News for Admins
Tech News
Yet Another Botnet Targeting Linux
Recently the drastic rise in cryptocurrency trading prices has led to numerous online systems falling prey to botnets, seeking to mine for profit. This botnet, dubbed WatchDog, was discovered by Unit 42 (https://unit42.paloaltonetworks.com/), who realized this particular threat has been active since January 2019.
WatchDog was written in Go and uses outdated enterprise applications as a point of entry. So far, Unit 42 has found 33 exploits, targeting 32 vulnerabilities in open source software, such as Drupal, Elasticsearch, Apache Hadoop, Redis, and the ThinkPHP framework.
Unit 42 estimates around 500 to 1,000 infected systems are currently being used by WatchDog to mine for cryptocurrency and the total profit was estimated at 209 Monero coins (worth roughly $32,000). However, the researchers have only been able to analyze a few binaries, so the figure will most likely be considerably higher.
The one silver lining is that Unit 42 has yet to discover that any credentials have been stolen. That, of course, could change at any moment. To that end, all admins are encouraged to keep all Linux systems (and the apps that run on said systems) updated.
For more information on WatchDog, read the full Unit 42 report (https://unit42.paloaltonetworks.com/watchdog-cryptojacking/).
Linux Kernel 5.11 Released
Linus Torvalds (the creator of Linux) has officially released the latest kernel for the open source operating system. Kernel 5.11 includes the usual dose of expanded hardware support, as well as a feature that should excite gamers, and an improvement for Wi-Fi.
As far as expanded hardware support, kernel 5.11 has brought improvements to RISC-V, as well as support for RISC-V CPU architecture such as OpenRISC support for the LiteX SoC controller driver.
On the Intel side of things, kernel 5.11 adds support for: Iris Xe GPU, Software Guard Extensions (SGX), and Intel Platform Monitoring Technology (PMT). Conversely, Intel Itanium support has finally been dropped.
With AMD, 5.11 enhances performance for Zen 2/Zen 3 CPUs and adds support for Van Gogh.
Finally, Nvidia RTX 30 GPU support has been added.
One of the more exciting additions to the kernel is the inclusion of the Syscall User Dispatch (SUD), which provides functionality for compatibility layers for quick capture of system calls issued by a non-native part of an application. This addition will greatly improve Windows games running via Proton or Wine.
Finally, the Linux kernel is adding support for the 6GHz band (Ultra High Band or UHB) support for WiFi 6E in the Intel WiFi "IWLWIFI" driver. This will make it possible to connect to wireless channels that use Ultra High Band.
Read more about kernel 5.11 in Linus' official release announcement (http://lkml.iu.edu/hypermail/linux/kernel/2102.1/08310.html).
Ubuntu Core 20 Officially Released
If you're an IoT or embedded device developer, the release of Ubuntu's latest "core" edition should have you excited. Why? Because this latest iteration of Ubuntu Core includes a number of features focused on security. In fact, as of this release, Mark Shuttleworth, founder and CEO of Canonical (the company behind Ubuntu), says, "Every connected device needs guaranteed platform security and an app store." He continues, "Ubuntu Core 20 enables innovators to create highly secure things and focus entirely on their own unique features and apps, with confinement and security updates built into the operating system."
Three specific security-minded features are:
- Cryptographically-authenticated boot.
- Full disk encryption.
- Manual and remote recovery modes.
Ubuntu Core 20 also addresses the cost of design by working with silicon providers and ODMs to streamline the process of bringing a new device to market. This is accomplished with a new service, dubbed "SMART START" (https://ubuntu.com/smartstart), which they call "smart things as a service." This new feature is targeted toward enterprise-class businesses seeking to become connected product manufacturers. SMART START combines hardware certification, software, and services to help accelerate the development process. SMART START offers a fixed-priced engagement for the launch of a device, which covers consulting, engineering, and updates for the first 1000 devices on certified hardware.
Read the full Ubuntu Core 20 release here: https://ubuntu.com/blog/ubuntu-core-20-secures-linux-for-iot.
CloudLinux Offering Lifecycle Support Service for Expired Linux Distributions
What happens when you have a server running a Linux distribution that's reached its end of life? Typically you migrate that server over to a newer release, and hope everything goes well. But what about those instances when you either don't have the time to make the switch or you know the software on the current platform isn't supported on the newer release? You desperately hold on to that deployment, trying to figure out a way to get updates, even with the EOL status.
That's where CloudLinux comes into play. The company responsible for AlmaLinux (a 1:1 binary compatible distribution with RHEL) has started offering Extended Lifecycle Support (ELS) support beyond EOL for some distributions. Here's what they currently offer:
- ELS for CentOS 6 to June 2024.
- ELS for Oracle Linux 6 starting February 2021 to February 2025
CloudLinux is also working on ELS support for Ubuntu 16 (set to expire April 2021) and Debian 9 (set to expire June 2022).
Igor Seletskiy, CEO and founder of CloudLinux, had this to say about why they're offering ELS support, "At CloudLinux we realized that a large volume of Linux users are at risk…relying on unsupported operating systems (OS). That is, unless these users rapidly move to an alternative OS which is not necessarily practical."
The ELS updates will include the kernel and other necessary packages like Apache, PHP, MySQL, GLibc, OpenSSL, and OpenSSH.
To find out more about CloudLinux ELS support (such as cost), check out their official Extended Lifecycle Support page: https://www.cloudlinux.com/extended-lifecycle-support.