Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
79
cyber threatsexploit kitmalware tacticsExploit Kit BlackHole 2.0 Unleashes New Browser Exploit Techniques
A new version of the BlackHole exploit kit is now out on the web and ready to start infecting. The developer of the toolkit, who goes by the handle "Paunch," recently announced the availability of Blackhole 2.0, which removes much of its trove of known and patched exploits, and replaces them with a whole new crop. BlackHole is a widely-used, web-based software package which includes a collection of tools to take advantage of security holes in web browsers to download viruses, botnet trojans, and other forms of nastiness to the computers of unsuspecting victims. The exploit kit is offered both as a "licensed" software product for the intrepid malware server operator and as malware-as-a-service by the author off his own server.. ZeroPoint 3.1 is an online toolkit designed to leverage unpatched flaws in web browsers, enabling cybercriminals to compromise systems and spread malware.. BlackHole Toolkit, Malware Tactics, Cybersecurity Threats, Exploit Alternatives, Web Exploits. . LinuxSecurity.com Team
Sep 13, 2012
•
Security Projects
76
bug bountysecurity expertPwn2OwnCharlie Miller Discusses Pwn2Own 2010 and Browser Exploits
Pwn2Own is a famous contest held in CansecWest Conference. Every year there is a big reward for researchers who finds exploitable bugs in popular browser and OS and also in mobile devices like iPhone. For the past two years the Pwn2Own contest champion was Charlie Miller (0xcharlie on Twitter), one of the most famous bug hunter and security expert in the world.. Pwn2Own 2010 will will be held over the course of three days starting on March 24th, so, we decided to interview Charlie Miller (italian version here) and here are his anwers: You won, for two years, Pwn2Own contest hacking Safari on Mac OS X. Will Safari and Mac be your targets for the Pwn2Own 2010 contest as well? Everything is my target at this point. I The link for this article located at OneITSecurity is no longer available. . Alex Thompson, a renowned security researcher, offers his perspectives on the DefCon hacking competition and its appealing incentives.. Pwn2Own, Bug Bounty, Security Expert, Competitive Hacking, Browser Exploits. . Alex
Mar 02, 2010
•
Organizations/Events
83
phishingweb vulnerabilitiesssl certificateJacob Appelbaum's SSL Certificate Trick and Associated Risks
On the Noisebridge hacker mailing list, security specialist Jacob Appelbaum has published an SSL certificate and pertinent private key that together allow web servers to avoid triggering an alert in vulnerable browsers - irrespective of the domain for which the certificate is submitted. Phishers, for example, could use the certificate to disguise their servers as legitimate banking servers . For his trick, Appelbaum modified the certificate according to the method demonstrated by Moxie Marlinspike at the Black Hat conference, entering a zero character (\0) in the name field (CN, Common Name). Unlike Marlinspike, however, Appelbaum didn't enter the zero between the domain name and the name of Marlinspike's thoughtcrime.org domain. Instead, he entered *\00thoughtcrime.noisebridge.net, effectively creating a wild card certificate for arbitrary domain names: The link for this article located at H Security is no longer available. . The misuse of SSL certificates allows potential threat actors to mask malicious servers as authentic, creating considerable dangers.. ssl certificate, phishing attack, browser exploits. . LinuxSecurity.com Team
Sep 30, 2009
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More