Tux Machines

Security and FUD Leftovers

Posted by Roy Schestowitz on Oct 01, 2022

Videos: Mimicking Windows, SCP, and More

today's howtos

↺ ransomware

Microsoft SQL Server targeted by ransomware

↺ Microsoft SQL Server targeted by ransomware

> FARGO ransomware, also known as Mallox and TargetCompany, disables database protections then encrypts records within...

Chaos hits Linux and Windows machines [Ed: "SSH" and "Linux" FUD; bad passwords]

↺ Chaos hits Linux and Windows machines

> SSH infections using password brute-forcing and stolen keys also allow Chaos to spread from machine to machine inside an infected network.

Mandiant spots new malware targeting VMware ESXi hypervisors

↺ Mandiant spots new malware targeting VMware ESXi hypervisors

> Mandiant researchers said the backdoors were installed with a novel technique that used malicious vSphere Installation Bundles, though it's unclear how initial access was achieved.

How to get into cybersecurity with no experience

↺ How to get into cybersecurity with no experience

> Cybersecurity needs new talent now more than ever, but landing that first job without a computer science degree can still be difficult. Here are five tips for getting in the door.

What the Securing Open Source Software Act does and what it misses [Ed: Linux-hostile companies that fund ZDNet are behind this; they don't care about security, they just use that as a leash on communities]

↺ What the Securing Open Source Software Act does and what it misses

↺ they don't care about security, they just use that as a leash on communities

> The Securing Open Source Software Act, however, moves open source from the realm of policy and regulation decisions into federal law. This bill will direct the CISA to develop a risk framework to evaluate how open-source code is used by the federal government. The CISA would also decide on how the same framework could be used by critical infrastructure owners and operators.

gemini.tuxmachines.org