Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 5 articles for you...
67
ransomwareLinuxrecoveryBabuk Ransomware Recovery: Tortilla Decryptor Key for Quick Access
A new decryptor has been created for Babuk Tortilla ransomware victims, which will be included in a generic Babuk Decryptor that will contain all Babuk keys currently available. Let's examine the threat that Babuk ransomware poses to your systems and how to recover encrypted files should you fall victim to an attack. . Babuk Ransomware Versions to Be Aware Of Babuk ransomware was first discovered in 2021 and has been responsible for multiple high-profile attacks against industries such as manufacturing or law enforcement. The ransomware is a highly sophisticated strain, compiled on several hardware and software platforms. Windows and ARM Linux are the most common versions. Babuk can also interrupt the backup process of the victim's system and delete volume shadow copies. This makes recovery even more difficult. In September 2021, Babuk's code was published on an underground forum. This allowed multiple threat actors to create variations of strain. Security researchers have identified ransomware families that have exploited Babuk: Rook – December 2021 Night Sky - Jan 2022 Pandora - March 2022 Nokoyawa Cheerscrypt - May 2022 AstraLocker 2.0 - June 2022 ESXiArgs February 2023 Rorschach RTM Locker RA Group - April 2023 Tortilla was one of the threat actors responsible for Babuk ransomware attacks. In October 2021, Tortilla was observed targeting Microsoft Exchange servers that were vulnerable and trying to exploit ProxyShell to install the Babuk ransomware. In a later law enforcement investigation, Dutch Police were able to apprehend and discover the person behind Tortilla. The Tortilla decryptor key was recovered and has been added to a generic decryptor developed for a number of other Babuk variants. This decryptor results from the Babuk generator and leaked source code. Tortilla used one key pair for all of its victims, while attackers could generate different public/private keys per campaign. How Can I Recover Encrypted Files if I FallVictim to Babuk Ransomware? The updated version of Babuk can be downloaded from the NoMoreRansom or Avast decryptors pages. This decryptor allows users to recover files quickly. Recently, a number of decryptors were released to assist victims of ransomware. Security Research Labs has published tools enabling the recovery of files encrypted by Black Basta Ransomware . The FBI, in response to law enforcement actions, announced in December 2023 that it had developed a decryption program for the notorious BlackCat Group. Here are our top tips for preventing Linux ransomware attacks in the first place: Backup critical files and diversify the storage media to avoid a single point of failure (SPOF). This won’t prevent an attack but can mitigate potential damage. Keep servers and endpoints up to date to ensure that they use the latest security patches. Implement the principle of least privilege for user accounts. Monitor network activity and system logs closely. Keep tabs on event logs to identify anomalous behavior before it causes harm. Use a combination of IP filtering, an intrusion detection system (IDS), and an intrusion prevention system (IPS). Use Linux security extensions that control and restrict access to data or network resources. Implement robust network segmentation and data compartmentalization to minimize the impact of a potential ransomware attack. Audit systems regularly. Have additional questions on the measures you can take to prevent or recover from Linux ransomware attacks? Please reach out to us on X @lnxsec - we're here to help! Stay safe out there, fellow Linux users! . Discover the new decryption solution for Babuk Tortilla ransomware and examine strategies to restore affected files.. Babuk Ransomware, Decryption Tools, Linux Recovery, Prevent Ransomware, Cyber Threats. . LinuxSecurity.com Team
Jan 09, 2024
•
Cryptography
67
attackransomwareencryption flawFirst Linux Clop Ransomware Variant: Flawed Encryption Revealed
The first-ever Linux variant of the Clop ransomware has been detected in the wild, but with a faulty encryption algorithm that has made it possible to reverse engineer the process. . "The ELF executable contains a flawed encryption algorithm making it possible to decrypt locked files without paying the ransom," SentinelOne researcher Antonis Terefos said in a report shared with The Hacker News. The cybersecurity firm, which has made available a decryptor , said it observed the ELF version on December 26, 2022, while also noting its similarities to the Windows flavor when it comes using the same encryption method. The detected sample is said to be part of a larger attack targeting educational institutions in Colombia, including La Salle University, around the same time. The university was added to the criminal group's leak site in early January 2023, per FalconFeedsio . The link for this article located at The Hacker News is no longer available. . The initial variant of Clop ransomware for Linux has been discovered to utilize a flawed encryption technique, which allows victims to recover their files without paying the ransom.. Linux Ransomware, Clop Malware, Decryption Method. . LinuxSecurity.com Team
Feb 13, 2023
•
Cryptography
83
encryptioncybersecurityhacking toolsHacking Team's New Decryption Tools For Law Enforcement Challenges
As law enforcement grumbles over the uptake in encryption services offered by technology firms, Hacking Team is keen to get on in the game and restore its client list through a new set of encryption-breaking tools. . Over the past year, police agencies worldwide, the US FBI complaining the loudest, have been battling the wave of encryption use which has steadily increased in popularity since the disclosure of government surveillance projects made by former US National Security Agency contractor Edward Snowden. . With global encryption reliance soaring, Hacking Team innovates tools for law enforcement, offering ways to bypass encryption and provide backdoor access. Hacking Team, Law Enforcement Technology, Cybersecurity Challenges, Decryption Tools. . LinuxSecurity.com Team
Mar 14, 2017
•
Hacks/Cracks
67
encryptionsecurity researchvulnerabilityRC4 Attack Significantly Eases Cookie Decryption Process
Two Belgian security researchers from the University of Leuven have driven new nails into the coffin of the RC4 encryption algorithm. . A published paper, expected to be delivered at the upcoming USENIX Security Symposium next month in Washington, D.C., describes new attacks against RC4 that allow an attacker to capture a victim The link for this article located at ThreatPost is no longer available. . Recent studies indicate a major breakthrough in attacking RC4, significantly shortening the time required to decrypt cookie data.. RC4 Attack,Cybersecurity Research,Cookie Vulnerabilities. . LinuxSecurity.com Team
Jul 20, 2015
•
Cryptography
83
security advisoryhackdecryptionSony PlayStation 3 Major Hack Exposes Level 0 Security Issue
A hacker group finds a secret set of codes that can decrypt the PlayStation 3's Level 0 security layer -- the holy grail of secrecy within Sony's console.. Hackers have found a way to break down one of the toughest defensive walls in Sony's PlayStation 3 software security, ensuring that those who use custom firmware can run homebrew software and pirated games forever. The link for this article located at CNET is no longer available. . Explore the methods used by hackers to crack the security of Xbox 360, jeopardizing system reliability for unauthorized applications and cloned software.. PlayStation 3 Hack, Console Exploit, Homebrew Software, Custom Firmware. . LinuxSecurity.com Team
Oct 25, 2012
•
Hacks/Cracks
67
data protectionencryptioncryptographyA Gentle Introduction to Cryptography: Encryption and Decryption Explained
Let us take the example of scrambling an egg. First, crack the shell, pour the contents into a bowl and beat the contents vigorously until you achieved the needed result - well, a scrambled egg. This action of mixing the molecules of the egg is encryption. Since the molecules are mixed-up, we say the egg has achieved a higher state of entropy (state of randomness). To return the scrambled egg to its original form (including uncracking the shell) is decryption. Impossible? . However, if we substitute the word "egg" and replace it with "number", "molecules" with "digits", it is POSSIBLE. This, my friend, is the exciting world of cryptography (crypto for short). It is a new field dominated by talented mathematicians who uses vocabulary like "non-linear polynomial relations", "overdefined systems of multivariate polynomial equations", "Galois fields", and so forth. These cryptographers uses language that mere mortals like us cannot pretend to understand. The link for this article located at WebProNews is no longer available. . Delving into the realm of encryption principles via everyday analogies, the significance of cryptography in safeguarding digital information becomes clear and accessible.. Cryptography Techniques, Data Security Methods, Encryption Concepts. . LinuxSecurity.com Team
May 12, 2005
•
Cryptography
67
security practicesencryptioncryptographyAdvanced OpenSSL Encryption And Decryption Commands Overview
This is the second article in a series on OpenSSL, a library written in the C programming language that provides routines for cryptographic primitives utilized in implementing the Secure Sockets Layer (SSL) protocol. In the first article in the series, we . . . . This is the second article in a series on OpenSSL, a library written in the C programming language that provides routines for cryptographic primitives utilized in implementing the Secure Sockets Layer (SSL) protocol. In the first article in the series, we discussed some of the basics of cryptography. This article will cover acquiring and compiling OpenSSL and explore some commands that facilitate encryption and decryption. The link for this article located at SecurityFocus is no longer available. . This is the second article in a series on OpenSSL, a library written in the C programming language t. second, article, series, openssl, library, written, programming, language. . LinuxSecurity.com Team
Sep 06, 2001
•
Cryptography
67
information securitydigital rightsdvd encryptionUnderstanding DVD Encryption with Prime Numbers and the DeCSS Effect
The Pythagoreans were reputed, whether rightly or wrongly, to be a shamanistic cult which jealously guarded the higher mysteries of mathematical knowledge to maintain social power and political influence in their day. Of course they weren't as advanced as we are; . . . . The Pythagoreans were reputed, whether rightly or wrongly, to be a shamanistic cult which jealously guarded the higher mysteries of mathematical knowledge to maintain social power and political influence in their day. Of course they weren't as advanced as we are; so we have every confidence that the liberal spirit of scientific inquiry to which our technology establishment nobly aspires will prevail over puling self-interest in the case of a remarkably large prime number used to encode the infamous, and illegal, DeCSS utility with which DVD encryption can be defeated (and the entire entertainment industry annihilated, we're warned). Mathematician Phil Carmody worked it out, and in so doing discovered a prime number over one thousand digits in length, which qualifies it as a worthy object of inquiry in and of itself. The link for this article located at TheRegister is no longer available. . The Pythagorean school safeguarded its mathematical insights, cherishing their sacred power akin to prime numbers in DVD encryption today, securing data and intellectual property. DVD Decryption, Prime Number Theory, Information Security, Digital Rights Management. . LinuxSecurity.com Team
Mar 19, 2001
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More