Cyber Security Today, Oct. 8, 2021 – New Linux malware, a new hacking group and a thick advisory report from Microsoft

New Linux malware, a new hacking group and a thick advisory report from Microsoft.

Welcome to Cyber Security Today. It’s Friday October 8th.. I’m Howard Solomon, contributing writer on cybersecurity for

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts


There’s a new family of malware being used against Linux systems. Several security firms have recently written about it, including Avast and Laceworks. The latest report came this week from researchers at ESET. This malware installs backdoor or rootkit modules in victims’ servers. The goal is to steal passwords, and after that steal data. Linux malware isn’t as common as Windows malware, so Linux administrators should pay attention.

A cyber espionage operation targeting aerospace and telecommunications companies for three years has been uncovered by Cybereason. The threat actor dubbed MalKamak has been operating since 2018. It installs remote access malware that can evade antivirus and other security tools. Victim companies have been in the United States, Russia, Europe and the Middle East.

Cybersecurity companies sometimes release detailed reports on threat groups. The latest comes from Mandiant, which used to be called FireEye. It’s on a financially motivated group it dubs FIN12, which has been behind a number of ransomware attacks. What marks this group is it often goes after hospitals and medical clinics. Typically, victim organizations have more than $300 million in revenue. Also notable is that the group works fast: It’s not uncommon for it to deploy ransomware less than three days after an initial compromise. That’s because it usually doesn’t do the time-consuming thing of stealing data before launching ransomware that other groups do. It just turns on the ransomware and demands money.

As part of Cybersecurity Awareness Month this week Microsoft released a 134-page Digital Defense Report for executives and information security professionals. The goal is to help organizations find the best ways to defend their firms. There’s lots of information about the state of cybercrime, nation-state threats, and the risks posed by an organization’s partners and IT products – what’s called the supply chain. What readers may find most useful is the advice that basic security hygiene protects against 98 per cent of attacks. These are the things that lots of experts say have to be done: Turn on multifactor authentication to make it harder for attackers to leverage stolen passwords; limit the data access of employees and partners to only what each needs so a hacker can’t use one password to access everything; make sure applications have the latest security patches; install anti-malware software and protect sensitive data with tools like encryption.

Finally, don’t forget later today the Week in Review edition of the podcast will be out. I’ll be talking with an expert about romance scams, the Facebook outage and how to educate employees about cybersecurity.

Remember links to details about podcast stories are in the text version at That’s where you’ll also find other stories of mine.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Follow this Cyber Security Today

More Cyber Security Today