Stay Ahead With Linux Security Features
security advisory attack A Linux server gets cleaned up after an intrusion. The suspicious process is terminated, credentials are rotated, and the system is rebooted during maintenance. Everything seems secure. A few hours later, the same outbound connection appears again. . Situations like that point to persistence . The attacker no longer needs the original exploit because something on the host continues restoring access behind the scenes. Finding that mechanism is often more important than understanding how the...
Jun 08, 2026
threat detection scalability Building a SIEM is easier than scaling one. Most open-source deployments start as a simple "all-in-one" server. It is easy to set up, but that design rarely survives the transition from a lab to a production workload. . A SIEM watching 20 endpoints is not doing the same job as one watching 500. More endpoints mean more logs; more logs require more storage; more storage makes search heavier. Eventually, the very architecture that made your lab easy to deploy becomes the reason your production...
Jun 04, 2026
security advisory apache A newly disclosed attack technique called HTTP/2 Bomb is drawing attention because it targets the software that sits at the front of much of the Linux internet. Apache HTTP Server, NGINX, Envoy, and the ingress layers that many Kubernetes environments depend on can be forced into consuming disproportionate amounts of memory using relatively small amounts of attacker traffic. . For Linux administrators, the concern is not the HTTP/2 protocol itself. It is the possibility that a single...
Jun 04, 2026
security advisory important The compromise of Nx Console shows how much infrastructure now sits behind a single developer account. GitHub repositories, CI/CD pipelines, container build systems, Terraform projects, Kubernetes deployments. None of those systems was the initial target. The workstation was. . Attackers did not need a Linux privilege escalation bug or a remote code execution chain. They needed developers to trust a tool they were already using. For many organizations, that was enough. What Happened? Federal...
Jun 03, 2026
security advisory open-source You remove the malware. You rotate the compromised credentials. You patch the original vulnerability and close the ticket. Two weeks later, the attacker is back. . What happened? You didn't lose the battle at the exploit; you lost it at the cleanup. In many modern Linux intrusions, the malware you found wasn't the main problem—it was the fallback mechanisms left behind. These hooks quietly restore attacker access the moment you look away. If you clean a host but miss these persistence layers,...
Jun 02, 2026
Refine features
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security features
We found -2 articles for you...
102
security advisoryopen sourcesecurity solutionCrowdSec Bouncer for WordPress: Effective Protection Against Attacks
The CrowdSec team is expanding the capabilities of their open-source and free security solution by finalizing the release of its brand new application bouncer on the WordPress marketplace . This new bouncer is compatible for versions 1.0.x and beyond. Given that the vast majority of websites in the world are hosted on WordPress, this addition will improve CrowdSec's defense arsenal in its mission to defend the greatest number. . First steps This bouncer has been designed to protect WordPress-hosted websites from all kinds of attacks. To be able to use this blocker, the first step is to install CrowdSec v.1.0.x. Release v1.0.4 · crowdsecurity/crowdsec · GitHub The installation and configuration of the plugin can be done in a few clicks from the WordPress marketplace. Please note that first and foremost CrowdSec must be installed on a server that is accessible via the WordPress site. Remember: CrowdSec detects, bouncers deter. A step that is fortunately greatly facilitated by the solution's intuitive wizard. Within ten minutes your WordPress site will be protected from attacks by the user community, now spanning more than 70 countries and 400 cities. The “Flex mode” - a bulwark against false positives Thanks to the "Flex mode", it is impossible to accidentally block access to your site to people who don't deserve it. This mode makes it possible to never ban an IP but only to offer a Captcha, in the worst-case scenario. CrowdSec blends into your design When a user is suspected to be malevolent, CrowdSec will either send him/her a Captcha to resolve or simply a page notifying that access is denied. Please note that it is possible to customize all the colors of these pages in a few clicks so that they integrate best with your design. On the other hand, all texts are also fully customizable. This will allow you, for example, to present translated pages in your users’ language. The standard "Captcha wall" looks like this: Youwill be able to customize it as you feel like. Below is an example after having played a little with colors and texts: The right balance between performance and security By default, the "live mode" is enabled. The first time a stranger connects to your website, this mode means that the IP will be checked directly by the CrowdSec API. The rest of your user's browsing will be even more transparent thanks to the fully customizable cache system. But you can also activate the "Stream mode". This mode allows you to constantly feed the bouncer with the malicious IP list via a background task (CRON), making it to be even faster when checking the IP of your visitors. Besides, if your site has a lot of unique visitors at the same time, this will not influence the traffic to the API of your CrowdSec instance. If you've ever been confronted with high traffic, you are probably familiar with Redis or Memcached technologies. You have the capability to activate these caching technologies in the CrowdSec bouncer settings to guarantee invisible IP control on your site. CDN-friendly without forgetting other load balancers If you use a CDN, a reverse proxy or a load balancer, it is now possible to indicate in the bouncer settings the IP ranges of these devices in order to be able to check the IP of your users. For other IPs, the bouncer will not trust the X-Forwarded-For header. Coming up next Soon, the plugin will have a dashboard allowing you to visualize the activity of your bouncer in live. It will also be possible to connect directly to CrowdSec's global reputation database, without having to install an agent on your machine if you don't wish to. Widely tested, 100% open source This plugin has been tested on the vast majority of WordPress versions installed in the world (90%+), according to WordPress real-time statistics. It has also been tested on a very wide range of PHP versions (7.2, 7.3, 7.4 and 8), the language in which WordPress is coded. This plugin is released under MIT, themost permissive and free license in the world. Its source code is fully available on GitHub . Fortify your WordPress site with the latest CrowdSec bouncer to guard against a range of threats and ensure your online presence remains secure.. CrowdSec Bouncer, Open Source Security, Website Protection, Attack Prevention, WordPress Security. . Brittany Day
Apr 26, 2021
•
102
open sourcesecurity solutionemail securityGuardian Digital's EnGarde Email Security Gateway Redefines Resilience
Resiliency is an important factor to consider when evaluating an email security solution, yet this characteristic often goes overlooked.. When choosing an email security solution, people often consider the technology it utilizes and how this technology is implemented to provide protection against current email-related threats. These are critical aspects to take into account, given that organizations are dependent on email for communications and email is currently the most popular attack vector for cybercriminals. An attribute that often remains unconsidered is resiliency or, in other words, how reliable and secure a solution is over time. Resiliency is a quality that is critical in determining if a solution can provide effective, uninterrupted protection against the myriad of dangerous attacks that constitute today’s email threat landscape. A significant factor in determining the resiliency of a solution is the software it is comprised of and the operating system it runs on. For numerous reasons, Linux and open source software have a greater potential to achieve a very high level of security than alternative operating systems and proprietary software do. The open source development model offers inherent security advantages, making open source products and technologies secure by design. Because of the collaboration and transparency involved in the development of open source software, vulnerabilities and potential security issues are rapidly detected and fixed. As a result of this collaborative development and review process, Linux is inherently more secure than proprietary OS alternatives like MacOS or Microsoft Windows. The various security advantages associated with open source technology make email security solutions that run on Linux and utilize open source software both highly secure and highly resilient. Key Features of Guardian Digital's Open-Source EnGarde Email Security Gateway: 1. Highly effective protection against sophisticated new and existing email-related threats includingphishing, business email compromise, malware, email spoofing and spam email 2. Rapid and highly accurate identification and quarantine of malicious email 3. Advanced machine learning and heuristics technology, Big Data techniques and broad file type analysis 4. Customizable to fit businesses’ specific demands 5. Exceptional customer support 6. Comprised of entirely open-source software and operated on an inherently secure hardened version of Linux 7. Cloud-based and highly convenient “For over a decade we’ve counted on Guardian Digital’s solutions for a more secure and reliable mail environment. I’m grateful for their years of great service — the staff is professional and prompt and has always had a quick resolution to our mail inquiries or any other issues.” -Sheldon Huey, Best Western International, Senior Operations Manager, Enterprise Email Guardian Digital just recently decommissioned two mail systems that were running optimally for more than four years without being rebooted or adjusted beyond standard maintenance. These systems reliably routed hundreds of millions of emails over their lifetime. They offered a myriad of businesses highly effective protection against serious and evolving email-related threats including spear-phishing, business email compromise and ransomware. All of Guardian Digital’s mail systems run on a hardened version of Linux specifically developed to optimize the systems’ security and reliability over time. A combination of the inherent security of Linux, the expertise of Guardian Digital engineers, and an strong emphasis on quality and customer service results in systems that will reliably route mail virtually indefinitely. In the long run, the performance of these systems is truly unrivaled. . When choosing an email security solution, people often consider the technology it utilizes and how t. resiliency, important, factor, consider, evaluating, email, security, solution. . Brittany Day
Dec 26, 2018
•
102
security solutionemail securityemail protectionGuardian Digital Launches Secure Mail Suite 3.0: Enhanced Email Protection
Guardian Digital, the premier open source security company, announced the availability of the next generation Secure Mail Suite, the industry's most secure open source corporate email system. This latest edition has been optimized to support the changing needs of enterprise and small business customers while continually providing protection from the latest in email security threats.. ALLENDALE, NJ-June 9, 2004 - Guardian Digital, the premier open source security company, today announced the availability of the next generation Secure Mail Suite, the industry's most secure open source corporate email system. This latest edition has been optimized to support the changing needs of enterprise and small business customers while continually providing protection from the latest in email security threats. "With technology changing so rapidly and email threats evolving daily, the requirements of corporate email users are forever changing. As a result, we developed this latest version of Secure Mail Suite to adapt to the changing needs of organizations in both security and functionality. Utilizing the best and most technologically advanced open source tools and recognized as best-in-class for combating email threats, Secure Mail Suite will truly help organizations of all sizes securely leverage the merits of today's most important communication medium," states Dave Wreski, CEO of Guardian Digital, Inc. Integrated into its adaptive open source design, Secure Mail Suite 3.0 effectively addresses common resource issues including unlawful resource usage due to the perpetual influx of unsolicited junk mail, malicious message content and inappropriate or non-work related emails. The cornerstone of Guardian Digital Secure Mail Suite is a robust, integrated anti-virus, anti-spam,and corporate policy enforcement system. Powered by Guardian Digital's innovative Content and Policy Enforcement (CAPE) Engine, Secure Mail Suite scans all incoming and outgoing transmissions to identify and filter out spam, viruses, malicious code and file attachments and offensive content, before having an opportunity to harm or disrupt the network. "The open source architecture that Secure Mail Suite delivers affords AT&T New Zealand the flexibility to provide enterprise messaging solutions for customers, and to implement scalable email services specifically for our market," writes Jeff Rapp, security analyst, AT&T New Zealand. "The comprehensive coverage of security and management features are increasingly attractive, and the latest version from Guardian Digital represents an even greater cost-effective solution." Keeping corporate inboxes secure and business-critical communications efficient, Secure Mail Suite is the only application in its class incorporating power-packed security applications and unsurpassed productivity features. The integrated features in Guardian Digital Secure Mail Suite 3.0 provides advanced spam protection with pinpoint accuracy, protection from email borne viruses, comprehensive web-based group collaboration, LDAP integration and much more. Secure Mail Suite 3.0 also includes: Simplified web-based management system to ease configuration and maintenance duties. Resilient architecture to continually adapt to threats changes and ensure networks remains secure and updated. Powerful spam protection including heuristics system, adaptive content analysis and whitelists and blacklists on user and system levels. Envelope and content analysis, preventing many attacks before entering the system. Resource limit management includesconfigurable attachment stripping, spam scanning based on file size, and adjustable time-outs on filtering operations. Protection for both inbound and outbound communications. Protection from malicious code, virus, Trojan horse and mail bomb attacks and denial-of-service threats. Policy design and enforcement to increase user productivity and defend against unsuitable or offensive content. Automatic debugging mechanism to expedite customer service and ensure the consistent integrity of the system. Comprehensive mailing list manager to efficiently and securely send emails to thousands of mailing list subscribers. As a compliment to the many core features, Secure Mail Suite 3.0 delivers advanced access controls and authentication mechanisms, comprehensive auditing and reporting features, as well as automatic updates through Guardian Digital Secure Network services for consistent protection from the perils of conducting business critical communications on the Internet. Secure Mail Suite is the perfect companion to Guardian Digital's flagship product EnGarde Secure Linux. EnGarde, the industry's most secure open source operating system, integrates bulletproof security features with ease of management, strong encryption standards, Web services, gateway firewall protection, intrusion detection and much more. Working in conjunction with Secure Mail Suite 3.0, EnGarde provides small and large organizations with the security and productivity applications necessary to keep their systems productive while virtually eliminating Internet and network threats. For more information on Secure Mail Suite and EnGarde Secure Linux, visit Guardian Digital on the Web at Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo.... . Pricing & Availability Secure Mail Suite isnow available starting at $749. Content and Policy Enforcement Engine options are available for spam and virus licensing. All options include a free year subscription to the Guardian Digital Secure Network as the primary means to obtain system and security updates as well as regular intrusion and prevention engine updates. Comprehensive annual support subscriptions are also available. About Guardian Digital, Inc. Guardian Digital, the premier open source security company, offers the first secure, open source Internet infrastructure system. Based on Guardian Digital's operating system platform, EnGarde, the company provides enterprises with the software and services necessary for secure computing on the Internet. By leveraging the merits of the collaborative open source design model, coupled with the company's security and Internet expertise, Guardian Digital solutions maintain the highest degree of security and reliability. Founded in 1999, Guardian Digital is headquartered in Allendale, New Jersey. For additional information, please visit Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo.... or call 1-866-GD-LINUX . Contact: Alison Parker Guardian Digital, Inc. Corporate Communications 201-934-9230
Jun 09, 2004
•
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More