News for Admins
Tech News
Hive Ransomware Hitting Linux and FreeBSD Systems
ESET, a Slovak security firm, has discovered versions of the Hive ransomware for both Linux and FreeBSD systems. However, the encryptors that have been developed for these systems are still in development and are quite buggy. In fact, according to ESET researchers, both encryptors completely fail when the malware payload is executed with an explicit path. And in comparison to the Windows version of Hive, the Linux/FreeBSD iteration only includes one command-line parameter (-no-wipe
). When executed without root permission, the Linux variation of Hive fails to trigger the encryption, because it isn't capable of injecting the ransom note into the device's root filesystem.
Hive is a ransomware group that has already affected more than 30 organizations but only counts their victims among those who have refused to pay the ransom to get their data back. According to Fabian Wosar, "The reason why most ransomware groups implemented a Linux-based version of their ransomware is to target ESXi specifically." ESXi is VMware's bare-metal hypervisor.
Because of the continued rise of targeting Linux systems with ransomware, it has become even more important that admins keep their systems up to date and make use of tools like Rootkit Hunter.
Read the original Tweet thread from ESET research on the issue (https://twitter.com/ESETresearch/status/1454100591261667329).
SUSE Reaches Beyond the Edge with SUSE Linux Enterprise Micro 5.1
SUSE has offered a lightweight version of SUSE Linux Enterprise (SLE) for some time now. This version of their enterprise OS is purpose-built for containerization and virtualization. But as of version 5.1, it adds a third use case: edge.
Three of the very exciting, new edge-centric features are secure device onboarding, live patching, and the ability to enable the modernizing of workloads with support for IBM Z and LinuxOne.
SLE Micro is built to scale, which means enterprise users can incorporate the platform into their digital transformation, even when deployed on the edge. These deployments can help with the migration from monoliths to microservices at any pace.
Of this new release, Thomas Di Giacomo, SUSE chief technology and product officer, says, "SLE Micro is rapidly becoming a critical foundation of customers' digital transformation, as evidenced by a large U.S.-based systems integrator choosing SLE Micro to modernize their embedded systems with a seven-figure investment." Giacomo adds, "They want to support container workloads on an immutable infrastructure that is easy to maintain and update, enabling them to reduce maintenance costs and modernize their systems infrastructure. This win, within six months of SLE Micro's introduction, underscores the enterprise readiness of SLE Micro, which is the result of leveraging decades of enterprise-hardened technology components of the SUSE Linux Enterprise family."
The benefits of SLE Micro include:
- Decreased deployment time and fewer manual processes with improved onboarding security through secure device onboarding of appliances and devices.
- Reduced costly downtime per device with live patching of the kernel.
- Capability for the gradual modernization of applications toward a microservice-based architecture.
Find out more about SUSE Micro (http://www.suse.com/products/micro).
Ubuntu Server 21.10 Now Available
With the latest iteration of Ubuntu Server officially out, developers for edge use cases will find some important features have been added. One very exciting addition is needrestart
. With this new piece added into the mix, admins won't have to worry about restarting certain services after upgrading libraries. This is important when you're upgrading libraries to fix CVE vulnerabilities. Because of the existence of needrestart
, the services those libraries affect won't have to be restarted upon upgrading. Although needrestart
has been available for some time, it is now added by default in Ubuntu Server 21.10.
Other additions to 21.10 include Linux kernel 5.13, support for a wide variety of hardware including x64-64, ARMv7, ARM64, POWER8, POWER9, IBM s390x (LinuxONE), and RISC-V, and software updates such as Qemu 6.0, libvirt 7.6, PHP 8.0.8, Apache 2.4.48, GCC 11.2.0, Python 3.9.4, Bind 9.16.15, Open vSwitch 2.16.0, and OpenLDAP 2.5.6.
To download a copy of Ubuntu Server, head over to the official download page (https://ubuntu.com/download/server) and make sure to read the release notes (https://discourse.ubuntu.com/t/impish-indri-release-notes/21951) for more details.
Buy this article as PDF
(incl. VAT)