Criminals who lock files on a system and demand a ransome (almost always in bitcoins) for the key to decrypt the directories and files have now expanded their efforts to web sites on linux servers.
According to today's article on www.krebsonsecurity.com one exploited vulnerability is in the PHP code for a common e-commerce shopping cart/customer payment tool (Magento) at smaller sites who have not upgraded that tool since last April. Not the kernel or system utilities, but a combination of software bug and human behavior that could easily be avoided. Smaller companies in particular need to be taught to back up often and apply patches as soon as they're available. Rich _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
