this post was submitted on 09 Mar 2024
1051 points (94.6% liked)
Technology
59593 readers
2854 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
https://www.zdnet.com/article/linux-malware-attacks-are-on-the-rise-and-businesses-arent-ready-for-it/
https://www.vmware.com/learn/security/exposing-malware-in-multi-cloud.html
It's literally marketshare. Linux isn't by default more hardened. It can be more hardened by a professional who understands security, but it's still at risk for all the same things Windows servers are, especially Social Engineering. Humans are almost always the weakest link in the security chain. Further, security researchers are literally seeing an increase in attacks on Linux-based servers.
But sure, I guess we couldn't trust the research of VMware or anything. Please get out of here with this outright misinformation.
Marketshare? For desktops sure, but servers? The internet is made of Linux servers.
Oh and lots routers, switches, hotspots, smart things, all kind of little things.
Drop in the bucket compared to Windows. Great, they found 3 pieces of malware that target Linux, 2 years ago. Lol.
Meanwhile there are dozens of Windows malware coming out every day, botnets are running hundreds of thousands to millions of compromised Windows systems, and ransomware is rampant on Windows.
Yeah, because botnets are made from consumer-level machines that are badly secured.
So some idiot who knows nothing about Linux sets it up the first time, never create an account other than the root account, never enabled UFW, and browses all day is literally the kind of people who make botnets are looking for to target. They don't target Linux for these because it's such a small market share in the consumer-desktop market.
Corporate servers tend to actually have competent security people running them, which is why you don't see constant breaches of Linux servers, although it happens. Even then, corporate servers can be hacked if the services running on them aren't appropriately patched. The Equifax hack is a great example of this, a series of cascading failures, and the CVE relating to it touched on that it was an Apache exploit that could work in either Windows or Linux.
https://isc.sans.edu/diary/22169
Pro-tip: Cybersecurity is hard, and expecting random asshats who've never had any training figure out on the go is asking for a bad time.