0 views collected around this technical thread.
This article walks through the symptoms, root causes, forensic commands, and remediation actions taken to investigate and clean a Linux server that was compromised, highlighting key security lessons such as tightening SSH access, monitoring critical files, and restoring locked system utilities.
This article details how to strengthen MySQL user security by implementing comprehensive password complexity requirements, connection control policies, and password change strategies, including configuration of the validate_password component, connection_control plugin, and password expiration settings for MySQL 5.7 and 8.0, with practical examples and code snippets.
With CentOS discontinued, this guide walks through the key considerations and step‑by‑step configurations for DNS, time synchronization, security baselines, SELinux, firewall, and kernel tuning on Ubuntu 22.04 and Anolis 8.6 as viable replacements.
A self‑built Kubernetes cluster suffered a crypto‑mining intrusion due to empty iptables and a misconfigured kubelet, prompting a detailed post‑mortem that outlines the symptoms, root‑cause analysis, and practical hardening steps to protect similar environments.
This article walks through a real‑world server breach where a disguised gpg‑agentd process was used to install backdoors, download malicious scripts, exploit Redis, and launch mass scans, and then offers concrete hardening steps to prevent similar compromises.
This article walks through a real‑world compromise of an Alibaba Cloud server, detailing how a disguised gpg‑agentd process was used to install backdoors, hijack SSH keys, exploit Redis, and launch mass scanning with malicious scripts, and it concludes with practical hardening recommendations.