Recent years have demonstrated that Windows users are not the only ones who should be concerned about malware. Linux is becoming an increasingly popular target among malware operators due to the growing popularity of the open-source OS and the high-value devices it powers worldwide. Security researchers from AT&T Alien Labs are now warning that “cyber gangs have started infecting Linux machines via a fileless malware installation technique that until recently was more commonly used against Windows-based systems”.
Discover LinuxSecurity Features
When setting up and testing a network security system, it is critical to make sure it is working properly and free from vulnerabilities that could be exploited by malicious hackers. While the best way to guarantee the security of a system is to design, implement and operate it to be secure, continuously testing a network security system for potential flaws is an excellent way to improve and validate network security - which is where pentesting comes in quite handy. This article will introduce the concept of pentesting to improve and verify network security, explain basic pentesting methodology and explore some excellent pentesting tools, distros and OSes available to Linux users in 2021.
For many years malware was solely a threat to Windows users - but that era is over. Cyber criminals have come to view Linux as a viable target for their attacks due to the growing popularity of the open-source OS and the plethora of high-value devices it powers.
As 2020 comes to an end, cyber risk has reached an all-time high, and intrusion detection has never been more essential in securing networks and preventing attacks and breaches. Cyber criminals’ methods, tactics and techniques are evolving to become increasingly stealthy and sophisticated, and more organizations than ever are turning to AI-based intrusion detection systems to beef up their security defenses, outsmart the “bad guys” and protect their critical servers, systems and data.
Linux is a widespread OS known for its robust security. That being said, vulnerabilities are inevitable in any OS, and Linux system administrators must be vigilant about monitoring and verifying the security of their servers on an ongoing basis in order to protect sensitive data and prevent attacks. After all, the majority of attacks on Linux systems can be attributed to poor administration.
VPN technology has become a critical part of our digital lives, serving a variety of purposes including securing wireless connections, resolving geographical limitations, reaching prohibited websites and protecting the privacy of sensitive data. However, the unfortunate reality is that many of the VPN protocols on the market today are comlex, slow, unstable and insecure. Luckily, the new, innovative Wireguard protocol has demonstrated significant promise in all of these areas - and has earned a place in the mainline Linux kernel as a result. This article will briefly explore VPN protocols and potential concerns when implementing a VPN, and will dive deeper into the unique benefits that Wireguard offers users.
Information leakage is a serious threat to the security of a Linux server, and can result in a host of severe consequences including significant downtime and the compromise of sensitive data. Luckily, server administrators can mitigate the risk of information leakage through a series of configuration changes.
Patch management can be a complex and time-consuming process, and because of this, patches to fix vulnerabilities may not be applied before a hacker is able to breach an organization's security. The majority of organizations are not aware of these vulnerabilities until they have experienced a breach, at which point it is frustrating to learn that deploying a simple patch could have prevented the breach altogether.
Over the next couple of weeks and months, LinuxSecurity editors and contributors will be writing a series on Linux Web Server Security. This week, we’re summarizing the risks Linux administrators face when trying to secure their systems, as well as outlining the first steps that should be taken toward ensuring that your systems are secure. This series will dive deeper into topics including preventing information leakage, firewall considerations, protecting file and directory permissions, securely running PHP applications, monitoring logs and how to verify the security of a Linux server.
Most of us are familiar with Microsoft Windows or macOS - these OSes dominate the personal computing space. But the OS that is taking over the world isn’t owned by Microsoft, Apple, or any tech company for that matter. In fact, the most popular OS in the world today isn’t owned by anyone. It’s the completely open-source Linux operating system.
Are your Linux servers secure? No machine connected to the internet is 100% secure, of course. In the words of security guru Bruce Schneier: “Security is a process, not a product.” However, this doesn't mean that you are helpless. Although cyber attacks, hacks and breaches are sometimes unavoidable, all system administrators and users can take definitive measures to mitigate their risk online.