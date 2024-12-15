Latest Security Patches and Fear, Uncertainty, Doubt (FUD) From Microsoft-Connected Sites (Misplacing Blame on "Linux")
LWN ☛ Security updates for Friday
Security updates have been issued by Debian (chromium, pgpool2, and smarty4), Fedora (chromium, linux-firmware, matrix-synapse, open62541, and thunderbird), Red Hat (kernel, kernel-rt, python3.11, python3.12, python3.9:3.9.18, python3.9:3.9.21, and ruby:2.5), SUSE (buildah, chromium, govulncheck-vulndb, java-1_8_0-ibm, libsvn_auth_gnome_keyring-1-0, python310-Django, qemu, and radare2), and Ubuntu (linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oem-6.8, linux-oracle, linux-oracle-6.8, linux-raspi, linux, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-raspi, linux-xilinx-zynqmp, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, php7.0, php7.2, python-asyncssh, and smarty3).
Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation
Bleeping Computer ☛ New stealthy Pumakit Linux rootkit malware spotted in the wild [Ed: This does not explain how it makes it onto systems in the first place and therefore mostly misses the point]
Upstart Pumakit Linux rootkit malware examined [Ed: Citing the above Microsoft-connected media as "source"]
Threat actors have been leveraging the new Pumakit rootkit malware to facilitate covert privilege escalation intrusions against Linux systems, according to BleepingComputer.
Dolphin Publications B V ☛ New Linux malware Pumakit manages to hide itself [Ed: They say "recently surfaced", but they refuse to explain how; they just blame "Linux" for things that are not Linux]
Cyber Security News ☛ New Stealthy Linux Malware PUMAKIT With Unique Privilege Escalation Methods [Ed: No effort made to explain what vulnerable part or weak password or dumb administrator gets malicious software onto servers in the first place]
This complex structure allows the malware to execute its payload only when specific criteria are met, ensuring stealth and reducing the likelihood of detection.
Hacker News ☛ New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection
CSO ☛ PUMA creeps through Linux with a stealthy rootkit attack
Hacker News ☛ Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms [Ed: Unlike Windows, there's no back door to get though. If the media describes some "Linux" infection, then it ought to pretend it knows how the infection occurs, not what it does.]
Iran-affiliated threat actors have been linked to a new custom malware that's geared toward IoT and operational technology (OT) environments in Israel and the United States.
