Linux Academy

APRIL 29, 2019

By adding free cloud training to our Community Membership, students have the opportunity to develop their Linux and Cloud skills further. Each month, we will kick off our community content with a live study group allowing members of the Linux Academy community to come together and share their insights in order to learn from one another.

Linux 60

Linux AWS Big Data Course 60

AlienVault

JUNE 20, 2019

When analyzing malware and adversary activity in Windows environments, DLL injection techniques are commonly used, and there are plenty of resources on how to detect these activities. When it comes to Linux, this is less commonly seen in the wild. For most of the blog, we will be using the examples available in GitHub, listed here.

Linux 40

Linux Malware Windows Resources 40

AlienVault

JUNE 20, 2019

When analyzing malware and adversary activity in Windows environments, DLL injection techniques are commonly used, and there are plenty of resources on how to detect these activities. When it comes to Linux, this is less commonly seen in the wild. For most of the blog, we will be using the examples available in GitHub, listed here.

Linux 40

Linux Malware Windows Resources 40

Palo Alto Networks

DECEMBER 29, 2022

Last year’s most popular posts on the Unit 42 Threat Research blog let us examine what the events of 2022 can tell us about the year to come. 23, a new variant of wiper malware, named HermeticWiper, was discovered in Ukraine. New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape? Beginning on Feb.

Malware 71

Malware Linux Telecommunications Government 71

Tenable

AUGUST 25, 2023

The vast majority of enterprises polled – 95% – experienced multiple cyberattacks in the past 12 months, with phishing (74%), malware (60%) and software vulnerability exploits (50%) being the most common. Bucking a trend where department budgets are shrinking by 7% annually on average, security budgets rose 4.6

Malware 98

Malware Artificial Inteligence Open Source Artificial Intelligence 98

Lacework

JUNE 27, 2020

Whether you’re an engineer or a system administrator, you’ve probably found bash to be a go-to resource for automating your Linux tasks. Bash is so useful that it has become popular among malware authors as well. This is because it can easily perform many tasks that are necessary for malware installation and system persistence.

Malware 144

Malware Systems Administration Linux Resources 144

Lacework

APRIL 22, 2021

Sysrv-hello is a multi-architecture Cryptojacking (T1496) botnet that first emerged in late 2020, and employs Golang malware compiled into both Linux and Windows payloads. The malware is equal parts XMRig cryptominer and aggressive botnet-propagator.

Infrastructure 102

Infrastructure Malware Linux Windows 102

O'Reilly Media - Ideas

MAY 7, 2024

It collects most of the prompts from his book and his blog; most are Creative Commons, requiring only attribution. sotrace is a new tool for Linux developers that shows all the libraries your programs are linked to. It is distinct from Valkey , the fork launched by the Linux Foundation. Ship it” culture is destructive.

Artificial Inteligence 62

Artificial Inteligence Trends Malware Open Source 62

Lacework

APRIL 16, 2021

Modern Linux malware binaries are being shipped with one or more embedded files. Prior to the “real payload” being dropped, it’s common to see checks for the host’s CPU architecture, Linux distribution or a series of other factors that influence which embedded [.].

Linux 82

Linux Malware Architecture 82

Lacework

FEBRUARY 7, 2024

In this blog, we’ll explore the motivations of bad actors, the top threats the Lacework Labs team is seeing, and practical ways to lock down your cloud and protect your data. Workload: Mass scanning for vulnerabilities Workloads, which include computing resources like Linux and Windows hosts, are susceptible to compromise.

Weak Development Team 109

Weak Development Team Malware Cloud Internet 109

Ivanti

MARCH 16, 2022

Dirty Pipe vulnerability is a Linux kernel vulnerability that allows the ability of non-privileged users to overwrite read-only files. An extensive write-up on the Dirty Pipe vulnerability can be found in the reference links at the end of this blog. This vulnerability affects endpoints running Linux with a kernel version 5.8

Linux 52

Linux How To Software Review Systems Review 52

Tenable

APRIL 19, 2024

CIS Debian Linux 11 Benchmark v2.0.0 CIS Ubuntu Linux 18.04 LTS Benchmark v2.2.0 — Final Release CIS Ubuntu Linux 22.04 CIS Debian Linux 11 Benchmark v2.0.0 CIS Ubuntu Linux 18.04 LTS Benchmark v2.2.0 — Final Release CIS Ubuntu Linux 22.04 x Benchmark v2.1.0 CIS Cisco IOS XE 17.x x Benchmark v2.1.0

Artificial Inteligence 73

Artificial Inteligence Trends Technical Advisors Analysis 73

Tenable

FEBRUARY 9, 2024

This week, the Linux Foundation launched the Post-Quantum Cryptographic Alliance (PQCA) , a group tasked with tackling the cryptographic security threats from quantum computers. Expected to be available by 2030, quantum computers will be able to decrypt data protected with today’s public-key cryptographic algorithms.

Weak Development Team 66

Weak Development Team Infrastructure Generative AI Artificial Inteligence 66

Tenable

SEPTEMBER 7, 2021

This blog post was published on September 7 and reflects VPR at that time. On September 2, Censys, a search engine for discovering internet devices, published a blog post analyzing the number of hosts vulnerable to CVE-2021-26084. Image Source: Censys Blog. CVE-2021-26084. Confluence Server Webwork OGNL Injection.

Data Center 101

Data Center Software Review Authentication Linux 101

Ivanti

AUGUST 3, 2021

Ransomware is a strain of malware that blocks users (or a company) from accessing their personal data or apps on infected iOS, iPadOS, and Android mobile devices, macOS laptops, Windows personal computers and servers, and Linux servers. Communications : The malware scans the contents of the SD card.

Malware 98

Malware Backup Mobile Storage 98

Palo Alto Networks

SEPTEMBER 20, 2023

The blue team deployed the Cortex XDR Pro for Endpoint agent on both Windows and Linux endpoints. This would be the case if they opted out of the Linux evaluation.) The post ONLY Cortex Delivers 100% Protection and Detection in MITRE Engenuity appeared first on Palo Alto Networks Blog. None – There was no detection. (No

Linux 120

Linux Analytics Testing Network 120

Lacework

JUNE 14, 2022

In the last two years, we’ve seen a 600% increase in attacks which is not terribly surprising given ransomware, a form of malware that seeks to encrypt or withhold data unless a ransom is paid, is profitable for attackers. Move over Windows, Linux is next. The adoption of containers and Linux has increased the attack surface.

Cloud 52

Cloud Linux Policies Windows 52

Lacework

OCTOBER 6, 2022

There are several ways to detect threats using system call (syscall) and kernel tracing in Linux. Advanced Threat Detection on Linux. Many cloud workloads run on Amazon EC2 and Kubernetes while most run on Linux. In modern Linux kernels, there are three main ways to monitor syscalls: Tracepoint .

Linux 52

Linux Cloud Tools Storage 52

Lacework

JULY 21, 2022

This blog post will examine the obstacles adversaries must overcome to succeed in their cryptojacking campaigns and the detection opportunities that arise from it with corresponding Atomic Red Team tests. Lacework Labs often sees remote access methods co-deployed with cryptomining malware (IRC bots, dropped ssh keys, etc.).

Malware 52

Malware Linux Firewall Testing 52

Altexsoft

FEBRUARY 11, 2020

You can use Wazuh in a Docker container or on Linux, Windows, and macOS systems. You can use GRR in a Docker container or on standard Linux systems. You can use Osquery on Windows, Linux, and macOS machines. Recently turned over to The Linux Foundation to ensure continued support. GRR is composed of a client and a server.

Tools 109

Tools Linux Analysis Open Source 109

Tenable

MARCH 29, 2022

This could further allow the attacker to spread malware or exfiltrate sensitive data, making it a useful flaw for ransomware groups in particular. As part of their technical write up, CrowdStrike walked through a proof of concept that exploits CVE-2022-0811 to execute malware. CrowdStrike’s Blog Post on CVE-2022-0811.

Malware 52

Malware Policies Linux Open Source 52

O'Reilly Media - Ideas

JANUARY 4, 2023

Blog posts and articles dropped off over the holidays; the antics of Sam Bankman-Fried and Elon Musk created a lot of distractions. It’s been known to impersonate Linux, help developers learn new programming languages, and even improve traditional college courses (where its ability to make mistakes can be turned into an asset).

Trends 98

Trends Artificial Inteligence ChatGPT Artificial Intelligence 98

Linux Academy

APRIL 25, 2019

So, we’ll often see controls that are written like: “The organization employs technologies to protect hosts from malware.” Going back to my earlier example of having an antivirus installed to protect hosts from malware, while this is technically true, an antivirus cannot stop all malware. Security Defined.

Security 60

Security Compliance Malware Policies 60

Linux Academy

JUNE 17, 2019

EICAR is an industry standard test file used to test malware, anti-virus, content filters, etc. Find more of our blogs in this series by searching “roadmap to security” in our blog or click here. The post Self-Audits | Roadmap to Securing Your Infrastructure appeared first on Linux Academy Blog.

Infrastructure 60

Infrastructure Firewall Malware Linux 60

Xebia

FEBRUARY 17, 2023

Like I mentioned in the previous blog, during this blog series we are going to look at the different types of Application Security Testing and Software Composition Analysis. The vulnerable web application is the same one we used in the first blog of this series. This concludes this blog. See you at the next one!

Applications 130

Applications Testing Authentication How To 130

Tenable

JULY 25, 2019

Scanner for “BlueKeep” vulnerability and newly minted exploits for Exim and Jira incorporated into cryptocurrency mining malware. On July 24, researchers at Intezer published a blog about a new variant of the WatchBog malware. However, the module variant described in the Intezer blog doesn’t contain any exploit code.

Malware 14

Malware Linux Data Center Software Review 14

Tenable

SEPTEMBER 14, 2021

Windows Subsystem for Linux. At the time this blog post was published, there were at least 21 repositories on GitHub containing proof-of-concept code for this flaw. EoP vulnerabilities are commonly used in malware/ransomware attacks as we’ve observed with CVE-2020-1472 , aka Zerologon , one of the Top Five Vulnerabilities of 2020.

Windows 87

Windows SMB Azure Storage 87

Tenable

SEPTEMBER 9, 2022

The Open Source Software Security Mobilization Plan ” (The Linux Foundation and The Open Source Security Foundation). The Anti-Malware Testing Standards Organization (AMTSO) has released a guide for helping security teams test and benchmark IoT security products, an area the non-profit group says is still in its infancy.

Security 52

Security IoT Open Source Linux 52

Gorilla Logic

NOVEMBER 2, 2022

Web servers typically run on either Linux or Microsoft Windows machines, with most website hosting companies using Linux. Common website tech stacks combine these elements into web server OS-based sets: Linux-based or LAMP: Linux, plus Apache web server, MySQL database engine, and PHP for programming language.

PHP 52

PHP Web Development Linux Windows 52

AlienVault

APRIL 2, 2019

Jaime Blasco and Chris Doman collaborated on this blog. Overview: Recently, AT&T Alien Labs identified a new malware family that is actively scanning for exposed web services and default passwords. It is likely related to the previously reported malware families Xbash and MongoLock. X11; U; Linux i686; en-US; rv:1.9.0.8)

.Net 40

.Net Windows Linux Malware 40

Linux Academy

MAY 6, 2019

When command and control (CNC) malware is installed it needs to phone home. The post May Intro | Roadmap to Securing Your Infrastructure appeared first on Linux Academy Blog. Is there a need for Telnet , SSH , and ephemeral ports to be permitted (among many others)? That depends. Does the organization need these ports open?

Infrastructure 60

Infrastructure Firewall Malware Backup 60

Palo Alto Networks

SEPTEMBER 8, 2021

The Prisma Cloud Command Line Interface (CLI) — twistcli — allows users to scan images for vulnerabilities, compliance issues, malware and secrets with the ability to operate on a developer’s laptop, as well as their CI/CD tooling. We’re excited to announce this much sought after feature — image analysis sandbox.

Google Cloud 82

Google Cloud Serverless Azure Weak Development Team 82

Palo Alto Networks

JANUARY 23, 2023

Cortex XDR protects legacy Windows, Windows Server, MacOS and Linux systems. It is specifically designed to identify infected devices and block known exploits, malware, malicious URLs and spyware in 5G environments. The post Breaking Down the NASCIO Top 10 for 2023 appeared first on Palo Alto Networks Blog.

Government 67

Government Spyware Cloud Network 67

Lacework

NOVEMBER 7, 2022

Other free modules in the learning path will teach you about Linux and Windows fundamentals, network basics, and how the web works. . Learn about: Hacking, offensive security, cybersecurity careers, Windows, Linux. You’ll learn about: Phishing, ransomware/malware, passwords, social media, social engineering, MFA.

Video 52

Video AWS Training Linux 52

Kentik

OCTOBER 6, 2017

The new link supplements one from China and will provide back-up to Pyongyang at a time the US government is reportedly attacking its Internet infrastructure and pressuring China to end all business with North Korea,” reports Johns Hopkins blog 38 North. Cloudflare Suspends Torrent Website for Cryptocurrency Miner ‘Malware’ (CoinDesk).

Internet 40

Internet Software Review Network Systems Review 40

Palo Alto Networks

MAY 7, 2020

Based on the numerous “proof of concept” (POC) tests we have conducted around the world, we discovered that IoT botnet activity makes up a very large proportion of the malware in mobile networks today. The post The Right Approach to Securing 5G appeared first on Palo Alto Networks Blog.

IoT 52

IoT Mobile Network Weak Development Team 52

Palo Alto Networks

JUNE 7, 2021

The Unit 42 cybersecurity consulting group published research on the first known malware targeting Windows containers, which was discovered by Unit 42 researcher Daniel Prizmant and named Siloscape. The post Unit 42 Discovers First Known Malware Targeting Windows Containers appeared first on Palo Alto Networks Blog.

Malware 91

Malware Windows Software Review Open Source 91