Feature Articles
Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
Cybersecurity is not static; it's a game of continuous evolution. As web applications burgeon, so too do the threats against them. Within Linux environments, where flexibility and open-source attributes are prized, secure coding practices, Linux devs can stand on vigilant watch against these proliferating dangers.
Linux administrators and infosec professionals face rising cyber threats in today's interconnected digital world. As open-source platforms gain more importance, securing them becomes mission-critical for organizations worldwide.
Most businesses understand the need for cybersecurity. However, many of those same companies still rely on outdated systems, making it hard to ensure the security they know they need.
Data security in a modern business environment is considered one of the most critical factors for any company. The digitalization of the world has led to more and more data being generated daily, including very sensitive data, such as internal business plans, customer payment data, etc.
IaC, or infrastructure as code, is essential to most cloud-based applications. Implementing IaC has advantages that significantly increase the service's characteristics and efficiency. However, as well as its enormous value, IaC has certain security drawbacks, like the spreading of simple security issues on all the files or vulnerability to data exposure, which could greatly affect the security of an open-source environment.
At last count, W3Techs reported that 43.1% of all websites operating on the Internet today rely on the WordPress CMS. And of those, an overwhelming majority run on Linux servers. That immense popularity makes Linux servers running WordPress a prime target of hackers and other bad actors. As a result, such servers face an estimated 90,000 attacks every minute, every day.
There are several general categories of DoS attacks. Some groups divide attacks into three classes: bandwidth attacks, protocol attacks, and logic attacks. Following are brief descriptions of some common types of DoS attacks.
When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN ACK before the connection is established. This is referred to as the "TCP three-way handshake."
Service Providers are scrambling to offer voice, video, data, and innovative services, such as gaming, interactive TV, and messaging, on a single pipe. At the same time, network equipment is being upgraded to IPV6. But some Real-Time IPV6 Security overwhelms performance due to the application intelligence, which is the rapid inspection of VoIP signaling SIP, H.323 and audio packets, and the prompt opening and shutting of "pinholes" to allow the passage of valid voice traffic over wireless networks.
In this paper, we describe and analyze a network-based DoS attack for IP-based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection re¬quests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access. Part I Part II Part III Part IV
In this paper, we describe and analyze a network-based DoS attack for IP-based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection requests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access.
It was discovered that a sequence of processor instructions for some Intel processors leads to unexpected behavior that could allow an authenticated local user to escalate privileges (CVE-2023-23583). This bug, dubbed "Reptar," could expose sensitive information or cause system crashes, resulting in denial of service attacks leading to loss of system access.
Computer systems, software, applications, and other interfaces are vulnerable to network security threats. Failure to find these cybersecurity vulnerabilities can lead to the downfall of a company. Therefore, businesses must utilize vulnerability scanners regularly within their systems and servers to identify existing loopholes and weaknesses that can be resolved through security patching.
Two critical vulnerabilities were recently discovered in the Linux kernel, which both received a National Vulnerability Database base score of 9.8 out of 10 due to how simple they are for attackers to exploit and their severe threat to impacted systems.
In the dynamic landscape of contemporary software development, Docker containerization has emerged as a cornerstone, facilitating the efficient deployment and scaling of applications. However, fortifying their security measures becomes paramount as organizations increasingly embrace Docker containers.
A weak password can be as simple as having a password equal to a username, a blank password, or combination passwords such as ‘qwerty’. Users feel that they can get away with leaving a weak password oftentimes because they have trouble keeping track of them.
Because of the changing nature of the data management environment, many businesses are turning to data governance consultancy as a compliance tool. Data governance consulting aims to help businesses develop strategies, policies, and frameworks to ensure their data's security, privacy, and integrity. Linux and open-source security play a crucial role in achieving these objectives for organizations that use Linux-based systems and open-source software.
Passkeys are created on user devices, so you must select the correct one to log in to the services and websites. Passwords are no longer required, which is one of the main advantages of this convenient, up-and-coming feature.
Linux device management is pivotal in contemporary managed service providers' (MSPs) core operations. With a growing reliance on Linux systems within organizations, adeptly administering these devices is a defining factor for MSPs. In the rapidly evolving tech landscape, the surge in Linux adoption is driving MSPs to deliver efficient Linux device management services that align with the distinct needs of their clients.
Peer-to-peer (P2P) torrenting users face many risks, ranging from downloading malware to inadvertently downloading unauthorized content. Your computer may get infected with viruses, your ISP may limit your connection, or you may face penalties.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.