News for Admins
Tech News
Yet Another Botnet Targeting Linux
Recently the drastic rise in cryptocurrency trading prices has led to numerous online systems falling prey to botnets, seeking to mine for profit. This botnet, dubbed WatchDog, was discovered by Unit 42 (https://unit42.paloaltonetworks.com/), who realized this particular threat has been active since January 2019.
WatchDog was written in Go and uses outdated enterprise applications as a point of entry. So far, Unit 42 has found 33 exploits, targeting 32 vulnerabilities in open source software, such as Drupal, Elasticsearch, Apache Hadoop, Redis, and the ThinkPHP framework.
Unit 42 estimates around 500 to 1,000 infected systems are currently being used by WatchDog to mine for cryptocurrency and the total profit was estimated at 209 Monero coins (worth roughly $32,000). However, the researchers have only been able to analyze a few binaries, so the figure will most likely be considerably higher.
The one silver lining is that Unit 42 has yet to discover that any credentials have been stolen. That, of course, could change at any moment. To that end, all admins are encouraged to keep all Linux systems (and the apps that run on said systems) updated.
For more information on WatchDog, read the full Unit 42 report (https://unit42.paloaltonetworks.com/watchdog-cryptojacking/).
Linux Kernel 5.11 Released
Linus Torvalds (the creator of Linux) has officially released the latest kernel for the open source operating system. Kernel 5.11 includes the usual dose of expanded hardware support, as well as a feature that should excite gamers, and an improvement for Wi-Fi.
As far as expanded hardware support, kernel 5.11 has brought improvements to RISC-V, as well as support for RISC-V CPU architecture such as OpenRISC support for the LiteX SoC controller driver.
On the Intel side of things, kernel 5.11 adds support for: Iris Xe GPU, Software Guard Extensions (SGX), and Intel Platform Monitoring Technology (PMT). Conversely, Intel Itanium support has finally been dropped.
With AMD, 5.11 enhances performance for Zen 2/Zen 3 CPUs and adds support for Van Gogh.
Finally, Nvidia RTX 30 GPU support has been added.
One of the more exciting additions to the kernel is the inclusion of the Syscall User Dispatch (SUD), which provides functionality for compatibility layers for quick capture of system calls issued by a non-native part of an application. This addition will greatly improve Windows games running via Proton or Wine.
Finally, the Linux kernel is adding support for the 6GHz band (Ultra High Band or UHB) support for WiFi 6E in the Intel WiFi "IWLWIFI" driver. This will make it possible to connect to wireless channels that use Ultra High Band.
Read more about kernel 5.11 in Linus' official release announcement (http://lkml.iu.edu/hypermail/linux/kernel/2102.1/08310.html).
Ubuntu Core 20 Officially Released
If you're an IoT or embedded device developer, the release of Ubuntu's latest "core" edition should have you excited. Why? Because this latest iteration of Ubuntu Core includes a number of features focused on security. In fact, as of this release, Mark Shuttleworth, founder and CEO of Canonical (the company behind Ubuntu), says, "Every connected device needs guaranteed platform security and an app store. " He continues, "Ubuntu Core 20 enables innovators to create highly secure things and focus entirely on their own unique features and apps, with confinement and security updates built into the operating system. "
Three specific security-minded features are:
- Cryptographically-authenticated boot.
- Full disk encryption.
- Manual and remote recovery modes.
Ubuntu Core 20 also addresses the cost of design by working with silicon providers and ODMs to streamline the process of bringing a new device to market. This is accomplished with a new service, dubbed "SMART START" (https://ubuntu.com/smartstart), which they call "smart things as a service." This new feature is targeted toward enterprise-class businesses seeking to become connected product manufacturers. SMART START combines hardware certification, software, and services to help accelerate the development process. SMART START offers a fixed-priced engagement for the launch of a device, which covers consulting, engineering, and updates for the first 1000 devices on certified hardware.
Read the full Ubuntu Core 20 release here: https://ubuntu.com/blog/ubuntu-core-20-secures-linux-for-iot.
Buy this article as PDF
(incl. VAT)