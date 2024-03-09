Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation Against "Linux"
Dark Reading ☛ Linux Variants of Bifrost Trojan Evade Detection via Typosquatting [Ed: But this is not a "Linux" issue]
A 20-year-old Trojan resurfaced recently with new variants that target Linux and impersonate a trusted hosted domain to evade detection.
CyberRisk Alliance LLC ☛ Misconfigured cloud servers subjected to new Linux malware attack [Ed: Admin issue (hire better people), not "Linux"]
Vulnerable internet-exposed cloud servers are being identified and exploited through four novel Golang payloads that would eventually lead to cryptominer deployment, according to a Cado Security report. Intrusions targeted at Confluence servers involved the exploitation of the critical remote code execution vulnerability, tracked as CVE-2022-26134. On the other hand, attacks aimed at Docker instances involved the creation of a container for an executable that would later allow command-and-control communication and payload retrieval. Such an attack is indicative of the extensive initial access methods for Linux and cloud malware, noted Cado Security researchers. "It's clear that attackers are investing significant time into understanding the types of web-facing services deployed in cloud environments, keeping abreast of reported vulnerabilities in those services and using this knowledge to gain a foothold in target environments," researchers added.
TechRadar ☛ This new Linux malware is targeting some major victims — Docker, Apache Hadoop, Redis and Confluence all under attack [Ed: They try to make it sound about "Linux" rather than applications not patched in years, despite severity being high]
Hackers are exploiting misconfigured servers running Docker, Confluence, and other services in order to drop cryptocurrency miners.
New Linux Malware Attacking Apache, Docker, Redis & Confluence Servers [Ed: It's about gross negligence in the application layer, nothing to do with "Linux"]
A sophisticated malware campaign targeting servers running popular web-facing services such as Apache Hadoop YARN, Docker, Confluence, and Redis has been identified.
Security Affairs ☛ Linux Malware targets misconfigured misconfigured Apache Hadoop, Confluence, Docker, and Redis servers [Ed: They keep saying "Linux". Many of these applications can also run on BSD and others.]