We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Over the last year, a new botnet slowly grew by brute-forcing SSH passwords and installing cryptomining malware onto Linux servers. The main client of the botnet is based on an old Mirai virus whose source code was available for many years. However, researchers have seen that the same group has also used the more recent P2PInfect malware, which exploits Redis instances.
It's no secret that cryptocurrencies are a valuable target for hackers. Bitcoin, Ethereum, and Litecoin are all coins worth stealing, and hackers have been working hard to get their hands on them.
Apache ActiveMQ is a messaging server that many organizations use across the world. The software has been actively developed since 2003, and it has a large user base.
The Krasue Rat malware is a new threat to Linux servers that has been discovered by security researchers. The malware installs itself on the server, and then hides in the form of a rootkit, allowing it to hide from security software.
Ubuntu Server is a highly sought-after, open-source operating system that serves as the backbone of many infrastructure setups across the globe. The efficiency and user-friendly nature of Ubuntu Server make it a go-to choice for organizations.
You'll be surprised at how easy it is to harden the Ubuntu Server and ensure your deployments' foundation is as secure as possible.
P2PInfect is a new P2P worm that is actively targeting the Redis servers on Linux and Windows OS, making it highly scalable and powerful compared to others.
An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner.
To establish an SSH connection between your Linux PC and a remote server, you need to have an SSH client installed. Here are some of the best options.
Are you searching for Linux vulnerability scanners that can recognize, characterize, and categorize to scan Linux servers? If so, this article will provide details on the most comprehensive Linux vulnerability scanners that can be used to scan Linux servers for malware and vulnerabilities.
The discovery of a novel malware piece targeting Linux servers has been attributed to an unknown Chinese state-sponsored hacking group.
ExaTrack, a France-based cybersecurity firm, has discovered a “novel” malware, which they have named Mélofée. According to the researchers, this malware is specifically targeting Linux servers and is believed to be operated by an unidentified Chinese state-backed APT group.
FTP is a standard protocol that is used to transfer files widely, and FTP servers like Vsftpd and ProFTPd provide a way to use that protocol and access plus transfer files stored on a remote server. Here we quickly learn the difference between Vsftpd and ProFTPd.
Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a malware called ShellBot.
Linux admins can use Cockpit to view Linux logs, monitor server performance and manage users. Use the tool to help admins manage servers, regardless of experience level.
A new variant of Mirai — the botnet malware used to launch massive DDoS attacks —has been targeting 13 vulnerabilities in IoT devices connected to Linux servers, according to researchers at Palo Alto Network’s Unit 42 cybersecurity team.
Warnings of a major globe-spanning ransomware attack began circulating on social media in early February, but at first there were few details save for reports of the occasional victim. It has now been established that the campaign targeted an old (and previously patched) vulnerability in VMware servers, and that it has grown to become the largest attack of its type in history not involving Windows machines.
Businesses have been urged to patch the two-year-old vulnerability amidst heightened ransomware threats. "The group has accelerated operations in recent months, focusing attacks on US-based healthcare organisations and specifically targeting Linux systems more recently.
Royal Ransomware is the latest ransomware operation to add support for encrypting Linux devices to its most recent malware variants, specifically targeting VMware ESXi virtual machines.
This flaw, which has been identified that affects the ksmbd NTLMv2 authentication in the Linux kernel, is known to quickly cause the operating system on Linux-based computers to crash. Namjae Jeon is the developer of KSMBD, which is an open-source In-kernel CIFS/SMB3 server designed for the Linux Kernel.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
