UncategorizedLinux Systems are Hackers’ Next Targets | Zero Day Attacks


September 28, 2020 Timothy Chiu, VP of Marketing
Linux Systems are Hackers’ Next Targets

A new article in Tech Republic is predicting that Linux servers and workstations will be the next big target for hackers.  There has been an increase in the tools that are being developed targeting Linux systems, and it’s believed the targets will be Linux systems being used by government and big business.

While we traditionally think about Windows systems being the one vulnerable to attacks and exploits, it’s often the case that organizations host their important servers and systems on Linux systems. We also know that open-source platforms are on the rise, so it should be no surprise that Linux systems are increasingly targeted by hackers.  According to the article, cyber criminals are adding to their hacking tools specifically around Linux systems.

The article also mentions that for Linux, “a suite of webshells, backdoors, rootkits and custom-made exploits are readily available” to cyber criminals and that a successful attack on a Linux system typically has broader consequences than for other platforms.

While it has always been important to protect applications running on Linux systems in production, this latest news item on Linux systems is a good reminder to re-evaluate your security around internet facing systems and applications, including Linux systems. In addition to making sure as few vulnerabilities make it to production as possible in internet facing applications, organizations need to look at how they are protecting systems and applications that are open to the internet.

While the typical application security layer is edge security, typically Web Application Firewalls (WAFs), with the increase in zero day attacks, and the problems organizations are facing with their WAF deployments, it’s time to take the latest changes in the NIST (National Institute of Standards and Technologies) SP 800-53 framework for application security.  The latest draft of the framework includes the requirement for RASP (Runtime Application Self Protection). RASP provides security that’s close to the application, and provides an important layer of security that has greater visibility and control than edge security offers.

K2 Cyber Security can provide a deterministic runtime application security layer that detects zero day attacks, along with well-known attacks.  K2 issues alerts based on severity and includes actionable alerts that provide complete visibility to the attacks and the vulnerabilities that the attacks are targeting including the location of the vulnerability within the application, providing details like file name and line of code where the vulnerability exists.

Rather than rely on technologies like signatures, heuristics, fuzzy logic, machine learning or AI, K2 uses a deterministic approach to detect true zero-day attacks, without being limited to detecting attacks based on prior attack knowledge.  Deterministic security uses application execution validation, and verifies the API calls are functioning the way the code intended.  There is no use of any prior knowledge about an attack or the underlying vulnerability, which gives our approach the true ability to detect new zero-day attacks. Our technology has 8 patents granted/pending, and has minimal false alerts.

Get more out of your application security testing and change how you protect your applications, and check out K2’s application workload security solution.

Find out more about K2 today by requesting a demo, or get your free trial.




Share this

Leave a Reply

Your email address will not be published. Required fields are marked *


K2 Cyber Security delivers the Next Generation Application Workload Protection Platform to secure web applications and container workloads against sophisticated attacks including OWASP Top 10 and memory-based attacks, and provides additional vulnerability detection. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production servers to identify the location of the vulnerable code in real-time. K2’s solution generates almost no false alerts, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools including Web Application Firewalls, and dramatically reduces security cost. K2 Cyber Security is located in the USA, and provides cyber security solutions globally.


K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131