Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
83
security innovationmalwarecybersecurityBlackCat Ransomware Munchkin: Evolving Threats On Linux Systems
The BlackCat ransomware operators have demonstrated ongoing adaptation and innovation in their malicious activities, making mitigating their threats challenging for security experts. . BlackCat operators, like Munchkin, revealed updates for propagating their payload across victim networks. They’ve been consistently evolving their ransomware tooling over the past two years. Cybersecurity researchers at Unit 42 of Palo Alto Networks, BlackCat operators recently revealed updates, like Munchkin, for propagating their payload across victim networks. They have been consistently evolving their ransomware tooling over the past two years. Unit 42 researchers obtained a unique instance of Munchkin loaded in a customized Alpine VM, highlighting a growing trend among ransomware threat actors to use VMs for evading security solutions in malware deployment. BlackCat’s evolution over time involved obfuscating configurations and employing command-line parameters for added security. Their latest tool, ‘Munchkin,’ uses a Linux-based OS to run BlackCat on remote machines and encrypt SMB/CIFS shares. The link for this article located at CyberSecurity News is no longer available. . The BlackCat ransomware continues to advance with the introduction of its latest Munchkin tool, designed to enhance its ability to propagate threats within various network environments.. BlackCat Ransomware, Munchkin Tool, Cybersecurity Threats, Malware Propagation. . LinuxSecurity.com Team
Oct 20, 2023
•
Hacks/Cracks
209
cyber threatscloud securitylinux adoptionLinux Growth Sparks Cyber Threat Targeting in Cloud Infrastructure
With the growth of Linux in cloud environments, critical infrastructure, and even mobile platforms, hackers are increasingly targeting the open source system for higher returns. . Growing at close to 20% year-over-year, the Linux operating system market is expected to touch $22.15 billion in 2029 from a mere $6.27 billion in 2022, according to Fortune Business Insights. However, with growth, comes opportunities, and sometimes these are opportunities for threat actors. Linux has gained significant popularity and broader adoption in various domains, including servers, cloud infrastructure, Internet of Things (IoT) devices, and mobile platforms. The increased adoption of DevOps and modern applications is making Linux the platform of choice for servers and hence developers are increasingly developing it. . Expanding at nearly 18% annually, the Android platform segment is projected to reach $30.5 billion by 2028.. Linux Adoption, Open Source Risks, Cyber Threats. . Brittany Day
Jul 04, 2023
•
Security Trends
77
malwareremote managementLinuxTsunami Botnet Targets Linux SSH Servers: Malicious Brute Force Attacks
An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner. . SSH (Secure Socket Shell) is an encrypted network communication protocol for logging into remote machines, supporting tunneling, TCP port forwarding, file transfers, etc. Network administrators typically use SSH to manage Linux devices remotely, performing tasks such as running commands, changing the configuration, updating software, and troubleshooting problems. However, if those servers are poorly secured, they might be vulnerable to brute force attacks , allowing threat actors to try out many potential username-password combinations until a match is found. . The Tsunami botnet malware specifically aims at inadequately protected Linux SSH servers, leveraging numerous vulnerabilities.. Linux Malware, SSH Security, Brute Force Attacks, Tsunami Botnet, Remote Server Management. . LinuxSecurity.com Team
Jun 26, 2023
•
Server Security
83
open source toolcybersecurity frameworkcommand and controlAdoption of Sliver C2 Increases Among Cyber Threat Actors Today
An increasing number of threat actors have started relying on the command-and-control (C2) framework Sliver as an open-source alternative to tools such as Metasploit and Cobalt Strike. . Security researchers at Cybereason described the new phenomenon in an advisory published last Thursday, adding that Sliver is gaining popularity due to its modular capabilities (via Armory), cross-platform support and vast number of features. “Sliver C2 is getting more and more traction since its release in 2020,” reads the report. “As of today, the number of threat intelligence reports is still low, and the main reports describe the use of the Russian SVR leveraging Sliver C2.” In particular, the team said it already noticed Sliver with known threat actors and malware families such as BumbleBee and APT29 (also known as Cozy Bear). . Experts at Security Inc. have highlighted the growing popularity of the Sliver command and control (C2) framework among cybercriminals.. Sliver C2, Cybersecurity Framework, Open Source Tools. . LinuxSecurity.com Team
Jan 24, 2023
•
Hacks/Cracks
83
malwaresecurity issuesbotnetKinsing Malware Targets Oracle WebLogic And Docker APIs For Crypto Mining
Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware. . Cybersecurity company Trend Micro said it found the financially-motivated group leveraging the vulnerability to drop Python scripts with capabilities to disable operating system (OS) security features such as Security-Enhanced Linux ( SELinux ), and others. The operators behind the Kinsing malware have a history of scanning for vulnerable servers to co-opt them into a botnet, including that of Redis , SaltStack , Log4Shell, Spring4Shell, and the Atlassian Confluence flaw (CVE-2022-26134). The link for this article located at The Hacker News is no longer available. . Fortinet uncovers BlackMatter ransomware targeting VMware and Microsoft SQL Server for data encryption.. WebLogic Exploit, Cyber Threats, Cryptocurrency Mining, Kinsing Malware, Docker API Security. . LinuxSecurity.com Team
Sep 19, 2022
•
Hacks/Cracks
83
shell scriptingdetection techniquesmalicious scriptsEvasive Techniques Used By Malicious Shell Scripts And Detection Methods
Learn about common defense evasion techniques used in malicious shell scripts and how Uptycs detects them. . Attackers use malicious shell scripts as an initial vector to download malicious payloads to the victim system. In the earlier days, base64 and other common encoding schemes were used to evade defensive parameters. But nowadays, threat actors are adopting newer techniques that include commands to disable firewalls, monitoring agents etc. The link for this article located at Uptycs Blog is no longer available. . Threat actors leverage command-line scripts to undermine security measures, gaining insights into novel evasion strategies and Uptycs monitoring capabilities.. Malicious Shell Scripts, Evasion Techniques, Uptycs Detection. . LinuxSecurity.com Team
Jul 07, 2021
•
Hacks/Cracks
210
security advisoryVPNLinuxAviatrix VPN: Critical Risk of Escalation Privileges in Linux Settings
Aviatrix, a supplier of open source enterprisevirtual private networks(VPNs) to customers including BT, Nasa and Shell, has patched a serious vulnerability in its client that could have given an attacker escalation privileges on a machine to which they already had access. Learn more about this vulnerability and its implications for Linux users in an informative Computer Weekly article: . The vulnerability was uncovered byImmersive Labsresearcher and content engineer Alex Seymour, after noticing that the VPN client was unusually verbose when booting on a Linux machine. Its disclosure comes hot on the heels of government warnings about the possibility of state-sponsored threat actors targeting high-profile organisations through VPN vulnerabilities in products from the likes of Pulse Secure, Palo Alto Networks and Fortinet. The link for this article located at Computer Weekly is no longer available. . An alarming vulnerability in Aviatrix VPN presents a critical risk of privilege escalation, jeopardizing the safety of users operating within Linux ecosystems. Discover further details.. Aviatrix, VPN, escalation privileges, Linux security, threat actors. . Brittany Day
Dec 05, 2019
•
Security Vulnerabilities
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More