It might be mostly Microsoft, but it’s not just Microsoft. As the Slapper virus so clearly demonstrated last month, Linux is vulnerable to viruses too. And as Linux grows in popularity and general use, so will attacks dedicated to dismantling it. Here, according to Sophos antivirus (which says that about 1 percent of its virus library addresses threats to Unix and Linux) are the top three viruses for the geekier Unix and Linux platforms. (For more on this topic, see Page 59.)Unix/SadMindType: Unix wormDetected: May 2001Internet worm that propagates using a buffer overrun exploit on Solaris systems. Actively seeks vulnerable machines while also scanning for Microsoft IIS Web servers to deface with an offensive message directed at the U.S. government and “PoizonBOx.” Patches are available from Microsoft’s and Sun’s websites.Linux/OSF-AType: Linux executable virus Detected: March 2002Linux/OSF-A will attempt to infect 200 ELF executables in the current working directory and the directory bin. The virus will avoid the file ps or any files ending in ps. If the virus is executed by a privileged user, then it will attempt to create a backdoor server on the system, allowing the attacker to gain remote control of the server.Linux/Slapper-AType: Linux worm Detected: September 2002Exploits a buffer overflow in SSL-enabled Apache Web servers. Once active, the worm can be used as a back door to start up a range of denial-of-service attacks. Linux/Slapper-A can customize its attack to specific versions of the Apache Web server. Sophos recommends removing, or limiting access to, the gcc compiler on production Web servers to limit Slapper’s capabilities. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe