Slashdot reports on an attempt to convince users of Redhat Linux and Fedora Core to download and execute malicious code disguised as a security update. Like phishing scams, it seems several spam email messages were sent claiming to be from the "Redhat Security Team," and directing users to www.fedora-redhat.com (the real Fedora website is www.fedora.redhat.com) Since the website was made "Temporarily Unavailable" in the last few minutes, you can see a screenshot of the fake website here.

Discerning users would note that the site contains several grammatical errors and nonsensical phrases:

Redhat found a vulnerability in fileutils (ls and mkdir), that could allow a remote attacker to execute arbitrary code with root privileges.

Nice random comma.
Some of the affected linux distributions include RedHat 7.2, RedHat 7.3, RedHat 8.0, RedHat 9.0, Fedora CORE 1, Fedora CORE 2 and not only.

So if you are running Not Only Linux, make sure to update.
"This is a critical-critical update that you must make by following these steps"

I am not familiar with the "critical-critical" level of updates. It must be the level of severity right below "ohmigod!!!111 download now!!!1" updates.
Anybody running RedHat and Fedora are strongly adviced to apply this patch! Read more about this vulnerability at www.redhat.com or www.fedora.redhat.com

But I thought this was www.fedora.redhat.com?

The domain fedora-redhat.com is registered to:

Admin Name........... Raymond Jackson
Admin Address........ 224 Cedar Avenue
Admin Address........
Admin Address........ New York
Admin Address........ 95301
Admin Address........ NY
Admin Address........ UNITED STATES
Admin Email.......... rayjackson23@yahoo.com
Admin Phone.......... +1.2098994533

I would assume that this is a fake name, but I found it interesting that a Google search turns out this minature gaming organization's page, which lists contact information for one of its chapters as:
HMGS West

Raymond (Ray) James Jackson, 224 Cedar Avenue, Atwater, CA 95301-4454, Phone/Email (209) 358-8510/ Mahdi1ray@cs.com

Note. This Chapter is located in the San Francisco area and is currently in a state of transition. Contact POC for latest information.


The "San Francisco" area is also the location of Stanford, which is referenced in the fake website.