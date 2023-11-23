Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation Against Linux
-
Bleeping Computer ☛ CISA orders federal agencies to patch Looney Tunables Linux bug [Ed: False and misleading. This bug is not in Linux and it's already patched, not so severe.]
Today, CISA ordered U.S. federal agencies to secure their systems against an actively exploited vulnerability that lets attackers gain root privileges on many major Linux distributions.
Dubbed 'Looney Tunables' by Qualys' Threat Research Unit (who discovered the bug) and tracked as CVE-2023-4911, this security vulnerability is due to a buffer overflow weakness in the GNU C Library's ld.so dynamic loader.
-
Hacker News ☛ Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits [Ed: Apache is not Linux, but they try to make it seem like a "Linux" issue; imagine every Adobe Photoshop hole being portrayed as "Windows issue"]
Kinsing refers to a Linux malware with a history of targeting misconfigured containerized environments for cryptocurrency mining, often utilizing compromised server resources to generate illicit profits for the threat actors.
-
CPR ☛ The Platform Matters: A Comparative Study on Linux and Windows Ransomware Attacks - Check Point Research [Ed: Ransomware impacts Windows over 90% of the time, according to research; this is a distraction by Microsoft resellers and partners]
During the last few months, we conducted a study of some of the top ransomware families (12 in total) that either directly developed ransomware for Linux systems or were developed in languages with a strong cross-platform component, such as Golang or Rust, thereby allowing them to be compiled for both Windows and Linux indiscriminately.