New malware for Linux has been found, which uses Windows Subsystem for Linux (WSL) to avoid getting caught by the security tools. The Black Lotus labs have found this malware and have published a report. Learn more about the Steal Malware for Linux fin…
Read MoreThe Apache web server is highly customizable and can be configured in multiple ways to suit your needs. There are many third-party modules that you can use to configure Apache to your preference.
The post How to Set Up ModSecurity with Apache on Debian…
This brief guide explains how to find if a user is using password-based or key-based SSH authentication in Linux operating systems.
The post How to Find if a User Is Using Password-Based or Key-Based SSH Authentication in Linux appeared first on Linux …
CSF is also known as “Config Server Firewall” is a free and advanced firewall for Linux systems. It comes with some advanced security features such as intrusion, flood, and login detections.
The post How to Install Config Server Firewall (C…
OpenSSH 8.8, an open client and server implementation for the SSH 2.0 and SFTP protocols has been published. The release is notable for disabling by default the ability to use digital signatures based on RSA keys with a SHA-1 hash (“ssh-rsa”).
The post…
Google has published the source code for the project HIBA (Host Identity Based Authorization), which proposes the implementation of an additional authorization mechanism for organizing user access via SSH in relation to hosts (checking whether or not access to a particular resource is allowed when authenticating using public keys). Integration with OpenSSH is provided by […]
The post Google publishes HIBA, an OpenSSH Add-On for Certificate-Based Authorization appeared first on Linux Today.
Read MoreCybercriminals are targeting Linux-based servers running Microsoft’s Azure public cloud environment that are vulnerable to flaws, after Microsoft didn’t automatically apply a patch on affected clients in its infrastructure. According to cybersecurity firm Recorded Future, the attacks began the night of Sept. 16 after a proof-of-concept exploit was published earlier in the day on GitHub. […]
The post Attackers Exploit OMIGOD Flaw in Azure Despite Microsoft Fixes appeared first on Linux Today.
Read MoreOffensive Security has released Kali Linux 2021.3, the latest version of its popular open-source penetration testing platform. You can download it or upgrade to it.
The developers have also announced tweaks to Kali ARM images, a new site for exploring …
OpenSnitch, a Linux port of the Little Snitch application firewall for macOS, had a major new release today. The latest OpenSnitch 1.4.0 adds the ability to use eBPF to intercept processes, nftables support, allow/block lists, GUI improvements, and mor…
Read MoreThe post How to Install Fail2ban on Rocky Linux and AlmaLinux first appeared on Tecmint: Linux Howtos, Tutorials & Guides .Written in Python, Fail2ban is a free and open-source Intrusion Prevention System (IPS) that protects the server against brute-fo…
Read MoreClamAV is an open source antivirus tool used for email scanning, web scanning, and endpoint security. In the following tutorial, you will learn how to install and use ClamAV on AlmaLinux 8.
The post How to Install & Use ClamAV on AlmaLinux 8 appea…
The new Linux kernel security update comes one and a half months after the previous update and it’s available for the Ubuntu 21.04 (Hirsute Hippo), Ubuntu 20.04 LTS (Focal Fossa), and Ubuntu 18.04 LTS (Bionic Beaver) operating systems series. Patched in these kernel updates are several security vulnerabilities affecting the KVM hypervisor for AMD processors […]
The post Another Batch of Important Linux Kernel Security Updates Arrives for Ubuntu Users, Patch Now appeared first on Linux Today.
Read MoreA critical vulnerability discovered in the open-source load balancer and proxy server HAProxy could enable bad actors to launch an HTTP Request Smuggling attack, which would let them bypass security controls and gain unauthorized access to sensitive da…
Read MoreThe Whonix 16 distribution—aimed at providing guaranteed anonymity, security, and protection of private information—has dropped. Whonix boot images are built to run under the control of the KVM hypervisor. Builds for VirtualBox and for use on the Qubes operating system are delayed, while Whonix 16 test builds continue to ship. The developments of the project […]
The post Whonix 16, an Anonymous Communications Distribution, is Available Now appeared first on Linux Today.
Read MoreVersion 4.22 of The Amnesic Incognito Live System, better known as Tails, rolled out recently. The new version is entirely focused on solving the most important issues in the Tor Connection assistant, making it more robust and easier to use. Learn more…
Read MoreThe OpenSSL Software Foundation released a completely refreshed version of the OpenSSL software, that handles much of the encrypted communications on the Internet. After over 7,500 commits and contributions from over 350 different authors, OpenSSL 3.0 …
Read MoreMost Linux users have this question on their minds. “Linux does not need antivirus or firewall. Myth or truth?” Currently, the greatest dangers to which we expose ourselves when connecting to the Internet are viruses and malware. To avoid problems, especially when using a Windows PC, installation of an antivirus and firewall can prevent infection […]
The post “Linux Does Not Need Antivirus or Firewall” : Myth or Truth? appeared first on Linux Today.
Read MorePassword managers help users to improve their online security not only by securing their passwords, but also by helping them generate strong and randomized passwords and encrypting them in a digital vault. Learn about 8 of the best password managers fo…
Read MoreSoftware vulnerabilities are a grave threat to the security of computer systems. They often go undetected for years until it is too late and the consequences are irreversible. In order to find these weaknesses, software security testers and developers often have to manually test the entire codebase and determine if any vulnerabilities exist. However, this can take […]
The post Neural Fuzzing: A Faster Way to Test Software Security appeared first on Linux Today.
Read MoreOver the years, I have come across many blogs that claim Linux is impenetrable by security attackers. While it is true that GNU/Linux operating systems for desktops and servers come with a lot of security checks in place to mitigate attacks, protection is not “enabled by default”. Check out these six must-have open source tools […]
The post 6 Must-Have Open Source Tools to Secure Your Linux Server appeared first on Linux Today.
Read More