Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Moose Malware Uses Linux Routers For Social Network Fraud
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
5/31/2015 | 11:23:01 PM
Re: Dissecting Moose
@Sara: At the very least, enterprises should acknowledge and accept that many routers and whatnot do not have default password changing as part of the wizard -- and make forced default password changing part of its own IT systems.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
5/31/2015 | 11:21:42 PM
Re: Dissecting Moose
@Dr.T: Indeed.  You could have the finest security measures in your platform in existence -- but if your users are failing to do basic things, then no amount of enhanced security can help you.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
5/31/2015 | 11:20:02 PM
Re: Dissecting Moose
Worth mentioning, of course, that the Linux kernel had more vulnerabilities discovered in it in 2014 than any other OS -- except Apple's (OSX and iOS), the other company with a Microsoft-bashing fandom.  ;)

( see, e.g., www.informationweek.com/ios-security-reports-say-no-iphone-is-safe/a/d-id/1319750 )

Of course, "vulnerabilities discovered" is different from "vulnerabilities that exist," but it's a point worth mentioning nonetheless.
RetiredUser
50%
50%
RetiredUser,
User Rank: Ninja
5/29/2015 | 5:36:31 PM
Re: Dissecting Moose
@Sara Peters - As @ColinC34 was quick to point out, this is about brute force attacks to gain entry, and not necessarily a Linux-specific vulnerability.  So, no, I don't think you're oversimplifying it at all.  Sometimes security is simple - you either put solid password management into practice, or you fall victim.  Regardless the system you're on.
RetiredUser
50%
50%
RetiredUser,
User Rank: Ninja
5/29/2015 | 5:32:59 PM
Re: Dissecting Moose
@ColinC34 Yes, which is why I noted " InfoSec is about more than the desktop and a minor difference in architecture" - I think the irony is more to the point that as secure as one system may be over another, InfoSec can't be simplified on that point :-)  And, yes, I'm writing this from my Debian GNU/Linux system for a reason!
nFrontSecurity
50%
50%
nFrontSecurity,
User Rank: Apprentice
5/29/2015 | 12:23:34 PM
Re: Dissecting Moose
Sara. 

The password issues is our specialty, check us out to see if we would be a good fit,  the trial download is FREE!!!

nFront Security!! 

 
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
5/29/2015 | 9:54:51 AM
Re: Dissecting Moose
The default password thing really is getting out of hand. Couldn't changing the password be a mandatory part of the configuration process? Something like a consumer router is likely going to configured by a regular user via a set-up wizard. Just make changing the password part of that wizard. Am I oversimplifying this or missing the point or something?
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/28/2015 | 2:28:07 PM
Anti-virus in a router?
Let's try this. Next thing they will suggest is to but more resources to cover the overhead in the router. Packet inspection is already available, I do not think we are in lack of tool, what we are lacking is a strategy to deal with the security in most cases.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/28/2015 | 2:24:44 PM
Re: Dissecting Moose
I hear you, I would still consider weak password is a security hole in OS tough. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/28/2015 | 2:23:33 PM
Re: Dissecting Moose
Linux may still be better system to prevent from attacks then windows because of architectural and how processes run. You do not expect any process would take over a resource and crash whole system down in Linux/Unix world. That is still not the case in Windows.
Page 1 / 2   >   >>


How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3318
PUBLISHED: 2021-01-27
attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter.
CVE-2020-5427
PUBLISHED: 2021-01-27
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
CVE-2020-5428
PUBLISHED: 2021-01-27
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
CVE-2021-20357
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963.
CVE-2020-4865
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741.