Language Selection

English French German Italian Portuguese Spanish

Server: CentOS, MitM, Ceph, Kubernetes and Linux Bashing

Filed under
Server
  • Learn CentOS Part 11 - Installing and removing Packages

    In the "Learn CentOS" series, you'll learn all the skills you'll need to know to manage real servers and get you on your way to mastering the art of Linux administration.

  • How to avoid man-in-the-middle cyber attacks

    Remember, you don't have to click anything online right away, and you don't have to follow random people's instructions, no matter how urgent they may seem. The internet will still be there after you step away from the computer and verify the identity of a person or site demanding your attention.

    While MITM attacks can happen to anyone, understanding what they are, knowing how they happen, and actively taking steps to prevent them can safeguard you from being a victim.

  • Another perspective on Swift versus Ceph today

    Mark's perspective is largely founded in the fault tolerance and administrative overhead. However, let's a look at "keep using [Ceph] for object too".

    Indeed the integration of block, POSIX, and object storage is Ceph's strength, although I should note for the record that Ceph has a large gap: all 3 APIs live in separate namespaces. So, do not expect to be able to copy a disk snapshot through CephFS or RGW. Objects in each namespace are completely invisible to two others, and the only uniform access layer is RADOS. This is why, for instance, RGW-over-NFS exists. That's right, not CephFS, but NFS. You can mount RGW.

    All attempts at this sort of integration that I know in Swift always start with a uniform access first. It the opposite of Ceph in a way. Because of that, these integrations typically access from the edge inside, like making a pool that a daemon fills/spills with Swift, and mounting that. SwiftStacks's ProxyFS is a little more native to Swift, but it starts off with a shared namespace too.

  • API Priority and Fairness Alpha

    This blog describes “API Priority And Fairness”, a new alpha feature in Kubernetes 1.18. API Priority And Fairness permits cluster administrators to divide the concurrency of the control plane into different weighted priority levels. Every request arriving at a kube-apiserver will be categorized into one of the priority levels and get its fair share of the control plane’s throughput.

  • BlackBerry: Chinese cybercriminals target high-value Linux servers with weak defenses [Ed: To CBS, servers that are improperly maintained or set up are "Linux"; if it's something Windows, they won't even specify the platform and won't blame Microsoft.]

More of this FUD

When ZDNet covers "Linux"...

The headlines that omit Windows

  • Linux Servers Under Attack for a Decade

    The "Decade of the RATs Research Report," published today by BlackBerry, reveals how five Chinese APT groups targeted Linux servers, Windows systems, and mobile devices running Android in a prolonged cross-platform attack.

    Researchers said that they are confident that the APT groups "are likely comprised of civilian contractors working in the interest of the Chinese government who readily share tools, techniques, infrastructure, and targeting information with one another and their government counterparts."

Not blaming just "Linux"

  • BlackBerry uncovers hacker tools that it says opened data servers for a decade

    It says the tactics give the hackers the ability to extract information from huge amounts of valuable data from computers using the Linux operating system, which is used on most of the world’s web servers and cloud servers.

    [...]

    But, he said, BlackBerry asserts that the security industry has missed a major component of tactics used by a well-established hacker umbrella group known as WINNIT, which the company says works with China’s government.

    “As an industry, we’ve tended to focus too much on Windows-based devices because they make up the lion’s share of the devices out there,” Cornelius said.

    “But the adversaries are determined and dedicated and . . . they find any opportunity and, in this case, we’ve called out some really novel techniques they’ve used against Linux and even the Android operating system to accomplish their goals.”

    Cornelius said the point of these China-backed hacking campaigns is to exfiltrate, or steal, information that the United States has claimed is worth “multiple billions of dollars” in intellectual property.

More of this and beyond

Dark Nexus: evolving IoT botnet targets variety of devices

  • Dark Nexus: evolving IoT botnet targets variety of devices

    Security researchers are tracking a new botnet that has been in rapid development for the past several months and targets embedded devices with binaries that are cross-compiled for 12-CPU architectures.

    According to a new report from security vendor Bitdefender, the Dark Nexus botnet borrows ideas and features from previously successful IoT threats like Qbot and Mirai, but is largely an original creation by an established malware developer who advertises distributed denial-of-service (DDoS) services on YouTube and other social media websites.

    The bot client is cross-compiled for 12-CPU architectures, which means it can infect a wide variety of devices including routers, digital video recorders (DVRs) and surveillance cameras. Recent versions also deploy a SOCKSv5 proxy on the compromised systems, allowing hackers to tunnel malicious traffic through them in addition to abusing them in DDoS attacks.

More on BlackBerry

  • BlackBerry uncovers China-backed hacking campaign on Linux servers

    BlackBerry Ltd. says it has uncovered how China-backed hackers have been able to extract data from many of the world’s servers for a decade without being noticed.

    BlackBerry executive Eric Cornelius says the hackers have been skilful in disguising some of their software tools to appear like advertising software that poses a low-level security risk.

  • APTs infiltrated Linux servers undetected for nearly 10 years

    New research from BlackBerry painted a bleak picture for Linux security.

    BlackBerry on Tuesday published a report called "Decade of the RATs: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android" that showcased how five related advanced persistent threat (APT) groups connected to the Chinese government have targeted Linux, Windows and Android devices for years.

Want to stay under the radar for a decade or more?

  • Want to stay under the radar for a decade or more? This Chinese hacking crew did it... by aiming for Linux servers

    A group of hackers operating as an offshoot of China's Winnti group managed to stay undetected for more than a decade by going open source.

    A report from BlackBerry outlines how the group, actually a collection of five smaller crews of hackers thought to be state-sponsored, assembled in the wake of Winnti and exploited Linux servers, plus the occasional Windows Server box and mobile device, for years.

    "The APT groups examined in this report have traditionally pursued different objectives and focused on a wide array of targets," BlackBerry noted.

    China's Winnti hackers (apparently): Forget the money, let's get political and start targeting Hong Kong students for protest info
    READ MORE

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Reading about open source in French

English speakers have so many wonderful open source resources that it's easy to forget that communications in English aren't accessible to everyone everywhere. Therefore, I've been looking for great open source resources in Spanish and French, so I can recommend them when the need arises. One I've been looking at recently is LinuxFr.org, which seems to be a fine "agora" for all sorts of interesting conversations in French about open source specifically and open everything else as well. Read more

Open Source Password Manager Bitwarden Introduces Two New Useful Features: Trash Bin & Vault Timeout

Bitwarden is unquestionably one of the best password managers available for Linux. It’s also a cross-platform solution — so you can use it almost anywhere you like. You can also read our review of Bitwarden if you want to explore more about it. Now, coming back to the news. Recently, Bitwarden introduced two new major features that makes it even better. Read more

6 Kubernetes Security Best Practices Every Linux Administrator Should Know

Kubernetes is a popular container orchestration platform used by many professionals around the world. It’s an open-source platform that enables you to manage containerization, providing you with feature-rich controls. However, Kubernetes is not easy to learn and maintain. To properly secure Kubernetes operations, you need to adopt certain best practices. Read more

Linux at Home – Take a break with rapid gameplay

In this series, we look at a range of home activities where Linux can make the most of our time at home, keeping active and engaged. The change of lifestyle enforced by Covid-19 is an opportunity to expand our horizons, and spend more time on activities we have neglected in the past. We’ve seen welcome relief in the past few weeks in European countries, with marked declines in Covid-19 associated deaths. Sadly, the pandemic is rampant in many countries including Mexico, USA, Brazil, and India. Given that working from home is likely to remain popular, it’s essential we strike a balance. When working from home, it’s very easy to lose track of time. It’s important to take regular breaks. Playing video games offers one avenue. There are many benefits of playing video games. Examples include improved coordination, problem-solving skills, it improves attention and concentration, and much more. Read more