Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Aug 19, 2023

=> Linux Plumbers Conference and Linux Foundation Newsletter | Bloomberg BDE on FreeBSD

Thousands of Systems Turned Into Proxy Exit Nodes via Malware

=> ↺ Thousands of Systems Turned Into Proxy Exit Nodes via Malware

Threat actors have been observed deploying a proxy application on Windows and macOS systems that were infected with malware.

From a Zalando Phishing to a RAT, (Fri, Aug 18th)

=> ↺ From a Zalando Phishing to a RAT, (Fri, Aug 18th)

Phishing remains a lucrative threat. We get daily emails from well-known brands (like DHL, PayPal, Netflix, Microsoft, Dropbox, Apple, etc). Recently, I received a bunch of phishing emails targeting Zalando customers. Zalando is a German retailer of shoes, fashion across Europe. It was the first time that I saw them used in a phishing campaign.

Monti Ransomwares Linux Variant Attacks the Financial & Healthcare Industries [Ed: Based on this article, Linux isn't at fault; servers need to be already compromised some other way, e.g. weak passwords]

=> ↺ Monti Ransomwares Linux Variant Attacks the Financial & Healthcare Industries

The Monti ransomware was found in June 2022 that attracted notice due to its close resemblance to the Conti ransomware, both in name and tactics, drawing attention from cybersecurity experts and organizations.

Security and feature updates should be discrete

=> ↺ Security and feature updates should be discrete

Updates are critical to maintaining the security of our computer systems, but they can be disruptive to work or leisure time, can result in changes to interfaces and functions, and only ever seem to increase in number. These have trained people to ignore and dismiss them, regardless of their severity or importance.

We can’t get rid of the need for updates (at least, not in the way we currently write and deliver consumer software), but we can improve our odds of them being taken seriously.

=> gemini.tuxmachines.org