Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 9 articles for you...
67
cyber threatsransomwarefile encryptionExploring Qilin Ransomware Attacks on VMware ESXi Hypervisor Systems
The Linux version of Qilin, a new ransomware strain that debuted in January, has been spotted in the wild. It's also one of the first ransomware families to target VMware ESXi. . Qilin targets users and organizations that run ESXi hypervisors. The malware encrypts files on connected USB devices with AES-256 encryption and a randomly generated RSA public key. It also creates an HTML file in each folder containing encrypted files containing instructions on paying the ransom and where to get decryption keys. The malware doesn't appear very sophisticated and is likely not targeting any specific industry or organization; it's just another opportunistic infection for any user connecting a USB device infected with Qilin to their machine. I found the article linked below very helpful in understanding the specifics of this attack, and I wanted to share it with you! . Qilin specializes in supporting users and organizations leveraging ESXi virtualization technologies, safeguarding information with the robustness of AES-256 encryption.. Qilin Ransomware, ESXi Hypervisor Security, AES-256 Encryption, Cyber Threats, Linux Malware. . LinuxSecurity.com Team
Dec 04, 2023
•
Cryptography
83
malwaresecurity breachransomwareIceFire Ransomware Targets Linux: Protect Your Files from Attacks
Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. SentinelLabs security researchers found that the gang has breached the networks of several media and entertainment organizations around the world in recent weeks, starting mid-February, according to a report shared in advance with BleepingComputer. . When executed, IceFire ransomware encrypts files, appends the '.ifire' extension to the filename, and then covers its tracks by deleting itself and removing the binary. It's also important to note that IceFire doesn't encrypt all files on Linux. The ransomware strategically avoids encrypting specific paths, allowing critical system parts to remain operational. This calculated approach is intended to prevent a complete system shutdown, which could cause irreparable damage and even more significant disruption. While active since at least March 2022 and mostly inactive since the end of November, IceFire ransomware returned in early January in new attacks, as shown by submissions on the ID-Ransomware platform. . SteelWave malware has expanded its reach to MacOS platforms, implementing innovative encryption methods to prevent essential system file damage.. IceFire Ransomware,Linux Encryption,Cyber Threat Detection,Malware Analysis. . LinuxSecurity.com Team
Mar 09, 2023
•
Hacks/Cracks
76
application securitypatch managementfile encryptionHighlights from Black Hat USA 2021: Cybersecurity Innovations Unveiled
The Black Hat USA 2021 conference, under way in Las Vegas, is generating plenty of cybersecurity news. Here are some of the highlights of Black Hat USA 2021 so far. . Qualys: The company is demonstrating Cybersecurity Asset Management (CSAM) to help users detect security gaps and respond to risk. Also, Qualys is demonstrating Zero Touch Patch Management , which helps organizations to “proactively patch prioritized vulnerabilities with ‘intelligent’ automation – before attacks can exploit them,” the company asserts. Application Security Testing: Sparrow Co. is introducing two solutions at the conference — Sparrow Cloud and Sparrow SCA. The first offers application security as a service by “performing static and dynamic analysis anytime and anywhere at minimum cost.” The second, Sparrow SCA, is an open-source management solution. Sparrow SCA “automatically identifies open-source software in use and detects security vulnerabilities in the source code and binary,” the company says. Partnership – File Encryption: Atakama and Spirion together are showcasing file-encryption technology at the conference. Managed Detection and Response (MDR) Services: CrowdStrike announced Falcon X Recon+, a new managed solution that “simplifies the process of hunting and mitigating external threats to brands, employees and sensitive data,” the company asserts. Managed eXtended Detection and Response (MXDR): Optiv Security launched a Managed Extended Detection and Response (MXDR) service. The technology-independent offering “enables clients to take rapid and decisive action against today’s most critical cyberattacks and strengthen their security posture.” Devo has been named a foundational partner in Optiv MXDR. XDR (eXtended Detection and Response) Alliance: Exabeam unveiled the XDR Alliance. The alliance seeks to “foster an open approach to XDR which is essential to enable organizations everywhere to protect themselves againstthe growing number of cyber attacks, breaches, and intrusions.” Alongside Exabeam, founding members include Armis, Expel, ExtraHop, Google Cloud Security, Mimecast, Netskope and SentinelOne. Black Hat – XDR (eXtended Detection and Response Services): Secureworks will showcase its cloud-based products and services at the conference. For instance, the MSSP will demonstrate how Taegis XDR, Taegis VDR and threat intelligence can help organizations reduce the risks and consequences of a breach. Also, Secureworks will discuss a new Taegis XDR Adversary Software Coverage (ASC) tool. The new ASC tool allows users to interactively explore how Secureworks Taegis XDR maps coverage and countermeasures to the tactics and techniques used by over 500 adversarial software types against the MITRE ATT&CK framework, including ATT&CK v9, the MSSP says. . Qualys presents its advanced Asset Management and automated security solutions during Black Hat USA 2021, improving threat identification.. Cybersecurity Innovations, Asset Management Solutions, Detection Services, Cybersecurity Technologies, Open Source Solutions. . Brittany Day
Aug 04, 2021
•
Organizations/Events
83
network securitymalwareransomwareJava Ransomware Targets Linux And Windows Systems: A Major Security Risk
Security researchers have discovered a dangerous new strain of ransomware targeting Linux and Windows systems that uses a Java file format, making it highly difficult to detect before it detonates its file-encrypting payload. . Consulting giant KPMG’s incident response unit was called in to run the recovery effort at an unnamed European educational institute hit by a ransomware attack. BlackBerry’s security research unit, which partners with KPMG, analyzed the malware and published its findings Thursday. BlackBerry’s researchers said that a hacker broke into the institute’s network using a remote desktop server connected to the internet, and deployed a persistent backdoor in order to gain easy access to the network after they leave. After a few days of inactivity to prevent detection, the hacker re-enters the network again through the backdoor, disables any running anti-malware service, spreads the ransomware module across the network and detonates the payload, encrypting each computer’s files and holding them hostage for a ransom. . A recently identified malware strain, developed in Java, is now aimed at compromising Linux and Windows platforms, complicating detection efforts and presenting significant threats.. Java Ransomware, Linux Malware, File Encryption Threat, Network Security Risks. . LinuxSecurity.com Team
Jun 05, 2020
•
Hacks/Cracks
67
pgp encryptionemail encryptionfile encryptionIn-Depth Analysis of PGP: Email, File, And Disk Encryption
This ComputerCurrents article discusses the features in PGP (Pretty Good Privacy) encryption software, including email, file, and disk encryption. . . . . This ComputerCurrents article discusses the features in PGP (Pretty Good Privacy) encryption software, including email, file, and disk encryption. The link for this article located at ComputerCurrents is no longer available. . PGP (Pretty Good Privacy) encryption secures data with robust features for emails, files, and disks, ensuring confidentiality, integrity, and user-friendly management. PGP Encryption,Detailed Encryption Analysis,Privacy Software Features. . LinuxSecurity.com Team
Jan 01, 2020
•
Cryptography
67
data protectionsecurity toolsfile encryptionEssential Tools for File Encryption and Password Management on Linux
Here's a great short article on the encryption techniques for Windows. What alternatives are there for Linux that you use? Have you tried filesystem encryption? Would you, if it were easy? Do you have anything that would need such a level of security? Windows passwords are all too easy to crack, and malware can give the wrong people access to your system. You need to encrypt your key files and passwords, but that can be a lot easier than it sounds with these very simple tools. Would you like to share your experiences with using encryption on Linux? Email us and let us know. . Windows Vista and Windows 7 contain a built-in drive encryption tool, BitLocker, that's well worth exploring if you're using a laptop or otherwise might need full disk encryption. If you're mainly concerned about a few files or folders that contain financial data, long passwords, or other sensitive material, you should look at EncryptOnClick Freeware. It sells itself on two main points. It's fairly strong encryption for a consumer product -- 256-bit AES, in fact -- and it has a very simple interface with just six buttons, only four of which you really use. Click "File" or "Folder" on the left-hand Encrypt side and give the app the material you want to protect, along with a long, secure password that has numbers, characters you have to hit shift for, and random letters or words not commonly found in the dictionary. When you need to get back to that file, launch EncryptOnClick again, and hit the "File" or "Folder" button on the right-hand side, then point it at those files you locked away, and provide a password. If you've got a Mac, SecureFiles is a similarly simple and elegant encryption tool. Now you've got password-protected files, but what about that password? And what about all your web passwords in general? Many web browsers offer to save your passwords for you, and some even offer a "master password" to protect them all. That's still not all that secure. For a convenient password management system that works on anycomputer, and any browser, LastPass fits the bill. Your passwords are encrypted but not on your physical computer, which is a nice layer of safety in itself, and LastPass' add-ons for Internet Explorer, Firefox, and Google Chrome can be set up to require a similar "master password" -- the only one you'll really need to memorize, or stash deep in your wallet. If you're on any other browser, or a computer other than your own, LastPass lets you log in and grab a bookmarklet to stash on your bookmark toolbar that can automatically fill in passwords or forms, provided you're logged in. Its Windows software can even help find insecure passwords stashed on your system. If you're interested in signing up, or finding out more about the services' own "Host-proof hosting" security, read up on their technology. Voila! You've got a system that doesn't give up its secrets, and you didn't have to spend your weekend figuring out how to get it that way. The link for this article located at IT World is no longer available. . Investigate robust encryption techniques for Linux systems, integrating various tools and best practices for password security to ensure superior safeguarding.. Data Encryption, Secure Tools, Password Management, File Security, Linux Encryption. . LinuxSecurity.com Team
Mar 01, 2010
•
Cryptography
67
encryptionauthenticationdata integritySecure File Transfer Using GPG And OpenPGP For Effective Protection
Are you looking for a safe way to encrypt your files and messages? What if there is a method that can do all that and more and yet it is FREE to use? If you are interested, keep reading to know about encrypting and exchanging files safely with GPG and PGP.. GPG is an acronym for Gnu Privacy Guard. It was developed as a free and open source alternative to PGP , a famous commercial encryption product. Both GPG and PGP can encrypt and decrypt data on your system, in addition they can be used to authenticate emails and files you exchange with other people, this means that if Bob is sending files and emails to Alice, she can check if the data has been altered in the way by any third party and if the sender is Bob for sure and no one else. Furthermore, with these applications, Bob can also make sure that only Alice will be able to decrypt and read/view the data he is sending. Before proceeding with how this works in practice, let me first start with a small formal introduction to the protocol these programs use, that is OpenPGP (RFC 4880 ). OpenGPG OpenPGP is the most used email encryption standard now a day. It uses public-keys in combination with symmetric cryptography and hash-function to provide security solutions for electronic communications and data storage. Any OpenPGP software should support data confidentiality, integrity and authentication. So OpenGPG is the standard or the protocol, while PGP and GPG are the applications you can use. The link for this article located at Hack This Site is no longer available. . Delve into reliable encryption techniques using GPG and OpenPGP to protect your documents and communications securely.. OpenPGP Encryption, GPG Tutorial, Secure File Transfer, Email Security. . LinuxSecurity.com Team
Feb 03, 2010
•
Cryptography
83
malwaretrojanfile encryptionTrojan.Ramvicrype Threat: Monitor Encryption Without Ransom Note
Symantec is warning about a new Trojan horse that encrypts files on compromised computers but offers no ransom note like other software designed to hold data hostage for a fee.. Instead, a Web search for terms related to the Trojan horse leads to a company offering a way to remove the malware. The company offering the product used to charge for it but now offers it for free. Trojan.Ramvicrype uses the RC4 algorithm to encrypt files on systems running Windows 98, 95, XP, Windows Me, Vista, NT, Windows Server 2003 and Windows 2000, according to Symantec's Web site. Computers with files that have the .vicrypt extension are infected, a Symantec researcher wrote in a blog post this weekend. The link for this article located at CNET is no longer available. . Instead, a Web search for terms related to the Trojan horse leads to a company offering a way to rem. symantec, warning, about, trojan, horse, encrypts, files, compromised, computers, offers. . LinuxSecurity.com Team
Nov 03, 2009
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More