexisNexis Risk Solutions (LNRS) received a report from “an unknown third party” saying they accessed information from the company.
LNRS is a branch of LexisNexis that provides risk management services to business customers and is one of the largest data brokers in the U.S.
-
-
Windows TCO / Windows Bot Nets
-
Security Week ☛ MATLAB Maker MathWorks Recovering From Ransomware Attack
Software maker MathWorks this week confirmed that a widespread outage that has impacted its applications since May 18 was the result of a ransomware attack.
-
Krebs On Security ☛ Pakistan Arrests 21 in ‘Heartsender’ Malware Service
Authorities in Pakistan have arrested 21 individuals accused of operating “Heartsender,” a once popular spam and malware dissemination service that operated for more than a decade. The main clientele for HeartSender were organized crime groups that tried to trick victim companies into making payments to a third party, and its alleged proprietors were publicly identified by KrebsOnSecurity in 2021 after they inadvertently infected their computers with malware.
-
Update
More of the same FUD:
-
Information Security Media Group, Corporation ☛ PumaBot Malware Targets Linux IoT Devices [Ed: The issue here is bad or unchanged default passwords]
Unusually for a botnet, the malware doesn't scan the internet for opportunistic targets. Rather, it connects to a command and control server that delivers a list of IP addresses of devices that likely have open SSH ports. The domain associated with the server, ssh.ddos-cc.org, did not resolve to an Internet address at the time of the Darktrace analysis.
-
PumaBot: Novel Botnet Targeting IoT Surveillance Devices
Darktrace investigated “PumaBot,” a Go-based Linux botnet targeting IoT devices. It avoids internet-wide scanning, instead using a C2 server to get targets and brute-force SSH credentials. Once inside, it executes remote commands and ensures persistence.
-
Security Affairs ☛ New PumaBot targets Linux IoT surveillance devices [Ed: They keep saying Linux, but the real issue is not Linux]
PumaBot targets Linux IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine crypto.