We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
A cybercrime group is enslaving Linux servers running vulnerable Webmin apps into a new botnet that security researchers are currently tracking under the name of Roboto. The botnet's main function is the ability to conduct DDoS attacks, a feature it has not used yet. Learn more:
Researchers have identified a new strain of ransomware (Lilu) targeting Linux-based servers. Get the details in this article:
Learn about the critical role that VPNs can play in container security in this informative Container Journal article:
Have you heard that the NCSC has warned about DNS hijacking threats focusing on home routers? These attacks aim to modify the settings on home routers, potentially via cross-site request forgery (CSRF) web-based attacks, so that they use rogue DNS servers. The end goal is to secretly redirect the user to a phishing page or one capable of installing malware on their machine.
Security researchers have discovered an ongoing sophisticated botnet campaign that is currently brute-forcing more than 1.5 million publicly accessible Windows RDP servers on the Internet.
Several serious theoretical and practical security vulnerabilities, alleged GPL license violations, and more were found in Astaro "secure" Linux. Joerg Luebbert writes, "Some of the vulnerabilities might be local and some might argue about that Astaro Security Linux is a Firewall and no server... but as it uses SSHD it could always be that the "loginuser" account might have been compromised and shell access granted.". . .
A well-known Russian nation-state hacking group has been infiltrating the Microsoft Exchange email servers of its targeted victims since at least 2014 via a custom backdoor.
