Server Security

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Discover Server Security News

Magnet Goblin Hackers Exploit One-Day Flaws to Deploy Custom Linux Malware


Financially motivated hacking groups are increasingly exploiting newly disclosed vulnerabilities to deploy custom malware on public-facing servers. The threat actors are known as Magnet Goblin, and they have been quick to leverage one-day flaws, vulnerabilities for which a patch has been released but not yet applied by the target, to carry out their attacks.

Cryptocurrency Mining Migo Malware Attacks Linux Redis Servers


A new malware dubbed “Migo” that is targeting Linux Redis servers to mine cryptocurrency via a cryptojacking attack has been discovered. This campaign employs many Redis system-weakening commands to potentially disable data store security features that could hinder their initial attempts at access.

Mirai-based NoaBot Cryptomining Botnet Threatens Linux Servers


Over the last year, a new botnet slowly grew by brute-forcing SSH passwords and installing cryptomining malware onto Linux servers. The main client of the botnet is based on an old Mirai virus whose source code was available for many years. However, researchers have seen that the same group has also used the more recent P2PInfect malware, which exploits Redis instances.

Ubuntu Server Security Best Practices


Ubuntu Server is a highly sought-after, open-source operating system that serves as the backbone of many infrastructure setups across the globe. The efficiency and user-friendly nature of Ubuntu Server make it a go-to choice for organizations.

Thousands of VMware Servers Impacted by Ransomware Attack in Largest Incident Not Involving Windows


Warnings of a major globe-spanning ransomware attack began circulating on social media in early February, but at first there were few details save for reports of the occasional victim. It has now been established that the campaign targeted an old (and previously patched) vulnerability in VMware servers, and that it has grown to become the largest attack of its type in history not involving Windows machines.