News for Admins
Tech News
Ransomware Reaches Linux
The security firm Dr. Web warns of a new strain of ransomware attacks that is targeting Linux server systems. The attack, which is known as Linux.Encoder.1, is currently preying on web servers. Recent versions gain entry through a flaw in the Magento CMS, but the attack could be adapted to other vectors.
Linux has largely been free of the ransomware craze, in which the attacker encrypts the victim's data and demands a ransom to restore the files. With all the Linux servers on the web, however, experts consider it a matter of time before intruders find ways to exploit Linux users. According to a report in The Register , this attack encrypts the public_html, www, webapp, backup, .git, and .svn directory and asks for a payment of 1 Bitcoin to release the data.
The advice is the same as always: Back up your data, and install security updates to minimize the possibility of intrusion.
ProtonMail Endures Massive DDoS Attack
Swiss secure email provider ProtonMail went offline when a pair of massive denial-of-service attacks took down the service for several days. Attacks began in the night of November 2 and service was finally restored on the morning of November 8 after the company had rebuilt large parts of its internal infrastructure.
Experts piecing through the evidence say the attack came from two different sources. The first phase was a criminal ransom attack, demanding payment of 15 BTC (about $5500). ProtonMail ignored the demand at first but later paid under pressure from other businesses experiencing collateral damage. Soon after the payment, another attack started, which the security team assumed was the ransomers gunning for more. After three days, however, the second attack clearly showed marks of a much more sophisticated enemy. According to the ProtonMail blog post, the second attack "caused the vast majority of the damage, including the downing of the data center and crippling of upstream ISPs, exhibiting capabilities more commonly possessed by state-sponsored actors."
The second attackers never made any demands but simply seemed to want to take ProtonMail offline. A group called the Armada Collective later claimed responsibility for the first attack and denied responsibility for the second onslaught.
ProtonMail calls itself the "world's largest free private email service," and its customers include journalists and activists in several authoritarian countries who use the service to avoid the watchful eyes of governments. Many experts believe a state-sponsored entity wished to intimidate, or possibly bankrupt, ProtonMail by launching the second attack, and they saw the first attack as an opportunity to launch their assault through a cloud of confusion. Luckily, community power slipped into the gap. ProtonMail raised more than $57,000 in just a few days through the ProtonMail Defense Fund to rebuild their infrastructure and retool their systems to resist further attacks.
Ubuntu 15.10 "Wily Werewolf" Appears
Canonical developer Adam Conrad has announced the release of Ubuntu 15.10 "Wily Werewolf." The latest release is the first to include a Linux 4.2-based kernel and the gcc-5 compiler collection. According to the announcement, the Ubuntu desktop edition includes "incremental improvements," such as newer versions of GTK and Qt, Firefox, LibreOffice, and the Unity desktop.
The server edition places the emphasis on OpenStack, with support for the latest OpenStack Liberty release and a full complement of OpenStack modules. Other improvements include new powers for the Juju orchestration tool, Open vSwitch 2.4.0, and the Ceph 0.94.3 "Hammer" distributed storage system.
Ubuntu provides separate editions for various IT use cases, including Desktop and Server, as well as a Cloud edition and the Snappy Core version for embedded single-board systems and devices. The Ubuntu team also supports an entourage of related projects built around different desktops and toolsets. Appearing along with the main Unity-based Ubuntu release were new versions of Kubuntu, Lubuntu, Ubuntu GNOME, Kylin (for Chinese-language users), MATE, Ubuntu Studio, and Xubuntu. See the Ubuntu 15.10 release notes for more on the latest version.
Ubuntu 15.10 is a standard release, with 9 months of free security updates for desktop and server users. The first release of 2016, Ubuntu 16.04 "Xenial Xerus," will be another Long-Term Service (LTS) release, with 5 years of bug fixes and security updates for both the server and desktop editions.
Buy this article as PDF
(incl. VAT)