Wednesday , 18 July 2018
Home >> E >> Enterprise Applications >> Step aside, Windows! Open source and Linux are IT’s new security headache

Step aside, Windows! Open source and Linux are IT’s new security headache

Windows has long been the world’s biggest malware draw, exploited for decades by attackers. It continues today: The Carbon Black security firm analyzed 1,000 ransomware samples over the last six months and found that nearly 99% of them targeted Windows.

That’s not news for IT administrators, of course. But this might be: Linux and other open-source software are emerging as serious malware targets. Several recent highly publicized attacks exploit holes in open-source software that many enterprise admins once considered solidly safe.

Let’s start with the big one: the recently disclosed Equifax break-in that resulted in the private information of 143 million people being stolen, including Social Security numbers, birth dates, addresses and more. Typically, when you find the cause of a breach like this, it involves Windows. That’s not the case with the Equifax hack, though.

A web application vulnerability in the widely used open-source Apache Struts web development framework allowed attackers to break into Equifax and do their damage. The framework is used by many enterprises in education, government, financial services, retail and media. Even though the vulnerability was first discovered and patched back in early March, Equifax didn’t install the patch until after it found it had been hacked.

close
==[ Click Here 1X ] [ Close ]==