Stay Ahead With Linux Security Features
threat detection scalability Building a SIEM is easier than scaling one. Most open-source deployments start as a simple "all-in-one" server. It is easy to set up, but that design rarely survives the transition from a lab to a production workload. . A SIEM watching 20 endpoints is not doing the same job as one watching 500. More endpoints mean more logs; more logs require more storage; more storage makes search heavier. Eventually, the very architecture that made your lab easy to deploy becomes the reason your production...
Jun 04, 2026
security advisory apache A newly disclosed attack technique called HTTP/2 Bomb is drawing attention because it targets the software that sits at the front of much of the Linux internet. Apache HTTP Server, NGINX, Envoy, and the ingress layers that many Kubernetes environments depend on can be forced into consuming disproportionate amounts of memory using relatively small amounts of attacker traffic. . For Linux administrators, the concern is not the HTTP/2 protocol itself. It is the possibility that a single...
Jun 04, 2026
security advisory important The compromise of Nx Console shows how much infrastructure now sits behind a single developer account. GitHub repositories, CI/CD pipelines, container build systems, Terraform projects, Kubernetes deployments. None of those systems was the initial target. The workstation was. . Attackers did not need a Linux privilege escalation bug or a remote code execution chain. They needed developers to trust a tool they were already using. For many organizations, that was enough. What Happened? Federal...
Jun 03, 2026
security advisory open-source You remove the malware. You rotate the compromised credentials. You patch the original vulnerability and close the ticket. Two weeks later, the attacker is back. . What happened? You didn't lose the battle at the exploit; you lost it at the cleanup. In many modern Linux intrusions, the malware you found wasn't the main problem—it was the fallback mechanisms left behind. These hooks quietly restore attacker access the moment you look away. If you clean a host but miss these persistence layers,...
Jun 02, 2026
security advisory Red Hat Researchers investigating a campaign now tracked as Miasma found that more than 30 packages in Red Hat's @redhat-cloud-services npm namespace had been altered to deliver credential-stealing malware. . The packages weren't being used to deploy ransomware or sabotage systems. From what has been reported so far, the objective appears to have been much simpler: collect credentials from developer environments and use that access elsewhere. GitHub tokens, cloud credentials, SSH keys, and other...
Jun 02, 2026
Refine features
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security features
We found -2 articles for you...
102
security advisorydenial of serviceprivilege escalationIntel: CVE-2023-23583 Critical Update For Reptar Privilege Escalation
It was discovered that a sequence of processor instructions for some Intel processors leads to unexpected behavior that could allow an authenticated local user to escalate privileges ( CVE-2023-23583 ). This bug, dubbed "Reptar," could expose sensitive information or cause system crashes, resulting in denial of service attacks leading to loss of system access. . More recently, another Intel Microcode privilege escalation flaw was discovered. Researchers identified that a sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors that may allow an authenticated user to escalate privileges ( CVE-2023-23583 ). This vulnerability also severely threatens impacted users’ sensitive data and system availability. What Is Google's Analysis of Reptar? According to Google Cloud, "The impact of this vulnerability is demonstrated when exploited by an attacker in a multi-tenant virtualized environment, as the exploit on a guest machine causes the host machine to crash, resulting in a Denial of Service to other guest machines running on the same host. The vulnerability could also lead to information disclosure or privilege escalation." Google security researcher Tavis Normandy also analyzed Reptar and concluded that the flaw could be exploited to corrupt the system state and force a machine-check exception. What Can I Do To Stay Safe? An important Intel Microcode update has been released to mitigate this severe bug. Given this vulnerability's damaging repercussions on impacted systems, we urge all affected users to update now to protect against information disclosure and loss of access to their critical systems if left unpatched. Debian , Debian LTS Fedora , Oracle , and Ubuntu have released important security advisory updates addressing Reptar. To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user , subscribe to our Linux Advisory Watch newsletter, and customize youradvisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems. Follow @LS_Advisories on X for real-time updates on advisories for your distro(s) . . AMD has rolled out recent firmware enhancements targeting critical security vulnerabilities. Ensure you upgrade promptly to safeguard your information from potential breaches.. Intel Microcode Update, Privilege Escalation, Denial of Service, Security Advisory. . Brittany Day
Dec 31, 2023
•
102
security advisorynetwork securityprivilege escalationCISA Advisory: Looney Tunables Critical glibc Threat and Mitigation
The GNU C Library on Linux systems can be compared to the control tower at a busy airport; while the tower is essential to overseeing everything at the airport, if a criminal were to enter, they could hijack a plane and put many people at risk. Threat actors have been utilizing a severe vulnerability dubbed "Looney Tunables" ( CVE-2023-4911 ) to infiltrate GNU C Libraries (glibc), stunting functions like network and memory access, file I/O, and more.. Let's discuss how this vulnerability can impact your servers and the best practices to improve security posture. How Can Looney Tunables Pose a Risk to My Linux Systems? The Looney Tunables vulnerability exists in the glibc dynamic loader ld.so as it processes the GLIBC_TUNABLES environment variable. This network security threat can give cybercriminals full root privileges on major distributions like Fedora, Ubuntu, and Debian. Threat actors can expand their impact from here by infecting other servers and computers. The security researchers who discovered the vulnerability say: "This environment variable, intended to fine-tune and optimize applications linked with glibc, is an essential tool for developers and system administrators. Its misuse or exploitation broadly affects system performance, reliability, and security." Looney Tunables can severely damage business operations, reputation, and communication, leading to clients discontinuing their interactions with the organization. Companies can expect to face cloud security breaches and other data and network security-related system compromises that harm employee productivity and consumer trust. Kinsing threat actors have begun utilizing Looney Tunables in exploits in cybersecurity regarding a “new experimental campaign” they are using in cloud security breaches. The Kinsing threat group also has malware threats that combine Python-based and PHP-related network security risks. Security researchers state: "This recent development suggests a potential broadening of their operational scope,signaling that the Kinsing operation may diversify and intensify in the near future, thereby posing an increased threat to cloud-native environments." CISA recently added Looney Tunables to its Known Exploited Vulnerabilities (KEV) catalog and has ordered federal agencies to fix these cybersecurity vulnerabilities by December 12, 2023. How Can I Maintain Data and Network Security Against This Vulnerability and Others? Debian , Fedora , Gentoo , Oracle , and Ubuntu have released critical glibc security updates to mitigate this severe network security threat. We have urged impacted users to update their systems immediately to protect against attacks in network security focused on privilege escalation, which could lead to significant downtime and compromise. Organizations must employ network security toolkits with security patching, cloud security scanners, and Linux Intrusion Detection Systems to prevent cybercriminals from moving forward once entering your system. Stay on top of the latest essential updates by registering as a Linux Security user and subscribing to our Linux Advisory Watch computer security newsletter. Customize your advisories based on company distros. Keeping up-to-date on the most recent cybersecurity trends will enable you to prevent significant network security issues from impacting your systems more. Follow @LS_Advisories on Twitter for real-time updates on secure Linux distros advisories . . Understanding the Looney Tunables glibc vulnerability and its implications on Unix-like environments is crucial for maintaining system security.. glibc Vulnerabilities, Network Security Threats, Security Updates. . Anthony Pell
Nov 25, 2023
•
102
security advisorycritical updatelinux distributionKeep Informed with Real-Time Linux Security Alerts on Twitter
Today, we have awesome news for the security-conscious Linux sysadmin: securing your systems by staying up-to-date on the latest advisories issued by your distro(s) just got easier and far more convenient with the creation of the @LS_advisories Twitter handle ! LinuxSecurity Live Advisory Updates is a page that provides live updates on critical Linux security advisories issued by 15 popular Linux distros. The page is sponsored by LinuxSecurity.com ( @lnxsec on Twitter ) as a way to help admins monitor the latest advisory updates on Twitter. . Staying on top of the latest security advisories and applying updates as soon as they become available is critical in securing your critical systems and sensitive data against attacks in network security leading to downtime and compromise. Unpatched cybersecurity vulnerabilities are an easy way for adversaries to gain unauthorized access to systems and launch damaging exploits in cybersecurity including malware , ransomware , and rootkits . Following @LS_advisories on Twitter enables admins to make sure they are updating their systems as soon as security patching options are released before network security issues are exploited by attackers. To search for a list of all advisories posted to this feed for a specific distro, simply enter LS_Advisories followed by the name of the distro you would like to view advisories for in the Twitter search bar. For instance, if you want to view a list of all Fedora advisories posted to this feed, simply search “LS_Advisories Fedora”. Registering as LinuxSecurity user , then subscribing to our Linux Advisory Watch newsletter and customizing your advisories for the distro(s) you use is another excellent way to stay on top of the latest, most significant network security threats impacting the data and network security of your systems. We look forward to engaging with you on Linux Twitter, and hope that this account makes your Linux system administration easier, safer, and more efficient! . Keep abreast ofvital Linux security alerts to safeguard your systems adeptly and promptly.. Linux Security Advisories,Critical Updates,Sysadmin Monitoring. . Brittany Day
Mar 27, 2023
•
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More