Featured Linux Articles - Page 10

Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.

The Dual Edge of Open Source: Examining Key Benefits and Security Challenges

Open-source software (OSS) adoption has increased dramatically over recent years due to its flexibility and cost-cutting benefits, but whether or not OSS is completely safe is often controversial. Due to its open and collaborative nature, this t...
Dec 04, 2024
  0

Understanding Open Source: Benefits and Security Challenges of OSS

Open-source software (OSS) adoption has increased ...
Dec 04, 2024
  0
28.Lock Globe Esm H115

Enhance Your Business Agility and Security with Low-Code Platforms

What if your team could build an app in days, not month...
Dec 03, 2024
  0
8.Locks HexConnections CodeGlobe Esm H115

Discover LinuxSecurity Features

Strengthen Your Linux Endpoint Security & Zero Trust Strategy with Defense-in-Depth & Endpoint Encryption

Strengthen Your Linux Endpoint Security & Zero Trust Strategy with Defense-in-Depth & Endpoint Encryption

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With the rise of cloud computing and mobility and the remote work environment brought on by the pandemic, securing Linux endpoint devices has never been more challenging for the organization and its IT department. Endpoint encryption designed to protect data stored on endpoints such as devices, hardware and files has always been an essential component of a strong Linux endpoint security strategy; however, perimeter security is no longer effective in protecting against sophisticated threats in this modern, mobile era.

profile image Brittany Day
How To Create a Transparent Proxy through the Tor Network to Protect Your Privacy Online with archtorify & kalitorify

How To Create a Transparent Proxy through the Tor Network to Protect Your Privacy Online with archtorify & kalitorify

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With the growing number of espionage scandals in recent years and the prevalence of online tracking, protecting your privacy online has never been more important. Virtually everything we do online is tracked these days, whether for profit or to obtain information to sell to third parties, which has led to the development of tools like the Tor Browser to help us navigate the Internet safely and strengthen our privacy online.

profile image Brittany Day

Contribute to LinuxSecurity

Don’t sit on the sidelines of history. Join the Linux Security community
and write real news & articles about Linux that matters the most.

Contribute Now
You are Tracked Online - Why? And How To Avoid Being Tracked Online

You are Tracked Online - Why? And How To Avoid Being Tracked Online

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Every day in the headlines, we're made aware of how limited our online privacy truly is. These days, it's so easy for apps, websites and search engines to track our every move. While most tracking is done to improve targeted marketing efforts, this can be very annoying and isn't the only way our data is used. Staying private online and avoiding being tracked is the best option to ensure our security while browsing and using apps.

profile image Dave Wreski
The Ultimate Guide to Using Data Encryption on Linux

The Ultimate Guide to Using Data Encryption on Linux

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Data encryption has never been more important. New data protection and privacy regulations, such as GDPR, mean that companies storing unencrypted customer information are vulnerable to paying heavy fines. The public is now more aware of the importance of encryption, with massive data breaches impacting companies like Facebook receiving major media coverage.

profile image Brittany Day
Fileless Malware on Linux: Anatomy of an Attack

Fileless Malware on Linux: Anatomy of an Attack

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Recent years have demonstrated that Windows users are not the only ones who should be concerned about malware. Linux is becoming an increasingly popular target among malware operators due to the growing popularity of the open-source OS and the high-value devices it powers worldwide. Security researchers from AT&T Alien Labs are now warning that “cyber gangs have started infecting Linux machines via a fileless malware installation technique that until recently was more commonly used against Windows-based systems”.

profile image Brittany Day
Nmap Firewall Evasion Techniques

Nmap Firewall Evasion Techniques

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The primary goal of firewall penetration testing is to prevent unauthorized internet access to your organization's internal network, or check to make sure your security policy is doing what you think it's doing. In order to successfully test your organization's firewall, you must think like the adversary. Collecting intelligence on the network, such as operating system and firewall type, are important to know in order to proceed with the penetration test. 

profile image James Bogert
Nmap Port Scans: How Are They Used?

Nmap Port Scans: How Are They Used?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Nmap, short for “Network Mapper,” is an open-sourced network security toolkit that can help with discovery and auditing. It is one of the most widely used network mapping devices system administrators use to search for hosts and services within a network. Nmap stands out above other monitoring and cybersecurity vulnerability scanners used by security professionals, as it is not only free but incredibly flexible, portable, well-documented, and simple to use.

profile image James Bogert
Real-Time Alerting with Snort

Real-Time Alerting with Snort

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Real-time alerting is a feature of an IDS or any other monitoring application that notifies a person of an event in an acceptably short amount of time. The amount of time that is acceptable is different for every person.

profile image Brittany Day
Qualys Research Team Warns of Significant polkit Vulnerability Affecting All Linux Users

Qualys Research Team Warns of Significant polkit Vulnerability Affecting All Linux Users

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Qualys Research Team reached out to LinuxSecurity after discovering a memory corruption vulnerability in polkit’s pkexec. Pkexec is a SUID-root program that is installed by default on every major Linux distribution of the open-source operating system. This vulnerability is easily exploited and gives hackers the opportunity to gain full root privileges on a vulnerable host. Much like the Log4j vulnerability, the severity of this flaw is high and it is imperative that vulnerabilities are reported in a timely fashion. Experts also expressed that due to the simple possibility for exploitation the vulnerability needs to be patched and mitigated immediately.

profile image Justice Levine
Unveiling LinuxSecurity.com: Community Hub for Linux Security

Unveiling LinuxSecurity.com: Community Hub for Linux Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Welcome to LinuxSecurity.com - the community's central source for information on Linux and open source security since 1996. Whether you’re a new visitor or a long-time community member, this article will provide you with insight into the mission behind our site, our history and the content we provide.

profile image Brittany Day
Network Intrusion Detection Using Snort

Network Intrusion Detection Using Snort

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This document takes you through the basics of intrusion detection, the steps necessary to configure a host to run the snort network intrusion detection system, testing its operation, and alerting you to possible intrusion events.

profile image Brittany Day
Protect Your Privacy & Improve Your Pentesting in 2022 with Predator-OS

Protect Your Privacy & Improve Your Pentesting in 2022 with Predator-OS

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Predator-OS - "the OS that naturally preys on others"- is a free and open-source security-centric project for penetration testing and ethical hacking that can also be used as a privacy-focued, hardened Linux distro. LinuxSecurity researchers spoke with Founder and lead developer Hossein Seilany to get insight into the unique features and benefits that newly released Predator-OS 20.04 LTS offers hackers, pentesters and privacy-conscious Linux users.

profile image Brittany Day
A Linux Admins Getting Started Guide to Improving PHP Security

A Linux Admin's Getting Started Guide to Improving PHP Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Running PHP on a Linux web server is a prerequisite for the use of many popular applications such as Wordpress, Joomla and Drupal. Linux administrators and web developers must approach PHP with caution, as new vulnerabilities in poorly written and implemented PHP code are abundant and dangerous.

profile image Brittany Day
Log4j: Everything You Need to Know [Updated]

Log4j: Everything You Need to Know [Updated]

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security researchers have warned users that attackers are attempting to exploit a critical vulnerability in the Java logging library Apache Log4j. Log4j is a widely used java library that logs error messages in applications used by enterprise software applications as well as custom-built applications intended for in-house usage.

profile image Justice Levine
Anatomy of a Linux Ransomware Attack

Anatomy of a Linux Ransomware Attack

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Ransomware has dominated cybersecurity news headlines for the past decade, and for good reason. Through a combination of advanced encryption and effective extortion mechanisms, a ransomware attack can have devastating consequences for any victim including data loss, reputation harm, recovery costs and significant downtime.

profile image Brittany Day
Lead Microsoft Engineer Kevin Sheldrake Brings Sysmon to Linux

Lead Microsoft Engineer Kevin Sheldrake Brings Sysmon to Linux

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Thanks to Kevin Sheldrake, co-author of Sysmon for Linux from Microsoft for working with us on this article. Seven years after Microsoft Sysinternals released Sysmon – a system monitoring tool for Windows that reports key system activity via the event log – we were very proud to release the Linux version of the same tool at the Sysinternals @25 celebration event. (You can still catch up on the talks by clicking on the event link.)

profile image Brittany Day

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved