Language Selection

English French German Italian Portuguese Spanish

Security and FUD (Fear, Uncertainty, Doubt)

                   

  • Ransomware took heavy toll on US in 2020: researchers [iophk: Windows TCO]

                     

                       

    The study released Monday by the security firm Emsisoft said ransomware attacks -- which encrypt and disable computer systems while demanding a ransom -- affected 113 federal, state and municipal governments, 560 health facilities and 1,681 schools, colleges and universities last year.

                       

    "The attacks caused significant, and sometimes life-threatening, disruption: ambulances carrying emergency patients had to be redirected, cancer treatments were delayed, lab test results were inaccessible, hospital employees were furloughed and 911 (emergency) services were interrupted," the report said.

  • Security updates for Thursday

    Security updates have been issued by Debian (mutt), Fedora (libntlm, mingw-python-pillow, python-pillow, and sudo), Mageia (kernel), SUSE (gdk-pixbuf, perl-Convert-ASN1, samba, and yast2-multipath), and Ubuntu (linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.4, linux-hwe-5.8, linux-oracle). 

  •  

  • Pwnable Document Format: Windows PDF viewers outperformed by browser, macOS, Linux counterparts

    PDF viewers built into leading web browsers and applications for macOS and Linux were only susceptible to comparatively trivial attacks such as denial of service (DoS).

    [...]

    Susceptible to eight of 10 attack techniques, the worst culprits overall were PDF-Xchange Viewer and PDF-Xchange Viewer for Windows.

    PDFelement and iSkysoft, prone only to DoS, were honorable exceptions to the otherwise unimpressive Windows scorecard.

  •  

  • 'FreakOut' Botnet Targets Unpatched Linux Systems [Ed: This is FUD and not about "Linux"; it's about unpatched programs that have nothing to do with Linux, but they ascribe guilt by association (human error/negligence)]

    Researchers are tracking a new botnet dubbed "FreakOut" that's targeting vulnerabilities in Linux systems. Botnet operators have been mass-scanning for vulnerable Linux devices, and the command-and-control server associated with FreakOut has now targeted several hundred vulnerable devices.

  • Bot ‘FreakOut’ leverages three critical vulnerabilities to attack Linux systems [Ed: Same as above]
  • List of DNSpooq vulnerability advisories, patches, and updates [Ed: Microsoft-connected sites keep trying to blame this on "Linux"]

    Yesterday, seven Dnsmasq vulnerabilities were disclosed, collectively known as DNSPooq, that attackers can use to launch DNS Cache Poisoning, denial of service, and possibly remote code execution attacks, on affected devices.

More in Tux Machines