News
New Android Malware Found
Security researchers at Kaspersky Labs have discovered a new malware that affects Android devices. Nikita Buchka wrote on a blog post: "Instead of attacking a user, it attacks the WiFi network the user is connected to, or, to be precise, the wireless router that serves the network."
The trojan deploys the brute-force attack to guess the password and access the device. Once the password is cracked, it modifies the DNS server in the router, redirecting all traffic through their own servers and malicious websites.
What makes things really bad is, as Buchka explained, that instead of affecting users, the malware affects the entire network, which means every user on that network is exposed. Kaspersky recommends checking the DNS settings of your router.
There are currently two versions of the app: one is a fake mobile client for Chinese search engine Baidu and the second one is about WiFi network. It's the same old story where cybercriminals are offering malicious fake apps outside of official app stores. Always use the official app stores. Anyone using official Google Play Store for app installation is safe.
The lesson here is: don't install random apps from random websites.
Serious Bug Found in Ubuntu
An Irish security researcher Donncha O'Cearbhaill found a remote execution bug in Ubuntu's Apport crash reporter that can infect a system with malicious code.
O'Cearbhaill wrote on his blog, "The bug allows for reliable code injection when a user simply opens a malicious file. The following video demonstrates the exploit opening the Gnome calculator. The executed payload also replaces the exploit file with a decoy zip file to cover its tracks."
O'Cearbhaill reports that Ubuntu will open any unknown file with apport-gtk if it begins with ProblemType . What makes things worse is that Apport is installed by default on all Ubuntu systems after 12.10, which also includes forks like Linux Mint.
If you are using any Ubuntu-based distribution, you are vulnerable. The hole has been patched, but it does expose one major problem with Linux: Often such bugs hide for years and even decades, and security experts often lack incentives for finding them. Unlike Google, which rewards such discoveries, Linux vendors often depend on the community.
Commercial Linux distributions like Ubuntu should start a reward program to encourage security researchers to find such bugs. Without enough eyes, all bugs are deep.
If you are using any Ubuntu-based distribution, please update your system immediately.
More Online
Linux Magazine
Off the Beat * Bruce Byfield
LibreOffice MUFFIN risks being half-baked
On December 21, The Document Foundation announced that LibreOffice 5.3 would include MUFFIN (My User Friendly & Flexible INterface).
How Signal does security right
A couple of weeks ago, I was writing about Echo Whisper Systems' Signal, which encrypts voice and text messages for Android and iOS phones.
Taking a stand for ethical tech
Several weeks ago, I discussed taking a stand against unethical parts of your work.
Paw Prints * Jon "maddog" Hall
LPIC OT DevOPs Engineer -- Request for help in the Job Task Analysis
Some of my readers may know that I am the Chair for the Board of Directors of the Linux Professional Institute (LPI).
ADMIN HPC
http://hpc.admin-magazine.com/
Modern Fortran -- Part 2 * Jeff Layton
Fortran 90 catapulted Fortran from a perceived "old" language to a modern language on equal footing with any other.
ADMIN Online
http://www.admin-magazine.com/
Hyper-V containers with Windows Server 2016 * Nils Kaczenski
The release of Windows Server 2016 also heralds a new version of Hyper-V, with improved cloud security, flexible virtual hardware, rolling upgrades of Hyper-V clusters, and production checkpoints.
A script for strict packet filter updates * Matthias Wubbeling
Automatically create restrictive rules in Linux iptables packet filters.
Writing SELinux modules * Thorsten Scherf
Much has happened in the field of SELinux in the last few years, including the development of new usability features.
Setting up Windows clients with Chef * Tam Hanna
Chef administrators unafraid of a learning curve can employ a powerful tool for Windows client management.
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
News
-
Zorin OS 17 Beta Available for Testing
The upcoming version of Zorin OS includes plenty of improvements to take your PC to a whole new level of user-friendliness.
-
Red Hat Migrates RHEL from Xorg to Wayland
If you've been wondering when Xorg will finally be a thing of the past, wonder no more, as Red Hat has made it clear.
-
PipeWire 1.0 Officially Released
PipeWire was created to take the place of the oft-troubled PulseAudio and has finally reached the 1.0 status as a major update with plenty of improvements and the usual bug fixes.
-
Rocky Linux 9.3 Available for Download
The latest version of the RHEL alternative is now available and brings back cloud and container images for ppc64le along with plenty of new features and fixes.
-
Ubuntu Budgie Shifts How to Tackle Wayland
Ubuntu Budgie has yet to make the switch to Wayland but with a change in approaches, they're finally on track to making it happen.
-
TUXEDO's New Ultraportable Linux Workstation Released
The TUXEDO Pulse 14 blends portability with power, thanks to the AMD Ryzen 7 7840HS CPU.
-
AlmaLinux Will No Longer Be "Just Another RHEL Clone"
With the release of AlmaLinux 9.3, the distribution will be built entirely from upstream sources.
-
elementary OS 8 Has a Big Surprise in Store
When elementary OS 8 finally arrives, it will not only be based on Ubuntu 24.04 but it will also default to Wayland for better performance and security.
-
OpenELA Releases Enterprise Linux Source Code
With Red Hat restricting the source for RHEL, it was only a matter of time before those who depended on that source struck out on their own.
-
StripedFly Malware Hiding in Plain Sight as a Cryptocurrency Miner
A rather deceptive piece of malware has infected 1 million Windows and Linux hosts since 2017.