Linux News, Articles and Updates

Chrome 65 update ready, contains 45 security fixes

The Google Chrome team reported it moved Chrome 65 to the stable channel for Windows, Mac and Linux with the latest update containing 45 security fixes, with at least nine rated as "high".

Chrome desktop update remedies 53 bugs, adds Spectre and Meltdown mitigations

Google's latest stable channel update for the Chrome browser on Windows, Mac and Linux desktop machines includes fixes for 53 security issues, including three high-severity vulnerabilities.

Cryptocurrency miners target web servers with malware

RubyMiner malware plants XMRig on vulnerable systems. Security researchers have discovered malware aimed at Linux and Windows servers running to mine cryptocurrency.

Linux kernel bug enabled privilege escalation - fixed after 2 years

Linux kernel security bug could have led to privilege escalation - fixed after two years as turned out worse than first thought.

Bashware hacking could put 400 million Windows systems at risk

The Bashware vulnerability allows attackers to take advantage of built-in Linux shell to bypass security software.

Linux file manager flaw leaves security "Bad Taste"

The vulnerability could execute malicious Windows scripts in Linux.

Linux systemd flaw could leave systems open to a buffer overflow attack

Hackers could remotely execute code via malicious DNS query using Linux distributions that shipped with systemd versions 223 to 233, causing buffer overflow.

ICYMI: Skype bug; Nomx slammed; Linus law down; Locky lives; LDAP DDoS

In Case You Missed It: Skype flaw Spyke; Nomx claims nixed; Linux law refuted? Locky's return; LDAP DDoS vector

'Dangerous' 7-year-old Linux Kernel vulnerability discovered

Users are encouraged to install the latest security updates or block the flawed module manually to safeguard enterprise and home use of the OS.

Microsoft update left Azure Linux virtual machines open to hacking

Microsoft patches configuration hole that allowed hackers to upload software packages to its Azure update infrastructure.

Systemd and Ubuntu users urged to update to patch Linux flaws

Linux users should beware of a recently discovered systemd vulnerability that could shut down a system using a command short enough to send in a tweet.

Crippling bug in Linux crashes system with a single tweet

A bug in Linux has been discovered that could allow a hacker to crash a system with just 48 characters of code.

Linux.Mirai Trojan causing mayhem with DDoS attacks

A Trojan named Linux.Mirai has been found to be carrying out DDoS attacks.

What's behind backdoor #3? Mac version of Mokes malware follows Linux, Windows variants

Kaspersky Lab today released an analysis of a newly discovered version of Mokes - a malicious, cross-platform backdoor with spying functionality - this one targeting Apple's OS X operating system.

Linux rootkit, named for Pokémon's Umbreon, targets Linux

Researchers at Trend Micro have detected a new rootkit family that is going after Linux systems.

Badlock Bug patch issued, fixes MitM and DoS vulnerabilties

After several weeks of waiting, the update patching the Badlock bug, potentially impacting Windows and Linux systems, was issued today by Samba.org.

Weak encryption vulnerability in SAP Download Manager leaks passwords

A Core Security Consulting researcher found that the SAP Download Manager stores credentials using weak encryption.

ICYMI: Linux v malware, Microsoft v Microsoft, acid v iPhone

In this week's In Case You Missed It, we highlight five most popular stories: Linux Mint operating system impregnated with malware, Microsoft security software disables itself, acid and lasers could crack iPhone, Apple find App store hidden in a Chinese app and malware is increasingly using encryption to hide itself.

Linux Mint operating system maliciously hacked

ISO file for free operating system download infected with botnet malware, and user forum details also stolen.

How Pawn Storm uses Fysbis as a Linux backdoor

The cyber-espionage group Pawn Storm has been using Fysbis malware as a backdoor that allows the group to infect Linux systems.

Zero-day affects Linux computers—and Android devices?

A zero-day bug in version 3.8 of Linux can potentially affect millions of Linux computers and servers as well as 66 percent of Android devices.

Bridging the Linux security perception gap

A newly-discovered privilege-escalation vulnerability in the Linux kernel has once again opened the debate around just how secure the open-source operating system really is.

Google concluding support for Chrome on 32-bit Linux

Google will end support for Chrome on 32-bit Linux, Ubuntu Precise (12.04) and Debian 7 - to "provide the best experience for the most-used Linux versions".

10K vulnerabilities in nearly 2K products, report says

Researchers at Secunia detected nearly 10,000 vulnerabilities in nearly 2,000 products, including Oracle Solaris and IBM i5/OS.

Malware writers create faulty cross-platform malware

Malware could infect both Linux and Windows but luckily fails to do anything scary. .

Linux Australia conference delegate data exposed

Linux Australia president Joshua Hesketh, says that a "malicious individual" had used a RAT to access Linux Australia's main conference database resulting in a data breach.

Ghostbusting in the 'critically' vulnerable Linux machine

Whose afraid of GHOSTs? Disagreement over potential risks of new Linux vulnerability, but layered defence is recommended.

Grinch vulnerability could hit Linux systems

Security researchers uncover 'grinch' vulnerability that could affect all Linux systems

Cybercriminals targeting Linux servers to infect and launch DDoS attacks says threat advisory

Hackers tapping Linux systems to launch vertical target DDoS attacks