Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
83
malwareremote command executioncyber threatBlueshell Malware: APT Threat Analysis for Linux Systems
The usage of Blueshell malware spikes up by various threat actors to target Windows, Linux, and other operating systems across Korea and Thailand. . Blueshell backdoor malware has been active since 2020 and written in GO language, believed to be created by a Chinese user, which is available on the GitHub repository. Though the original GitHub repository was deleted, BlueShell’s source code can still be accessed from other repositories. AhnLab Security Emergency Response Center (ASEC) monitors APT attack cases using BlueShell and has released the summarized report of APT attack cases using BlueShell. Considering the functionality of the Backshell, it is designed and uses TLS encryption to circumvent network detection with the C&C server. The Remote command execution, file download/upload, and Socks5 proxy were executed by the attacker through commands. . The Redcloak trojan has been operating since 2021, aiming at Android, iOS, and desktop systems.. Blueshell Malware, Linux Threat Analysis, APT Cybersecurity, Remote Access, Command Execution. . LinuxSecurity.com Team
Sep 08, 2023
•
Hacks/Cracks
81
surveillanceWi-Finetwork detectionWi-Fi Surveillance with Smartphones in Retail Applications
This article talks about applications in retail, but the possibilities are endless. Every smartphone these days comes equipped with a WiFi card. When the card is on and looking for networks to join, it's detectable by local routers. . In your home, the router connects to your device, and then voila The link for this article located at Schneier on Security is no longer available. . Investigating the role of mobile device wireless features in advancing security monitoring and network identification systems for retail environments.. Wi-Fi Surveillance, Smartphone Monitoring, Retail Security. . LinuxSecurity.com Team
Nov 01, 2013
•
Privacy
72
network detectionpassive os fingerprintingnetfilter moduleExploring Passive OS Fingerprinting With Netfilter Module and Iptables
Passive OS fingerprinting netfilter module allows to passively detect remote OS and perform various netfilter actions based on that knowledge. This module compares some data (WS, MSS, options and it's order, ttl, df and others) from packets with SYN bit set with dynamically loaded OS fingerprints. Starting from 2008_07_01 version OSF works only with Xtables, so you have to upgrade to recent kernels (and ename xtables support) and iptables (tested with 1.4.1.1). Also note, that Debian (starting from Lenny) has serious problems with iptables-dev package, which does not contain needed headers, so better install iptables from sources. Have you ever hear about a netfilter module that does passive OS fingerprinting? If you are interested in learning more about this check out this article.. The link for this article located at ioremap.net is no longer available. . Discover the intricacies of passive OS fingerprinting utilizing netfilter modules alongside iptables. Investigate its characteristics and practical uses.. Passive OS Fingerprinting, Netfilter Module, Network Detection, Cybersecurity Applications. . Bill Locke
Dec 09, 2008
•
Firewalls
74
cybersecurityopen sourceinternet securityExploring Wardrive Methods for Accessing Wireless Networks
Throughout the underground internet the last few months, everyone has been whispering the same magic word: `wardrive'. No, not warp-drive, like in the Star-Trek series, the `engine' that allows to travel faster than the speed of light. Wardrive. The term was coined by Peter Shipley, a US internet guru. It means looking around (driving) for wireless networks (war). . . .. Throughout the underground internet the last few months, everyone has been whispering the same magic word: `wardrive'. No, not warp-drive, like in the Star-Trek series, the `engine' that allows to travel faster than the speed of light. Wardrive. The term was coined by Peter Shipley, a US internet guru. It means looking around (driving) for wireless networks (war). Hacking has always been about proving that, whatever the defence of a system, you are clever enough to defeat the security features. Wardriving is about the same sort of feats: trying to detect wireless networks as you walk around, and then attempting to gain access. Imagine your neighbour has got an expensive cable connection, as well as a wireless access point (AP), but it's not protected! Well, you might as well just tap into it unnoticed and save lots of money. The link for this article located at dmeurope.com is no longer available. . Wardriving began in the early 2000s, captivating tech enthusiasts and hackers by driving with laptops and Wi-Fi antennas to find unprotected networks. Wardrive, Wireless Networks, Hacking Techniques, Cybersecurity, Network Detection. . Anthony Pell
Sep 06, 2004
•
Network Security
72
security analysisnetwork detectionhost countingCounting Hosts Behind NAT: Techniques and Security Insights
Johannes Faustus submits , Steven M. Bellovin (co-author of the classic and recently re-published Firewalls and Internet Security: Repelling the Wily Hacker) has an interesting paper on detecting NATs (Network Address Translation setups) and counting the hosts behind the NAT box.. . .. Johannes Faustus submits , Steven M. Bellovin (co-author of the classic and recently re-published Firewalls and Internet Security: Repelling the Wily Hacker) has an interesting paper on detecting NATs (Network Address Translation setups) and counting the hosts behind the NAT box. The techniques outlined are not completely deterministic, so host counts will not necessarily be accurate. But the paper does outline the strengths and weaknesses of the general approach in enough detail for the security expert to make informed use of the information he presents. The link for this article located at Johannes Faustus is no longer available. . Learn techniques for counting hosts behind NAT, ensuring effective network management and boosting security by identifying vulnerabilities and monitoring traffic patterns. Host Counting Techniques, Network Address Translation, Security Analysis. . Anthony Pell
Apr 30, 2003
•
Firewalls
82
wireless securitycyber threatsecurity awarenessSecret Service's Initiative on Wireless Network Security in Urban Areas
Secret Service agents are putting a high-tech twist on the idea of a cop walking the beat. Using a laptop computer and an antenna fashioned from a Pringles potato chip can, they are looking for security holes in wireless networks in the nation's capital. . .. Secret Service agents are putting a high-tech twist on the idea of a cop walking the beat. Using a laptop computer and an antenna fashioned from a Pringles potato chip can, they are looking for security holes in wireless networks in the nation's capital . The agency best known for protecting the president and chasing down counterfeiters has started addressing what it calls one of the most overlooked threats to computer networks. "Everybody wants wireless, it's real convenient," Special Agent Wayne Peterson said. "Security has always been an afterthought." The effort is part of a new government plan to build relationships with businesses so that they will feel more comfortable reporting hacking attempts to authorities. Recent anti-terrorism legislation gave the FBI and Secret Service joint jurisdiction over electronic crimes. Wireless networks are cheap; a small one can start at less than $200. They make it easy for workers to wander around with their laptop or handheld computers and for visiting employees with their own computers to get on to the local office network. These networks are becoming common in airports, universities, coffee houses, businesses, homes and even some public squares. But they are sold with no security measures, and protecting a wireless network from hackers takes more knowledge than what network installation guides typically offer. Because of security concerns, the White House recently proposed banning some wireless networks in federal agencies. Faced with industry protests, the administration dropped the idea when it released a draft version of its cybersecurity plan this month. That has led some independent security researchers to drive - or even use a private plane to fly - through citiesto map networks. Those maps, which are usually posted on the Internet, show where a person can get a free Internet connection on a private network. The Secret Service wants to let businesses know that their Internet connections and private networks might be at risk. Companies informed about security holes can reconfigure their networks to make them more secure. Peterson's tools are a laptop, a wireless network card and one of three antennae mounted on his car. One is a small metal antenna; the second is a large, white, 2-foot-tall tube; the third is a homemade antenna made out of a Pringles can. They boost the reception of his wireless network card, allowing the agent to point them in different directions to get the best signal. A Pringles can is ideal because of its shape - a long tube that lets someone to point it at specific buildings - and its aluminum inner lining. It acts like a satellite dish, collecting signals and bouncing them to the receiver, which is then wired into a laptop. Peterson recently drove down a major Washington street and found over 20 wireless networks, many of which had no security at all. Peterson said his probes are part of good police work, like a patrolman driving through a neighborhood. "I feel it is part of crime prevention to knock on the door," Peterson said. The act of "wardriving," a term taken from older "wardialing" programs that called random telephone numbers looking for unlisted modems, has become so prevalent that enthusiasts are using chalk marks on streets and sidewalks to point out networks in public places. Peterson said there has not been any reported "warchalking" in the Washington area yet, but if one was found, agents would alert the network owner. Chris McFarland, head of the Secret Service's Electronic Crimes Task Force, said his agents have begun evaluating computer security along with other concerns when they scout out a place where the president or other protected dignitary will go. McFarland said, forexample, that agents have had extensive discussions with officials at George Washington Hospital about improving its wireless network security. While the agents plan to offer their expertise to anyone who asks, they are focusing on places most important to their mission of protecting public officials. The hospital is several blocks from the White House and treated Vice President Dick Cheney during his heart problems. Agents also checked out computer systems at the Salt Lake City Olympics, last year's Super Bowl and the World Bank in advance of weekend protests. "People can wreak havoc with these systems very easily," McFarland said. "It's almost like triage." . Secret Service agents are putting a high-tech twist on the idea of a cop walking the beat. Using a l. secret, service, agents, putting, high-tech, twist, walking, using. . Anthony Pell
Sep 30, 2002
•
Government
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More