Every day in the headlines, we're made aware of how limited our online privacy truly is. These days, it's so easy for apps, websites and search engines to track our every move. While most tracking is done to improve targeted marketing efforts, this can be very annoying and isn't the only way our data is used. Staying private online and avoiding being tracked is the best option to ensure our security while browsing and using apps.
Discover LinuxSecurity Features
The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime, by Jon DiMaggio comes at a time in American History when everyone ranging from business owners to private citizens can no longer turn a blind eye to the need for cybersecurity. Since the beginning of the COVID-19 pandemic, many businesses have moved to entirely remote or hybrid work and are now facing additional challenges from outside a traditional office environment. DiMaggio effectively captivates his audience to help them understand the major players in the ongoing cyberwar, the different methods attackers use, as well as how experts analyze attacks.
Recent years have demonstrated that Windows users are not the only ones who should be concerned about malware. Linux is becoming an increasingly popular target among malware operators due to the growing popularity of the open-source OS and the high-value devices it powers worldwide. Security researchers from AT&T Alien Labs are now warning that “cyber gangs have started infecting Linux machines via a fileless malware installation technique that until recently was more commonly used against Windows-based systems”.
System administrators make mistakes and that's fine, as long as they learn from them. Learning from your mistakes will develop more skills, advance your career, and make you a better systems admin. However, It’s also helpful to learn from the blunders of others. This is why I’ve compiled a list of common 10 mistakes that system admins make, and how to address these problems.
The primary goal of firewall penetration testing is to prevent unauthorized internet access to your organization's internal network, or check to make sure your security policy is doing what you think it's doing. In order to successfully test your organization's firewall, you must think like the adversary. Collecting intelligence on the network, such as operating system and firewall type, are important to know in order to proceed with the penetration test.
maddog, as he’s affectionately known throughout the Linux and open source community, has made a career of being in the trenches with the Linux developers, teaching them the way of Open Source and Free Software development after decades of being involved with technology and education. In an exclusive interview with LinuxSecurity researchers, Jon "maddog" Hall, often referred to as “the Godfather of Linux”, reveals his history with Linux, some of his contributions to the community, a bit about its evolution, and his thoughts on what we might see with Linux in the coming years.
Real-time alerting is a feature of an IDS or any other monitoring application that notifies a person of an event in an acceptably short amount of time. The amount of time that is acceptable is different for every person.
The Qualys Research Team reached out to LinuxSecurity after discovering a memory corruption vulnerability in polkit’s pkexec. Pkexec is a SUID-root program that is installed by default on every major Linux distribution of the open-source operating system. This vulnerability is easily exploited and gives hackers the opportunity to gain full root privileges on a vulnerable host. Much like the Log4j vulnerability, the severity of this flaw is high and it is imperative that vulnerabilities are reported in a timely fashion. Experts also expressed that due to the simple possibility for exploitation the vulnerability needs to be patched and mitigated immediately.
Welcome to LinuxSecurity.com - the community's central source for information on Linux and open source security since 1996. Whether you’re a new visitor or a long-time community member, this article will provide you with insight into the mission behind our site, our history and the content we provide.
This document takes you through the basics of intrusion detection, the steps necessary to configure a host to run the snort network intrusion detection system, testing its operation, and alerting you to possible intrusion events.
Regardless of the Linux distribution you’re using, staying on top of the latest security advisories is essential in maintaining an updated, secure Linux system.
With the support of the open-source community behind it and a strict privilege system embedded in its architecture, Linux has security built into its design. That being said, gone are the days that Linux system administrators could get away with subpar security practices. Cyber criminals have come to view Linux as a viable attack target due to its growing popularity, the valuable devices it powers worldwide, and an array of dangerous new Linux malware variants that have emerged in recent years.