Language Selection

English French German Italian Portuguese Spanish

Windows Security vs. Linux Security

Filed under
OS

If you’ve switched to Ubuntu from Windows, there’s a very good chance that the security failings of Windows featured in your decision. By any measure, Microsoft’s record on security within its products is appalling. A new and serious security warning appears seemingly on an ongoing basis, and a new and devastating virus makes news headlines with similar frequency (usually described as “a PC virus” rather than what it actually is: a Windows virus).

One argument is that Windows is the target of so many viruses merely because it’s so popular. Although it’s true that some of the underground crackers who write viruses dislike Microsoft, there’s also little doubt that Windows has more than its fair share of security issues.

The situation is certainly getting better but, even so, Microsoft’s latest operating system, provides many good examples of why it’s an easy target. Upon installation, the default user is given root powers.

More Here




More in Tux Machines

Security Leftovers

  • More good news: Medical equipment is still prone to [cracker] attacks [iophk: Windows TCO]

    A new report from Unit 42 says 72% of health care networks mix [Internet] of things (IoT) and information technology assets, allowing malware to spread from users’ computers to vulnerable IoT devices on the same network. The report also offers a lot of data on non-medical IoT attacks.

    There is a 41% rate of attacks exploiting device vulnerabilities, as IT-borne attacks scan through network-connected devices in an attempt to exploit known weaknesses. And Unit 42 has seen a shift from IoT botnets conducting denial-of-service attacks to more sophisticated attacks targeting patient identities, corporate data, and monetary profit via ransomware.

  • Conficker a Twelve Years Old Malware Attack Connected Objects [iophk: Windows TCO]

    Twelve years after its creation Conficker malware is now attacking connected objects. The American firm Palo Alto Networks announces that it has detected Conficker on the connected devices of a hospital, activating a resurgence of the twelve-year-old computer worm. It calls on all owners of connected objects to adopt the security measures recommended by specialists.

    According to a report released Tuesday, March 10, 2020, by IT expert Palo Alto Networks, a twelve years old computer worm called Conficker has recently made a comeback. The latter, which emerged in 2008 by taking advantage of security vulnerabilities in Microsoft’s Windows XP operating system, has generated a whole network of zombie machines.

    In 2009, Conficker reportedly infected up to 15 million machines. Still active, although it is considered a minor phenomenon and without real risk, it still infected some 400,000 computers in 2015. The proliferation of connected objects would have increased this number to 500,000 devices today.

  • [Older] Maastricht Univ. paid €250K to ransomware [attackers]: report [iophk: Windows TCO]

    Maastricht University paid between 200 thousand and 300 thousand euros to [attackers] who had blocked access to the university's digital systems with ransomware, various people involved told the Volkskrant. The university board was forced to pay because the university's backups were also hijacked. The backups [sic] - stored on the university servers - contain research data and data from students and staff from the past decades.

  • [Older] University of Maastricht says it paid [attackers] 200,000-euro ransom [iophk: Windows TCO]

    The University of Maastricht on Wednesday disclosed that it had paid [attackers] a ransom of 30 bitcoin — at the time worth 200,000 euros ($220,000) — to unblock its computer systems, including email and computers, after an attack that unfolded on Dec. 24.

  • [Older] Maastricht University Pays 30 Bitcoins as Ransom to TA505 Group[iophk: Windows TCO]

    A management summary of the Fox-IT report and Maastricht University’s response found that during the time frame of October 15 to 23 December 2019 (inclusive of both dates), the TA505 gained control over multiple servers. Following is the timeline of the events in the leadup to the final ransomware attack: [...]

  • FBI warns Zoom, teleconference meetings vulnerable to hijacking

    “The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” the FBI cautioned. “As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity efforts.”

    It’s not just private businesses and children whose meetings could be Zoombombed. Privacy and security issues in conferencing software may also pose risks to national security, as world leaders convene Zoom meetings. In some cases, world leaders such as U.K. Prime Minister Boris Johnson have shared screenshots of their teleconferencing publicly only to reveal Zoom meeting IDs, raising concerns that sensitive information could be compromised.

  • Qakbot malspam sent from an infected Windows host [iophk: Windows TCO]

    Every once in a while, I'll see spambot-style traffic from the Windows hosts I infect in my lab environment. On Tuesday 2020-03-31, this happened during a Qakbot infection. I've covered examining Qakbot traffic before, but that didn't include examples of spambot emails sent from an infected Windows computer. Today's diary provides a quick review of some email examples from spambot traffic by my Qakbot-infected lab host.

  • Varonis Exposes Global Cyber Campaign: C2 Server Actively Compromising Thousands of Victims [iophk: Windows TCO]

    During the analysis, we reversed this strain of Qbot and identified the attacker’s active command and control server, allowing us to determine the scale of the attack. Based on direct observation of the C2 server, thousands of victims around the globe are compromised and under active control by the attackers. Additional information uncovered from the C&C server exposed traces of the threat actors behind this campaign.

    [...]

    Qbot (or Qakbot) was first identified in 2009 and has evolved significantly. It is primarily designed for collecting browsing activity and data related to financial websites. Its worm-like capabilities allow it to spread across an organization’s network and infect other systems.

  • os x ssh fails when using -p flag/a>

    /usr/bin/ssh in macos 10.15.4 hangs if used with the -p flag to specify an alternate port and used with a hostname. This was not present in macos 10.15.3

What is Arch User Repository (AUR)? How to Use AUR on Arch and Manjaro Linux?

What is AUR? What are the pros and cons of using AUR? How to use AUR in Arch-based Linux distributions? This beginner’s guide answers all such questions.What is AUR? What are the pros and cons of using AUR? How to use AUR in Arch-based Linux distributions? This beginner’s guide answers all such questions. Read more

How to Setup CTRL+ALT+DEL As Task Manager in Ubuntu

If you are a beginner in Ubuntu Linux and migrated from Windows, this guide is for you. You can easily setup CTRL+ALT+DEL as Task Manager in Ubuntu Linux with just a few tweaks. Read more

today's leftovers

  • Linaro Tech Days: Wayland, Weston & Open Source GPU drivers

    This week, Daniel Stone and Tomeu Vizoso will be taking part in Linaro Tech Days, a series of technical sessions presented live online via Zoom webinar and streamed on YouTube. These sessions are free to attend and open to the public, however registration is recommended to view full session details, joining instructions, and more.

  • Mesa Developers Discussing Again Whether To Fork Or Drop Non-Gallium3D Drivers

    Back in December was a developer discussion over dropping or forking non-Gallium3D drivers. Since then the Intel "Iris" Gallium3D driver has successfully become the default OpenGL driver for Broadwell/Gen8 and newer while the non-Gallium3D drivers continue to just face bit rot. The discussion over dropping/forking non-Gallium3D Mesa drivers has been reignited. This mailing list thread is active again with discussions over getting rid of the Mesa "classic" drivers to allow better focusing on the modern Gallium3D drivers and Mesa's Vulkan drivers. Eliminating the classic drivers avoids the associated maintenance burden and also allows simplifying/improving the modern drivers without risking breakage/regressions and other headaches with the old drivers.

  • Gumstix’s Nano carrier quartet includes Snapshot board for connecting 16x HD cams

    Gumstix has launched four customizable carriers for Nvidia’s Jetson Nano including a Nano Snapshot model with 4x GbE-switched Nano modules for driving up to 16x HD streams via RPi cameras. A Yocto SDK includes TensorFlow support. Gumstix has launched a quartet of carrier boards that build on Nvidia’s Jetson Nano module, joining other Nano carriers from Aetina, AntMicro, Auvidea, AverMedia, and Nvidia itself. The boards are billed as “Edge AI devices designed to meet the demands of machine-learning applications moving massive data from the networks edge.”

  • Extensions in Firefox 75

    In Firefox 75 we have a good mix of new features and bugfixes. Quite a few volunteer contributors landed patches for this release please join me in cheering for them!

  • D.I.Y. Coronavirus Solutions Are Gaining Steam

    Mr. Cavalcanti, 33, is the founder of the Open Source COVID19 Medical Supplies, a Facebook group that is crowdsourcing solutions to address the diminishing stock of medical equipment around the world. Mr. Cavalcanti, the founder and C.E.O. of MegaBots, a robotics company, initially intended to focus on ventilators. A front-line surgeon in the Bay Area convinced him to go after the low-hanging fruit: sanitizer, gloves, gowns and masks for medical professionals. Stacks of ventilators wouldn’t do the public any good if there were no health care workers to operate them.

  • Join Us for SUSECON Digital on Wednesday, May 20

    I am thrilled to share that SUSECON Digital will launch on Wednesday, March 20! Whether you are tuning in from your mobile device or on your computer, SUSCON Digital will help you Be the Difference by ensuring you get the tools, skills, and insights you need to simplify, modernize, and accelerate your business – for free! You can register now.