Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 6 articles for you...
83
malwarecybercrimepayment securityUncovering FASTCash Linux Malware: Detection & Prevention Strategies
As malware threats evolve to increasingly target Linux systems, admins and organizations must stay up-to-date on the latest Linux malware variants and strategies for detecting and preventing attacks. Security researcher HaxRob recently discovered a new Linux variant of the FASTCash malware , which targets payment switches to enable unauthorized ATM withdrawals. . To help you proactively prepare for this emerging threat, I'll explain the intricacies and targets of this stealthy malware variant and offer advice for detection and prevention. After all, when it comes to malware threats, an ounce of prevention is worth a pound of cure! Understanding FASTCash Linux Malware FASTCash malware, commonly associated with North Korean threat actors such as Lazarus Group, delivers its payload by targeting payment switch systems. ATM and PoS networks use these systems as critical infrastructure components. By exploiting their vulnerabilities, attackers can manipulate transaction messages that enable unauthorized cash withdrawals at ATMs. FASTCash has long targeted other operating systems, such as IBM AIX (referred to as FASTCash for UNIX) and Microsoft Windows. However, its discovery on Linux suggests an expansion in the capabilities of cybercriminals, opening up more targets while making defense against attacks more complex. How FASTCash Linux Malware Operates A recently identified Linux variant of FASTCash was discovered targeting payment switches running Ubuntu 20.04. Analysis has indicated that this malware was developed post-April 21, 2022, likely using virtualization technology like VMware hypervisor . While similar in function to its Windows counterpart, FASTCash's Linux counterpart offers slightly reduced capabilities yet retains key elements like intercepting and manipulating declined transaction messages. FASTCash malware, specifically the Linux variant, offers three key capabilities to its victims: transaction interception, fraudulent authorization, and currency manipulation. Thismalware targets user-space processes on payment switch servers to intercept messages relating to declined transactions for cardholder account numbers on a predefined list. By altering these intercepted messages, FASTCash can authorize transactions that should ordinarily be declined with random amounts of funds involved. Like its Windows variant, it mainly uses the Turkish Lira for currency manipulation efforts. FASTCash Linux Malware Operations (source: doubleagent.net) FASTCash Target Profile FASTCash malware attacks typically target banks and financial institutions, specifically those operating payment switch systems as targets of attack. Since payment switch systems serve as central hubs for routing and processing transaction flows, compromising them enables attackers to gain control of numerous transactions with significant financial gains for themselves. Banks hosting their switch applications on Linux servers have been attacked by malware that previously targeted Windows or Unix-based systems. The emphasis on interbank networks suggests an even broader attack against banking infrastructures. Strategies for Detecting FASTCash Malware Due to its complex and stealthy nature, FASTCash malware detection requires a multi-pronged approach. Effective strategies include network traffic monitoring, file integrity monitoring, and behavioral analysis. Network traffic monitoring involves suspicious transactions using specific currencies like the Turkish Lira and any unusual communication from payment switch servers to external destinations or command-and-control (C2) infrastructures. File integrity monitoring must focus on verifying checksums of critical software components on payment switch servers to detect unauthorized modifications and provide detailed audit logging of directories and files involved with transaction processing. Behavior analysis involves continuously monitoring running processes to detect unusual activities or resource consumption patterns indicative of malware andinspecting transaction logs for signs of tampering or fraudulent approval of transactions that are usually declined. Prevention Measures for Admins & Organizations Protecting against FASTCash Linux malware attacks involves simultaneously strengthening technological defenses and operational practices. Infrastructure hardening is essential. This includes ensuring that all software running on servers, such as payment switches, is up-to-date to prevent vulnerabilities and adhering to the principle of least privilege by restricting users' and services' access rights. Network segmentation is integral in keeping payment switch systems safe from general network traffic by isolating them behind strong firewalls and creating a Demilitarized Zone (DMZ) to limit direct access to internal servers. Multi-factor authentication (MFA) should be implemented to access critical systems, particularly those involving administrative privileges on payment switch servers. Regular security audits, comprising comprehensive assessments and penetration tests , can assist in identifying potential vulnerabilities to ensure compliance with pertinent financial regulations and cybersecurity standards. Training employees on cybersecurity awareness is also of utmost importance. Teaching staff members how to recognize phishing attempts and other social engineering tactics that could compromise systems and protocols is essential in preventing cyberattacks and breaches. Our Final Thoughts on Combating the Emerging FASTCash Linux Malware Variant The presence of a Linux variant of FASTCash malware marks an exponential escalation in cybercrime against financial institutions. By understanding its operating mechanisms and developing effective detection and prevention strategies against this new threat, organizations can strengthen their defenses against it and other sophisticated attacks. As with all cybersecurity challenges, being informed, vigilant, and proactive will allow organizations to reduce the risks this formidableadversary presents. . Exploring RansomWareX Windows exploits, their methodologies, affected platforms, and essential identification/mitigation techniques for system administrators.. FASTCash Malware,Linux Cybersecurity,Payment Switch Security,Malware Detection Strategies,Financial Cybercrime. . Anthony Pell
Oct 16, 2024
•
Hacks/Cracks
77
data securitycomplianceguidelinesNew PCI SSC Guidelines for PCI-DSS 3.0 Compliance and Security
There is a big different between compliance and security. The PCI-DSS (Payment Council Industry Data Security Standard) is the measure against which e-commerce security is measured and it is now in the process of gearing up for a major update at the end of the year.. Ahead of that update, The PCI Security Standards Council (PCI SSC) has issued new guidance on how organizations can better secure themselves. "A lot of the exploits we're seeing today are older exploits that should not still be happening," said Bob Russo, general manager, PCI SSC. "This set of guidelines is an attempt by the community at large to make sure that people have guidance." The link for this article located at eSecurity Planet is no longer available. . The PCI Security Standards Council has released updated recommendations for businesses to strengthen their data protection measures prior to the updates in PCI-DSS 3.0.. PCI DSS Compliance, Data Security, E-commerce Security. . LinuxSecurity.com Team
Feb 04, 2013
•
Server Security
83
security advisoryunauthorized accesspayment securityGoogle Wallet Access Issue: New PIN Exploit Research Uncovered
Yesterday, researchers outlined a complicated way to crack the Google Wallet PIN used to make purchases with the smartphone-based payment system. Now there's a new hack that could let a stranger gain access to the funds of Wallet users.. Described yesterday by blogging site The Smartphone Champ, the hack doesn't require extra software, root access, or any particular skills in general. The link for this article located at CNET is no longer available. . Experts uncover a novel exploit for Apple Pay, enabling illegal entry without any technical knowledge or tools required.. Google Wallet Exploit, Mobile Payment Security, PIN Hack. . LinuxSecurity.com Team
Feb 10, 2012
•
Hacks/Cracks
83
payment securitybrute-force attacksgoogle walletBrute-Force Threats to Google Wallet on Rooted Android Devices
App is vulernable to quick brute-force attacks on rooted phones. Near field communications (NFC) technology has been around overseas for over half a decade now, but it's finally jumping from the Asian market to the United States. . The technology allows you to wave your smartphone over readers to pay for anything from gas to groceries. One of the key players in this emerging market is Google Inc. (GOOG). Of the major phone OS platform makers, Google has pushed the hardest to deeply integrate NFC. In May 2011 it announced a new payment app/service called "Google Wallet", which it launched in Nov. 2011. The link for this article located at DailyTech is no longer available. . Uncover the methods malefactors leverage to manipulate flaws in Google Wallet on compromised Android smartphones through forceful attack strategies.. Brute Force Attacks, Google Wallet Vulnerability, NFC Payment Security, Rooted Android Risks. . LinuxSecurity.com Team
Feb 09, 2012
•
Hacks/Cracks
82
data protectioncybersecuritypayment securityHeartland Payment Systems Launches E3 End-to-End Encryption Innovations
Heartland Payment Systems, the victim last year of a massive data breach of sensitive card data, vowed after that devastating event to develop new security gear based on end-to-end encryption between itself and its merchants to prevent such a breach from occurring again. That's now taking shape, but slowly.. "We have a long way to go," acknowledges Heartland CEO Bob Carr, pointing out the so-called E3 payment terminals, intended for small-to-midsize customers, are but the first step, "with more advanced technologies coming in the summer" intended for use between Heartland's network and much larger merchants that would require more back-end integration into processing systems. "We're not ready to help all of them yet," he acknowledges. The six greatest threats to U.S. cybersecurityThere is as of yet no end-to-end encryption requirement for debit- and credit-card processing, though the Payment Card Industry (PCI) Security Standards Council, which sets technical standards used by payment processors and merchants, is expected to weigh in on that topic in its upcoming PCI standard this October. The link for this article located at IT World is no longer available. . Leading executive at Heartland emphasizes advancements in comprehensive encryption for transaction processes post-security incident, promising enhanced safety.. Heartland Payment Systems, Payment Security, Data Protection, Payment Processing, Cybersecurity Advancements. . Alex
Jul 01, 2010
•
Government
67
phishingpayment securitysecure transactionsAnalyzing 3D Secure Risks: Phishing in Online Card Payments
Ross Anderson reports (via Bruce Schneier blog): Online transactions with credit cards or debit cards are increasingly verified using the 3D Secure system, which is branded as "Verified by VISA" and "MasterCard SecureCode". This is now the most widely-used single sign-on scheme ever, with over 200 million cardholders registered. It's getting hard to shop online without being forced to use it. . In a paper I'm presenting today at Financial Cryptography, Steven Murdoch and I analyse 3D Secure. From the engineering point of view, it does just about everything wrong, and it's becoming a fat target for phishing. So why did it succeed in the marketplace? Quite simply, it has strong incentives for adoption. Merchants who use it push liability for fraud back to banks, who in turn push it on to cardholders. Properly designed single sign-on systems, like OpenID and InfoCard, can't offer anything like this. So this is yet another case where security economics trumps security engineering, but in a predatory way that leaves cardholders less secure. We conclude with a suggestion on what bank regulators might do to fix the problem. The link for this article located at Bruce Schneier is no longer available. . 3D Secure aims to enhance online payment safety through user authentication, yet its flaws lead to user frustration, security inconsistencies, and phishing risks. 3D Secure, Phishing Attacks, Payment Security, Card Fraud, Financial Risks. . LinuxSecurity.com Team
Feb 01, 2010
•
Cryptography
83
data breachconsumer protectionincident managementTJX Companies Data Breach: Major Impact on Consumer Credit Cards
The TJX Companies, a large retailer that operates more than 2,000 retail stores under brands such as Bob. Banking officials in Massachusetts say the TJX breach is behind a recent warning by Visa to banks in Massachusetts, which have contacted customers in recent days and had to reissue thousands of ATM and debit cards. In the end, the hack may affect a wide range of credit card companies and thousands of consumers in America and in countries like the United Kingdom and Ireland, experts say. TJX said it is working with IBM and General Dynamics to investigate the breach, which is believed to have occurred on computer systems that process and store information on customer transactions for T.J. Maxx, Marshalls, HomeGoods and A.J. Wright. Transactions from T.K. Maxx in the United Kingdom and Ireland may have also been exposed in the breach. The link for this article located at CSO Online is no longer available. . Financial regulators caution that the massive Target security incident affects financial institutions in Massachusetts due to the revelation of consumer debit card information.. TJX Companies, Data Breach, Payment Security, Consumer Protection. . LinuxSecurity.com Team
Jan 19, 2007
•
Hacks/Cracks
67
risk managementbest practicessecurity standardExploring ISO 21188:2006 Impact on Payment Security Measures
ISO 21188:2006, 'Public Key Infrastructure for financial services - practices and policy framework', offers a set of guidelines to assist risk managers, business managers and analysts, technical designers and implementers and operational management and auditors in the financial services industry. . To some extent part of the transaction vulnerability analysis for x9.59 transaction work done in the mid-90s was based on analysis and experience with that original payment gateway as it was implemented on the basis of the session-oriented paradigm 4. . To some extent part of the transaction vulnerability analysis for x9.59 transaction work done in the. 'public, infrastructure, financial, services, practices, policy, framework'. . LinuxSecurity.com Team
Jun 24, 2006
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More