Stay Ahead With Linux Security Features
threat detection scalability Building a SIEM is easier than scaling one. Most open-source deployments start as a simple "all-in-one" server. It is easy to set up, but that design rarely survives the transition from a lab to a production workload. . A SIEM watching 20 endpoints is not doing the same job as one watching 500. More endpoints mean more logs; more logs require more storage; more storage makes search heavier. Eventually, the very architecture that made your lab easy to deploy becomes the reason your production...
Jun 04, 2026
security advisory apache A newly disclosed attack technique called HTTP/2 Bomb is drawing attention because it targets the software that sits at the front of much of the Linux internet. Apache HTTP Server, NGINX, Envoy, and the ingress layers that many Kubernetes environments depend on can be forced into consuming disproportionate amounts of memory using relatively small amounts of attacker traffic. . For Linux administrators, the concern is not the HTTP/2 protocol itself. It is the possibility that a single...
Jun 04, 2026
security advisory important The compromise of Nx Console shows how much infrastructure now sits behind a single developer account. GitHub repositories, CI/CD pipelines, container build systems, Terraform projects, Kubernetes deployments. None of those systems was the initial target. The workstation was. . Attackers did not need a Linux privilege escalation bug or a remote code execution chain. They needed developers to trust a tool they were already using. For many organizations, that was enough. What Happened? Federal...
Jun 03, 2026
security advisory open-source You remove the malware. You rotate the compromised credentials. You patch the original vulnerability and close the ticket. Two weeks later, the attacker is back. . What happened? You didn't lose the battle at the exploit; you lost it at the cleanup. In many modern Linux intrusions, the malware you found wasn't the main problem—it was the fallback mechanisms left behind. These hooks quietly restore attacker access the moment you look away. If you clean a host but miss these persistence layers,...
Jun 02, 2026
security advisory Red Hat Researchers investigating a campaign now tracked as Miasma found that more than 30 packages in Red Hat's @redhat-cloud-services npm namespace had been altered to deliver credential-stealing malware. . The packages weren't being used to deploy ransomware or sabotage systems. From what has been reported so far, the objective appears to have been much simpler: collect credentials from developer environments and use that access elsewhere. GitHub tokens, cloud credentials, SSH keys, and other...
Jun 02, 2026
Refine features
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security features
We found 0 articles for you...
102
security advisorysystem stabilitySELinuxRHEL 9.4 Security Enhancements: Leading Cybersecurity Innovations
In the evolving cybersecurity landscape, staying ahead of threats while ensuring system stability and compliance is paramount for businesses and developers. Red Hat Enterprise Linux (RHEL) version 9.4 emerges as a beacon of innovation and security, encapsulating the best open-source technology to meet these challenges head-on. . As a cornerstone of enterprise environments, RHEL's latest release brings forth myriad enhancements and features designed to bolster the security and compliance posture of Linux systems. This article delves into the critical security advancements in RHEL 9.4, demonstrating how they contribute to creating a more secure, efficient, and compliant Linux operating environment for enterprises and developers. How Is RHEL 9.4 Leading the Charge in Cybersecurity and Technological Innovations? RHEL 9.4 marks a significant leap in cybersecurity enhancements, signaling Red Hat's commitment to staying at the forefront of security and technological advancements. With updates spanning from SELinux policy customization capabilities to cryptographic standards enhancements and container security improvements, this release is poised to address the pressing security concerns faced by today's enterprises. Notably, the inclusion of deny rules in SELinux, advancements in cryptographic protocols through OpenSSL and libkcapi, and bolstering container security via Keylime for trusted computing underscore Red Hat's focus on delivering a secure and robust platform. Introducing customizable TLS/SSL encryption settings for Rsyslog and passwordless authentication configurations heralds a new era of secure system administration and identity management. In embracing these enhancements, RHEL 9.4 offers businesses and developers a secure, stable foundation for deploying critical applications, ensuring compliance, and safeguarding against the evolving landscape of cyber threats. This release exemplifies how open-source technology continues to drive innovation in cybersecurity, offering the Linuxcommunity a platform that is not only technologically advanced but also rigorously secured against future vulnerabilities. Whether managing enterprise infrastructure, developing applications, or ensuring compliance, the security-focused improvements in RHEL 9.4 underscore its value as an essential tool in your cybersecurity arsenal. As we explore the depths of these enhancements, it becomes evident that RHEL 9.4 is not just an update but a substantial stepping stone towards a more secure and compliant future in the open-source ecosystem. SELinux Enhancements In the security realm, RHEL 9.4 introduces SELinux userspace release 3.6, which stands out for adding deny rules . This feature opens up new avenues for tailoring SELinux policies with greater precision, allowing users to refine access controls and enhance their systems' overall security posture. Cryptographic Upgrades The Red Hat Enterprise Linux (RHEL) 9.4 release bolsters its security posture with several cryptographic upgrades to improve security across network communications and data encryption processes. One critical area where these upgrades manifest is in the control over Message Authentication Codes (MACs) within Secure Shell (SSH) policies. Understanding MACs in SSH Message Authentication Codes are essential components of secure communications. They act like seals on an envelope, ensuring the data inside hasn't been tampered with during transit. In the context of SSH, widely used for secure remote access to Linux systems, MACs help confirm the integrity and authenticity of the data exchanged between the client and server. Cryptographic Policy Enhancements In RHEL 9.4, cryptographic policies have been fine-tuned to give users more detailed control over these MACs. Security-conscious administrators can now define their systems' MAC algorithms when establishing SSH connections. With varying degrees of strength and performance across different MAC algorithms, administrators can tailor their SSH configurations to balancesecurity needs with system efficiency. Imagine cryptographic policies as rules that guide how your system approaches encryption and security protocols. These policies might have been broader in the past, adhering to preset security levels (e.g., DEFAULT, LEGACY, FUTURE). With the updates in RHEL 9.4, the policies become more granular, allowing an admin to specify the exact MACs acceptable for use, thereby fine-tuning the system’s security by enabling or disabling certain algorithms as needed. Additional Cryptographic Upgrades in RHEL 9.4 The text provided outlines advancements beyond SSH MAC control: OpenSSL TLS Toolkit : OpenSSL now supports a drop-in directory for provider-specific configuration. This means customized security settings, including new encryption algorithms or security protocols, can be integrated into OpenSSL's configuration without altering the core configuration files, facilitating a more modular and manageable approach to custom cryptographic setups. stunnel TLS/SSL Tunneling Service : With version 5.71, stunnel provides enhanced support for modern PostgreSQL clients and modifies how it operates when RHEL is in Federal Information Processing Standards (FIPS) mode. FIPS mode enforces stricter cryptographic standards and algorithms in compliance with government security guidelines. The behavior changes in stunnel ensure that it remains compliant in these high-security environments. libkcapi 1.4.0 : This update introduces new tools and options, like specifying target filenames when calculating hash sums with a new -T option. Such features add to the toolkit for managing cryptographic operations adhering to improved and updated standards. The RHEL 9.4 release brings about a significant leap in cryptographic control for the average Linux user concerned with security. From establishing airtight SSH sessions with precise MAC algorithm settings to leveraging updated cryptographic tools compliant with modern standards, RHEL 9.4 offers the community a platform wheresecurity is at the forefront and customization is key. Users can be confident their systems are equipped to handle the evolving threats in the cyber landscape while maintaining compliance with stringent security regulations. Container Security Security within containers also sees a boost, including Keylime server components (the verifier and registrar) as containerized entities, facilitating their deployment more securely and isolatedly. Keylime is an open-source project that provides highly scalable remote attestation and automated remediation for cloud and edge computing environments. The aim is to enhance these infrastructures' security by ensuring that remote machines' hardware and software configurations meet certain trustworthiness criteria before they are allowed to perform specific functions or access certain data. Integrating Keylime in RHEL 9.4 helps organizations meet stringent hardware and software integrity verification compliance requirements. By automating the attestation process, organizations can ensure continuous oversight and control over the security state of their infrastructures, essential in industries subject to heavy regulations like finance, healthcare, and government sectors. Rsyslog Enhancements The update to the Rsyslog system is also significant. It introduces customizable TLS/SSL encryption settings and additional options for capability dropping, contributing to logger security enhancements. Identity Management For Identity Management, RHEL 9.4 offers the capacity to enable and configure passwordless authentication in SSSD using biometric devices compatible with the FIDO2 specification, such as YubiKeys, thereby promoting usability and security. Red Hat Enterprise Linux (RHEL) 9.4 introduces several enhancements and new features to its Identity Management (IdM) capabilities. One notable development is the improved integration with external identity providers (IdPs) through support for the OAuth2 device authorization flow. This enhancement enablesIdM users to be associated with external IdPs more seamlessly, facilitating a more integrated and secure authentication experience across different platforms and services. Additionally, the update to RHEL 9.4 includes significant improvements in managing identities and system configurations, aiming to streamline administrative tasks and bolster security. While the specific details of all the identity management features in RHEL 9.4 are vast, emphasizing the OAuth2 integration highlights Red Hat's focus on modernizing authentication mechanisms and enhancing security frameworks to support contemporary cloud-native applications and services. General Security Stability While the release notes focus on feature introductions and updates, it's essential to recognize that each version of RHEL undergoes rigorous security testing and hardening. In RHEL 9.4, users can expect a secure, stable, and robust platform for deploying and running essential applications. These highlights represent Red Hat's continued focus on delivering a secure, enterprise-ready operating system that addresses modern businesses' evolving threats and compliance requirements. The updated security features in RHEL 9.4 will help users fortify their systems against unauthorized access and protect sensitive data while modernizing and streamlining security management tasks. Our Final Thoughts on RHEL 9.4 The RHEL 9.4 release brings about a significant leap in cryptographic control for the average Linux user concerned with security. From establishing airtight SSH sessions with precise MAC algorithm settings to leveraging updated cryptographic tools compliant with modern standards, RHEL 9.4 offers the community a platform where security is at the forefront and customization is key. Users can be confident their systems are equipped to handle the evolving threats in the cyber landscape while maintaining compliance with stringent security regulations. . RHEL 9.4 strengthens organizational safety through innovative capabilities,emphasizing encryption, SELinux enhancements, and user identity governance.. RHEL 9.4 Features, Enhanced Security in RHEL, SELinux Improvements, Cryptographic Security Upgrades. . Dave Wreski
May 09, 2024
•
102
security toolscryptographyfile encryptionBest Tools for Securing Files and Disks on Linux Operating Systems
Most of us are familiar with Microsoft Windows or macOS - these OSes dominate the personal computing space. But the OS that is taking over the world isn’t owned by Microsoft, Apple, or any tech company for that matter. . In fact, the most popular OS in the world today isn’t owned by anyone. It’s the completely open-source Linux operating system. While Linux-based systems are generally considered to be more resistant to cyberattacks and cybercrime , they are not completely invulnerable to a determined intruder. Encryption is one of the most effective and widely used methods of securing senstive information from unauthorized parties. This article will introduce five of our favorite file and disk encryption tools to keep your important enterprise information safe from prying cybercriminals. Why Is Linux A Great OS for the Enterprise? What makes Linux such an appealing OS for enterprise purposes is its open-source nature. Unlike proprietary software such as Microsoft’s server solutions which have high licensing fees, Linux is freely available to anyone. More importantly, Linux’s core components can be easily edited, swapped out, or totally replaced by a user with the appropriate skills. This makes Linux amazingly customizable and adaptable to different businesses' needs and requirements. The benefits of employing a Linux-based distribution include: Free Open-source Widespread and accessible availability of support resources Cloud computing & storage standard Easy scalability A high degree of reliability Supports multitasking and cooperative work Not hardware intensive Highly secure Linux & Cybersecurity Many IT and cybersecurity experts consider Linux to be the safest, most secure operating system available to the world today. Because Linux is open-source, anyone can review it and ensure that there are no bugs or exploitable backdoors built into the OS. The same cannot be said of proprietary operating systems such as Microsoft’s Windowsor Apple’s macOS platforms. While both Microsoft and Apple may have a large team of well-resourced, professional developers working on security issues, no team of coders can compare to the sheer number of Linux user-developers around the world. Linux-based systems also benefit from a more secure user privileges hierarchy that discourages social engineering attacks, such as malicious email attachments. Its incredible distribution diversity also makes Linux a relatively unattractive target for cyber thieves in comparison to proprietary OSes. Linux comes in various forms and packages from Ubuntu to Debian to Gentoo just to name a few. Because Linux comes in so many different flavors and segmented audiences, it is much more difficult for a cybercriminal to develop a single, effective virus or piece of malware that can affect many users. Proprietary competitors, on the other hand, come in just one or two flavors. Windows, for example, is a prime example of this “monoculture effect”. It is much more profitable, and therefore attractive, for hackers or criminal organizations to develop an attack against Windows, which has a comparably much, much larger user base running identical OSes. Top 5 Linux File & Disk Encryption Tools 7-Zip 7-Zip offers strong command line encryption on Linux. Many people are familiar with 7-Zip as an archiving and zipping utility. However, for Linux user-developers, 7-Zip also offers a suite of robust encryption tools intended to keep your data safe and secure. Find out more about how to encrypt files and data with 7-Zip on your Linux distribution . Tomb Tomb is an excellent, easy-to-use, and minimalist command line encryption tool popular among Linux user-developers. Like Linux itself, Tomb is also totally free and open-source. One of the primary features of Tomb is its ability to generate encrypted storage vaults to be opened and closed using a password chosen by the user. These so-called “tombs” are like a locked folder that can be safelytransported and hidden in a filesystem away from malicious users. Unfortunately, Tomb does not have a graphical user interface (GUI) and relies on command line input in order to function. Learn more about Tomb file encryption on Linux . Cryptmount Cryptmount allows users to not only protect important file systems information but also swap system space. Multiple encrypted file systems can be “mounted”, or made active, or “unmounted”, or deactivated, depending on the users’ immediate needs. This is particularly useful when you want to work in an encrypted environment without having to mess around with your system’s inbuilt partitions. Like the other disk encryption tools above, Cryptmount relies on passphrases to maintain operational security. A strong passphrase will go a long way towards rebuffing cyberattacks and hacking attempts. Learn more about how to protect filesystems with Cryptmount . Gnu Privacy Guard (GnuPG or GPG) GnuPG , also known as GPG, is a unique hybrid encryption tool that not only employs conventional symmetric-key cryptography but also uses public-key cryptography. This two-prong approach to encryption helps speed up the encryption process without compromising OS security. GnuPG is popular among journalists who use the tool to encrypt important documents and protect the identities of their sources. GnuPG operates under the GNU General Public License (GPL) . Download GnuPG - the GNU Privacy Guard - to encrypt and sign your data. Dm-crypt Dm-crypt is great for encrypting entire disks of information, including removable media such as USB sticks, internal OS partitions, as well as individual files. In fact, some Linux distributions even allow Dm-crypt to encrypt and secure root system files. Because Dm-crypt only deals with transparent encryption of block devices, it is much more flexible than other encryption tools. Dm-crypt operates under the GNU General Public License (GPL) . Learn more about how to encrypt a Linux file system with Dm-crypt. The Bottom Line While Linux users enjoy built-in security and privacy as a result of the OS’s open-source nature, architectural diversity and strict user privilege model, this doesn’t mean that your files are safe in the event that your Linux system gets hacked! If you want to keep your sensitive data private, try out one of the awesome file and disk encryption tools for Linux covered in this article and let us know what you think on Twitter . About the Author Stephen Wright Stephen Wright is the founder and CEO of Wright Business Technologies . He is responsible for the overall success of the company, clients, employees, and vendor partners who support the business. Stephen graduated from Texas Tech University with a degree in business management and established Wright Business Technologies in 1992. He later earned his MBA, also from Texas Tech University. . Secure your Linux data with top encryption tools like LUKS, GnuPG, and VeraCrypt, enhancing protection against unauthorized access and data breaches. Linux Encryption Tools, Disk Security Solutions, Open Source Encryption, File Protection Software. . Brittany Day
Sep 04, 2021
•
102
data protectionencryptioncryptographyHow to Secure Email with TLS in Postfix Configuration for Businesses
It is no secret that email is the preferred method of communication for businesses - a trend that has only been magnified with the increase in remote workers brought on by the pandemic. That being said, email is effectively a plaintext communication sent from email clients to receiving email servers or from one server to another, leaving the content of messages in transit vulnerable to compromise without additional protection via encryption technology such as the Transport Layer Security (TLS) standard. . Learn how TLS works to help secure email communications, and how to securely implement TLS in the Postfix open-source mail transfer agent (MTA) to help fortify email against spoofing and data theft. TLS Basics: What is Transport Layer Security (TLS)? Transport Layer Security ( TLS) is a cryptographic protocol that offers end-to-end encryption technology for messages “in transit” from one secure email server that has TLS enabled to another, helping to protect user privacy and prevent eavesdropping or content alteration. TLS is the successor protocol to SSL. It works in much the same way as the SSL, using encryption to protect the transfer of data and information. TLS is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications. For optimal security and privacy of message content, TLS is required between all servers handling email communications (including hops between internal and external servers). It is recommended that all clients and servers insist on mandatory usage of TLS in their email communications - preferably the most recent version, TLS 1.3. TLS is used by leading email providers and ISPs including Google, Microsoft, Yahoo and Comcast, and is also used to secure web communications via HTTPS. How Does TLS Help Secure Email Communications? TLS secures email communications by encrypting messages from mail server to mail server, making it more difficult forhackers to intercept and read messages. The TLS protocol uses a combination of symmetric cryptography - where data is encrypted and decrypted with a secret key known to both sender and recipient - and asymmetric cryptography - which uses a public and private key pair to encrypt and decrypt data - to maintain a balance between performance and security. TLS supports the use of digital certificates to authenticate receiving servers (authentication of sending servers is optional), helping to prevent email fraud and data compromise by verifying that receivers (or senders) are in fact who they claim to be. “Opportunistic TLS” describes a scenario in which TLS is used by both sending and receiving parties to negotiate a secured session and encrypt a message, and represents the most secure implementation of the TLS protocol. The widely used open-source Postfix mail transfer agent (MTA) - which has earned a reputation of being highly secure - can be configured to support TLS , giving Postfix users the ability to encrypt mail and to authenticate remote SMTP clients or servers. Get simplified instructions on how to configure TLS for Postfix configuring ssl tls for postfix 5c87cb54aa89 . Summary Using and enforcing the use of TLS in your email communications must be viewed as an important part of a defense-in-depth approach to securing business email and protecting sensitive information.TLS is used by almost all leading email providers and ISPs; however, the protocol must be properly set up and configured to provide optimal security. In this article, you learned the basics on implementing TLS to help secure against sender fraud and data compromise. If you are would like further details, or have additional questions, please comment below. We'd love to help! This article was originally published on the Guardian Digital blog. . TLS, or Transport Layer Security, is key for secure email communication, encrypting data to protect sensitive info from interception and eavesdropping. TLS Implementation,Email Security, Postfix Configuration, Encrypted Email, Data Protection. . Brittany Day
Jul 19, 2021
•
102
encryptionGnuPGcryptographyGnuPG: A Decade of Innovations in Open Source Encryption Technology
Encryption is one of the main pillars of security, and GnuPG is a robust and flexible tool with great functionality that is fully GPL Licensed. And since it just celebrated its landmark 10th Anniversary, it was an easy choice for our tool of the month. . Ten years is a long time in the open source community; a very long time. Lasting a decade, especially in these years of open source development, is nothing short of remarkable. And like all great open source projects, it came from humble beginnings - it was initiated as a way to encrypt data without relying on restricted patents (namely RSA and IDEA) by Werner Koch from Germany. Why? Back in 1999 Richard Stallman was interested in pursuing a PGP replacement after existing patents had run out and had decided to turn to European developers... U.S. arms trafficking laws were tough, and prohibited the development of such cryptography software. He then introduced the idea that European developers could help to create a crypto tool, and pushed it at a talk in Germany in May of 1997. Looking for a way to contribute, Werner Koch took it upon himself to create this GPL licensed tool (and also consistent with existing standards). He sought to use algorithms that would end up bypassing RSA and IDEA. To do this he used the alternatives Blowfish and Elgamel. With this strategy in hand, he hacked on PGP and implemented the very first GnuPG release on December 20th, 1997, including added file management and streaming encryption. (There is much more to the story, and for the complete overview from Werner Koch himself, go here... ) Considering that it now ranks among the most widely used encryption systems in use with functionality for over ten different encryption formats, support in 16 different languages, full PGP compatibility, a near limitless variety of front-end applications and utility for mail and other uses, GnuPG is one of the best open source tools period, much less a security tool! So for the month of January,we will continue to pay homage to all things in GnuPG and cryptography and present you with articles, HowTo. Ten years is a long time in the open source community; a very long time. Lasting a decade, especiall. encryption, pillars, security, gnupg, robust, flexible. . Anthony Pell
Jan 07, 2008
•
102
security advisoryintrusion detectionauthenticationEnGarde Secure Linux 1.0.1 Advisory: Enhanced Security Threat Mitigation
EnGarde Secure Linux, the next generation in Linux security, is now available for immediate download.. Guardian Digital, the Open Source security company, has today announced immediate availability of EnGarde Secure Linux, a comprehensive suite of Open Source tools that provide a secure and stable foundation for building a secure Internet presence. Engineered from the ground up with specific regard to security, EnGarde Secure Linux incorporates intrusion alert capabilities, a complete suite of e-business applications using AllCommerce, improved authentication and access control, strong cryptography, and complete SSL secure Web-based administration capabilities. EnGarde protects against many forms of attack, not just a particular form of vulnerability. It is also not just a repackaged version of another distribution that claims to be secure. EnGarde is a collection of best-of-breed applications from many sources tuned to provide exactly what is necessary to maintain a secure Internet presence. Featuring the Linux Intrusion Detection System integrated into its design, as well as Web-manageable Tripwire, tools from many Open Source security projects including Openwall, snort network intrusion detection system, and extensive host security improvements, EnGarde Secure Linux strives to be the most secure, yet functional, Linux distribution to date. EnGarde Secure Linux v1.0.1 is available for download from / . Pre-orders are currently being accepted, and will be shipping by April 9, 2001. Orders will include a printed manual, free installation support, and a trial subscription to Guardian Digital's secure online network services. Guardian Digital provides a complete range of support options including incident-based and contractual, as well as AllCommerce development and support. For pre-configured server appliance solutions featuring customized EnGarde Secure Linux and furtherinformation about Guardian Digital, please visit us on the Web at https://guardiandigital.com/ . EnGarde Resources Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo.... The main page for EnGarde Secure Linux. Download EnGarde Secure Linux. Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo.... See the GD WebTool in action. . Guardsman Secure OS has been launched, offering a strong open-source environment enriched with advanced safety attributes.. EnGarde Secure Linux, Open Source Security, Linux Security Tools. . Brittany Day
Mar 30, 2001
•
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More