Stay Ahead With Linux Security Features
threat detection scalability Building a SIEM is easier than scaling one. Most open-source deployments start as a simple "all-in-one" server. It is easy to set up, but that design rarely survives the transition from a lab to a production workload. . A SIEM watching 20 endpoints is not doing the same job as one watching 500. More endpoints mean more logs; more logs require more storage; more storage makes search heavier. Eventually, the very architecture that made your lab easy to deploy becomes the reason your production...
Jun 04, 2026
security advisory apache A newly disclosed attack technique called HTTP/2 Bomb is drawing attention because it targets the software that sits at the front of much of the Linux internet. Apache HTTP Server, NGINX, Envoy, and the ingress layers that many Kubernetes environments depend on can be forced into consuming disproportionate amounts of memory using relatively small amounts of attacker traffic. . For Linux administrators, the concern is not the HTTP/2 protocol itself. It is the possibility that a single...
Jun 04, 2026
security advisory important The compromise of Nx Console shows how much infrastructure now sits behind a single developer account. GitHub repositories, CI/CD pipelines, container build systems, Terraform projects, Kubernetes deployments. None of those systems was the initial target. The workstation was. . Attackers did not need a Linux privilege escalation bug or a remote code execution chain. They needed developers to trust a tool they were already using. For many organizations, that was enough. What Happened? Federal...
Jun 03, 2026
security advisory open-source You remove the malware. You rotate the compromised credentials. You patch the original vulnerability and close the ticket. Two weeks later, the attacker is back. . What happened? You didn't lose the battle at the exploit; you lost it at the cleanup. In many modern Linux intrusions, the malware you found wasn't the main problem—it was the fallback mechanisms left behind. These hooks quietly restore attacker access the moment you look away. If you clean a host but miss these persistence layers,...
Jun 02, 2026
security advisory Red Hat Researchers investigating a campaign now tracked as Miasma found that more than 30 packages in Red Hat's @redhat-cloud-services npm namespace had been altered to deliver credential-stealing malware. . The packages weren't being used to deploy ransomware or sabotage systems. From what has been reported so far, the objective appears to have been much simpler: collect credentials from developer environments and use that access elsewhere. GitHub tokens, cloud credentials, SSH keys, and other...
Jun 02, 2026
Refine features
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security features
We found -1 articles for you...
102
open sourcesystem administrationLinux advocacyCelebrating 24 Years of LinuxSecurity as a Security Resource for Everyone
LinuxSecurity.com , the open-source community’s go-to source for security news and information, celebrates providing the Linux community with timely, authoritative industry content for nearly two and a half decades. . The site is a valuable resource for Linux users, system administrators and ethical hackers - informing community members of the latest cyber security-related news, trends and advisories. The comprehensive website design is packed with informative guides and articles to help system administrators, security analysts and developers get answers to their top Linux and open source security questions. LinuxSecurity.com is a resource for information and discussion pertaining to security matters that affect Linux users. The site provides content related to topics including hacking, open-source security products/projects, cryptography, blockchain, AI, machine learning and much more. The LinuxSecurity.com audience is fairly diverse, yet shares a passion for Linux and Open Source and an awareness of the importance of security. Some key features of LinuxSecurity.com include: HOWTOs, Feature Articles and industry news Original feeds for RSS readers Industry polls to highlight trends and current events Newsletters to receive the latest industry analysis Book reviews & interviews with leading experts New comment system and community forums A recent Feature Article examines how Linux users can upgrade their threat detection strategy by deploying honeynets. Since 1996, Linuxsecurity.com has been the most comprehensive resource for all things in the world of security and Open Source. And as Open Source continues its rise in securing the world's information, LinuxSecurity.com is continuing its pursuit of being at the forefront of this exciting growth. “LinuxSecurity.com was started in an effort to chronicle the open-source revolution and to bring the complicated and fast-paced nature of open-source and security to the community in away that was easy to follow,” writes Dave Wreski, open-source security pioneer and founder of the site. “We have watched the site go from something started by a few geeks decades ago to a valuable resource viewed by millions.” Paul D. Robertson, Cybersecurity Expert and moderator of Security-Wizards on Facebook agrees: "From threat intelligence to how-to information, Linuxsecurity.com continues to be a paragon of great information for developers, security professionals and regular users. Two decades of outstanding content are a phenomenal achievement!" Creating an account on LinuxSecurity.com is easy, and provides access to a host of valuable features within the site. Register using a social media account or on the site itself. Newsletters are available that cover topics including current security advisories and a digest of the latest news for the week. A new feedback system makes it easier to reach the site administrators, contribute an article, or address general concerns. LinuxSecurity.com is powered by Guardian Digital, Inc. , the open-source email security company, as a way to give back to the community. Guardian Digital builds business email solutions with an intense focus on security- with unrivalled customer support, designed to ease information technology overhead for its customers. Through LinuxSecurity.com, Guardian Digital aims to help educate and inform as many members of the open-source community as possible about the merits of Open Source. Connect with us: Twitter | Facebook . Essential asset for Linux enthusiasts, system administrators, and ethical penetration testers, delivering updates and perspectives on digital security.. LinuxSecurity, Cybersecurity Resources, Security News, System Admin Insights, Open Source Advocacy. . Brittany Day
Jun 16, 2020
•
102
open sourceuser experiencesecurity resourceLinuxSecurity: New Site Launching February 4, 2019 with Enhanced Features
After many months of development by a dedicated team of programmers and beta testers, the new LinuxSecurity is almost ready! With an all new look & feel, organizational changes, security events, and additions to our staff, we hope to better serve the Linux and open source community. Although there are many aesthetic improvements, a major part of our development has focused on creating a content structure and backend system that is easy to update. . The open-source community is constantly growing and evolving, and security matters and concerns pertaining to Linux users are anything but stagnant. As passionate members of the Linux community and maintainers of LinuxSecurity.com, we feel it is extremely important that this central security resource for open-source community members stays up-to-date and continues to provide Linux users with relevant content and the best possible overall experience each time they visit. To ensure this, we have chosen to launch a new and improved version of LinuxSecurity.com. LinuxSecurity.com has been trusted by Linux users since 1999 to provide the latest open-source security-related news, distribution advisories, HOWTOs and other information pertaining to the community. The new LinuxSecurity.com will include an improved version of all of these features, along with other new features such as forums, polls and book reviews. With a more contemporary design, the new site will be much easier to navigate and will contain updated graphics which should improve visitors’ visual experience on the site. At the moment, we are in the process of migrating content from the current site to the new site. The new site is expected to launch on February 4, 2019. Mark your calendars and stay up-to-date by visiting our Facebook and Twitter pages frequently for more information and announcements regarding the launch. We are excited to share this amazing new resource with you! Sincerely, The LinuxSecurity.com Administrative Team Find us on social media: Twitter: @lnxsec Facebook: LinuxSecurity . The open-source community is constantly growing and evolving, and security matters and concerns pert. months, development, dedicated, programmers, testers, linuxs. . Brittany Day
Feb 11, 2019
•
102
open sourcesecurity resourceLinux advisoryLinuxSecurity.com: A Journey of Community-Driven Growth
Welcome to the new LinuxSecurity.com! I must admit, I am really proud of what we have been able to accomplish over the years. LinuxSecurity.com has grown from a small idea that a couple of security geeks had in 1999, to a major and well respected Linux resource. With an all new look & feel, organizational changes, security events, and additions to our staff, we hope to better serve the Linux and open source community. Although there are many aesthetic improvements, a major part of our development has focused on creating a content structure and backend system that is easy to update. . Since the beginning, we have been able to maintain one of the largest, if not the largest and most comprehensive Linux advisory archive on the Internet. Through the years, we have scoured the net for thousands of hours to bring fresh and relevant articles, papers, and resources to you. It wasn't easy in the beginning. We had to create the site from scratch and build a community-wide reputation. The site was started in 1999, the middle of the dot-com boom. Dave Wreski, a Linux security expert and the original founder of LinuxSecurity.com had great foresight. He envisioned the widespread use of Linux as well as many other open source tools. Rather than companies spending thousands of dollars on proprietary tools, he saw a world where open source would be respected and adopted because of its flexibility and greater security through open standards and full disclosure. Looking back nearly five years, his vision and predictions have been remarkably accurate. Not only has Linux taken off, but open source in general has made remarkable strides. Companies such as Guardian Digital have been able to use an entirely new business model to produce and release software, services, and hardware. No longer is software merely a boxed product on a shelf, but it is now a flexible piece of clay that can be formed to satisfy any business need. As open source provides individualsthe freedom to use software in any way they choose, it provides businesses the opportunity to solve real business problems without the hassle of proprietary licenses and/or thousands of hours of consulting fees to make minor system changes. Open source flexibility also can translate to greater security. Administrators now have the ability to apply updates as soon as they are discovered, peer review each other's code, tap the expertise of others, create additional layers of security by using old hardware to create additional firewalls/intrusion detection systems/log servers, etc. Linux and open source enthusiasts have created a community like no other. Projects rise and fall on their own merits, and competition between them only leads to the greater good of the community. People only contribute to projects that they believe in and benefit from. Over the years, I have believed in LinuxSecurity and the EnGarde Secure Linux project. The fire to develop, promote, and stand behind open source projects is still burning in me. One thing that has fueled my fire is LinuxSecurity.com's growth rate. We went from averaging just a few thousand page views a month to millions. For several years now, LinuxSecurity.com has been self reliant on its own advertising revenue. Also, we have received an amazing level of support from Guardian Digital, Inc. Guardian Digital provides all servers, EnGarde Secure Professional to use as a base operating system, and donates countless staff-hours to keep the site operational. LinuxSecurity.com belongs to the community, but it would not be possible without Guardian Digital. Another promising anecdote is the support and praise from the community. We have received countless emails thanking us for the service that we provide as well as sending us feature articles to share with the rest of the community. I have met complete strangers at Royal Holloway, University of London (UK), people at varioussecurity conferences, as well as people at my hometown (Louisville, KY) computer retail store who have all heard of and love LinuxSecurity.com. We're far from famous, but it is heartwarming to know that we are making an impact across the world. Many of you have grown to love LinuxSecurity.com's constant stream of news, advisory archive, features, newsletters, tips, documentation, and resources. We've tried to keep the new structure consistent to the old site, but some changes were inevitable. Although a major part of the development is complete, additional enhancements are in progress. Some of the new features on LinuxSecurity.com include the ability to post comments on content items, discussion forums, Linux user group & event listings, chat events, an expanded news archive, as well as countless minor changes. In the very near future expect features such as user customizable news & advisory listings, interactive features, education events, new documentation, and more. How can we give you what you want? You have to tell us! Send us your ideas, articles, or donate your time. Like all open source projects, LinuxSecurity requires hours of work. If you can contribute in any way, we would love to hear from you. The new site that you see is a result of countless hours of work by many individuals. I wanted to publicly acknowledge the support and commitment from Dave Wreski, the expert programming of Ryan Maple and Joe Shakespeare, the coordination and planning of the project by Nicole Pearson and Marie Macera, graphic design and creative support from Jen Zukowski, and additional support from Alison Parker, Mark Rechler, Pete O'Hara, and Charles Yoo. Your commitment to LinuxSecurity.com is a great service to the community. Thank you all! Well, it's up! Please enjoy it, and tell all your friends. We're in the middle of an open source revolution. Please come with us and help make a difference. Best Regards, Benjamin D. Thomas
Dec 01, 2004
•
102
risk managementsecurity practicesapplication securityEssential Takeaways from Sean Boran's Guide to IT Security Solutions
Over the past five years, Sean Boran has put together what has become the most comprehensive online Internet security resource available. LinuxSecurity recently had an opportunity to chat with the author, talk about its new home at LinuxSecurity.com, and a few words about the resource itself. . The IT Security Cookbook contains valueable information for security professionals, computer users, and system administrators on topics including security policy development, operating system security, application security issues, and much more. LinuxSecurity.com, the community's center for security, has made available the resources within the IT Security Cookbook to its users and provided Boran Consulting with a new home, as well as email and DNS services. Sean Boran , author of the IT Security Cookbook and president of Boran Consulting explains that the resources of LinuxSecurity.com provides less expensive hosting for his free resource. Sean adds, "It also increases its exposure to Linux readers, given the pull that LinuxSecurity has." "I was already a pretty frequent visitor to LinuxSecurity.com," writes Sean, "so it seemed quite a natural place to host the cookbook, when the idea was proposed." LinuxSecurity.com: Why is it important for IT professionals to read your cookbook? Sean Boran: Because it starts at the top (policies) and goes all the way down to technical recommendations. LinuxSecurity.com: What is the intended audience? Sean Boran: Well there a general policy/classification section that is probably of interest to a large audience, where as the technical chapters on UNIX and Windows are useful to administrators of these systems. More precisely: Line managers (Chapters 1-4, 6). Computer Users (Chapters 1, 2, 6.2 User Policy) System administrators, Security administrators: Chapters 7-22 Technical Project leaders: Chapters 1-7, 15. LinuxSecurity.com: Why did you write the cookbook in the first place? Sean Boran: I didn't see anything similar on the net at the time (back in 1995/6), there was a few documents here and there, but little that pulled the various security issues together. I also wanted to make my contribution to the Internet, instead of "just taking" ... For example I use lots of free software developed by others, this was my way of "doing my bit". Security was a pretty closed affair a few years back, before SANS and all the new portals such as LinuxSecurity.com, I wanted to share ideas and allow peer review of my ideas. LinuxSecurity.com: How long has it taken to write? Sean Boran: About 1 year, with many additions/corrections over the last 5 years. Mind you like much "software" it's probably due a rewrite! LinuxSecurity.com: What does Boran Consulting do? Sean Boran: We provide IT Security and Operations services to our customers. The exact focus depends on the environment and customer needs. Last year we did a lot of work on Intrusion detection systems and audits, a few years back the focus was more on education, policy, strategies and concepts. Over the last two years many articles were written for SecurityPortal until it's demise last summer. These articles allowed me to better document and generalise tools and ideas I was using in the consulting practice. LinuxSecurity.com: What are your future plans for the reference? Sean Boran: I've been working on a series of accompanying articles on Solaris hardening, ssh and Linux. These are not yet integrated into the book, but can be reach at Sean Boran's Published Articles . I really need to review and review the book entirely, expecially the techie chapters, but am having trouble finding the time.. LinuxSecurity.com: What are some of the major pitfalls Linux administrators fall into? Sean Boran: Complacency Using default settings (though the vendors are improving a lot here) Installing too much software Notmonitoring logs Don't have policy, or have never really analysed the risk: they may be concentrating in the wrong area. LinuxSecurity.com: How can your reference solve these problems? Sean Boran: Many Linux users are techies and have a pretty good grasp of the techical issues of secuity, and sites like LinuxSecurity can keep them up to date. But a crash course on Policies and Risk management would do no harm. This book crosses many boundaries, from policy to security management to firewalls, from penetration testing to securing NFS to using encryption. LinuxSecurity.com: What do you feel is the most common Linux vulnerability? What can be done to prevent it? Sean Boran: The buffer overflow. Measures: Only install what you really need. Watch the logs of any active network daemons carefully, and chroot 'em if you can, don't run them as root if possible. Only let people access your system who really need to. Setup a regular patching schedule Pray that SW will get better... LinuxSecurity.com: Do you believe the open source nature of Linux provides a superior vehicle to making security vulnerabilities easier to spot and fix? Sean Boran: In the long run yes, but it's been painful. The basic problem is that 99% of people USE open source, but only 1% or so have to do all the work and write the stuff. I'm convinced that it's a good thing and we should all do our bit to support open source, I'd especially like to see large corporations committing programmers to key OpenSource projects. LinuxSecurity.com: Sean, thanks for taking a minute to speak with us today. . Explore core principles outlined in the IT Security Cookbook designed for both experts and end-users regarding essential protective measures and security regulations.. IT Security Cookbook, Security Guidance, Online Security Resource, System Administration, IT Security Practices. . Brittany Day
Feb 25, 2002
•
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More