Cybersecurity Archives

Standard

Plague: The PAM-Based Linux Backdoor

Plague is a newly discovered, highly sophisticated Linux backdoor making headlines across the cybersecurity community. Unlike conventional malware, Plague embeds itself into PAM (Pluggable Authentication Modules)—the core authentication framework for Linux—granting attackers stealthy, persistent access that bypasses standard login mechanisms. Researchers warn that Plague has been quietly evolving since mid-2024 and remained undetected for more than

Standard

SSHStalker: A deep dive into the new IRC-controlled Linux botnet infecting thousands of servers

In early 2026, cybersecurity researchers uncovered a stealthy Linux botnet operation that has infected nearly 7,000 servers worldwide — not with advanced AI or zero-day exploits — but by resurrecting old-school techniques: SSH brute-force compromise, decade-old Linux vulnerabilities, and text-based IRC (Internet Relay Chat) command-and-control (C2) communication. Dubbed SSHStalker, this campaign staggering in scale highlights

dropbear Critical Privilege Escalation Vulnerability

Standard

Critical Privilege Escalation Vulnerability Discovered in Dropbear SSH Server

The open-source Dropbear SSH server, widely deployed on embedded devices, routers, and lightweight systems like OpenWRT, has been found to contain a serious privilege escalation flaw. This vulnerability could allow an authenticated user to execute arbitrary programs with root privileges — essentially giving them full control over the system. This flaw is tracked as CVE-2025-14282

Standard

SSH Tunneling: A Complete Guide to Secure Network Access

Introduction In today’s interconnected world, securing data as it travels across networks is more important than ever. Whether you’re accessing a remote server, managing databases, or working from an untrusted network, exposed connections can become easy targets for attackers. SSH tunneling offers a powerful yet lightweight solution by encrypting network traffic and safely forwarding it

Access Control in cyber security: types and benefits

Standard

Access Control: Types and Benefits

Access control is one of the most fundamental pillars of cybersecurity and operational governance in any organization. It defines who can access specific systems, applications, data, or physical resources, ensuring that only authorized individuals can perform permitted actions. Proper access control is essential for protecting sensitive information, maintaining business continuity, and meeting regulatory obligations.

Standard

Authentication Vs Authorization

In today’s digital era, cybersecurity has become a major concern for individuals and organizations alike. One key aspect of securing systems is controlling access to digital devices and data. This is where the concepts of authentication and authorization come into play. In this article, we will explain what authentication and authorization are, the key differences

Standard

CVE-2025-61984 — OpenSSH command injection vulnerability

CVE-2025-61984 is a newly discovered OpenSSH client command injection vulnerability that affects OpenSSH client versions prior to 10.1. This article focuses on what CVE-2025-61984 is, the root cause of the vulnerability, and how to mitigate it. Root cause of CVE-2025-61984 OpenSSH includes a ProxyCommand option in its ssh_config file, which allows administrators to run an

Openssh10.0 tutorial security features and updates

Standard

OpenSSH 10.0: Security Features & Updates

OpenSSH 10.0: A Comprehensive Look at it’s Security-Driven Overhaul OpenSSH 10.0 released on April 9, 2025, marks a turning point for one of the most critical tools in modern IT infrastructure. As the de facto standard for secure remote administration, file transfer, and tunneling, OpenSSH has continuously evolved to address new threats and cryptographic trends.

Category: Cybersecurity