Real-time alerting is a feature of an IDS or any other monitoring application that notifies a person of an event in an acceptably short amount of time. The amount of time that is acceptable is different for every person.
The Qualys Research Team reached out to LinuxSecurity after discovering a memory corruption vulnerability in polkit’s pkexec. Pkexec is a SUID-root program that is installed by default on every major Linux distribution of the open-source operating system. This vulnerability is easily exploited and gives hackers the opportunity to gain full root privileges on a vulnerable host. Much like the Log4j vulnerability, the severity of this flaw is high and it is imperative that vulnerabilities are reported in a timely fashion. Experts also expressed that due to the simple possibility for exploitation the vulnerability needs to be patched and mitigated immediately.
Welcome to LinuxSecurity.com - the community's central source for information on Linux and open source security since 1996. Whether you’re a new visitor or a long-time community member, this article will provide you with insight into the mission behind our site, our history and the content we provide.
This document takes you through the basics of intrusion detection, the steps necessary to configure a host to run the snort network intrusion detection system, testing its operation, and alerting you to possible intrusion events.
Regardless of the Linux distribution you’re using, staying on top of the latest security advisories is essential in maintaining an updated, secure Linux system.
With the support of the open-source community behind it and a strict privilege system embedded in its architecture, Linux has security built into its design. That being said, gone are the days that Linux system administrators could get away with subpar security practices. Cyber criminals have come to view Linux as a viable attack target due to its growing popularity, the valuable devices it powers worldwide, and an array of dangerous new Linux malware variants that have emerged in recent years.
Predator-OS - "the OS that naturally preys on others"- is a free and open-source security-centric project for penetration testing and ethical hacking that can also be used as a privacy-focued, hardened Linux distro. LinuxSecurity researchers spoke with Founder and lead developer Hossein Seilany to get insight into the unique features and benefits that newly released Predator-OS 20.04 LTS offers hackers, pentesters and privacy-conscious Linux users.
Running PHP on a Linux web server is a prerequisite for the use of many popular applications such as Wordpress, Joomla and Drupal. Linux administrators and web developers must approach PHP with caution, as new vulnerabilities in poorly written and implemented PHP code are abundant and dangerous.
Security researchers have warned users that attackers are attempting to exploit a critical vulnerability in the Java logging library Apache Log4j. Log4j is a widely used java library that logs error messages in applications used by enterprise software applications as well as custom-built applications intended for in-house usage.
Ransomware has dominated cybersecurity news headlines for the past decade, and for good reason. Through a combination of advanced encryption and effective extortion mechanisms, a ransomware attack can have devastating consequences for any victim including data loss, reputation harm, recovery costs and significant downtime.
Thanks to Kevin Sheldrake, co-author of Sysmon for Linux from Microsoft for working with us on this article. Seven years after Microsoft Sysinternals released Sysmon – a system monitoring tool for Windows that reports key system activity via the event log – we were very proud to release the Linux version of the same tool at the Sysinternals @25 celebration event. (You can still catch up on the talks by clicking on the event link.)
Red Hat’s recent decision to discontinue CentOS 8 has left a critical void in the enterprise Linux market, shifting the spotlight onto other enterprise-ready Linux distributions. One distro that stands out as a viable CentOS 8 replacement among respected enterprise Linux distributions such as Ubuntu, Red Hat Enterprise Linux (RHEL), AlmaLinux and SUSE is Oracle Linux, an OS compiled from the same open-source code as RHEL.
Computer systems, software, applications, and other network interfaces are vulnerable to various threats. Failure to find these vulnerabilities can lead to the downfall of the company.
Cloud and container adoption is on the rise, as organizations are increasingly recognizing the potential for rapid growth and evolution that cloud-based infrastructure offers. That being said, along with these advantages comes significant security challenges.
It is no secret that the OS you choose is a key determinant of your security online. After all, your OS is the most critical software running on your computer - it manages its memory and processes, as well as all of its software and hardware. The general consensus among experts is that Linux is a highly secure OS - arguably the most secure OS by design. This article will examine the key factors that contribute to the robust security of Linux, and evaluate the level of protection against vulnerabilities and attacks that Linux offers administrators and users.
Linux ransomware is on the rise, and an attack on your system could result in the loss of critical data and significant downtime - if important files have not been backed up frequently and stored securely.