The post Ongoing Ransomware Attacks Exploit Linux Vulnerability, CISA Warns appeared on BitcoinEthereumNews.com. CISA issues Linux ransomware attack warning. Getty Admit it: the first thing you think of when ransomware is mentioned is likely Microsoft Windows as an attack surface. The second might be that ransomware is in decline and no longer a significant threat. The thought that Linux could be caught somewhere in all this probably doesn’t enter your head, but it should. The Cybersecurity and Infrastructure Security Agency has issued a timely reminder that Linux can be exploited, as it warns federal agencies to update within days, following confirmation of a Linux vulnerability being used in active ransomware attacks. Here’s what you need to know. ForbesLinkedIn DM Attack Warning — What Users Need To KnowBy Davey Winder Linux Kernel Vulnerability Exploited By Ransomware Attackers The CVE-2024-1086 Linux Kernel use-after-free vulnerability “allows a normal user to become an administrator (root), allowing them to change files, disable security, or install malware,” Immersive Security said, adding that “the flaw occurs when the system mishandles memory, allowing attackers to gain complete system control. But that was, checks date, almost two years ago. Indeed, the thing was fixed in January 2024. So, what’s the fuss all of a sudden? Self-described America’s Security Agency, CISA, has issued a binding directive and warning that ransomware threat actors are actively exploiting CVE-2024-1086, giving federal agencies until November 20 to apply the necessary fix or “discontinue use of the product.” But this isn’t a warning just for those federal agencies, it’s one that all businesses need to take note of. The cost of not doing so could be high as ransomware groups look to exploit this old vulnerability in “certain older versions of the Linux operating system,” as Immersive put it. You can see a complete list of impacted versions here, as published by the US Department of Commerce National… The post Ongoing Ransomware Attacks Exploit Linux Vulnerability, CISA Warns appeared on BitcoinEthereumNews.com. CISA issues Linux ransomware attack warning. Getty Admit it: the first thing you think of when ransomware is mentioned is likely Microsoft Windows as an attack surface. The second might be that ransomware is in decline and no longer a significant threat. The thought that Linux could be caught somewhere in all this probably doesn’t enter your head, but it should. The Cybersecurity and Infrastructure Security Agency has issued a timely reminder that Linux can be exploited, as it warns federal agencies to update within days, following confirmation of a Linux vulnerability being used in active ransomware attacks. Here’s what you need to know. ForbesLinkedIn DM Attack Warning — What Users Need To KnowBy Davey Winder Linux Kernel Vulnerability Exploited By Ransomware Attackers The CVE-2024-1086 Linux Kernel use-after-free vulnerability “allows a normal user to become an administrator (root), allowing them to change files, disable security, or install malware,” Immersive Security said, adding that “the flaw occurs when the system mishandles memory, allowing attackers to gain complete system control. But that was, checks date, almost two years ago. Indeed, the thing was fixed in January 2024. So, what’s the fuss all of a sudden? Self-described America’s Security Agency, CISA, has issued a binding directive and warning that ransomware threat actors are actively exploiting CVE-2024-1086, giving federal agencies until November 20 to apply the necessary fix or “discontinue use of the product.” But this isn’t a warning just for those federal agencies, it’s one that all businesses need to take note of. The cost of not doing so could be high as ransomware groups look to exploit this old vulnerability in “certain older versions of the Linux operating system,” as Immersive put it. You can see a complete list of impacted versions here, as published by the US Department of Commerce National…