Stay Ahead With Linux Security Features
security advisory important The compromise of Nx Console shows how much infrastructure now sits behind a single developer account. GitHub repositories, CI/CD pipelines, container build systems, Terraform projects, Kubernetes deployments. None of those systems was the initial target. The workstation was. . Attackers did not need a Linux privilege escalation bug or a remote code execution chain. They needed developers to trust a tool they were already using. For many organizations, that was enough. What Happened? Federal...
Jun 03, 2026
security advisory open-source You remove the malware. You rotate the compromised credentials. You patch the original vulnerability and close the ticket. Two weeks later, the attacker is back. . What happened? You didn't lose the battle at the exploit; you lost it at the cleanup. In many modern Linux intrusions, the malware you found wasn't the main problem—it was the fallback mechanisms left behind. These hooks quietly restore attacker access the moment you look away. If you clean a host but miss these persistence layers,...
Jun 02, 2026
security advisory Red Hat Researchers investigating a campaign now tracked as Miasma found that more than 30 packages in Red Hat's @redhat-cloud-services npm namespace had been altered to deliver credential-stealing malware. . The packages weren't being used to deploy ransomware or sabotage systems. From what has been reported so far, the objective appears to have been much simpler: collect credentials from developer environments and use that access elsewhere. GitHub tokens, cloud credentials, SSH keys, and other...
Jun 02, 2026
cloud security security monitoring Linux rootkits are old, but they never really disappeared. They just stopped attracting the same attention. . Most malware wants to execute and spread. A rootkit wants to stay invisible long enough that nobody notices the compromise until the damage is already done, and on Linux systems, that still works more often than many teams are comfortable admitting. That difference matters because modern infrastructure runs heavily on Linux underneath. Cloud workloads, ESXi hosts, telecom appliances,...
Jun 01, 2026
access control open-source A production Linux server gets rebuilt from an old image. A contractor leaves. A CI/CD job is retired. Months later, the same SSH public keys are still sitting in authorized_keys, silently trusted by root or a service account nobody owns anymore. . That is how SSH key sprawl usually happens. It rarely stems from one obvious failure. Instead, it accumulates through years of small access decisions that never expire. For attackers, those forgotten keys are not clutter; they represent silent SSH...
May 27, 2026
Refine features
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security features
We found -3 articles for you...
102
cybersecuritynetworkingcyber defenseValentina's Nmap Journey: Insights on TryHackMe and Cybersecurity
Thank you to Oyelakin Timilehin Valentina for contributing this article. Our newest member, Valentina, an up and coming cybersecurity professional in Nigeria, studying cybersecurity and showing stellar skills in learning and applying her knowledge, recently went through the Tryhackme online learning platform, and shared her experiences, as well as a few quick tips on using nmap. . Tryhackme is an online platform with courses available for beginners, intermediates and professionals in cybersecurity. There are real world labs and challenges to give you an on-the-job challenge and experience. Nmap is one of the courses in this platform and an important tool in cybersecurity that is used for port scanning. This article explains the following; How, why I got into Tech and also my Tech Background My experience with a mentor How I discovered the online platform, Tryhackme My experience getting through the Nmap lab Getting Into Tech In my high school days, I wanted to be referred to as Engr. Val; although I was clueless as to what part of engineering I would like to venture into. Because I loved the name Engr., I made sure I worked towards getting into an engineering department in college where I obtained a degree in Electronics and Computer Engineering in the University of Port Harcourt, Nigeria. I must tell you; I was still as clueless as I was in my high school days on what path to follow. Then came a seminar in my second year that structured and shaped my vision in the department and also connected me to my first mentor. I realized then and found telecommunications interesting and I started doing some research on it and took my telecommunication courses more seriously; it was indeed interesting. I got my first 6 months internship job with Nokia Solutions and Network, Nigeria in my fourth year and the experiencewas priceless, but I still wasn’t satisfied, I just kept telling myself that there is more in tech. After graduation, I decided to do moreresearch on areas of technology and I discovered cyber security. Wow, I bonded so much with this aspect of technology that I was so much convinced this is it. Before then, I didn’t find any programming language interesting, but discovering that knowledge of it is needed made me go into learning python programming; that I find very interesting now. You would ask what my major drive is; I just want to make my country a safer place, I want to reduce criminal activity in my country and discovering cybersecurity became the answer to my thirst in technology. I did a lot of research and I am still doing, I discovered a lot of areas in cyber security, I took 3 certification exams which are Introduction In Cyber Security and IT Essentials, both in Cisco, HCIA(Routing and Switching). In All of These, I was still uncertain on the path to take in Cyber Security. This led to the next point on this article. Getting a Mentor This aspect of my life helped and guided me to where I am today; my first mentor gave me an insight in technology. My second mentor guided me into taking the Routing and Switching course with Huawei. My third mentor guided me all through my training in IT essentials with cisco. But I still needed someone in the cyber security field, I had lots of questions in my mind to clear the uncertainty in my head as to what to do to start my career in cybersecurity, there are numerous fields in cybersecurity that I discovered during my research, so I needed to know which aligns with my passion. On Monday, December, 7 2020, I saw a post on twitter with the tag #cybermentoringmonday, I went through it and indicated that I needed a mentor; there I met one. I told him about the areas of cybersecurity that I am interested in and why I am interested in them, I also told him what I was doing at the moment to gain more knowledge in tech. He demystified the areas of cybersecurity I was interested in and told me in his words “you sound more blue team oriented” he went further to explain the blue team andalso the red team, this cleared the uncertainty in my head to a large extent. He introduced me to Mosse Cyber Security institute where I did research on my own and it helped me to gain more knowledge. Getting to Know the Amazing TryHackMe On New Year Day, he introduced me to Tryhackme and sponsored me for a membership for 2 months with the instruction that I will update him on my progress and most likely get an extension of my membership for a year, this was my first 2021 big gift and I was excited. He said “let me know if you have questions or get stuck and I think you will learn a lot” .He is always there to answer my questions. Getting Through the nmap Lab You know that excitement that comes after completing a task, that excitement you get after crossing a hurdle and you get the right to say “I am proud of myself” that was me after getting through the Nmap lab. The first learning path I started in Tryhackme was Cyber Defense, you would ask why this was my first, it was the first captivating topic, but little did I know that I need the knowledge of some fundamentals that include Nmap. The first room in cyber defense; introductory networking, is an introduction to the basic principles of networking, it gave me the detailed and easy understanding of the OSI model and also the TCP/IP model, where I got a better understanding of the “three-way handshake”. I was also introduced to the Wireshark tool which is used to capture and analyze packets of data going across a network. This room also explained some networking tools like ping that are used to test the possibility of a connection to a remote network. Traceroute tool that is used to show all the routes your request took as it gets to you. Whois tool that lets you query who a domain name is registered to and Dig tool that lets you query any DNS servers to get information about their domain. This room was very interesting and easy and I was eager to go to the next room- network services. In the network services room, I gotto know about SMB(Server Message Block) Protocol which is used to share access to files, printers, serial ports and some other resources on a network. Also, I got the understanding of telnet, an application protocol that works with a telnet client and aids in connection and execution of commands on a remote machine that is hosting the telnet server. Finally, FTP (File Transfer Protocol) as its name implies, lets you transfer files remotely over a network. This particular room was more difficult than the previous, but I kept moving to the next room which is Network services 2 But, a good knowledge on Linux would have made this room much easier to walkthrough. In the network services 2 room, I got to know about NFS (Network file System) that allows sharing of files/directories by a system with others over a network, I was finding it all interesting until I got to task 3, Enumerating NFS and got stuck, I couldn’t provide answers to the quiz. At this point, I had to tell my mentor, the first thing he said was that I should make sure that I am always connected to the OpenVPN Server, this helped me get through the task but I got stuck again in task 4, Exploiting NFS, at this stage I realized I needed the good understanding of NMAP. So, I diverted to the NMAP room. You may be thinking, how did I know that I needed to divert to Nmap room, in the task 3 of network services 2, one of the topics mentioned was port scanning, which was covered but not detailed, then my first quiz for the task 3 was about scanning for open port, and this can only be answered by getting the understanding of how to scan for open port which can be learnt in the Nmap lab. Diverting to the Nmap room helped me answer the quiz. In the NMAP room, I made sure that I was connected to the OpenVPN server, and then I deployed my machine. Nmap means network mapper and I learnt about the NMAP switches, the Scan types which are TCP connect scans (-sT) that takes into consideration the TCP three-way handshake. Here, NMAP connects to each TCPport and determines if the port is open or closed. if port is open, a TCP packet with the SYN/ACK flag is sent, if port is closed a RST (reset) flag is sent back, if a port is filtered, it is because it is protected by a firewall, in this case, when Nmap sends a TCP SYN request, it receives nothing back. Another scan type, the SYN scans(-sS) is referred to as half-open scans or stealth scans and are used by Nmap if they are run with sudo permissions, the only difference between TCP scan and SYN scan is in the case of open port, in SYN scans, when port is open, an RST packet is received. The next scan type, which is the UDP scan(-Su), a port is considered open|filtered when no response is sent back, but when a response is received (which is rarely possible), then the port is open, a port is closed when the target response with an ICMP ping packet message indicating that the port is unreachable. The less commonly used TCP port scans; Null (-sN), FIN (-sF), Xmas (-sX) Scans were also taught, and the response expected is similar to that of UDP port scan. The next task talks about the ICMP Network scanning where I was taught how to perform a ping sweep; a ping sweep is used to see IP addresses with an active host and those without. When I got to task 10, NSE (Nmap Scripting Engine) scripts, I got stuck again, I couldn’t give correct answers to the quiz, and I decided to watch videos on Nmap and noticed that Nmap is being performed on kali Linux. Also, I applied for an internship position sometime last month and lack of experience in Linux couldn’t let me get it, this made me divert to the Linux fundamentals, after completing part 1 and 2 of Linux fundamentals, I was able to successfully complete the Nmap lab. Conclusion From my experience so far, it is first about your passion, then the effort you put into gaining more knowledge and experience. If you enjoy what you do, you will thirst for more knowledge and experience. To become a pro or an expert in something, you have to startfrom today, put in effort, then more effort, you just can’t stop putting in effort, and you have to be up to date, to remain relevant in the field. Most importantly, get a mentor that will guide you and when you do, give him/her every reason to be happy and proud to be your mentor; this is through the effort you make into gaining more knowledge and showing positive results. . My journey with Nmap and TryHackMe has been pivotal in my cybersecurity growth, enhancing both my skills and knowledge of networks for aspiring professionals. Nmap Training, TryHackMe Courses, Cybersecurity Learning. . Brittany Day
Feb 16, 2021
•
102
security trainingonline learninginformation assuranceEnroll in the Free LearnSIA Course on Security Principles and Networking
The Survivability and Information Assurance (SIA) course was originally developed by a team at Carnegie Mellon, led by Lawrence Rogers ( /about/divisions/cert/index.cfm ). Back in 2010, I requested a license to continue the development of the course because it provides useful information on Information Assurance. Also, this course will always be freely available for anyone to use in the classroom or self-study. There are three parts to the LearnSIA curriculum. . 1. Principles of Survivability and Information Assurance: This course presents in detail the ten principles of survivability and information assurance, on which the entire SIA curriculum is based. 2. Information Assurance Networking Fundamentals: This course applies the ten principles to the concepts and an implementation of TCP/IP networking. This is an in-depth look at networking protocols, namely TCP/IP. There are a lot of exercises that show how to read and interpret those protocols using Wireshark, formerly Ethereal. The current tutorials will have to be upgraded to reflect the use of Wireshark since it was, then, called Ethereal. 3. Sustaining, Improving, and Building Survivable Functional Units (SFUs). The third part is SIA III, which combines SIA I and SIA II and uses a fictitious company that the students learn to secure by setting up secure services on virtual machines. Again, it is also a very hands-on portion of the course. LearnSIA doesn't attempt to compete with commercial vendors and it doesn't offer certifications. Those interested in certifications should seek out certifications with SANS ( Cyber Security Training, Degrees & Resources | SANS Institute ), Certified Ethical Hacker (https://www.eccouncil.org/ Security+ ( Security+ (Plus) Certification | CompTIA IT Certifications ) or other security certification vendors. The LearnSIA curriculum provides a solid foundation for a systems administrator or security administrator to be able to effectively approach security with a wholistic view of how it applies to the entireorganization. That is the fundamental approach for the SIA I course. This is a call for those that would like to help keep this course updated, help create video tutorials, transcribing audio from the videos for those that are blind or hard of hearing, maintain lesson plans, or just proofread. Of course, you can also enjoy free access to the course. The current needs for participating in developing the LearnSIA curriculum are all outlined on the website learnsia. One important note about the LearnSIA curriculum is that it is a living course. It will never be in a "final" state. The content will change as long as the industry continues to change. Please join me in this endeavor to provide a good quality, free, and ever changing course online for anyone to learn. About the Author Duane Dunston is an Information Security practitioner for STG Inc. and has contributed several articles to Linuxsecurity.com and has been in the Information Security industry since 1997. He is also an adjunct Information Assurance instructor at Pfeiffer University, his alma matter ('97 & '99). Duane is a member of the Asheville River Arts District where he works with silver and copper under the Iron Fist of Bill Churlik at Earth Speak Arts ( ). . 1. Principles of Survivability and Information Assurance: This course presents in detail the ten pri. survivability, information, assurance, (sia), course, originally, developed, carne. . Dave Wreski
Oct 04, 2011
•
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More