News for Admins

Tech News

Attackers Use PRoot to Expand Scope of Linux Attacks

The Sysdig Threat Research Team (https://sysdig.com/blog/proot-post-explotation-cryptomining/) recently reported attackers "leveraging an open source tool called PRoot (https://proot-me.github.io/) to expand the scope of their operations to multiple Linux distributions."

Typically, the researchers note, attacks are "limited by the varying configurations of each Linux distribution." Using PRoot, however, "there is little regard or concern for the target's architecture or distribution since the tool smooths out the attack struggles often associated with executable compatibility, environment setup, and malware and/or miner execution," Sysdig says.

Bill Toulas at Bleeping Computer (https://www.bleepingcomputer.com/news/security/hackers-hijack-linux-devices-using-proot-isolated-filesystems/) explains it this way: "Hackers are abusing the open source Linux PRoot utility in Bring Your Own Filesystem (BYOF) attacks to provide a consistent repository of malicious tools that work on many Linux distributions. A BYOF attack is when threat actors create a malicious filesystem on their own devices that contain a standard set of tools used to conduct attacks."

A runtime detection layer, such as Falco (https://www.cncf.io/projects/falco/), can help observe this type of threat and reduce your risk of exploitation, Sysdig says.

WSL Version 1.0.0 Now Available

The Windows Subsystem for Linux (WSL) has dropped its "Preview" label and is now generally available as version 1.0.0 (https://github.com/microsoft/WSL/releases/tag/1.0.0) in the Microsoft Store.

According to the announcement (https://devblogs.microsoft.com/commandline/the-windows-subsystem-for-linux-in-the-microsoft-store-is-now-generally-available-on-windows-10-and-11/), the Store version will now be the default for new users who run wsl --install.

Existing WSL users can easily upgrade by running wsl --update. "Using the Store version of WSL allows you to get updates to WSL much faster compared to when it was a Windows component," says Craig Loewen (https://devblogs.microsoft.com/commandline/a-preview-of-wsl-in-the-microsoft-store-is-now-available/). As of this release, WSL in the Store will be available on Windows 10 in addition to Windows 11.

Additionally, Loewen notes, "with the Store version of WSL, there are a lot of names to keep track of." There are two types of WSL distros, Loewen explains: WSL 1 and WSL 2. "These matter for how your distro runs and behaves, as they have different architectures. WSL 2 distros have faster file system performance and use a real Linux kernel, but require virtualization." Refer to the WSL version comparison (https://learn.microsoft.com/windows/wsl/compare-versions) to learn more.

Demand for Tech Talent Remains High

Despite industry layoffs, economic challenges, and reported hiring freezes, demand for tech talent remains high (https://www.fosslife.org/open-source-jobs-report-talent-high-demand), according to a recent survey from Dice, "with more than 3.8 million tech jobs posted in 2022 so far." And, many technology professionals are still looking to change jobs.

More than half of respondents (52 percent) to Dice's 2022 Tech Sentiment Report (https://www.dice.com/recruiting/ebooks/dice-tech-sentiment-report/) said they were likely to switch jobs in the next year (up from 44 percent last year).

Employer reputation and culture are among key considerations for job seekers, as "nearly 90 percent of tech professionals feel an employer's brand is important when considering a new employer, and nearly 8 in 10 said they would not apply for a higher paying job at a company with a bad reputation," the Dice report says.

Respondents ranked the following factors as important in terms of employer brand:

  • Culture (85%)
  • Corporate reputation (66%)
  • Product and purpose (62%)

The ability to work remotely is also important, Dice says, as 60 percent of respondents said "100% remote" was their most desired workplace setting compared to 53 percent in 2021.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus