Among ordinary users and even IT employees, there is a widespread belief in the increased security of the Linux operating system in comparison with the "leaky Windows" and "pop macos". However, as our research has shown , open source does not eliminate Linux bugs and vulnerabilities that pose security risks. In this post, we'll take a look at why Linux has become an attractive target for attackers and discuss the main threats and risks associated with this operating system.
Linux Foundation, 2017 Linux 90% , Linux. : 82% Linux, Linux 99%.
, , Linux, : , , .
โ . , , , . . Linux , .
, , .
Linux . , upstream, , . Linux , , . 2019 Red Hat 1000 CVE Red Hat Enterprise Linux (RHEL), Product Security Risk Report. 70% , .
, Linux, . , Equifax CVE-2017-5638 Apache Struts. Equifax 13 2017 , . 76 , 51 148 โ 56% . 15 Equifax 20 . . Equifax 1,35 , , , .
MITRE ATT&CK (ID T1190), -10 OWASP Linux-.
. OWASP Top 10 Web Risks 2004 , ยซ ยป (Insecure Configuration Management); 2017 ยซ ยป (Security Misconfiguration).
COVID-19, : , .
Linux.
Linux
, .
, Debian/Ubuntu 99 999 , , libpam-pwquality .
- Tesla, , Kubernetes AWS- Tesla .
2020 , SonarQube, . - , , 9000 admin/admin.
Linux IoT-, . IP- , (Default Passwords Database). .
, . , Shodan, 8 . Redis, TLS- . , - .
Linux-
FTP-, SMB- NFS-, - Linux, Amazon S3 Azure Blob . Shodan 3 FTP-.
Linux : , , , , (RAT). , , , , .
Linux.
, , . Linux, , , .
Linux- RansomEXX/Defray7777, . Gold Dupont, .
โ Erebus, 2016 , โ 2017 Erebus 153 Linux- NAYANA 3400 .
.
Linux-, -, , Docker Redis.
. , coinminer, Trend Micro Coinminer.Linux.MALXMR.SMDSL64, SaltStack (CVE-2020-11651) SaltStack (CVE-2020-11652).
UNIX-, , , .
Linux:
;
;
, ;
ยซ ยป.
-
- โ - , . , 2020 Ensiko, - PHP, Linux, Windows, macOS , PHP. Ensiko -.
โ , Linux-, , . โ , .
. Umbreon, Drovorub Diamorphine.
Linux: