Blaming "Linux" for Things That Are Not Linux
-
Dark Reading ☛ Cloud-y Linux Malware Rains on Apache, Docker, Redis & Confluence [Ed: The culprits are outdated pieces at the application level]
"Spinning YARN" cyberattackers wielding a Linux webshell are positioning for broader cloud compromise by exploiting common misconfigurations and a known Atlassian Confluence bug.
-
InfoSecurity Magazine ☛ Linux Malware Targets Docker, Apache Hadoop, Redis and Confluence [Ed: Patches have been freely available for years]
According to an advisory published by Cado Security Labs today, these payloads facilitate Remote Code Execution (RCE) attacks by leveraging common misconfigurations and the Confluence vulnerability CVE-2022-26134.
-
Linux Malware Campaign Targets Misconfigured Cloud Servers [Ed: There us no such thing as "Cloud Servers"; these are just vulnerable Web-facing applications.]
-
Gray Dot Media Group ☛ New Linux Malware Alert: ‘Spinning YARN’ Hits Docker, Other Key Apps [Ed: They misuse terms like "Apps"]
-
Cyber Security News ☛ WogRAT Malware Exploits Notepad Service To Attack Windows & Linux Systems [Ed: "Linux attacks are unconfirmed" and the headline says "Linux" regardless]
While Linux attacks are unconfirmed, VirusTotal data suggests Asian nations like Hong Kong, Singapore, China, and Japan are prime targets of this cunning malware campaign.