This Month's News
Banking Botnets Are Worse Than Ever
Financial institutions continue to face threats from banking botnets built using trojan-style Internet attacks. The new activity occurs in spite of some recent successes with discovering and eliminating criminal botnets. According to a new report from Dell SecureWorks, users should not feel confident that the recent discoveries of the Ramnit, Shylock, and Gameover ZeuS botnets indicate a safer Internet. Several other forms of botnets are still prevalent, led by the Citadel trojan, which reportedly attacked 1,170 unique targets. The report says, "New threats arise with emerging technologies, and attacks on mobile banking platforms and advances in bypassing standard authentication mechanisms evolved in 2014."
More than 90% of the trojans were aimed at US financial institutions, but the 10% aimed at the rest of the world was still enough to cause some significant losses. More that 1,400 institutions around the world reported attacks from banking trojans.
The Register offers a concise summary of the SecureWorks report on banking botnets. You can download the full report from the SecureWorks site. Be ready to provide some demographic information.
Debian Project Releases Debian 8 "Jessie"
The Debian Project has announced the arrival of Debian 8 "Jessie." The latest release of the great free distro was two years in development. The team pledges to maintain this version for five years.
The vast Debian project includes more than 20,000 packages and supports a total of 10 architectures, including the usual Intel equivalents, as well as MIPS, IBM S/390, 32-bit ARM, and even the new ARM64/AArch64 architecture.
The change that has received the most attention is the presence of systemd as the default init system. The Debian project says systemd will provide "many exciting features, such as faster boot times, cgroups for services, and the possibility of isolating part of the services." The move to systemd was controversial, however, with many old guard Unix and Linux veterans preferring the classic SysVinit system and suspecting that commercial vendors like Canonical influenced the switch. (The SysVinit system is still available for Debian 8 – it just isn't the default option.)
The Debian package repositories contain all the popular Linux deskops, as well as user applications, network server applications, and development tools. Installation images are available for CD, DVD, USB stick, Blu-ray, and network installation. Debian also provides a pre-built image designed for the OpenStack cloud. Debian 7 users can upgrade to Debian 8 using the apt-get package management tool.
Debian isn't as much in the public eye as it used to be, but the massive project is still extremely influential as a background distro that forms the basis for several popular Linux alternatives. Ubuntu, Knoppix, Mint, and many other Linux distributions are based on Debian.
Linux Kernel Turns Over
Linux godfather Linus Torvalds has announced the availability of Linux kernel 4.0. Kernel watchers have known this new "major" release has been on the way, so the announcement was no surprise. For many products and projects, a new major version number is timed to mark major feature enhancements, but Linus downplayed the significance of change from the 3.X to 4.X series, stating "… we've had much bigger changes in other versions."
Torvalds has been quoted in the past as saying Linux would need to roll over to a new major version before getting past 3.20 because he wanted to be able to count the minor release numbers on his fingers and toes. Perhaps more to the point, he says he is "… personally so much happier with time-based releases than the bad old days when we had feature-based releases." According to the announcement, 4.0 does not come with a trove of experimental new features but is a very stable release.
One new feature that has drawn some excitement from the Linux community is the new live kernel patching infrastructure.
The Linux Foundation and the Internet Security Research Group (ISRG) have announced a new project aimed at promoting encryption on the Internet. The new service, known as "Let's Encrypt," is described as "… a free, automated and open security certificate authority for the public's benefit. Let's Encrypt allows website owners to obtain security certificates within minutes, enabling a safer web experience for all."
Despite advances in encryption and intrusion prevention, security problems continue to plague the Internet. Experts have long advocated universal encryption as a best-practice technique for minimizing attacks. The Let's Encrypt project is intended to make it easier for webmasters to install and maintain encryption. According to ISRG executive director Josh Aas, "Encryption should be the default for the web. The web is a complicated place these days; it is difficult for consumers to be in control of their data. The only reliable strategy for making sure that everyone's private data and information is protected while in transit over the web is to encrypt everything. Let's Encrypt simplifies this."
The founders of the Let's Encrypt project believe one reason website encryption is not universal is that conventional certificate authority services are too complicated, and often too expensive, to be an option for smaller websites. Let's Encrypt will provide certificates for free, and it will simplify the configuration at the web server so that a couple of easy commands are all that is necessary to implement encryption.
According to the project website, Let's Encrypt will be available to the public in mid-2015.
« Previous 1 2 3 4 Next »
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
News
-
Armbian 23.05 is Now Available
Based on Debian 12, the latest version of the ARM/RISC-V distribution is now available to download and install.
-
Linux Mint Finally Receiving Support for Gestures
If you use the Linux Mint Cinnamon desktop, you'll be thrilled to know that 21.2 is getting support for gestures on touchscreen devices and touchpads.
-
An All-Snap Version of Ubuntu is In The Works
Along with the standard deb version of the open-source operating system, Canonical will release an-all snap version.
-
Mageia 9 Beta 2 Ready for Testing
The latest beta of the popular Mageia distribution now includes the latest kernel and plenty of updated applications.
-
KDE Plasma 6 Looks to Bring Basic HDR Support
The KWin piece of KDE Plasma now has HDR support and color management geared for the 6.0 release.
-
Bodhi Linux 7.0 Beta Ready for Testing
The latest iteration of the Bohdi Linux distribution is now available for those who want to experience what's in store and for testing purposes.
-
Changes Coming to Ubuntu PPA Usage
The way you manage Personal Package Archives will be changing with the release of Ubuntu 23.10.
-
AlmaLinux 9.2 Now Available for Download
AlmaLinux has been released and provides a free alternative to upstream Red Hat Enterprise Linux.
-
An Immutable Version of Fedora Is Under Consideration
For anyone who's a fan of using immutable versions of Linux, the Fedora team is currently considering adding a new spin called Fedora Onyx.
-
New Release of Br OS Includes ChatGPT Integration
Br OS 23.04 is now available and is geared specifically toward web content creation.