Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Ahead With Linux Security News

Filter%20icon Refine news
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security news

We found 25 articles for you...
215

How to Remove Malicious Browser Extensions on Linux and Mac Safely

Browser extensions are designed to improve the functionality and personalize your web experience. However, some of them can be harmful. . They masquerade as useful tools but actually perform unwanted actions. Such malicious extensions can significantly degrade your browsing experience. You will be redirected to unwanted sites to collect personal data. They can also change your homepage and track your online activity without your consent. Moreover, these unwanted add-ons can affect browser performance. They can also cause pop-ups and pose a threat to your system security. Where Do Malicious Browser Extensions Come From? Fake program updates : You may receive a notification that a certain program needs to be updated. Instead, a malicious extension is installed. Downloading programs from untrusted sources : Some free programs may contain malicious extensions. Visiting unsafe websites : There are websites that can automatically install extensions without your consent. Signs Your Browser Has Been Compromised Browser settings have been changed: You did not intervene, but there were sudden changes to your homepage or search engine. Unwanted redirect: Your browser's constant redirection to unknown sites and search engines may be a sign of a malicious extension. Decreased browser performance: The browser frequently freezes and becomes slower. Pop-ups and ads: Unwanted ads and pop-ups have increased in number. QSearch Hijacker on Mac? Here’s How to Get Rid of It If your browser keeps redirecting you to unknown sites, it might be due to QSearch redirect . There are different ways to fix this problem. Usually, QSearch hijacker can change browser settings, including homepage and search engine. Accordingly, forcing you to use the QSearch search engine. In order to remove it, you need to follow the instructions described earlier. Thus, to make a QSearch virus removal. If the standard uninstallation of extensions did not help, then try resettingyour browser. This step will help eliminate all changes made by malicious extensions and redirect them to fix. Sometimes malicious extensions cannot be removed manually. You should use special antivirus software for your operating system in such cases. Cleaning Up Your Mac: Removing Suspicious Extensions Below, we will look at how to remove malicious extensions in Safari and Google Chrome and what to do if uninstallations do not help. Removing extensions in Safari Open Safari. Click on the Safari menu in the upper left corner. Select Settings. Click the Extensions tab. Look for any that look suspicious or that you did not install. Select the suspicious extension. Click Remove . Removing extensions in Google Chrome Open Chrome. Click on the three dots in the upper right corner. Select Advanced Tools > Extensions . View the list of installed extensions. Uninstall any you don't recognize by clicking Uninstall . Browser settings reset If the uninstallations described above didn't help, you can reset your browser to factory settings. Safari: Go to Settings > Privacy . Click Manage website data . Then, click Delete all . Chrome: Go to Settings > Advanced . Next, Reset settings . Click Restore initial settings . Malicious Extensions on Linux. How to Remove The process of removing malicious extensions may vary depending on the browser you use. Removing extensions in Firefox Open Firefox. Click on the three horizontal lines in the upper right corner. Select Advanced Tools . Then, select Add-ons and Themes . Click the Extensions tab. Check the list of installed add-ons. If you find any suspicious or unnecessary ones, click on the three dots next to them. Select “ Remove ”. Remove extensions in Google Chrome Open Chrome. Click on the three dots in the upper right corner. Select Advanced tools . Then select Extensions . Select the extensions you don't need.Click Uninstall . If you can't find the extension in the list, it may have been installed through a different path. Then check the settings with a command to clear the cache or with special Linux utilities . Stay Safe Online: Tips to Keep Your Browser Secure After you have removed malicious extensions, take steps to prevent them from reappearing. Beware of phishing sites and spam: Do not open suspicious attachments and links in emails. They often contain malicious programs and extensions. Download programs only from trusted sources: This way, you can avoid accidentally installing malicious extensions and other programs. Use anti-virus software: Scan your computer for malware regularly. This way, you can detect threats in a timely manner. Update programs and browsers regularly: Program updates contain fixes for security vulnerabilities. Attackers often exploit the latter. Final Thoughts: Keeping Your Browser Safe from Threats Malicious browser extensions can have significant consequences for any user. They may reroute users to undesirable websites and thus collect personal information. They also pose a security risk. Therefore, it is critical to know how to detect and delete these extensions. You should also take precautions to safeguard your system against such threats in the future. By completing the necessary measures, you can keep your computer and system secure and prevent the hazards connected with harmful add-ons. . They masquerade as useful tools but actually perform unwanted actions. Such malicious extensions can. browser, extensions, designed, improve, functionality, personalize, experience. . MaK Ulac

Calendar%202 Mar 12, 2025 User Avatar MaK Ulac Desktop Security
214

Protecting Home Networks: Router Security Insights from 2024 Survey

In 2024, the connected world requires our homes to serve as hubs for various devices, from computers and smartphones to smart fridges and security cameras. Still, many home users remain unaware of the risk posed by default router security settings, as revealed in Broadband Genie's 2024 Router Security Survey results. . Understanding these vulnerabilities and securing home networks against cyberattacks are crucial to protecting yourself against attacks. I'll explain the notable findings of this survey and provide practical advice you can implement to improve the security of your home routers and Linux-based systems. Recent Survey Findings Serve as A Wake-Up Call Broadband Genie's 2024 survey, involving 3,045 respondents, has unearthed alarming statistics that highlight widespread negligence in router security: 52% Have Never Adjusted Any Router Factory Settings: More than half of the users leave their routers as issued straight out of the box. Factory settings are often generic and are publicly documented, making them an easy target for hackers. 86% Have Never Changed the Router Administrator Password: The admin password is a critical security feature, and leaving it at the default setting is akin to leaving the front door of your house unlocked. Shockingly, this percentage has increased slightly since 2022. 72% Have Never Changed Their Wi-Fi Password: Similar to the admin password, default Wi-Fi passwords are well-known and easily exploitable by unauthorized users. 89% Have Never Updated Their Router Firmware: Firmware updates often include critical security patches and performance enhancements, so routers that do not update firmware remain vulnerable to newer exploits. 89% Haven't Changed Their Network Name (SSID): Default network names can give away the router’s make and model, providing valuable information to hackers. 75% Haven't Checked Who Is Using Their Network: Regularly monitoring connected devices helps to identify unauthorized access and ensurethat only trusted devices are connected. 75% Don’t Know Why They Need to Adjust Router Settings: This highlights a significant gap in user awareness about the importance of router security. Securing Linux Routers: Tips to Protect Home Networks Linux routers, generally a Linux PC equipped with multiple Ethernet interfaces designed to route traffic between different networks, typically provide essential network services such as WiFi access for internal networks, proxy services to protect browsers within the network, and email and file sharing capabilities for the local LAN. Many Linux routers, particularly dedicated and purpose-built devices, are set up once and never updated. Unfortunately, these devices frequently retain their default settings, leaving them vulnerable to attacks. Additionally, these routers are typically not monitored for potential intrusions, allowing attackers to probe for vulnerabilities relentlessly until they successfully gain unauthorized access. Utilizing specific security practices can substantially reduce these risks. Here are the most crucial tips for securing Linux routers and home routers you need to know. Change Default Login Credentials Even though this might seem general, it is crucially important for Linux routers. Default credentials are easily guessed by threat actors. Change both the username and password upon the initial setup. Disable Unnecessary Services Linux routers may have various services enabled by default that aren't necessary for all users (e.g., FTP, Telnet). Disable any services you do not use to minimize the attack surface: sudo systemctl disable Update Router Firmware & OS Regularly Firmware updates often include security patches. Ensure you regularly check for and apply updates to your router’s firmware: # For Debian-based systems: sudo apt-get update && sudo apt-get upgrade # For Red Hat-based systems: sudo dnf update See our complete guide on upgrading your distro for more details on this process. Enable and Configure a Firewall If you're using Linux as a router, you likely have already installed and configured a firewall using tools like iptables, firewalld or ufw. Be sure to periodically check your firewall settings by performing an outside penetration test from a remote IP to determine which ports may be open inadvertently. Disable Remote Management Disabling remote management ports like SSH and HTTP/HTTPS access from the WAN side prevents unauthorized access: # Edit the SSH config file to bind to internal IP only sudo vim /etc/ssh/sshd_config # Change the 'ListenAddress' ListenAddress 192.168.1.1 Enable WPA3 for WiFi For routers providing WiFi services , ensure you use the latest WPA3 encryption standard. If WPA3 isn't available, WPA2 with a strong passphrase is the next best option. Change the Default IP Range Changing the default IP range of your LAN can help obscure your network structure from attackers who assume default configurations (e.g., 192.168.0.0/24): # Change IP range in your DHCP settings sudo vim /etc/dhcp/dhcpd.conf # Example change subnet 10.0.0.0 netmask 255.255.255.0 { ... range 10.0.0.10 10.0.0.100; } Use Intrusion Detection and Prevention Systems (IDPS) Implement an IDPS like Snort or Suricata to monitor and act upon suspicious activities: # Installation of Suricata sudo apt-get install suricata # Starting Suricata with a default rule set sudo suricata -c /etc/suricata/suricata.yaml -i eth0 Segment the Network with VLANs Create VLANs to segment and protect different parts of your network: # VLAN configuration example sudo ip link add link eth0 name eth0.10 type vlan id 10 sudo ip addr add 192.168.10.1/24 dev eth0.10 sudo ip link set up eth0.10 Monitor Logs Regularly Regularly monitor your router logs for any unusual activities. Setup log rotation if not already configured. Install Fail2ban - this tool monitors logs and bans IPs that show malicious signs (such as too many password failures). Install log monitoring tools like logwatch and logcheck to look for anomalies in system activity. By following these specific steps, users can significantly enhance the security of our Linux routers and keep our home networks protected from external threats. Our Final Thoughts on Improving Home Router Security The Broadband Genie 2024 Router Security Survey findings highlight a critical need for greater awareness and action regarding router security. By changing default settings and instilling proactive measures into home users' routines, we can significantly decrease our risk of cyberattacks. Likewise, for Linux-based systems, changing default settings regularly while updating software is integral in safeguarding their digital environments from cyberattacks. As technology develops further, so should our commitment to protecting home networks against ever-increasing threats. . Understanding router vulnerabilities is crucial for securing home networks against cyberattacks and enhancing safety.. connected, world, requires, homes, serve, various, devices, computers. . Anthony Pell

Calendar%202 Sep 25, 2024 User Avatar Anthony Pell IoT Security
67

Babuk Ransomware Recovery: Tortilla Decryptor Key for Quick Access

A new decryptor has been created for Babuk Tortilla ransomware victims, which will be included in a generic Babuk Decryptor that will contain all Babuk keys currently available. Let's examine the threat that Babuk ransomware poses to your systems and how to recover encrypted files should you fall victim to an attack. . Babuk Ransomware Versions to Be Aware Of Babuk ransomware was first discovered in 2021 and has been responsible for multiple high-profile attacks against industries such as manufacturing or law enforcement. The ransomware is a highly sophisticated strain, compiled on several hardware and software platforms. Windows and ARM Linux are the most common versions. Babuk can also interrupt the backup process of the victim's system and delete volume shadow copies. This makes recovery even more difficult. In September 2021, Babuk's code was published on an underground forum. This allowed multiple threat actors to create variations of strain. Security researchers have identified ransomware families that have exploited Babuk: Rook – December 2021 Night Sky - Jan 2022 Pandora - March 2022 Nokoyawa Cheerscrypt - May 2022 AstraLocker 2.0 - June 2022 ESXiArgs February 2023 Rorschach RTM Locker RA Group - April 2023 Tortilla was one of the threat actors responsible for Babuk ransomware attacks. In October 2021, Tortilla was observed targeting Microsoft Exchange servers that were vulnerable and trying to exploit ProxyShell to install the Babuk ransomware. In a later law enforcement investigation, Dutch Police were able to apprehend and discover the person behind Tortilla. The Tortilla decryptor key was recovered and has been added to a generic decryptor developed for a number of other Babuk variants. This decryptor results from the Babuk generator and leaked source code. Tortilla used one key pair for all of its victims, while attackers could generate different public/private keys per campaign. How Can I Recover Encrypted Files if I FallVictim to Babuk Ransomware? The updated version of Babuk can be downloaded from the NoMoreRansom or Avast decryptors pages. This decryptor allows users to recover files quickly. Recently, a number of decryptors were released to assist victims of ransomware. Security Research Labs has published tools enabling the recovery of files encrypted by Black Basta Ransomware . The FBI, in response to law enforcement actions, announced in December 2023 that it had developed a decryption program for the notorious BlackCat Group. Here are our top tips for preventing Linux ransomware attacks in the first place: Backup critical files and diversify the storage media to avoid a single point of failure (SPOF). This won’t prevent an attack but can mitigate potential damage. Keep servers and endpoints up to date to ensure that they use the latest security patches. Implement the principle of least privilege for user accounts. Monitor network activity and system logs closely. Keep tabs on event logs to identify anomalous behavior before it causes harm. Use a combination of IP filtering, an intrusion detection system (IDS), and an intrusion prevention system (IPS). Use Linux security extensions that control and restrict access to data or network resources. Implement robust network segmentation and data compartmentalization to minimize the impact of a potential ransomware attack. Audit systems regularly. Have additional questions on the measures you can take to prevent or recover from Linux ransomware attacks? Please reach out to us on X @lnxsec - we're here to help! Stay safe out there, fellow Linux users! . Discover the new decryption solution for Babuk Tortilla ransomware and examine strategies to restore affected files.. Babuk Ransomware, Decryption Tools, Linux Recovery, Prevent Ransomware, Cyber Threats. . LinuxSecurity.com Team

Calendar%202 Jan 09, 2024 User Avatar LinuxSecurity.com Team Cryptography
212

Kubernetes Infrastructure Security: Host Hardening & Cluster Tips

Infrastructure security is important to get right so that attacks can be prevented—or, in the case of a successful attack, damage can be minimized. It is especially important in a Kubernetes environment because, by default, a large number of Kubernetes configurations are not secure. Learn how to secure Kubernetes at the infrastructure level. . Securing Kubernetes at the infrastructure level requires a combination of host hardening, cluster hardening and network security. Let’s dive into each of these and look at best practices for securing both self-hosted and managed Kubernetes clusters. . Fortifying Kubernetes at the foundation demands the integration of system fortification and safeguarding cluster methodologies to uphold optimal standards.. Kubernetes Security, Infrastructure Hardening, Cluster Security Measures, Network Security Best Practices. . Brittany Day

Calendar%202 Jan 28, 2022 User Avatar Brittany Day Cloud Security
67

Enhancing VNC Security on Linux with SSH Tunneling Techniques

If you're new to Linux or Unix, you might prefer using a graphical user interface (GUI) over the command-line interface (CLI), and when remotely connecting you can use the remote desktop protocol and GUI-based Virtual Network Computing (VNC).. Some Linux distros come with a VNC server pre-installed and for others you'll probably find plenty of tutorials on how to get started, so we'll skip the basics and share some security tips. As a result, for this tutorial we assume you already have a VNC server installed and running on a Linux/Unix machine. The link for this article located at Server Watch is no longer available. . Some Linux distros come with a VNC server pre-installed and for others you'll probably find plenty o. you're, linux, might, prefer, using, graphical, interface, (gui). . LinuxSecurity.com Team

Calendar%202 Jun 18, 2012 User Avatar LinuxSecurity.com Team Cryptography
79

Expert Advice From Pablos Holman on Cyber Protection and Security

He was once one of the world's top hackers, but now Pablos Holman is using his powers for good. He was in town for Chicago Ideas Week and joined us with some tips for protecting yourself online.. Recent celebrity hacking scandals have put internet hacking in the spotlight. A Florida man was arrested for hacking into email accounts of Scarlett Johansson and Mila Kunis. Holman said hacking used to be broad, with hackers getting into whatever they could find. Now, it. Discover valuable insights from ex-cybercriminal Pablos Holman on bolstering your cybersecurity in the modern internet landscape.. Pablos Holman,Cyber Protection,Online Security Tips. . LinuxSecurity.com Team

Calendar%202 Oct 14, 2011 User Avatar LinuxSecurity.com Team Security Projects
79

Kernel.org Breach: Essential Security Tips for Linux Systems

As most folks know by now, a security breach affecting kernel.org was discovered in September. While that didn't affect kernel sources, it did get Linux kernel developers to thinking about their personal system security--and it might not be a bad idea for others to do the same.. Greg Kroah-Hartman kicked off the discussion with eight tips for doing a reality check on Linux systems. The first suggestion is to start from a clean install--but that's not always an option. Kroah-Hartman shared a few other tips, including using chkrootkit, OSSEC-rootcheck or rkhunter to see if a system has any rootkits. The link for this article located at ServerWatch is no longer available. . In light of a recent incident at kernel.org, Greg Kroah-Hartman discusses vital protective strategies to enhance the security of Linux environments.. Kernel Security, Rootkit Detection, Linux System Security. . LinuxSecurity.com Team

Calendar%202 Oct 05, 2011 User Avatar LinuxSecurity.com Team Security Projects
79

Essential Tips for Strengthening Your Linux Server Security

The best way to ensure that your Linux server is secure is to build it from scratch with a minimum amount of code that can be exploited by a hacker -- a custom compiled kernel and the bare minimum of packages needed for the server to do its intended job.. But what if you already have Linux servers running in your business? If that's the case then here are some simple steps you can take to improve security that take just a few minutes to implement: Remove unnecessary software to minimize your attack surface - The more code your server is running, the more likely it is that a hacker will be able to find a vulnerability to exploit. Go through all the packages installed on your system and remove any that aren't necessary. The link for this article located at eSecurity Planet is no longer available. . Explore proven strategies to bolster the defense of your Linux servers, implementing immediate actions for improved safeguarding.. Linux Hardening Techniques, Server Security Best Practices, Custom Kernel Optimization, Software Minimization. . LinuxSecurity.com Team

Calendar%202 Aug 22, 2011 User Avatar LinuxSecurity.com Team Security Projects
News Add Esm H340

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200