Security News

SSH is a tool I use every single day to log into remote Linux servers and take care of my admin tasks. Here are my five most straightforward tips for securing SSH on your Linux machines.

Linode + Kali Linux: Added security for cloud instancesKali Linux, the popular open source Linux distribution specialized for penetration testing, ethical hacking and security auditing, can now be used by Linode customers. The enemy of vulnerability management? Unrealistic expectationsOrganizations vary by size, industry, level of maturity, but one thing that they all have in common is needing to know how to quickly remediate security vulnerabilities.

Kali Linux, the popular open source Linux distribution specialized for penetration testing, ethical hacking and security auditing, can now be used by Linode customers. A bare-install verson in the form of an official Kali distribution that can be deployed on any Linode compute instance and used via a command line interface.

A sneaky malware for Linux is backdooring devices to steal data and can affect all the processes running on a particular machine, researchers have found. Orbit can either achieve persistence on a machine or be installed as volatile implant, Intezer's Nicole Fishbein explained in a blog post on Orbit published this week.

A newly discovered Linux malware is being used to stealthily steal information from backdoored Linux systems and infect all running processes on the machine. Dubbed OrBit by Intezer Labs security researchers who first spotted it, this malware hijacks shared libraries to intercept function calls by modifying the LD PRELOAD environment variable on compromised devices.

Cybersecurity researchers have taken the wraps off a new and entirely undetected Linux threat dubbed OrBit, signally a growing trend of malware attacks geared towards the popular operating system. The malware gets its name from one of the filenames that's utilized to temporarily store the output of executed commands, according to cybersecurity firm Intezer.

A new ransomware operation called RedAlert, or N13V, encrypts both Windows and Linux VMWare ESXi servers in attacks on corporate networks. The Linux encryptor is created to target VMware ESXi servers, with command-line options that allow the threat actors to shut down any running virtual machines before encrypting files.

The U.S. Cybersecurity and Infrastructure Security Agency this week moved to add a Linux vulnerability dubbed PwnKit to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. Polkit is a toolkit for controlling system-wide privileges in Unix-like operating systems, and provides a mechanism for non-privileged processes to communicate with privileged processes.

A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. "The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence said in a series of tweets on Thursday.

Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft's Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. Azure Service Fabric is Microsoft's platform-as-a-service and a container orchestrator solution used to build and deploy microservices-based cloud applications across a cluster of machines.