Red Hat hit by phishing scam

Article

Red Hat hit by phishing scam

Red Hat Inc. sent users a warning today about a fake e-mail that asked users to install a patch for a vulnerability in fileutils (ls and mkidir). The patch was actually a file that could allow a remote attacker to execute arbitrary code with root privileges in some Red Hat Linux distributions.

The attack arrived in the form of phishing scam from the fake e-mail address "security@redhat.com" and was first spotted late Friday. The heading of the e-mail read "Red Hat: Buffer Overflow in 'ls' and mk'dir'" and contained instructions on how to install a patch that Red Hat said may contain malicious code.

Red Hat said its official security messages are never unsolicited, are only sent from secalert@redhat.com and are digitally signed using GNU Privacy Guard keys.

Pete Lindstrom, an analyst at Malvern, Penn.-based Spire Security, said no individual vulnerability is a big deal in and of itself.

"Ultimately these things are found at the pace of 10 a day, some are more of a sign than others," he said. "What matters is if someone picks up on it and writes an exploit and allows folks to compromise [the application]."

Lindstrom said that these vulnerabilities are what security analysts and antivirus companies are always looking out for, and that the "bottom line is every piece of software is vulnerable."

"The fact that Microsoft is alone is silly and the idea that open source can be compromised is only recently being popularly

    Requires Free Membership to View

    Login

    When you register, my team of editors will also send you resources covering Linux administration and management; integration and interoperability between Linux, Windows and Unix; securing Linux and mixed-platform environments; and migrating to Linux.

    Cathleen A. Gagne, Senior Editorial Director

    By submitting your registration information to SearchEnterpriseLinux.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchEnterpriseLinux.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

recognized," he said. "If enough people focus on a particular problem they are going to come up with a vulnerability.

"That's true for all software whether it is packaged or open source, Microsoft or not," Lindstrom said.

that's true for all software whether it is packaged or open source, Microsoft or not

Let us know what you think about the story; e-mail: Jack Loftus, News Writer