Server Security - Page 2.75
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Security teams running Linux servers now have access to UChecker, a new tool offered as part of CloudLinux’s TuxCare security services that runs scans on Linux servers to detect outdated shared libraries on both disk and in memory.
Three years after the first malware attacks targeting Docker, developers are still misconfiguring and exposing their Docker servers online. Docker malware is now common, making this lackadaisical attitude toward Docker security increasingly problematic.
Learn about SELinux types that improve container security in engines such as Podman and CRI-O.
Another dangerous strain of malware targeting Linux servers has been identified. Dubbed Kaiji, this variant was developed for the sole purpose of launching DDoS attacks.
I think most of us probably noticed Yahoo.com being down today. I didn't believe it until I did three seperate traceroutes from three different hosts with Internet backbone connections. Johnathan Dube writes ... "Yahoo! came under attack today and . . .
Many Linux administrators often think about securing their systems from the top down (or perhaps the outside in). Significant focus is placed on Firewalls, packet filtering, limiting or denying dangerous services and controlling available programs and local permissions. . . .
A cybercrime group is enslaving Linux servers running vulnerable Webmin apps into a new botnet that security researchers are currently tracking under the name of Roboto. The botnet's main function is the ability to conduct DDoS attacks, a feature it has not used yet. Learn more:
Researchers have identified a new strain of ransomware (Lilu) targeting Linux-based servers. Get the details in this article:
Learn about the critical role that VPNs can play in container security in this informative Container Journal article:
Have you heard that the NCSC has warned about DNS hijacking threats focusing on home routers? These attacks aim to modify the settings on home routers, potentially via cross-site request forgery (CSRF) web-based attacks, so that they use rogue DNS servers. The end goal is to secretly redirect the user to a phishing page or one capable of installing malware on their machine.
Security researchers have discovered an ongoing sophisticated botnet campaign that is currently brute-forcing more than 1.5 million publicly accessible Windows RDP servers on the Internet.
Several serious theoretical and practical security vulnerabilities, alleged GPL license violations, and more were found in Astaro "secure" Linux. Joerg Luebbert writes, "Some of the vulnerabilities might be local and some might argue about that Astaro Security Linux is a Firewall and no server... but as it uses SSHD it could always be that the "loginuser" account might have been compromised and shell access granted.". . .
A well-known Russian nation-state hacking group has been infiltrating the Microsoft Exchange email servers of its targeted victims since at least 2014 via a custom backdoor.
Researchers have uncovered over a dozen servers, unusually registered in the United States, which are hosting ten different malware families spread through phishing campaigns potentially tied to the Necurs bonnet.
This week, the Apache Software Foundation has patched a severe vulnerability in the Apache (httpd) web server project that could --under certain circumstances-- allow rogue server scripts to execute code with root privileges and take over the underlying server.
Unsecured Elasticsearch clusters are being targeted in a fresh wave of attacks designed to drop both malware and cryptocurrency mining software.
A four-year-old severe vulnerability has been discovered in the Secure Shell (SSH) implementation library known as Libssh that could allow anyone to completely bypass authentication and gain unfettered administrative control over a vulnerable server without requiring a password.
IT organizations strive to deliver business value by increasing productivity and delivering services faster while remaining flexible enough to incorporate innovations like cloud, containers, and configuration automation. Modern workloads, whether they run on bare metal, virtual machines, containers, or private or public clouds, are expected to be portable and scalable. Supporting all this requires a modern, secure platform.
While it's not at the catastrophic level of MyFitnessPal's 150 million-user data breach , the company behind the workout app PumpUp left information for 6 million of its members exposed. The Amazon cloud-hosted back-end server holding the data didn't have a password set up for an uncertain lenght of time, enabling anyone to observe sign-ins and exchanged messages.
After scanning 72,000 publicly available Redis (REmote DIctionary Server) servers with attack keys garnered through honeypot traffic, Imperva today reported that 75% of the publicly available Redis servers were hosting the attacks registered in the honeypot.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.