NEWS
Windows Helping the Spread of IoT Malware
Dr.Web, a cyber security firm, has found a Windows trojan that helps spread the infamous Mirai botnet across IoT (Internet of Things) devices. The newly found trojan targets Windows systems, and once installed, the trojan scans the network for connected IoT devices. If it finds a vulnerable device, it compromises the device and uses it in later attacks. Last year in October, Mirai brought down a huge chunk of the Internet by launching a DDoS (Distributed Denial of Service) attack on the Dyn managed DNS service.
The Windows trojan doesn't stop at compromising the IoT devices; it continues to spread itself to other Windows devices to further find and exploit more IoT devices.
Researchers noted that the malware could also identify and compromise database services running on various ports, including MySQL and Microsoft SQL, to create a new admin phpminds with the password phpgodwith, allowing attackers to steal the database. At this time, it's not known who created this trojan, but the attack design demonstrates that IoT devices that are not directly accessible from the Internet can also get hacked to join the Mirai botnet army.
IoT devices are already vulnerable to infection, so why are malware writers targeting Windows? Primarily because Windows still dominates the market and it gives the malware writers another platform to spread the botnet.
This is not the only security hole plaguing Microsoft's products. Earlier, Google disclosed flaws in Microsoft's GDI library that affects every Windows version all the way back to Windows Vista. Another unpatched flaw affects the SMB protocol, allowing attackers to crash the system.
More Online
Linux Magazine
Off the Beat * Bruce Byfield
LibreOffice Drops Type 1 Font Support
Should decisions about free software be determined by the needs of developers or users?
Reglue Needs Your Support
Forget, for a moment, how open source seems to be the solution to business problems. Instead, return to basics and think of how free software helps to provide computers for the impoverished, and to reduce technological waste by extending the useful life of older hardware.
NTPsec: The Wrong Fork for the Wrong Reasons
Forks – the splitting of one project from another – are a natural part of free software. They are implicit in the Free Software Foundation's Four Freedoms, and I would no more attempt to deny the right of a fork to exist than I would attempt to insist that everyone use one Linux distribution or desktop environment.
ADMIN HPC
http://hpc.admin-magazine.com/
Hierarchical Data Storage for HPC
Jeff Layton
I/O can be a very important part of any application. All applications need to read data and write data at some point with the possibility of huge amounts of both.
Modern Fortran for Today and Tomorrow
Jeff Layton
Fortran 90 took Fortran 77 from the dark ages by giving it new features that developers had wanted for many years and by deprecating old features – but this was only the start.
ADMIN Online
http://www.admin-magazine.com/
Halting the Ransomware Blackmail Wave
Thomas Gronenwald
In the tsunami of ransomware infections this year, the Locky encryption trojan is a high-water mark.
Setting Up MariaDB Replication with the Help of XtraBackup * Susanne Holzgraefe
If your database is so important that the content must not be lost between periodic data backups, replication is a possible solution.
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs