Security News

The latest twist in the romance arrived this week when the company published details of Integrity Policy Enforcement, a Linux Security Module designed to check the authenticity of binaries at runtime. The Linux kernel has long supported LSMs for different specialised purposes, but Microsoft has spotted a gap in the protections these offer in server environments, specifically its own Azure Sphere IoT platform.

Sudo apt-get install wireguard -y. Once the VPN service is installed, you're ready to configure it. Interface] Address = SERVER IP SaveConfig = true ListenPort = 51820 PrivateKey = SERVER PRIVATE KEY [Peer] PublicKey = CLIENT PUBLIC KEY AllowedIPs = CLIENT IP. Where SERVER PRIVATE KEY is the string of characters you copied to your clipboard from the server, SERVER IP is the IP address of the hosting server, CLIENT PUBLIC KEY is the client public key, and CLIENT IP is the IP address of the client.

Linux malware is real and Advanced Persistent Threat groups have been infiltrating critical servers with these tools for at least eight years, according to a new report from BlackBerry. The RATs report describes how five APT groups are working with the Chinese government and the remote access trojans the cybercriminals are using to get and maintain access to Linux servers.

A campaign that has been ongoing for months is targeting misconfigured open Docker Daemon API ports to install a piece of malware named Kinsing, which in turn deploys a cryptocurrency miner in compromised container environments. As part of the attack, hackers abuse misconfigured Docker API ports to run an Ubuntu container hosting Kinsing.

A patch has been released for a Linux kernel vulnerability that a researcher used at the recent Pwn2Own 2020 hacking competition to escalate privileges to root on Ubuntu Desktop. He leveraged an improper input validation bug in the Linux kernel to escalate privileges to root.

Every network administrator needs to know how to listen to port traffic on a server. Here's one way to do it on Linux.

When Defender came to macOS as well as Windows, Microsoft announced that the name of the software was changing, from Windows Defender to Microsoft Defender. "One of the main reasons for doing this is to connect this protection into your enterprise system. Defender is about end-to-end protection for endpoint devices in your environment - it's plugged into Defender ATP as an EDR system, the signals are showing up in one consistent dashboard and it's detecting events and attacks, and providing security teams and SOC analysts with the tools they need to understand that bigger picture," he says.

Every network administrator needs to know how to listen to port traffic on a server. So you have a Linux server up and running, but you either suspect there might be some nefarious traffic coming in, or you just want to know what's going on at all times with this new machine.

A vulnerability in the Point-to-Point Protocol Daemon software, which comes installed on many Linux-based and Unix-like operating systems and networking devices, can be exploited by unauthenticated attackers to achieve code execution on - and takeover of - a targeted system. Pppd is a daemon that is used to manage PPP session establishment and session termination between two nodes on Unix-like operating systems.

The makers of NordVPN have come out with a new version of their NordPass password manager. Find out how to install and use it.