Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 3 articles for you...
210
security advisoryattacklinuxZero-Click Bluetooth Attacks Affect Linux: Important Security Implications
Vulnerabilities have been discovered in Bluetooth technology that affect various operating systems. As Linux admins, infosec professionals, Internet security enthusiasts, and sysadmins, it is crucial to understand the implications of these vulnerabilities and the impact they may have on our work. Let's have a closer look at these flaws, how they work, their impact on Linux users, and how to mitigate your risk. . What Are These Vulnerabilities & How Do They Impact My Security? Researchers have discovered zero-click Bluetooth flaws that enable attackers to secretly pair with devices as keyboards and inject keystrokes without user interaction. The vulnerabilities affect Android, iOS, Linux, macOS, and Windows, posing a serious threat to billions of devices worldwide. Bluetooth technologies power wireless keyboards, mice, game controllers, and other peripherals used by billions of devices around the globe, highlighting the widespread nature of these vulnerabilities and the potential for malicious actors to exploit them across various platforms. The Linux Bluetooth implementation allows keyboards to initiate pairing without authentication or user confirmation ( CVE-2023-45866 ). This means that an attacker could remotely pair as a Bluetooth keyboard and inject keystrokes without the user's knowledge. The implications of these vulnerabilities are significant. They expose a potential attack vector that could compromise a wide range of devices. For Linux admins, it highlights the importance of keeping Bluetooth settings secure and applying the available patch in BlueZ. How Can I Mitigate My Risk? Infosec professionals and sysadmins must be aware of the vulnerabilities within their respective operating systems and take necessary measures to mitigate the risks, such as promptly applying patches as they are released by their distribution(s). Additionally, it raises questions about the overall security of Bluetooth technology and the need for cryptographic authentication and consent for allpairing attempts. From a broader perspective, these vulnerabilities highlight the ongoing cat-and-mouse game between security researchers and malicious actors. As technology evolves, so do the methods used by attackers to exploit it. This constant battle emphasizes the need for a proactive approach to security, with regular updates and patches and adopting best practices to secure Bluetooth connections. Our Final Thoughts on the Recent Zero-Click Bluetooth Flaws In conclusion, the article sheds light on the serious threats posed by zero-click Bluetooth attacks across major operating systems. It highlights vulnerabilities in Android, iOS, Linux, macOS, and Windows and raises important questions about the security of Bluetooth technology as a whole. As security practitioners, it is crucial to stay informed about these vulnerabilities, apply patches and updates, and advocate for improved authentication and consent mechanisms in Bluetooth pairing. By taking these steps, we can better protect the devices and systems we manage and mitigate the risks associated with these vulnerabilities. . Different operating systems are vulnerable to no-click Bluetooth exploits, urging Linux system administrators to enhance and fortify device security.. Bluetooth Security Threats, Linux Admins Security, Zero-Click Attacks. . Brittany Day
Jan 14, 2024
•
Security Vulnerabilities
210
security advisoryman-in-the-middleriskBluetooth Risk: Critical Injection Threat for Android, Apple, Linux
A newly discovered vulnerability in Bluetooth affects Android, Apple, and Linux devices and could be used to inject keystrokes into devices using a man-in-the-middle attack. . To exploit this vulnerability, an attacker must be within range of the target device, which is generally less than 30 feet. However, there are ways for attackers to increase the range of their attacks by using other wireless technologies like Wi-Fi or cellular networks. The most dangerous attack would involve injecting random characters into text fields on websites users visit with these affected operating systems. This could cause websites to display gibberish when viewed through a browser on one of these devices. The user would not realize anything was wrong until they tried to type something into their browser. At that point, they might notice that it wasn't responding correctly or behaving strangely—which could lead them back into danger if they visit another site! I found the article linked below helpful in understanding the details of this flaw and how it can be mitigated. Check it out! . A serious flaw in Bluetooth security threatens the integrity of Android, macOS, and Linux gadgets, allowing potential hackers to gain unauthorized access to keystroke functionalities.. Bluetooth Vulnerability, Device Security, Keystroke Exploit, Attack Mitigation. . Brittany Day
Dec 07, 2023
•
Security Vulnerabilities
74
security advisoryremote exploitcorporate espionageBluetooth Security Advisory: Remote Data Access Risks Identified
Serious flaws discovered in Bluetooth technology used in mobile phones can let an attacker remotely download contact information from victims' address books, read their calendar appointments or peruse text messages on their phones to conduct corporate espionage. . . .. Serious flaws discovered in Bluetooth technology used in mobile phones can let an attacker remotely download contact information from victims' address books, read their calendar appointments or peruse text messages on their phones to conduct corporate espionage. An attacker could even plant phony text messages in a phone's memory, or turn the phone sitting in a victim's pocket or on a restaurant table top into a listening device to pick up private conversations in the phone's vicinity. Most types of attacks could be conducted without leaving a trace. Security professionals Adam Laurie and Martin Herfurt demonstrated the attacks last week at the Black Hat and DefCon security and hacker conferences in Las Vegas. Phone companies say the risk of this kind of attack is small, since the amount of time a victim would be vulnerable is minimal, and the attacker would have to be in proximity to the victim. But experiments, one using a common laptop and another using a prototype Bluetooth "rifle" that captured data from a mobile phone a mile away, have demonstrated that such attacks aren't so far-fetched. Laurie, chief security officer of London-based security and networking firm ALD, discovered the vulnerability last November. Using a program called Bluesnarf that he designed but hasn't released, Laurie modified the Bluetooth settings on a standard Bluetooth-enabled laptop to conduct the data-collection attacks. The link for this article located at wired.com is no longer available. . Critical vulnerabilities in Wi-Fi can allow hackers to gain unauthorized access to private information from smartphones.. Bluetooth Security Flaws, Mobile Device Vulnerabilities, Remote Data Access. . Anthony Pell
Aug 09, 2004
•
Network Security
83
security toolswireless securitydata safetyAnalyzing Bluetooth Security And WiFi Wardriving Tools For Data Protection
WiFi wardriving tools have now advanced to the point where it is less a sign of techno-machismo and more a sign of social maladjustment to actually go out and wardrive in your neighborhood. So what's a young wireless data enthusiast to do? . . .. WiFi wardriving tools have now advanced to the point where it is less a sign of techno-machismo and more a sign of social maladjustment to actually go out and wardrive in your neighborhood. So what's a young wireless data enthusiast to do? Software Defined Radio is a good suggestion, but you're limited to the frequencies you can use without relatively expensive equipment. Another recommendation might be investigating the security characteristics of your BlueTooth enabled device. The link for this article located at Cryptonomicon.net is no longer available. . Bluetooth technology ensures secure short-range communication with features like pairing and encryption, while wardriving exposes WiFi vulnerabilities, highlighting security needs. Bluetooth Security, WiFi Tools, Data Protection, Wireless Safety. . LinuxSecurity.com Team
May 13, 2004
•
Hacks/Cracks
74
security issuehacking threatmobile trackingExecutive Mobile Security: Risks From Bluetooth Hacking and Vulnerabilities
Executives at some of Britain's biggest companies are using mobile phones that can be secretly tracked and bugged, despite a series of Times investigations demonstrating gaping holes in handset security. During tests at the offices of Shell, BP, HSBC and Goldman Sachs, The Times identified 95 phones potentially vulnerable to a new form of hacking known as "bluesnarfing". . . .. Executives at some of Britain's biggest companies are using mobile phones that can be secretly tracked and bugged, despite a series of Times investigations demonstrating gaping holes in handset security. During tests at the offices of Shell, BP, HSBC and Goldman Sachs, The Times identified 95 phones potentially vulnerable to a new form of hacking known as "bluesnarfing". Under the process, which threatens mobile phones that use Bluetooth wireless technology, hackers can download text messages, phone lists and even remotely tamper with handsets to enable them to be used as listening devices. Last week The Times identified 46 phones that could have been vulnerable to attack during a 12-minute test in the central lobby of the Palace of Westminster. During our latest experiment, we had the ability to access the phone of a Shell employee supplying aviation fuel to aircraft companies and bug the handsets of chauffeurs driving executives. At the offices of Shell, a passive scan showed that 19 phones would have accepted an unauthorised Bluetooth connection. None was made, to avoid infringement of the Computer Misuse Act. Of these, 13 were Nokias and five were Ericssons. The Nokia 6310 and 6310i, the most popular business phones in the UK, and the Ericsson T610, one of the best-selling picture phones, have proved to be the most insecure. . Smart devices utilized by leaders in prominent UK firms leave them vulnerable to surveillance and eavesdropping due to weaknesses in Bluetooth technology.. Mobile Security,Bluetooth Hacking,Executive Risk,Handset Vulnerabilities. . Anthony Pell
Apr 30, 2004
•
Network Security
79
wireless securitydigital communicationbluetoothToothing: The New Bluetooth Trend for Anonymous Encounters in the UK
Have you ever wondered if wireless security vulnerabilities might start being used by commuters to find anonymous sex? Well, wonder no more. . . .. British commuters take note - the respectable person sitting next to you on the train fumbling with his or her cell phone may be a "toother" looking for sex with a stranger. "Toothing" is a new craze where strangers on trains, buses, in bars and even supermarkets hook up for illicit meetings using messages sent via the latest in phone technology. "Toothing is a form of anonymous sex with strangers -- usually on some form of transport or enclosed area such as a conference or training seminar," says the Beginner's Guide To Toothing on a website dedicated to the pursuit. It is made possible by Bluetooth technology which allows users to send phone contacts, pictures and messages to other Bluetooth-enabled equipment over a range of about 10 metres. Users discovered they could send anonymous messages to people they didn't know with Bluetooth equipment, spawning a craze dubbed "bluejacking". Jon, aka "Toothy Toothing" and the guide's author, explained toothing was born after he was "bluejacked" by an unknown girl while commuting to work in London. After a few days of flirting, she suggested a brief encounter in a station lavatory. "The meeting wasn't a romantic thing - it was purely sexual. Barely anything was said," he said via e-mail. He said potential toothers begin by sending out a random greeting -- usually "Toothing?". "If the other party is interested, messages are exchanged until a suitable location is agreed -- usually a public toilet, although there are tales of more adventurous spots such as deserted carriages or staff areas," his guide adds. . Explore the fascinating phenomenon of toothing, a quirky British social movement where travelers seek brief connections via Bluetooth on public transport.. Bluetooth Technology, Anonymous Encounters, Wireless Communication, Urban Craze, Toothing Culture. . LinuxSecurity.com Team
Apr 21, 2004
•
Security Projects
74
risk managementexploitationsecurity threatBluetooth Security Concerns: Risks Of Class 1 Device Exploitation
Class 1 standard easy for hackers to exploit, says security firm. Security experts have warned of the need to take care as new Bluetooth devices with a transmission range of up to 100 metres arrive.. . .. Class 1 standard easy for hackers to exploit, says security firm. Security experts have warned of the need to take care as new Bluetooth devices with a transmission range of up to 100 metres arrive. Security consultant @stake believes that devices conforming to the latest Bluetooth standard represent a potential crisis similar to the introduction of wireless local area networks based on the 802.11b Wi-Fi standard. The firm expects that Class 1 Bluetooth will appear on everything from laptops to mobile phones, allowing hackers to gain access to sensitive information. In a recent white paper, @stake warned that even non-discoverable devices still respond to direct name and service enquiries and are therefore open to detection and attack. Other common problems identified include Windows 2000 hosts configured to connect to all Bluetooth devices, and Windows registries that retain details of all devices to which they have been connected. The link for this article located at vnunet.com is no longer available. . Experts highlight security risks with Class 1 Bluetooth gadgets, as vulnerabilities provide hackers with potential targets.. Bluetooth Security, Hack Vulnerability, Data Protection, Wireless Devices, Exploitation Risks. . Anthony Pell
Dec 17, 2003
•
Network Security
74
security risksconfiguration issuedata theftBluetooth Risks: Data Theft From Poorly Configured Gadgets
A new software tool could allow sensitive data could be pilfered through the air from laptops, mobile phones and handheld computers. An eavesdropper can use the program to identify nearby devices that use the Bluetooth wireless protocol. If the gadget's . . . . A new software tool could allow sensitive data could be pilfered through the air from laptops, mobile phones and handheld computers. An eavesdropper can use the program to identify nearby devices that use the Bluetooth wireless protocol. If the gadget's default security settings mean the device is unprotected, data can easily be stolen. Bluetooth connects devices within a range of 15 metres and is now a standard feature on many devices. Ollie Whitehouse, a UK-based researcher with computer security firm @Stake, created the tool "Red Fang", to highlight the potential dangers of running poorly configured Bluetooth gadgets. He says many people may be unaware that they have Bluetooth installed and that security features are often switched off. "If you're sitting on an intercity train, you're going to have a lot of people around for a long period of time," Whitehouse told New Scientist. "You could try and find their Bluetooth devices and hack into them." The link for this article located at NewScientist is no longer available. . An innovative application identifies vulnerabilities in Wi-Fi networks, making it easier for attackers to exploit unguarded connections.. Bluetooth Security, Data Theft Prevention, Wireless Device Risks. . Anthony Pell
Aug 12, 2003
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More