Steam Deck Linux-Powered Gaming System Set to Take Over the Handheld World

More than just a hand-held gaming system, the Steam Deck is a Linux-powered system with a KDE interface that can be docked and used as a regular PC. Steam Deck uses Proton as a compatibility layer to play Windows games on Linux, but users are free to replace it.

The device specs include an AMD 4-core Zen 2 CPU, an 8-core RDNA 2 graphics unit, 16 GB of memory, a 7-inch 1280x800-resolution touchscreen. As far as game control, Steam Deck includes several trackpads, thumbsticks, buttons, and triggers. A 40Wh battery is said to allow anywhere from two to eight hours of use. The device is charged via a single USB-C port that doubles as the means to connect the Steam Deck to external monitors and docks.

Steam Deck has three price points, based on different storage options: A base level of 64GB eMMC using PCIe Gen 2, a second-tier model with 256GB NVMe SSD using PCIe Gen 3, and a 512GB "high-speed" NVMe SDD that also uses PCIe Gen 3. The costs of the units (respectively) are $400, $530, and $650.

Valve plans on shipping the units in the US, Canada, EU, and the UK in December 2021. Reserve yours on the official Steam Deck site (https://www.steamdeck.com/en/).

Paragon NTFS Driver On Track For Upcoming Linux Kernel

Paragon submitted a read/write NTFS driver for the Linux kernel back in August 2020. At that time, the patch was refused because it was more than 27,000 lines of code. Since then, the company has submitted the patch in smaller chunks, which made it possible for the kernel maintainers to go through the code. This led to Linus responding (on lore.kernel.org – https://lore.kernel.org/lkml/afd62ae457034c3fbc4f2d38408d359d@paragon-software.com/) to say, "If the new NTFS code has acks from people – and it sounds like it did get them – and Paragon is expected to be the maintainer of it, then I think Paragon should just make a git pull request for it."

Paragon made it clear they would be maintaining the implementation, so it now looks as if the patch will make it into either 5.14 or 5.15.

This driver includes support for both normal and compressed files, supports journal replaying and full journaling support over JBD, and will be supported (via Paragon) once it's merged into the kernel. The patch does not, however, include all of the Paragon utilities. Regarding that, Paragon hints that there may still be a commercial version that will include everything.

The only caveat to this is that there are already more advanced filesystems available on the market. But with so many businesses still depending on NTFS, this patch should be a welcome addition to a lot of admins and companies.

LemonDuck Cryptomining Malware is Targeting Linux Systems

LemonDuck is a targeted attack that originally focused on vulnerabilities found in Microsoft's Exchange server to enable crypto mining on the compromised system. To make this attack even more vicious, LemonDuck removes other attackers from a compromised device to get rid of competing malware. This attack originally focused on China but has since begun targeting other countries (such as the US, Russia, Germany, the UK, India, Korea, Canada, France, and Vietnam).

LemonDuck initially set its sights on Windows servers but has since expanded to Linux systems as well. On top of this, LemonDuck has expanded beyond crypto mining and can do things like send phishing emails, install backdoors, disable security controls, and steal credentials.

LemonDuck can spread via phishing emails, USB thumb drives, brute force attacks, and security exploits.

Microsoft's 365 Defender Threat Intelligence Team (https://www.microsoft.com/security/blog/2021/07/22/when-coin-miners-evolve-part-1-exposing-lemonduck-and-lemoncat-modern-mining-malware-infrastructure/) had this to say about LemonDuck: "LemonDuck, an actively updated and robust malware that's primarily known for its botnet and cryptocurrency mining objectives, followed the same trajectory when it adopted more sophisticated behavior and escalated its operations."

Make sure you are following these CVEs to keep up on what's happening with this vulnerability: CVE-2017-0144 (EternalBlue), CVE-2017-8464 (LNK RCE), CVE-2019-0708 (BlueKeep), CVE-2020-0796 (SMBGhost), CVE-2021-26855 (ProxyLogon), CVE-2021-26857 (ProxyLogon), CVE-2021-26858 (ProxyLogon), CVE-2021-27065 (ProxyLogon).