Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
Last Friday, Microsoft announced that they have discovered a new botnet that exposes both Windows and Linux computers and web servers to new threats. The botnet, known as Sysrv-K, takes advantage of unpatched computers by installing cryptocurrency miners.
With the rise of cloud computing and mobility and the remote work environment brought on by the pandemic, securing Linux endpoint devices has never been more challenging for the organization and its IT department. Endpoint encryption designed to protect data stored on endpoints such as devices, hardware and files has always been an essential component of a strong Linux endpoint security strategy; however, perimeter security is no longer effective in protecting against sophisticated threats in this modern, mobile era.
Greetings fellow Linux security enthusiasts,
Interested in becoming a LinuxSecurity contributor, but need an article topic idea and some guidance to help you get started?
With the growing number of espionage scandals in recent years and the prevalence of online tracking, protecting your privacy online has never been more important. Virtually everything we do online is tracked these days, whether for profit or to obtain information to sell to third parties, which has led to the development of tools like the Tor Browser to help us navigate the Internet safely and strengthen our privacy online.
Every day in the headlines, we're made aware of how limited our online privacy truly is. These days, it's so easy for apps, websites and search engines to track our every move. While most tracking is done to improve targeted marketing efforts, this can be very annoying and isn't the only way our data is used. Staying private online and avoiding being tracked is the best option to ensure our security while browsing and using apps.
The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime, by Jon DiMaggio comes at a time in American History when everyone ranging from business owners to private citizens can no longer turn a blind eye to the need for cybersecurity. Since the beginning of the COVID-19 pandemic, many businesses have moved to entirely remote or hybrid work and are now facing additional challenges from outside a traditional office environment. DiMaggio effectively captivates his audience to help them understand the major players in the ongoing cyberwar, the different methods attackers use, as well as how experts analyze attacks.
Recent years have demonstrated that Windows users are not the only ones who should be concerned about malware. Linux is becoming an increasingly popular target among malware operators due to the growing popularity of the open-source OS and the high-value devices it powers worldwide. Security researchers from AT&T Alien Labs are now warning that “cyber gangs have started infecting Linux machines via a fileless malware installation technique that until recently was more commonly used against Windows-based systems”.
System administrators make mistakes and that's fine, as long as they learn from them. Learning from your mistakes will develop more skills, advance your career, and make you a better systems admin. However, It’s also helpful to learn from the blunders of others. This is why I’ve compiled a list of common 10 mistakes that system admins make, and how to address these problems.
The primary goal of firewall penetration testing is to prevent unauthorized internet access to your organization's internal network, or check to make sure your security policy is doing what you think it's doing. In order to successfully test your organization's firewall, you must think like the adversary. Collecting intelligence on the network, such as operating system and firewall type, are important to know in order to proceed with the penetration test.
Nmap, short for “Network Mapper”, is an open-sourced tool for network discovery and auditing. It is now one of the most widely used tools for network mapping by system administrators. Nmap searches for hosts and services on a network.
maddog, as he’s affectionately known throughout the Linux and open source community, has made a career of being in the trenches with the Linux developers, teaching them the way of Open Source and Free Software development after decades of being involved with technology and education. In an exclusive interview with LinuxSecurity researchers, Jon "maddog" Hall, often referred to as “the Godfather of Linux”, reveals his history with Linux, some of his contributions to the community, a bit about its evolution, and his thoughts on what we might see with Linux in the coming years.
Real-time alerting is a feature of an IDS or any other monitoring application that notifies a person of an event in an acceptably short amount of time. The amount of time that is acceptable is different for every person.
The Qualys Research Team reached out to LinuxSecurity after discovering a memory corruption vulnerability in polkit’s pkexec. Pkexec is a SUID-root program that is installed by default on every major Linux distribution of the open-source operating system. This vulnerability is easily exploited and gives hackers the opportunity to gain full root privileges on a vulnerable host. Much like the Log4j vulnerability, the severity of this flaw is high and it is imperative that vulnerabilities are reported in a timely fashion. Experts also expressed that due to the simple possibility for exploitation the vulnerability needs to be patched and mitigated immediately.
