NEWS

Bad Trojan Threatens Two Thirds of All Android Devices

A malicious Android ransomware attack, which was first discovered in 2014, has returned with some new tactics that are succeeding in infecting Android devices around the world. According to a recent post at the Symantec site, the Android.Lockdroid.E attack affects all Android versions before Android 5 "Lollipop," which means it threatens around 67 percent of all Android phones.

The new version of Android.Lockdroid.E offers to install a package for the user in order to obtain admin privileges for the device. Once it has admin privileges, it can do anything to the device, including locking or deleting the data or even changing the device PIN.

Most versions of the attack eventually lead to the trojan encrypting the user data and insisting that the user pay a "penalty" for accessing forbidden materials online.

Critical Linux Kernel Bug Discovered

Security researchers at Perception Point Software have identified a 0-day privilege escalation vulnerability in the Linux kernel. According to the report, the problem has existed since 2012. The report states that the vulnerability "could affect tens of millions of Linux PCs and servers and 66 percent of all Android devices."

The problem, which has the CVE number CVE-2016-0728, is related to the keyring facility in the Linux kernel, which is "… a primary way for drivers to cache security data, authentication keys, encryption keys, and other data in the kernel."

All Linux users are urged to install the necessary patches as they become available. Refer to the security bulletin for your Linux distro. For more information, see the full report at the Perception Point website.

One Third of All IT Infrastructure Expenditure is Going to Cloud

According to a report from IDC, one third of all IT infrastructure money is now spent on the cloud. The Worldwide Quarterly Cloud IT Infrastructure Tracker says a total of $7.6 billion was spent in the third quarter of 2015. The total cloud expenditure was up 23 percent since this time a year ago. The report does not track direct cloud space allocations but measures server, disk storage, and Ethernet switch spending for cloud environments. In other words, the study shows how much companies are investing in building data centers to support public and private cloud operations.

Dell sold the most cloud infrastructure, with a little over 15 percent share of the total vendor revenue, followed by Dell, Cisco, EMC, and NetApp. Unlike in some areas of high tech, the big players didn't own the whole market. Original Design Manufactures (ODMs) had 29.4 percent of the market share, and 17.5 percent went to smaller vendors grouped together into the "Other" category.

See the report in the Register for more information: http://www.theregister.co.uk/2016/01/15/idc_third_of_it_spend_going_cloud/

 

Linux Magazine

http://www.linuxmagazine.com

Off the Beat * Bruce Byfield

Security's Weakest Link Is People

A few years ago, a neighbor asked me to help secure their computer. I'm not an expert on Windows, but I told them to run non-administrative accounts except when doing maintenance, and set passwords for their regular accounts.

Open Hardware, Free Software, and Crowdfunding

Open hardware is finally coming of age. Thanks to the combination of free software and crowdfunding, dozens of small projects and businesses are producing innovative and useful examples of open hardware.

11 Free-Licensed Sans Serif Fonts

Of the 708 free-licensed fonts currently available on Google Fonts, 191 are categorized as sans serif. That's not surprising, because sans serifs are among the most versatile of modern fonts.

Markdowned: Markdown Editor in a Single HTML File

Markdowned editor indeed consists of a single editable HTML file, which is rather nifty if you think about it. There is no need to install anything, and you can use the editor on any device with a browser.

WordPress Desktop App for Linux

Not so long ago, Automattic released the WordPress desktop app for all major platforms, including Linux. The idea of using a website via a dedicated desktop app instead of a browser may sound silly, but after having used the app for a while, I must admit that it makes a lot of sense.

KeeWeb: A Better Desktop and Web App for KeePass Databases

KeePass is one of the best password managers out there, but let's face it: the KeePass 2.x application written in Mono installs a huge number of dependencies and it looks anything but sleek on the Linux desktop.

Host Media Content with Linx-Server

Another week, another file hosting web application. This time it's linx-server, an app written in Go that has several things going for it. For starters, linx-server can handle mixed content: besides images, it can be used to host videos and publish text snippets.

ADMIN HPC

http://hpc.admin-magazine.com/

How Persistent Memory Will Change Computing Jeff Layton

The same data storage hierarchy paradigm has been used for many years, and seemi ngly it works quite well. However, a new kind of data storage is coming that will completely disrupt this hierarchy and force the developer, user, and admin, to rethink how and where they store data.

ADMIN Online

http://www.admin-magazine.com/

Develop your own Scripts for Nmap

Holger Reibold

Nmap does a great job with standard penetration testing tasks, but for specific security analyses, you will want to develop your own test scripts. The Nmap Scripting Engine makes this possible.

Setting up Google Apps for Work

Sandro Lucifora

We show how to set up Google Apps for Work and how to configure them for company use.

Using the MQTT IoT protocol for unusual but useful purposes * Jan-Piet Mens

Although the MQTT protocol is usually associated with the Internet of Things, it also works in some very different situations, such as monitoring, for example.

VM and Cloud Management with OpenQRM

Thomas Zeller

OpenQRM is a web-based, open source, data center management and cloud platform that offers many popular Linux tools with no major configuration overhead. We show you how to use it.

Improving Docker Security Now and in the Future

Sebastian Meyer

The focus for container solutions such as Docker is increasingly shifting to security. Some vulnerabilities have been addressed, with plans to take further steps in the future to secure container virtualization.

Magnum: Exploring OpenStack's Container API Udo Seidel

The Magnum project brings Docker container technology to the OpenStack cloud.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

News