Server Security
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Recently, new information revealed by Doctor Web virus analysts has sent shockwaves through the cybersecurity world. It details a new cyber threat aimed specifically at Linux servers: the TgRat Trojan. This advanced Remote Access Trojan (RAT) is stealthier than its Windows equivalent, first seen in 2022.
Security threats continue developing rapidly, with attackers finding new vulnerabilities daily. Recent findings from researchers at Uptycs indicate a shift in ransomware attacks targeting Linux servers, possibly due to their increasing prevalence in critical infrastructure and enterprise operations, making them attractive targets for ransomware groups.
Financially motivated hacking groups are increasingly exploiting newly disclosed vulnerabilities to deploy custom malware on public-facing servers. The threat actors are known as Magnet Goblin, and they have been quick to leverage one-day flaws, vulnerabilities for which a patch has been released but not yet applied by the target, to carry out their attacks.
A new variant of Bifrost, a remote access Trojan (RAT), has been observed attacking Linux servers. The new variant, dubbed Bifrose, employs a deceptive domain name to evade detection.
A new malware dubbed “Migo” that is targeting Linux Redis servers to mine cryptocurrency via a cryptojacking attack has been discovered. This campaign employs many Redis system-weakening commands to potentially disable data store security features that could hinder their initial attempts at access.
Over the last year, a new botnet slowly grew by brute-forcing SSH passwords and installing cryptomining malware onto Linux servers. The main client of the botnet is based on an old Mirai virus whose source code was available for many years. However, researchers have seen that the same group has also used the more recent P2PInfect malware, which exploits Redis instances.
It's no secret that cryptocurrencies are a valuable target for hackers. Bitcoin, Ethereum, and Litecoin are all coins worth stealing, and hackers have been working hard to get their hands on them.
Apache ActiveMQ is a messaging server that many organizations use across the world. The software has been actively developed since 2003, and it has a large user base.
The Krasue Rat malware is a new threat to Linux servers that has been discovered by security researchers. The malware installs itself on the server, and then hides in the form of a rootkit, allowing it to hide from security software.
Ubuntu Server is a highly sought-after, open-source operating system that serves as the backbone of many infrastructure setups across the globe. The efficiency and user-friendly nature of Ubuntu Server make it a go-to choice for organizations.
You'll be surprised at how easy it is to harden the Ubuntu Server and ensure your deployments' foundation is as secure as possible.
P2PInfect is a new P2P worm that is actively targeting the Redis servers on Linux and Windows OS, making it highly scalable and powerful compared to others.
An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner.
To establish an SSH connection between your Linux PC and a remote server, you need to have an SSH client installed. Here are some of the best options.
Are you searching for Linux vulnerability scanners that can recognize, characterize, and categorize to scan Linux servers? If so, this article will provide details on the most comprehensive Linux vulnerability scanners that can be used to scan Linux servers for malware and vulnerabilities.
The discovery of a novel malware piece targeting Linux servers has been attributed to an unknown Chinese state-sponsored hacking group.
ExaTrack, a France-based cybersecurity firm, has discovered a “novel” malware, which they have named Mélofée. According to the researchers, this malware is specifically targeting Linux servers and is believed to be operated by an unidentified Chinese state-backed APT group.
FTP is a standard protocol that is used to transfer files widely, and FTP servers like Vsftpd and ProFTPd provide a way to use that protocol and access plus transfer files stored on a remote server. Here we quickly learn the difference between Vsftpd and ProFTPd.
Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a malware called ShellBot.
Linux admins can use Cockpit to view Linux logs, monitor server performance and manage users. Use the tool to help admins manage servers, regardless of experience level.