Security News

When that software requires SSL, you can enable a snake oil SSL key for testing purposes. I cannot tell you how many times I've installed a web-based application for testing purposes, only to find that application requires SSL to function.

Sometimes admins need to be able to test a web-based solution before deciding it's worth using. When that software requires SSL, you can enable a snake-oil SSL key for testing purposes.

Are you certain your users are working with strong passwords on your Linux servers? Let John the Ripper show you who is and who isn't.

Offensive Security has released Kali Linux 2020.2, the latest iteration of the popular open source penetration testing platform. PowerShell has become more accessible: it has been moved from the Kali Linux's network repository to the kali-linux-large metapackage, meaning that it will be ready for use if users choose to install this metapackage during system setup or later, once Kali is up and running.

The sysctl system allows you to make changes to a running Linux kernel. The sysctl system also allows you to prevent things like SYN flood attacks and IP address spoofing.

The ToIP Foundation will use digital identity models that leverage interoperable digital wallets and credentials and the new W3C Verifiable Credentials standard to address these challenges and enable consumers, businesses and governments to better manage risk, improve digital trust and protect all forms of identity online. "The ToIP Foundation has the promise to provide the digital trust layer that was missing in the original design of the Internet and to trigger a new era of human possibility," said Jim Zemlin, executive director at the Linux Foundation.

A recently identified botnet built using the Golang programming language is targeting Linux systems, including Internet of Things devices, using a custom implant, Intezer reports. The botnet, which security researcher MalwareMustDie named Kaiji, is of Chinese origin and spreads exclusively via SSH brute force attacks, targeting the root user only.

A new botnet has been infecting internet of things devices and Linux-based servers, to then leverage them in distributed denial-of-service attacks. The malware, dubbed Kaiji, has been written from scratch, which researchers say is "Rare in the IoT botnet landscape" today.

Are you certain your users are working with strong passwords on your Linux servers? Let John the Ripper show you who is and who isn't. The security of your Linux servers is only as strong as the passwords used by your end users.

WireGuard has yet to arrive in the Linux kernel, but you can still start testing how this new feature will work.