Java Zero Day Attach and it affects Linux…

This comes from our guest host Greg Martin on Google+:

Java 0-day being exploited in the wild. There have been confirmed infections on Windows-based computers but it’s possible to compromise a Mac or Linux system as well. Currently the only recommendation for mitigation is to completely disable Java.

Links for thought:

Ars Technica article:

In-depth breakdown of the exploit (technical with mildly poor English):

Proof-of-concept for the exploit (actual source code):

There are also some claims that Oracle have known about the vulnerabilities for some time.

I’m currently testing this out on my system (Linux) to see if I can get it to work.


TrendMicro reports Virus attack targeted at Routers…

TrendMicro is reporting that they have uncovered a virus targeting D-Link routers which are Linux based.  Once infected the router starts listening to IRC for botnet commands and can also start brute force atacking the Username and Password combinations it finds on the router.  They are still looking into what else the code may do.  They are identifing it as ELF_TSUNAMI.R and will be posting updates as they have them.  No mention of whether D-Link has posted an update to address the issue.  Since D-Link and TrendMicro are partners the solution may already be in place.  This is identified as a Low Risk, High Damage Poritential and Low threat for being spread. 
Are you running Antivirus software on your Linux machines?