Uptycs Blog

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you’ll enjoy our blog enough to subscribe and share.

Linux Commands and Utilities Commonly Used by Attackers

Linux Commands and Utilities Commonly Used by Attackers

Uptycs' threat research team has observed several instances of Linux malware where the attackers leverage the inbuilt commands and utilities for a wide range of malicious activities.
In this post, we’ll take a look at the Linux commands and utilities commonly used by attackers and how you can use Uptycs EDR detection capabilities to find if these have been used in your environment.

Uptycs EDR for Linux: Detection and visibility all the way through

Uptycs EDR for Linux: Detection and visibility all the way through

Despite the fact that Linux server endpoints comprise 90% of cloud workloads and a majority of on-premises enterprise workloads, they don’t usually get as much attention as productivity endpoints. Most EDR solutions focus on end users and don’t meet the unique requirements for production Linux servers, such as the need for 100% uptime and low resource consumption.

How to use Uptycs’ audit and detection features during BootHole remediation

How to use Uptycs’ audit and detection features during BootHole remediation

SecOps and IT administrators have seen plenty of information regarding the GRUB2 BootHole vulnerability. In addition to BootHole, several low to moderate vulnerabilities were also discovered and fixed. While a key recommendation for mitigation is to install OS updates and patches, vendor patches should be carefully tested and incrementally applied to vulnerable assets. Updating the Secure Boot Forbidden Signature Database (dbx) has caused issues in the past. Initial GRUB2 patches from Red Hat caused boot issues for some RHEL and CentOS machines.

21 Best Linux Resources For Infrastructure Security

21 Best Linux Resources For Infrastructure Security

Infrastructure security at the server layer is a critical aspect of your organization’s overall security posture. When you know the best Linux resources to use, you can prevent attackers from taking over servers or compromising your databases.

Essential Knowledge On Endpoint Security For Linux

Essential Knowledge On Endpoint Security For Linux

Linux endpoint security is a more prevalent topic now than it was a decade ago. With the rapid growth of the SaaS industry, many significant applications in cloud environments now rely on Linux.

Osquery vs. OSSEC: Which is best for Linux security?

Osquery vs. OSSEC: Which is best for Linux security?

For security analysts working on Linux, the lack of flexible, transparent and comprehensive tools is an ongoing problem. As is often the case, security professionals are turning to open-source solutions that can be more easily customized to solve specific problems.

Page 1 of 2: