Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
83
malwareapache modulecyberattackEvil Apache Module Facilitates Banking Trojan Attacks on Users
A malicious Apache module found operating in the wild turns sites running the Internet's most popular Web server into platforms that surreptitiously install malware on visitors' computers.. The plugin, which was discovered by researchers from antivirus provider Eset, is an x64 Linux binary that streamlines the process of injecting malicious content into compromised websites. It was found running on an undisclosed website that exposed end users to a variety of exploits that installed the ZeuS banking trojan, also known as Win32/Zbot. It also pushed malware from Sweet Orange, a newer exploit kit hosted by servers in Lithuania that competes with ZeuS. When Eset discovered the plugin last month, it was connecting to command and control servers in Germany and was being used to target banking customers in Russia and elsewhere in Europe.. The plugin, which was discovered by researchers from antivirus provider Eset, is an x64 Linux binary. malicious, apache, module, found, operating, turns, sites, running, internet's, popula. . LinuxSecurity.com Team
Dec 21, 2012
•
Hacks/Cracks
79
security enhancementopen source toolsapache moduleEnhancing Apache Server Farms with Open Source WAF and Rate Limiting
Do you manage Apache based web server farms with Web Application Firewall (WAF) requirements that revolve primarily around a need for central thresholding/rate limiting features? Have you found an open source WAF solution that fulfills this need? Well if you haven't, I take extra special joy in the public sharing of two open projects that I'm involved with, serving the roles of cheerleader ;), tester and injecting scope creep whenever possible to solve various forms of abuse. . Mark Thomas has accomplished some excellent work on a pair of tools consisting of an Apache2 module 'mod_webfw2' and the 'Thrasher' central rate limiting engine. These tools provide a web application firewall with dynamic rule update features making the "dreaded server farm bounce to enable new or modified rules" a thing of the past. Mod_webfw2 with Thrasher support also make trivial the task of tracking abusive clients across server farms whether those farms consist of one, several or hundreds of hosts. The tools suite has been deployed successfully in stomping out automated, distributed attacks on web apps that include (and are not limited to) Account Registration interfaces, Authentication, Webmail, Search engines, Comment/Guestbook/Article abuse, Proxy servers and Web Scraper abuse mitigation. While I would never be so foolish as to call these tools an HTTP DDoS silver bullet, we have seen the technology-pair successfully deployed as a mitigation against HTTP resource utilization DoS attacks. Mod_webfw2/Thrasher does not intend to replace or compete with the deep inspection engine available in the open source mod_security, but they operate quite complementary to one another when you have requirements for the advanced features of mod_security along with the need for centralized rate limiting. The mod_webfw2 and thrasher project is seeking project testers and contributors. [All of Article] The link for this article located at SANS is no longer available. . Delve into cutting-edge open source Web ApplicationFirewall (WAF) solutions developed by Mark Thomas that bolster web app security through advanced rate limiting functionalities.. Open Source Security Tools, Rate Limiting, Web Application Firewall. . LinuxSecurity.com Team
Jan 25, 2010
•
Security Projects
77
security solutionapache moduleweb hostingFlexibility And Security With Apache Web Server's suEXEC Module
One of the biggest problems for both Web hosting providers and clients is server security. How do you provide a flexible server environment for the client while maintaining some level of security? In this article, Jamie Wilson explains how the Apache Web server and the suEXEC module make that possible. . . .. One of the biggest problems for both Web hosting providers and clients is server security. How do you provide a flexible server environment for the client while maintaining some level of security? In this article, Jamie Wilson explains how the Apache Web server and the suEXEC module make that possible. Apache is one of the most widely used Web servers on the Internet. Its easy-to-read configuration file and excellent scalability make it a perfect solution for a wide range of Websites. One of Apache's many optional modules, called suEXEC, provides complete flexibility for users while maintaining a level of control and security acceptable to administrators. The link for this article located at Unix Insider is no longer available. . Tackling the vulnerabilities in web server platforms using suEXEC to establish adaptable and monitored hosting conditions.. Server Control, Apache Module, Web Hosting Security, Suexec Solution. . LinuxSecurity.com Team
Mar 28, 2001
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More