Near 14 million Linux-based techniques are immediately uncovered to the Web, making them a profitable goal for an array of real-world assaults that might outcome within the deployment of malicious net shells, coin miners, ransomware, and different trojans.
That is in accordance with an in-depth have a look at the Linux risk panorama printed by U.S.-Japanese cybersecurity agency Trend Micro, detailing the highest threats and vulnerabilities affecting the working system within the first half of 2021, primarily based on information amassed from honeypots, sensors, and anonymized telemetry.
The corporate, which detected practically 15 million malware occasions geared toward Linux-based cloud environments, discovered coin miners and ransomware to make up 54% of all malware, with net shells accounting for a 29% share.
As well as, by dissecting over 50 million occasions reported from 100,000 distinctive Linux hosts throughout the identical time interval, the researchers discovered 15 totally different safety weaknesses which are identified to be actively exploited within the wild or have a proof of idea (PoC) —
- CVE-2017-5638 (CVSS rating: 10.0) – Apache Struts 2 distant code execution (RCE) vulnerability
- CVE-2017-9805 (CVSS rating: 8.1) – Apache Struts 2 REST plugin XStream RCE vulnerability
- CVE-2018-7600 (CVSS rating: 9.8) – Drupal Core RCE vulnerability
- CVE-2020-14750 (CVSS rating: 9.8) – Oracle WebLogic Server RCE vulnerability
- CVE-2020-25213 (CVSS rating: 10.0) – WordPress File Supervisor (wp-file-manager) plugin RCE vulnerability
- CVE-2020-17496 (CVSS rating: 9.8) – vBulletin ‘subwidgetConfig’ unauthenticated RCE vulnerability
- CVE-2020-11651 (CVSS rating: 9.8) – SaltStack Salt authorization weak spot vulnerability
- CVE-2017-12611 (CVSS rating: 9.8) – Apache Struts OGNL expression RCE vulnerability
- CVE-2017-7657 (CVSS rating: 9.8) – Eclipse Jetty chunk size parsing integer overflow vulnerability
- CVE-2021-29441 (CVSS rating: 9.8) – Alibaba Nacos AuthFilter authentication bypass vulnerability
- CVE-2020-14179 (CVSS rating: 5.3) – Atlassian Jira data disclosure vulnerability
- CVE-2013-4547 (CVSS rating: 8.0) – Nginx crafted URI string dealing with entry restriction bypass vulnerability
- CVE-2019-0230 (CVSS rating: 9.8) – Apache Struts 2 RCE vulnerability
- CVE-2018-11776 (CVSS rating: 8.1) – Apache Struts OGNL expression RCE vulnerability
- CVE-2020-7961 (CVSS rating: 9.8) – Liferay Portal untrusted deserialization vulnerability
Much more troublingly, the 15 mostly used Docker photos on the official Docker Hub repository has been revealed to harbor tons of of vulnerabilities spanning throughout python, node, wordpress, golang, nginx, postgres, influxdb, httpd, mysql, debian, memcached, redis, mongo, centos, and rabbitmq, underscoring the necessity to secure containers from a variety of potential threats at every stage of the event pipeline.
“Customers and organizations ought to all the time apply safety finest practices, which embody using the safety by design method, deploying multilayered digital patching or vulnerability shielding, using the precept of least privilege, and adhering to the shared duty mannequin,” the researchers concluded.