Explore

Loading

Wednesday, December 19, 2012

Linux servers targeted by new drive-by iFrame attack Serves online banking malware

The Linux/Chapro.A. attack is starting to look like part of a trend for using 64-bit Apache as a malware conduit, bearing a resemblance to the similarly-crafted but apparently unrelated ‘Snasko' rootkit attack discovered last month. 
Aimed at Russian and European bank users, Chapro injects malicious content into web pages, targeting Windows users vulnerable to one of several well-known Java, IE and Adobe flaws using the ‘Sweet Orange exploit pack hosted on a remote server.
A secondary main task is to hide itself from admins for as long as possible, dropping a cookie and recording the IP address of the infected machine. That means the PC will not be infected over and over when returning, making it harder for researchers to detect where a given infection happened.
"The attack described in the present analysis shows the increased complexity of malware attacks.  This complicated case spreads across three different countries, targeting users from a fourth one, making it very hard for law enforcement agencies to investigate and mitigate its effects," said ESET's Pierre-Marc Bureau.
The main difference between the new attack and Snasko is its greater menace; the latter seemed rough around the edges. This one looks like a fully-functioning attack system, albeit that ESET said it hadn't detected many examples of the attack in the wild.

Three new features coming in Linux Mint 15


It's been just a few weeks since the launch of Linux Mint 14 “Nadia,” but already the project behind the popular distribution has been making plans for its next release.
In fact, last week project lead Clement Lefebvre laid out a roadmap for Linux Mint 15, whose nickname is still to be decided.
Linux Mint has remained at the top of DistroWatch's page hit rankings for the past year or so, making its next version a topic of widespread interest.
Ready for a rundown? Here are three features we can expect to see in Linux Mint 15.
1. Cinnamon 1.8
It's already been a full year since the launch of the GNOME 2-like Cinnamon desktop environment, and the next version of Linux Mint will use Cinnamon 1.8.
Included along with that popular desktop will be desklets, or desktop widgets, such as for system monitor, terminal, and picture, video, and slideshow frame; themes with configurable color schemes; calendar events similar to those in KDE; and new applets including an email notifier and an RSS reader similar to Pulse.
Also coming will be bump maps and a control center governing settings for both Cinnamon and GNOME properties, among other features.
2. Nemo 1.8
Cinnamon's default Nemo file manager, a fork of Nautilus, will be upgraded to version 1.8 in the next Linux Mint release, according to the roadmap. Along with it will come an action API, disk management, file preview capabilities, and user interface improvements.
3. MDM 1.2
Version 1.2 of the Mint Display Manager (MDM), meanwhile, will bring new capabilities as well. Themes, for example, will be able to have borders around text fields.
Other new features coming in Linux Mint 15 include user interface improvements for software management and the live installer as well as a new screensaver and driver manager.
Based on Ubuntu, Linux Mint issues new releases twice a year. The current version, “Nadia,” was rolled out in November. 

Linux Top 3: Hello ARM, Goodbye 386


Last week was a busy one on the Linux Planet with new kernels, new distributions and a (not so) fond farewell to Linux's first architecture.

1) Linux 3.7

The Linux 3.7 kernel was formally released by Linus Torvalds last week ushering in a new era for Linux on ARM. After years of fractured development across multiple version of ARM, unified system architecture support for ARM landed in the 3.7 kernel. The 3.7 kernel also provides full support for ARM v8 which provides 64-bit capabilities.
Btrfs continues to mature in Linux 3.7 by way of a number of incremental improvements including fsync()speedups and the remove of hard link limits.
On the networking side, Linux 3.7 now support VXLAN (Virtual eXtensible LAN), which is a tenant of the Software Defined Networking (SDN) movement). VXLAN is a layer 2 overlay over a Layer 3 network. VXLAN was started as a joint effort of Cisco and VMware and is not in the process of moving through the IETF for standardization.

Also on the networking side for Linux 3.7 is TCP Fast Open for servers. TCP Fast Open is a new Google led networking approach tha delivers an optimized method for performing the initial TCP handshake in a data connection. The initial code commits for TCP Fast Open debuted on the client side in Linux 3.6 in October of this year.

2) Linux 386

The cycle of kernel development never ends. When one kernel is released that the signal for the merge window on the next kernel.
While it is still early in the merge window for the Linux 3.8 kernel, we already know off at least on thing that will not be included: support for 386.
That's right Intel's original 386 has remained supported in the bleeding edge of the mainline kernel since the day Linus started and remains so today. That won't be the case in the mainline kernel beginning with Linux 3.8 in 2013.
Linux kernel developer Ingo Molnar got Linus Torvalds to pull in the, 'x86-nuke386-for-linus' code tree on Tuesday. According to Molnar,"this tree removes ancient-386-CPUs support and thus zaps quite a bit of complexity: 24 files changed, 56 insertions(+), 425 deletions(-)... which complexity has plagued us with extra work whenever we wanted to change SMP primitives, for years."
Molnar noted however that there is a cost.
Nostlagia.
"Your old original 386 DX33 system from early 1991 won't be able to boot modern Linux kernels anymore. Sniff," Molnar wrote.

3) Slax 7

Some distributions have milestone updates somewhat less regularly than others. Case in point is the Slackware based Slax distribution.
This past week, the first major Slax update in three years was released with Slax 7.0, code name, Green Horn.
"Slax 7.0 is the major update of Slax Linux live operating system. It includes newest Linux Kernel, KDE4 desktop, GCC compiler and lots of other stuff and that all in just a ~210MB download," Slax developer Tomas Matejicek wrote in his release announcement


Credits:http://www.linuxplanet.com/news/linux-top-3-hello-arm-goodbye-386.html
.