Tux Machines

Security and Windows TCO

Posted by Roy Schestowitz on Jul 30, 2024

GNOME ☛ How to Get Hacked by North Korea

Good news: exploiting memory safety vulnerabilities is becoming more difficult. Traditional security vulnerabilities will remain a serious threat, but attackers prefer to take the path of least resistance, and nowadays that is to attack developers rather than the software itself. Once the attackers control your computer, they can attempt to perform a supply chain attack and insert backdoors into your software, compromising all of your users at once.

If you’re a software developer, it’s time to start focusing on the possibility that attackers will target you personally. Yes, you. If you use Linux, macOS, or Windows, take a moment to check your home directory for a hidden .n2 folder. If it exists, alas! You have been hacked by the North Koreans. (Future malware campaigns will presumably be more stealthy than this.)

Attackers who target developers are currently employing two common strategies:

Windows TCO

Security Week ☛ Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw

In one documented case, Microsoft said an engineering firm in North America was affected by a Black Basta ransomware deployment that included the use of the CVE-2024-37085 vulnerability to gain elevated privileges to the ESXi hypervisors within the organization.