Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
79
cyber attacksecurity breachhacktivismUGNazi: Cyber Attack On CloudFlare And 4chan Following Arrest
After the FBI arrested Cosmo, the alleged leader of the UGNazi hacking group, the hackers attacked CloudFlare via a flaw in Google's two-factor authentication system. The CloudFlare hack allowed UGNazi to change the DNS for 4chan, so visitors to the site were redirected to a UGNazis Twitter account. The attack on the Wounded Warrior Project site was allegedly done for no reason but to spite The Jester. . The link for this article located at Network World is no longer available. . A new wave of cyber resistance features the UGNazi collective, exploiting security gaps to execute strikes on CloudFlare and other selected entities.. UGNazi Hacktivists, CloudFlare Attack, Cybersecurity Breach, 4chan Hijacking, Hacktivism. . LinuxSecurity.com Team
Jun 07, 2012
•
Security Projects
74
risk managementsecurity implementationauthentication flawsUnderstanding Twitter OAuth Issues and Authentication Flaws
Twitter officially disabled Basic authentication this week, the final step in the company's transition to mandatory OAuth authentication. Sadly, Twitter's extremely poor implementation of the OAuth standard offers a textbook example of how to do it wrong. . This article will explore some of the problems with Twitter's OAuth implementation and some potential pitfalls inherent to the standard. I will also show you how I managed to compromise the secret OAuth key in Twitter's very own official client application for Android. OAuth is an emerging authentication standard that is being adopted by a growing number of social networking services. It defines a key exchange mechanism that allows users to grant a third-party application access to their account without having to provide that application with their credentials. It also allows users to selectively revoke an application's access to their account. Some of the more technical aspects of this article will be easier to understand if you have a basic familiarity with the standard and the problems that it is trying to solve. We published a primer earlier this year that you can refer to if you are looking for additional background information. The article located at arsTechnica is no longer available. . This article will explore some of the problems with Twitter's OAuth implementation and some potentia. twitter, officially, disabled, basic, authentication, final, company's, transiti. . Alex
Sep 02, 2010
•
Network Security
74
security threatshacking techniquessite securityHow Hackers Exploit Weak Site Security Through Search Engines
"... With a bit of ingenuity, anyone can skirt basic password authentication and go straight to the goodies on those sites where administrators are foolish enough to post them. If the desired information is contained in a Web page, anyone . . .. "... With a bit of ingenuity, anyone can skirt basic password authentication and go straight to the goodies on those sites where administrators are foolish enough to post them. If the desired information is contained in a Web page, anyone can find it." The link for this article located at TheRegister is no longer available. . Uncover the methods utilized by cybercriminals to exploit inadequate online security and simplistic login vulnerabilities through search engines, highlighting major threats.. web exploits, site security issues, online authentication flaws. . Anthony Pell
Jun 05, 2000
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More