Security News

How to prevent fork bombs on your Linux development servers
2023-03-28 16:13

A fork bomb is a form of denial-of-service attack that uses the fork operation, which is executed recursively and can consume all system resources. How do you prevent this from happening? You lower the number of processes allowed on your Linux server.

New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers
2023-03-21 11:41

Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of malware called ShellBot. ShellBot is installed on servers that have weak credentials, but only after threat actors make use of scanner malware to identify systems that have SSH port 22 open.

Week in review: Kali Linux gets Purple, Microsoft zero-days get patched
2023-03-19 09:30

CISA warns CI operators about vulnerabilities on their networks exploited by ransomware gangsOrganizations in critical infrastructure sectors whose information systems contain security vulnerabilities associated with ransomware attacks are being notified by the US Cybersecurity and Infrastructure Security Agency and urged to implement a fix. Kali Linux 2023.1 released - and so is Kali Purple!OffSec has released Kali Linux 2023.1, the latest version of its popular penetration testing and digital forensics platform, and the release is accompanied by a big surprise: a technical preview of Kali Purple, a "One stop shop for blue and purple teams." The company has also updated its Penetration Testing with Kali Linux course to incorporate the latest ethical hacking tools and techniques.

Amazon Linux 2023: Create and execute cloud-based applications with enhanced security
2023-03-16 08:30

AWS has been offering Amazon Linux, a cloud-optimized Linux distribution, since 2010. Amazon Linux 2023 is provided at no additional charge.

NordVPN open sources its Linux VPN client and libraries
2023-03-15 21:34

Nord Security has released the source code of its Linux NordVPN client and associated networking libraries in the hopes of being more transparent and easing users' security and privacy concerns. As part of this announcement, NordVPN released the source code for its Linux applications and two libraries - Libtelio and Libdrop.

Linux gets double-quick double-update to fix kernel Oops!
2023-03-13 19:59

Oops init triggering oops via BUG() ------[ cut here ]------ kernel BUG at /home/duck/Articles/linuxoops/oops. When kernel version 6.2.3 came out at the end of last week, two tiny changes quickly proved to be problematic, with users reporting kernel oopses when managing disk storage.

Kali Linux 2023.1 introduces 'Purple' distro for defensive security
2023-03-13 19:10

Offensive Security has released ?Kali Linux 2023.1, the first version of 2023 and the project's 10th anniversary, with a new distro called 'Kali Purple,' aimed at Blue and Purple teamers for defensive security. Kali Linux is a distribution designed for ethical hackers to perform penetration testing, security audits, and cybersecurity research against networks.

Kali Linux 2023.1 released – and so is Kali Purple!
2023-03-13 19:08

OffSec has released Kali Linux 2023.1, the latest version of its popular penetration testing and digital forensics platform, and the release is accompanied by a big surprise: a technical preview of Kali Purple, a "One stop shop for blue and purple teams.""We are making defensive security accessible to everyone. No expensive licenses required, no need for commercial grade infrastructure, no writing code or compiling from source to make it all work Just download Kali Purple and do your thing," OffSec says.

IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks
2023-03-09 14:01

A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to several media and entertainment sector organizations across the world. The intrusions entail the exploitation of a recently disclosed deserialization vulnerability in IBM Aspera Faspex file-sharing software, according to cybersecurity company SentinelOne.

IceFire ransomware now encrypts both Linux and Windows systems
2023-03-09 14:00

Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. IceFire operators exploit a deserialization vulnerability in the IBM Aspera Faspex file-sharing software to hack into targets' vulnerable systems and deploy their ransomware payloads.