 Microsoft will begin to ship an in-house custom built Linux kernel starting with the Windows 10 Insider builds this summer. This kernel is to become the backbone for the new Windows Subsystem for Linux 2.0 or WSL2. Unlike WSL1, which used a Linux-compatible kernel, WSL2 will use a genuine open-source kernel compiled from the stable 4.19 version release of Linux at Kernel.org. While Microsoft will be providing the Linux kernel, they will not provide any Linux binaries to go with it. Instead, users will still need to download their favorite Linux distribution from the Microsoft Store or by creating a custom distribution package. While the source code for the kernel will come from Kernel.org, Microsoft has stated that they will apply custom patches that reduce the memory footprint of the kernel and provide hardware compatibility. In the first iteration of the Windows Subsystem for Linux (WSL1), Microsoft had to translate Linux system calls so they could communicate and work with the Windows NT kernel. With the use of a true Linux kernel, it is no longer necessary to use a translation layer and apps will have full access to their normal system calls. Removing the translation layer not only improves compatibility for Linux apps but also increase file system performance. According to tests performed by Microsoft, the new Linux kernel has improved the performance of WSL, with unpacking archives up to 20x faster and tools such as npm, git, and cmake being 2-5x faster. To make it easier to administer WSL2, Microsoft will also include the Linux kernel in Windows Update so that security updates and improvements will automatically be delivered to Windows 10. Learn more by visiting OUR FORUM.  Google is looking at more options to boost its bottom line, and one of them seems to be shopping links tucked under YouTube videos. The company is running a test where it displays recommended products along with prices on its video-sharing platform, according to The Information. It seems some test ads have popped up under Nike videos. Clicking on them would take you to the Google Express marketplace to complete the purchase. More and more retailers are joining Express, according to the report, while earlier this year Google started testing shoppable ads in image searches. The company is said to be banking on these features to boost its shopping business. Parent company Alphabet reported this week that revenue for physical products such as Pixel phones and Home smart speakers year-over-year, highlighting that there's an opportunity for growth. Meanwhile, Amazon's ad business is growing, which might be prompting Google to focus on other revenue streams since ads are a key source of its income. Google takes a cut from goods sold through Express, though revenue pales next to Amazon's retail income. Express is said to have pulled in a little under $1 billion is 2018, while Amazon's retail arm generated around $141 billion in North America last year. Google is set to hold an event later this month called Google Marketing Live (at which it has revealed ad products in the past), while the I/O developer conference takes place next week, so we might have an official word about the YouTube product ads soon. There's more posted on OUR FORUM.  A new ransomware has been discovered called MegaCortex that is targeting corporate networks and the workstations on them. Once a network is penetrated, the attackers infect the entire network by distributing the ransomware using Windows domain controllers. In a new report, Sophos has stated that they have seen customers in the United States, Italy, Canada, France, the Netherlands, and Ireland being infected with this new ransomware. As this is a fairly new ransomware, not much is currently known about its encryption algorithms, exactly how attackers are gaining access to a network, and whether ransom payments are being honored. As Sophos has found that the Emotet or Qakbot Trojans have been present on networks that have also been infected with MegaCortex, it may suggest that the attackers are paying Trojan operators for access to infected systems in a similar manner as Ryuk. While it is not 100% clear how bad actors are gaining access to a network, victims have reported to Sophos that the attacks originate from a compromised domain controller. On the domain controller, Cobolt Strike is being dropped and executed to create a reverse shell back to an attacker's host. Using this shell, the attackers remotely gain access to the domain controller and configure it to distribute a copy of PsExec, the main malware executable, and a batch file to all of the computers on the network. It then executes the batch file remotely via PsExec. When encrypting a computer, the ransomware will append an extension, which in one case is .aes128ctr, to encrypted file's names. For more detailed information visit OUR FORUM. |
Latest Articles
|