A Call to Action: Recent PHP Hack Highlights the Need for Better Security
This weekend’s PHP hack serves as the latest reminder of the importance of server security- and the need to do better.
Discover LinuxSecurity Features
How To Encrypt Files on Linux
In our increasingly digital society, protecting the privacy of sensitive data and our behavior online is a universal concern. Many users switch to Linux for its superior privacy features and the excellent selection of privacy-focused distros that it offers.
LinuxSecurity User Survey Results: How Do You Compare?
Greetings fellow Linux users!
Thank you to everyone who took part in our LinuxSecurity User Survey. As you may be aware of, LinuxSecurity.com is currently in the final stages of a major redesign in an effort to enhance user experience on the site, and your input is invaluable in the remainder of this process. It’s because of active, insightful community members like you that we have been able to remain the Linux community’s central resource for security news, advisories and HOWTOs for over two decades.
Contribute to LinuxSecurity
Have You Taken Our LinuxSecurity User Survey?
Greetings fellow Linux security enthusiasts!
We’re rebuilding our site and need your help! LinuxSecurity is currently undergoing a major overhaul and we would like your input. Got a new feature idea? See something about the current site you don’t like?
Best Secure Linux Distros for Enhanced Privacy & Security
As we transition to an increasingly digital society, privacy and security have become areas of central concern – not a day goes by that we aren’t bombarded with security news headlines about hacks, breaches and the increasingly common and worrisome practice of storing and monitoring sensitive personal information, often without users’ consent.
Get started with CrowdSec v.1.0.X
Thank you to the Crowdsec project for contributing this article.
Introduction
The official release of CrowdSec v.1.0.X introduces several improvements to the previous version, including a major architectural change: the introduction of a local REST API.
Introducing Crowdsec: A Modernized, Collaborative Massively Multiplayer Firewall for Linux
Introduction
CrowdSec is a massively multiplayer firewall designed to protect Linux servers, services, containers, or virtual machines exposed on the Internet with a server-side agent. It was inspired by Fail2Ban and aims to be a modernized, collaborative version of that intrusion-prevention tool.
Member Profile: My Expedition Through nmap Lab How to get through the NMAP room in Tryhackme
Thank you to Oyelakin Timilehin Valentina for contributing this article.
Our newest member, Valentina, an up and coming cybersecurity professional in Nigeria, studying cybersecurity and showing stellar skills in learning and applying her knowledge, recently went through the Tryhackme online learning platform, and shared her experiences, as well as a few quick tips on using nmap.
Open-Source Kernel Security Technologies
Kernel security is a key determinant of overall system security. After all, the Linux kernel is the foundation of the OS and the core interface between a computer’s hardware and its processes. Luckily, Linux now supports a range of effective open-source extensions and external tools engineered to boost kernel security. From the threats you should be aware of to the initiatives and technologies designed to reinforce and enhance the security of the Linux kernel, here's what you need to know.
CrowdSec: An Innovative Open-Source Massively Multiplayer Firewall for Linux
CrowdSec is a massively multiplayer firewall designed to protect Linux servers, services, containers, or virtual machines exposed on the Internet with a server-side agent. It was inspired by Fail2Ban and aims to be a modernized, collaborative version of that intrusion-prevention tool.
How To Secure the Linux Kernel
With the support of the open-source community behind it and a strict privilege system embedded in its architecture, Linux has security built into its design. That being said, gone are the days that Linux system administrators could get away with subpar security practices. Cyber criminals have come to view Linux as a viable attack target due to its growing popularity, the valuable devices it powers worldwide, and an array of dangerous new Linux malware variants that have emerged in recent years.
Fileless Malware on Linux: Anatomy of an Attack
Recent years have demonstrated that Windows users are not the only ones who should be concerned about malware. Linux is becoming an increasingly popular target among malware operators due to the growing popularity of the open-source OS and the high-value devices it powers worldwide. Security researchers from AT&T Alien Labs are now warning that “cyber gangs have started infecting Linux machines via a fileless malware installation technique that until recently was more commonly used against Windows-based systems”.
Linux Pentesting: What Is It and How Can It Improve Network Security?
When setting up and testing a network security system, it is critical to make sure it is working properly and free from vulnerabilities that could be exploited by malicious hackers. While the best way to guarantee the security of a system is to design, implement and operate it to be secure, continuously testing a network security system for potential flaws is an excellent way to improve and validate network security - which is where pentesting comes in quite handy. This article will introduce the concept of pentesting to improve and verify network security, explain basic pentesting methodology and explore some excellent pentesting tools, distros and OSes available to Linux users in 2021.
How Reverse Engineering Can Help Secure Your Linux Systems Against Malware
For many years malware was solely a threat to Windows users - but that era is over. Cyber criminals have come to view Linux as a viable target for their attacks due to the growing popularity of the open-source OS and the plethora of high-value devices it powers.
Modernize Your Intrusion Detection Strategy with an AI-Powered, Open-Source NIDS
As 2020 comes to an end, cyber risk has reached an all-time high, and intrusion detection has never been more essential in securing networks and preventing attacks and breaches. Cyber criminals’ methods, tactics and techniques are evolving to become increasingly stealthy and sophisticated, and more organizations than ever are turning to AI-based intrusion detection systems to beef up their security defenses, outsmart the “bad guys” and protect their critical servers, systems and data.
Verifying Linux Server Security: What Every Admin Needs to Know
Linux is a widespread OS known for its robust security. That being said, vulnerabilities are inevitable in any OS, and Linux system administrators must be vigilant about monitoring and verifying the security of their servers on an ongoing basis in order to protect sensitive data and prevent attacks. After all, the majority of attacks on Linux systems can be attributed to poor administration.
