Linux

Container Security Fundamentals - Linux Capabilities (Part 1)

Sep 11, 2023 By Datadog In Datadog

In this video we're looking at how Linux capabilities can be used by general programs and containers to provide only specific rights they need instead of providing "root" privileges. To learn more, read our blog on Datadog’s Security Labs site.

View Video

Datadog

Read more about Container Security Fundamentals - Linux Capabilities (Part 1)

CTI Roundup: Monti ransomware targets VMware ESXi servers with new Linux locker

Aug 23, 2023 By Tanium In Tanium

Raccoon Stealer malware reappears, AI adoption remains low among threat actors, and Monti ransomware targets VMware ESXi servers with new Linux locker.

Read Post

Tanium

Read more about CTI Roundup: Monti ransomware targets VMware ESXi servers with new Linux locker

Container Security Fundamentals - Linux Namespaces (Part 2): The PID Namespace

Jul 5, 2023 By Datadog In Datadog

In this video we continue our examination of Linux namespaces by looking at some details of how the PID namespace can be used to isolate a container’s view of processes running on the host, and how this feature can be used for troubleshooting container problems. To learn more read our blog on Datadog’s Security Labs site.

View Video

Datadog

Read more about Container Security Fundamentals - Linux Namespaces (Part 2): The PID Namespace

Setting Up Teleport (tsh) and Teleport Connect on Linux

Jun 21, 2023 By Teleport In Teleport

In this video, we'll install Teleport's tsh user client on Linux. We'll also take a look at Teleport Connect which is a graphical user interface, desktop app.

View Video

Teleport

Read more about Setting Up Teleport (tsh) and Teleport Connect on Linux

Container Security Fundamentals - Linux namespaces part 1: The mount namespace

Jun 13, 2023 By Datadog In Datadog

One of the technologies used by Linux containers to provide an isolated environment, is namespaces. They are used to provide a contained process with an isolated view of different Linux resources. In this video we look at some of the details of how Linux namespaces work and then take a more detailed look at the mount namespace which isolates a processes' view of its filesystem.

View Video

Datadog

Read more about Container Security Fundamentals - Linux namespaces part 1: The mount namespace

The Linux Crypto API for user applications

May 11, 2023 By Oxana Kharitonova In Cloudflare

In this post we will explore Linux Crypto API for user applications and try to understand its pros and cons. The Linux Kernel Crypto API was introduced in October 2002. It was initially designed to satisfy internal needs, mostly for IPsec. However, in addition to the kernel itself, user space applications can benefit from it.

Read Post

Cloudflare

Read more about The Linux Crypto API for user applications

CVE-2023-29383: Abusing Linux chfn to Misrepresent /etc/passwd

Apr 13, 2023 By Trustwave In Trustwave

A little bit of background for those not familiar with chfn… “chfn (change finger) is used to change your finger information. This information is stored in the /etc/passwd file and is displayed by the finger program.

Read Post

Trustwave

Read more about CVE-2023-29383: Abusing Linux chfn to Misrepresent /etc/passwd

4 ways to leverage existing kernel security features to set up process monitoring

Mar 30, 2023 By Amit Gupta In Tigera

The large attack surface of Kubernetes’ default pod provisioning is susceptible to critical security vulnerabilities, some of which include malicious exploits and container breakouts. I believe one of the most effective workload runtime security measures to prevent such exploits is layer-by-layer process monitoring within the container. It may sound like a daunting task that requires additional resources, but in reality, it is actually quite the opposite.

Read Post

Tigera

Read more about 4 ways to leverage existing kernel security features to set up process monitoring

5 Tips for Linux Server Hardening

Mar 21, 2023 By CalCom In CalCom

When installing a new Linux server, you should be aware that its level of security is very low by default, to allow as much functionality as possible. Therefore, performing basic hardening actions before the server is installed in production is crucial. CalCom Software is hardening RedHat / Linux.

View Video

CalCom

Read more about 5 Tips for Linux Server Hardening

Find threats: Cloud credential theft on Linux endpoints

Feb 22, 2023 By Anton Ovrutsky In Sumo Logic

The Sumo Logic Threat Labs team previously outlined the risks associated with unprotected cloud credentials found on Windows endpoints. This article builds on that work by providing detection and hunting guidance in the context of endpoints that run the Linux operating system. Although workloads that support business functionality are increasingly moving to the cloud, these workloads are often managed through an endpoint that is often found on premises.

Read Post

Sumo Logic

Read more about Find threats: Cloud credential theft on Linux endpoints

Subscribe to Linux

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Linux

Container Security Fundamentals - Linux Capabilities (Part 1)

CTI Roundup: Monti ransomware targets VMware ESXi servers with new Linux locker

Container Security Fundamentals - Linux Namespaces (Part 2): The PID Namespace

Setting Up Teleport (tsh) and Teleport Connect on Linux

Container Security Fundamentals - Linux namespaces part 1: The mount namespace

The Linux Crypto API for user applications

CVE-2023-29383: Abusing Linux chfn to Misrepresent /etc/passwd

4 ways to leverage existing kernel security features to set up process monitoring

5 Tips for Linux Server Hardening

Find threats: Cloud credential theft on Linux endpoints

Monthly Archive

Follow Us