For many, Linux is probably the most secure operating system out there. But as cybersecurity experts often explain, being the most secure does not equate to being invulnerable, and in fact, in recent years IT administrators and CISOs have also had to deal with various security issues on this platform.
This extreme is reflected by reports such as the ” Linux Thread Report ” prepared by Trend Micro and in which it analyzes the security gaps that in the last year have affected the different Linux distributions installed on company servers.
As expected, many of the vulnerabilities detected are in distributions that either have not been updated (and therefore the latest published security patches have not been applied) or, despite being unsupported, are still being used. .
In this sense, it is not surprising that the distribution most affected is CentOS Linux (51% of detections), once its parent company (Red Hat) changed its distribution and update policy a little over a year ago, thus leaving thousands of companies (those that have CentOS 7.4-7.9 installations) in a certain technological limbo, to which they want to put an end to alternatives such as AlmaLinux.
CentOS Linux is followed by CloudLinux Server (40% of detections), Ubuntu Server (10%), and Red Hat Enterprise Linux (3%). Regarding the type of attacks that have most frequently exploited the different vulnerabilities, Trend Micro highlights cryptocurrency mining malware (25%), malicious web-shell scripts (20%), ransomware attacks (12%) and Trojans (10%).
The report went further and also looked at the security threats posed by the top Docker images that can be deployed from the Docker Hub. The most vulnerable according to TrendMicro are Python (482 vulnerabilities), Node (470), WordPress (402), Golang (288) and Nginx (118).