Linux

A deep dive into Linux’s new mseal syscall

A deep dive into Linux’s new mseal syscall

| | Linux, Research Practice
By Alan Cao If you love exploit mitigations, you may have heard of a new system call named mseal landing into the Linux kernel’s 6.10 release, providing a protection called “memory sealing.” ...
Trail of Bits Blog
Linux Persistence Mechanisms and How to Find Them

Linux Persistence Mechanisms and How to Find Them

| | detection-engineering, Linux, persistence, Threat Hunting
Linux persistence mechanisms are used by an attacker to maintain access to a compromised system, even after reboots or system updates. These allow attackers to regain control of a system without re-exploiting ...
SnapAttack - Medium

Perfectl Malware

| | attribution, cryptocurrency, Hacking, Linux, Malware, Uncategorized
Perfectl in an impressive piece of malware: The malware has been circulating since at least 2021. It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions ...
Schneier on Security

Emulating the Surging Hadooken Malware

| | adversary emulation, Broad-Based Attacks, cryptomining, Hadooken, Linux, Malware, Oracle, Remote Code Execution (RCE), Weblogic Servers
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the Hadooken malware during intrusions that abused misconfigurations and critical Remote Code Execution (RCE) vulnerabilities on public-facing Oracle Weblogic ...
AttackIQ

Implement DevOps Best Practices for Web Apps on Linux

| | Best Practices for Web Apps on Linux, DEVOPS, devops best practices, DevOps Best Practices for Web Apps, Guest Blogs, Linux
If you need clarification about why or how you should use Linux in your DevOps project for web app development, then this article is for you.  In an era when DevOps is ...
TuxCare

Building a Secure Linux Environment for Enterprise Applications

| | Almalinux environment, Best Practices for Secure Linux Environment, enterprise security, Linux, Linux Tips & Patch Management
  Enterprises today face sophisticated attacks that are often targeted, persistent, and difficult to detect. Keep your Linux environment secure with automated live patching to apply security updates without downtime. Configure firewalls ...
TuxCare

Emulating the Persistent and Stealthy Ebury Linux Malware

| | adversary emulation, Broad-Based Attacks, Credential Access, ddos, distributed denial of service, Ebury, Linux, Malware, SSH
AttackIQ has released a new attack graph that seeks to emulate the Tactics, Techniques and Procedures (TTPs) associated with Ebury Linux malware. Despite previous arrests and actions against key perpetrators, Ebury continues ...
AttackIQ

Bad Reasons to Update Your Linux Kernel

| | KernelCare Blog, Linux, Linux kernel, linux kernel patching, Linux Kernel Security Patches, Linux Tips & Patch Management
Linux kernel updates often include performance improvements and hardware compatibility. Regular kernel updates are crucial for patching vulnerabilities and protecting your system from cyberattacks. Live patching eliminates the need to reboot the ...
TuxCare

What is binary compatibility, and what does it mean for Linux distributions?

| | Binary compatibility, Linux, linux distros, Linux Tips & Patch Management, RHEL, windowsOS
  Applications are typically tested and guaranteed to function on specific Linux distributions, but may work on others as well. Kernel versions, libraries, and system calls are key factors affecting binary compatibility ...
TuxCare
A pair of work boots

Patch Tuesday not Done ’til LINUX Won’t Run?

| | CVE-2022-2601, Dual boot, GRUB2 Bootloader Secure Boot Bypass, Linux, Microsoft, Microsoft Patch Tuesday August 2024, Microsoft Windows, Patch Tuesday, SB Blogwatch, SBAT, secure boot, Secure Boot Advanced Targeting, Windows
Redmond reboot redux: “Something has gone seriously wrong.” You can say that again, Microsoft ...
Security Boulevard
Load more