Server Security
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
In the current threat landscape, Linux servers have emerged as a dominant force, underpinning approximately 81% of all websites globally. Despite the prevalence of Windows in personal computing, Linux's resilience to various threats is a significant factor behind its extensive adoption, particularly in web hosting and enterprise environments.
Linux servers form a vital backbone of today's Internet, with approximately 81% of all hosted websites running on them. With Windows' complete dominance in the personal computing space, Linux's resilience to minute threats has made it a staple among server admins. However, this doesn't prevent attackers from actively targeting Linux servers and pentest distros.
Hackers have recently been observed actively targeting the Apache AXIS server to deploy malicious web shells, exposing significant vulnerabilities and risks for organizations and demanding immediate and comprehensive security measures.
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is the recently discovered Hadooken malware, which targets Oracle WebLogic applications.
Recently, new information revealed by Doctor Web virus analysts has sent shockwaves through the cybersecurity world. It details a new cyber threat aimed specifically at Linux servers: the TgRat Trojan. This advanced Remote Access Trojan (RAT) is stealthier than its Windows equivalent, first seen in 2022.
Security threats continue developing rapidly, with attackers finding new vulnerabilities daily. Recent findings from researchers at Uptycs indicate a shift in ransomware attacks targeting Linux servers, possibly due to their increasing prevalence in critical infrastructure and enterprise operations, making them attractive targets for ransomware groups.
Financially motivated hacking groups are increasingly exploiting newly disclosed vulnerabilities to deploy custom malware on public-facing servers. The threat actors are known as Magnet Goblin, and they have been quick to leverage one-day flaws, vulnerabilities for which a patch has been released but not yet applied by the target, to carry out their attacks.
A new variant of Bifrost, a remote access Trojan (RAT), has been observed attacking Linux servers. The new variant, dubbed Bifrose, employs a deceptive domain name to evade detection.
A new malware dubbed “Migo” that is targeting Linux Redis servers to mine cryptocurrency via a cryptojacking attack has been discovered. This campaign employs many Redis system-weakening commands to potentially disable data store security features that could hinder their initial attempts at access.
Over the last year, a new botnet slowly grew by brute-forcing SSH passwords and installing cryptomining malware onto Linux servers. The main client of the botnet is based on an old Mirai virus whose source code was available for many years. However, researchers have seen that the same group has also used the more recent P2PInfect malware, which exploits Redis instances.
It's no secret that cryptocurrencies are a valuable target for hackers. Bitcoin, Ethereum, and Litecoin are all coins worth stealing, and hackers have been working hard to get their hands on them.
Apache ActiveMQ is a messaging server that many organizations use across the world. The software has been actively developed since 2003, and it has a large user base.
The Krasue Rat malware is a new threat to Linux servers that has been discovered by security researchers. The malware installs itself on the server, and then hides in the form of a rootkit, allowing it to hide from security software.
Ubuntu Server is a highly sought-after, open-source operating system that serves as the backbone of many infrastructure setups across the globe. The efficiency and user-friendly nature of Ubuntu Server make it a go-to choice for organizations.
You'll be surprised at how easy it is to harden the Ubuntu Server and ensure your deployments' foundation is as secure as possible.
P2PInfect is a new P2P worm that is actively targeting the Redis servers on Linux and Windows OS, making it highly scalable and powerful compared to others.
An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner.
To establish an SSH connection between your Linux PC and a remote server, you need to have an SSH client installed. Here are some of the best options.
Are you searching for Linux vulnerability scanners that can recognize, characterize, and categorize to scan Linux servers? If so, this article will provide details on the most comprehensive Linux vulnerability scanners that can be used to scan Linux servers for malware and vulnerabilities.
The discovery of a novel malware piece targeting Linux servers has been attributed to an unknown Chinese state-sponsored hacking group.