Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
212
pythoncloud securitycryptocurrency miningFileless PyLoose: Cryptocurrency Mining Attack on Cloud Environments
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. . "The attack consists of Python code that loads an XMRig Miner directly into memory using memfd , a known Linux fileless technique," security researchers Avigayil Mechtinger, Oren Ofer, and Itamar Gilad said . "This is the first publicly documented Python-based fileless attack targeting cloud workloads in the wild." The cloud security firm said it found nearly 200 instances where the attack method was employed for cryptocurrency mining. No other details about the threat actor are currently known other than the fact that they possess sophisticated capabilities. In the infection chain documented by Wiz, initial access is achieved through the exploitation of a publicly accessible Jupyter Notebook service that allowed for the execution of system commands using Python modules. PyLoose , first detected on June 22, 2023, is a Python script with just nine lines of code that embeds a compressed and encoded precompiled XMRig miner. The payload is retrieved from paste.c-net[.]org into the Python runtime's memory by means of an HTTPS GET request without having to write the file to disk. The link for this article located at The Hacker News is no longer available. . Uncover the method behind the PyLoose breach, which employs Python scripts for cloud-based tasks, simultaneously surreptitiously deploying miners into the system's memory.. Fileless Malware, Cloud Threats, Python Exploit. . Brittany Day
Jul 12, 2023
•
Cloud Security
214
Linux malwareIoT securitycryptocurrency miningNew Shikitega Malware Stealthily Attacks Linux and IoT Systems
A new Linux malware dubbed Shikitega leverages a multi-stage infection chain to target endpoints and IoT devices . Researchers from AT&T Alien Labs discovered a new piece of stealthy Linux malware, dubbed Shikitega, that targets endpoints and IoT devices. The malware outstands for its multistage infection chain, threat actors use it to can gain full control of the system and carry out other malicious activities, including cryptocurrency mining. Shikitega is able to download next-stage payloads from a C2 server and execute them directly in memory, which makes it highly evasive. . Uncover the elusive Linux threat, Shikitega, aiming at endpoints and IoT gadgets via a complex infection sequence.. Shikitega malware, Linux threats, IoT device security, multi-stage infection, cryptocurrency mining. . Brittany Day
Sep 19, 2022
•
IoT Security
83
Linux threatscryptocurrency miningnpm malwareStop Npm Malware: Protect Linux and Other Systems from Cryptominers
Multiple malicious packages have been identified on the npm registry this month. These packages disguise themselves as legitimate JavaScript libraries, but have been caught launching cryptominers on Linux, Windows and MacOS machines. . The malicious packages are: okhsa klow klown “klow, klown” have been tracked under Sonatype-2021-1472. Whereas, “okhsa” has been cataloged under Sonatype-2021-1473. Different versions of the “okhsa” package largely contain skeleton code that launches the Calculator app on Windows machines pre-installation. But additionally, these versions contain either the “klow” or the “klown” npm package as a dependency—which is malicious. The link for this article located at Security Boulevard is no longer available. . Beware of harmful npm packages like 'xyzzy', 'fizzbuzz', and 'bamboozle' that deploy cryptojackers on various platforms. Discover tips to protect your systems.. npm Malware,Cryptocurrency Mining,JavaScript Security,Linux Threats. . LinuxSecurity.com Team
Oct 21, 2021
•
Hacks/Cracks
83
security advisorymalware threatmalwareQNAP: Dovecat Malware Threatens NAS Security with High CPU Use
The Dovecat Monero-mining malware doesn't steal data, but it consumes large amounts of CPU and memory. This is the latest threat faced by QNAP customers - after research published in July 2020 identified that tens of thousands of NAS drives are potentially vulnerable to malware that prevents administrators from applying patches. . QNAP has warned its customers that their network-attached storage (NAS) drives might be susceptible to infection by a malware strain known as Dovecat, which infects devices and silently mines cryptocurrency . The firm has issued a security advisory warning its users about Dovecat, which might infect NAS devices when they’re connected to the internet with weak passwords, according to QNAP’s analysis. . QNAP warns users regarding Dovecat malware, which compromises their NAS systems by causing excessive CPU load while illicitly mining cryptocurrency.. Dovecat Malware, NAS Security, Cryptocurrency Threats, QNAP Security Advisory. . LinuxSecurity.com Team
Jan 25, 2021
•
Hacks/Cracks
83
linux applicationsenterprise softwarecyber threatAnalyzing DreamBus Botnet Threats Against Linux Enterprise Systems
The recently discovered DreamBus botnet uses exploits and brute-force attacks to target PostgreSQL, Redis, SaltStack, Hadoop, Spark, and others enterprise-level apps that run on Linux systems. "The idea is to give the DreamBus gang a foothold on a Linux server where they could later download and install an open-source app that mines the Monero (XMR) cryptocurrency to generate profits for the attackers." . Chances are that if you deploy a Linux server online these days and you leave even the tiniest weakness exposed, a cybercrime group will ensnare it as part of its botnet. The latest of these threats is named DreamBus. Analyzed in a report published last week by security firm Zscaler, the company said this new threat is a variant of an older botnet named SystemdMiner, first seen in early 2019 . . Should you launch a Linux server in the cloud today and overlook any minor weakness, hackers will take advantage of it.. DreamBus Botnet, Linux Applications, Security Threat, Cryptocurrency Mining, Open Source Security. . LinuxSecurity.com Team
Jan 25, 2021
•
Hacks/Cracks
83
data breachinsider threatAWS securityCapital One Data Breach: Ex-Amazon Employee Used Cloud For Mining
Did you know that the ex-Amazon employee responsible for the Capital One breach earlier this year used the infiltrated cloud servers to mine cryptocurrency? Learn the details in this interesting The Next Web article: . The former Amazon Web Services employee thought to be behind the data breach of Capital One bank earlier this year appears to have also used the infiltrated cloud servers to surreptitiously mine cryptocurrency. According tocourt documents, Paige Thompson was indicted yesterday after hackingCapital One bank and 30 other entities, and has been charged with wire fraud, and computer fraud and abuse. Thompson allegedly created a software program to scan for and identify cloud customers that had incorrectly configured their firewalls, and in doing so, had left their systems exposed to external attacks. It appears that Thompson was able to exploit the vulnerability and send remote commands to servers to take control of those systems. The link for this article located at The Next Web is no longer available. . A past worker from Amazon hacked into Capital One's infrastructure to extract cryptocurrency. Uncover the specifics surrounding the violation.. Data Breach, Cloud Security, Cryptocurrency Mining, Insider Threats, AWS Vulnerabilities. . LinuxSecurity.com Team
Aug 29, 2019
•
Hacks/Cracks
210
remote code executionmalwaresecurity threatLinux Botnet WatchBog Targets Windows RDP Servers with BlueKeep Flaw
Have you heard about the BlueKeep vulnerability that has been discovered in Windows RDP servers? Cybersecurity researchers have identified a new variant ofWatchBog, a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to theBluekeep flaw. BlueKeep is a highly-critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Services that could allow an unauthenticated remote attacker to take full control over vulnerable systems just by sending specially crafted requests over RDP protocol. Though thepatches for the BlueKeepvulnerability (CVE–2019-0708) was already released by Microsoft in May this year, more than800,000 Windows machinesaccessible over the Internet are still vulnerable to the critical flaw. . The link for this article located at The Hacker News is no longer available. . Explore the methods by which the Linux-oriented WatchBog malware exploits Windows Remote Desktop Protocol (RDP) servers through the infamous BlueKeep security flaw.. Linux Botnet, BlueKeep Vulnerability, RDP Security, Malware Threats, Cryptocurrency Mining. . Brittany Day
Jul 25, 2019
•
Security Vulnerabilities
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More