Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
78
security certificationautomated analysisopen-source projectCoverity Certification: Eleven Open-Source Projects Verified Secure
Coverity, which creates automated source-code analysis tools, announced late Monday its first list of open-source projects that have been certified as free of security defects. Eleven projects made the list: Amanda, NTP, OpenPAM, OpenVPN, Overdose, Perl, PHP, Postfix, Python, Samba, and TCL. This list of projects may seem fair and equitable. And certainly, Perl, Postfix, Amanda and others can be very secure. But PHP? Granted, the project is done with a contract from DHS as well as association with Stanford University. And their certification boasts... . strong requirements especially for moving up the "rungs" on their "ladder." Is it all that it cracks up to be? This ladder, however systematic, seems on the light end and is driven solely by Coverity's own logic and vocabulary. Some of the descriptions as to their criteria include that "projects progress to the next rung by selecting a set of official contacts to represent the project to Coverity." There is little to state what criteria is used, why this matter and how a project gains the next "rung." This seems like a good effort, but the arbitrary nature of the rational in what actually makes these projects secure seems a little watered down. Heck, anyone can make a ladder... Thoughts? The link for this article located at CNET.com is no longer available. . strong requirements especially for moving up the 'rungs' on their 'ladder.' Is it all that it cracks. coverity, which, creates, automated, source-code, analysis, tools, announced, monday, first. . LinuxSecurity.com Team
Jan 08, 2008
•
Vendors/Products
74
malware classificationautomated analysisreverse engineeringAnalyzing Malware Classification Through Automation and Research
The reverse engineer--better known amongst security researchers by his nom de plume, Halvar Flake-- created an automated system for classifying software into groups, a process he believes for which machines are much better suited. Research using the system has underscore the sometimes-arbitrary decisions humans make in classifying malicious programs, he said. . Among other anomalies, he found that Sasser.D has only a 69 percent correlation to previous members of the Sasser family, while two example of bot software, Gobot and Ghostbot, are much more similar. "It's like putting donkeys and bunnies in the same class because they both have long ears," Dullien, the founder and CEO of reverse-engineering tool maker Sabre Security, said in a recent interview. The link for this article located at Security Focus is no longer available. . Uncover the advanced mechanism for identifying malware and its proficiency in evaluating software patterns.. Malware Analysis, Automated Classification, Reverse Engineering Tools. . Brittany Day
Jun 08, 2006
•
Network Security
78
application securitysecurity solutionsecurity policyMagniFire TrafficShield: Advanced Protection For Web Applications
The Application Flow model may be best described as an automatic analysis of content. Based on how a user interacts with an application over time, policies are designed to allow the user leeway to accomplish their task. Generating policies of . . . . The Application Flow model may be best described as an automatic analysis of content. Based on how a user interacts with an application over time, policies are designed to allow the user leeway to accomplish their task. Generating policies of this nature would normally take an admin months of analyzing patterns and behaviors of not only the application, but also the usage of the application. Unlike other technologies on the market today, MagniFire is the first to protect web based applications and infrastructure with the same comprehensiveness and efficiency of a network firewall protecting the network infrastructure. MagniFire achieves this through a patent-pending technology known as the Application Flow Model. This maps each application to build a highly accurate model of the user interaction to automatically generate a granular security policy that is tailored to the individual application. MagniFire is the first to achieve true "positive security logic" in protecting web applications without time consuming and costly manual configuration. Because 70% of hack attacks come through the application layer, companies are beginning to realize that they have to do something to stop it, without blocking valuable customers from doing business. MagniFire's new approach to protecting web applications and infrastructure finally gives companies the ability to block known and unknown attacks without generating the false positives and false negatives that have plagued other solutions in the past. MagniFire highlights: Patent-pending technology identifies the inherent vulnerabilities in any application, "maps the app" and all legal user interaction, recommends a granular security policy that blocks all known and unknown threats Eliminates heavy manualconfiguration and set up costs, as well as the need to scan and patch applications, offering the lowest TCO solution on the market today Magnifire received $9.1 million in venture funding from JVP, Lucent and other top tier investors Headquarters in NY, R&D in Israel and sales offices in the UK Run by top executives and scientists from the security, software, enterprise and telecom industries Press Release MAGNIFIRE LAUNCHES, OFFERING COMPREHENSIVE NEW APPROACH TO PROTECTING WEB-BASED INFRASTRUCTURE AND APPLICATIONS MagniFire's Application Flow Model Eliminates the Need for Application Scanning and Patching Company Targets Financial Services and Announces First Banking Customer Among its Client Roster NEW YORK, August 11, 2003 -A leading group of international technology and business professionals from the security, software, enterprise and telecom industries announced today the launch of MagniFire Websystems, Inc., a company that develops comprehensive web infrastructure security solutions for the enterprise. MagniFire's flagship platform, TrafficShield(tm), uses positive security logic to protect web applications and the web infrastructure behind them from both known and unknown attacks. With MagniFire, companies can conduct business as usual, while protecting their most critical data, applications and customer relationships. "Our approach is a dramatic departure from other products on the market today in terms of its ability to extend positive security logic all the way from the network layer to the application layer," said CEO Eitan Bauch. "MagniFire's technology is designed to offer the highest levels of protection to our clients' web-based applications and promises to be a boon for a wide variety of enterprises conducting business over the Internet." MagniFire is rapidly growing to meet customer demand in the financial services sector and currently has installations at a dozen major institutions, including the Bank of Jerusalem and several leading financial servicesfirms in the United States. Analysts estimate the market for web application security products and services will grow to over $1.7 billion by 2007. "The application layer is the most vulnerable part of the Internet and online business today," said Richard Stiennon, vice president of research at Gartner, Inc. "The market is looking for visionary companies that can provide easy-to-deploy, comprehensive web infrastructure security that can deny all except that which is allowed, without blocking important enterprise customers from doing business." MagniFire is the first platform able to offer true positive security logic for Web applications, ensuring that any customer interaction not specifically known to be legal is blocked immediately. Unlike solutions of the past, MagniFire is able to automatically create an accurate policy of every legal user interaction with the website, denying everything else. "What we've done is taken a very difficult problem and turned it on its head," said Bauch. "Because we can automatically generate very accurate policies, we can turn the impossible problem of identifying attacks into a relatively simple problem of protocol enforcement." The key to MagniFire's unique capability is its patent-pending Application Flow Model(tm), a map of every legitimate interaction of the user with the website. The Application Flow Model includes all possible requests from a given page, including objects that are dynamically generated. In addition, it traces the 'flow' of a user's activity through a website, linking from one page to another. This entire model is generated automatically and dynamically, requiring very little configuration and almost no ongoing maintenance. MagniFire's exclusive ability to "map the app" translates into low total cost of ownership for the enterprise, as well as cost savings on other security procedures. For instance, companies can reduce or eliminate the resources dedicated to application vulnerability scanning, IDS log inspection and patch maintenance. With TrafficShield, web infrastructure is secure, thereby reducing the burden on other lines of enterprise defense as well as the cost of damage control Executive Team & Advisors MagniFire has received over $9M in venture capital funding to date from JVP, Lucent Capital Partners and other seed investors and has assembled a management team from the security, software, enterprise and telecom industries to lead its New York headquarters, R&D facilities in Israel and sales offices in the UK. Eitan Bauch, CEO, has over 20 years of experience in running highly successful international technology companies. Previously he served as CEO of Tundo, a leading supplier of IP-based telephony switching and service creation platforms for the enterprise and carrier markets. Prior to Tundo, Eitan held a variety of senior positions in Pacer/CATS Corporation, the worldwide leader in admission and management systems and is a wholly owned subsidiary of Ticketmaster. Dr. David Movshovitz, CTO, has led security-related research and development in the Israeli Defense Forces for more than ten years and was awarded the Israeli Defense Award, Israel's most prestigious acknowledgment for contributions to national security. David served as R&D manager at Elscint Ltd., as vice president of R&D at Algotec Systems Ltd., as a founder and CTO of NetAccess Ltd., and as VP of Product Development in the Taldor Group. Rich D'Angelo, SVP Worldwide Sales, joins MagniFire from Teros, where he served as the head of worldwide sales. With more than 30 years of experience in tech sales and field operations, for companies like Accrue Software and Moai Technologies, Rich brings extensive expertise in direct enterprise sales and indirect channel distribution in Asia Pacific, Latin America and Europe. Mark Shahaf, Co-Founder and VP R&D, brings 18 years of experience in networking and computer systems to MagniFire. Before founding the company, Mark fulfilled leadingengineering roles in several computer network, network services and wireless network companies. . Explore how MagniFire's Workflow Framework enhances the automation of security measures for web applications, efficiently reducing potential threats.. Application Security, Web Infrastructure, Traffic Protection, Cybersecurity Solutions. . LinuxSecurity.com Team
Aug 12, 2003
•
Vendors/Products
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More