Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
67
security advisorybuffer overrunremote executionOpenSSL: Important Patch for TLS Server Remote Execution Risk
Red Hat security team rates the vulnerability 'important'. The OpenSSL server has now been patched to fix a critical flaw which could be used to remotely execute code or cause an application to crash. . The vulnerability was found in the OpenSSL TLS server extension code parsing which could be exploited in a buffer overrun attack. All versions of OpenSSL supporting TLS extensions are affected, including OpenSSL 0.9.8f to 0.9.8o, 1.0.0 and 1.0.0a releases, according to an OpenSSL security advisory. "Any OpenSSL-based TLS server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism," the advisory said. "Servers that are multi-process and/or disable internal session caching are NOT affected." Apache HTTP server and Stunnel are not affected, according to the OpenSSL team. . A critical vulnerability in OpenSSL's TLS implementation has been discovered, allowing attackers to execute code remotely; a fix has been released. Read on for more details. OpenSSL Patch,TLS Security,Remote Execution Flaw. . LinuxSecurity.com Team
Nov 22, 2010
•
Cryptography
78
security advisorydenial of serviceprivilege escalationLinux Kernel: Multiple DoS And Privilege Escalation Risks Found
Multiple vulnerabilities were identified in Linux Kernel, which could be exploited by malicious [local] users to cause a denial of service and potentially obtain elevated privileges. . The first issue is due to an error in "mm/mempolicy.c" when handling policy system calls, which could be exploited by local attackers to cause a denial of service via a "set_mempolicy" call with a 0 bitmask. The second flaw is due to a one-byte buffer overrun error in "kernel/sysctl.c" when processing an overly long user-supplied string, which could be exploited by local attackers to potentially execute arbitrary commands. The third vulnerability is due to an error in "net/ipv4/fib_frontend.c" when processing malformed "fib_lookup" netlink messages, which could cause illegal memory references. The fourth issue is due to a buffer overflow error in the CA-driver for TwinHan DST Frontend/Card [drivers/media/dvb/bt8xx/dst_ca.c], which could be exploited by malicious users to cause a denial of service or potentially execute arbitrary commands. The link for this article located at FrSIRT is no longer available. . The latest vulnerabilities discovered in the Linux Kernel may lead to Denial of Service (DoS) and permit local users to escalate their privileges. Gain further insights below.. Linux Kernel Security, DoS Protection, Privilege Escalation Risks. . LinuxSecurity.com Team
Jan 04, 2006
•
Vendors/Products
78
security advisorycriticalbuffer overrunMicrosoft: MS04-028 Critical: JPEG Buffer Overrun Threat Advisory
As part of its monthly patching cycle, Microsoft on Tuesday rolled out a pair of security bulletins, including one rated "critical" that affects a bewildering array of the company's operating systems . . .. As part of its monthly patching cycle, Microsoft on Tuesday rolled out a pair of security bulletins, including one rated "critical" that affects a bewildering array of the company's operating systems and applications, and puts systems at risk of hacker hijack. Security Bulletin MS04-028, dubbed "Buffer Overrun in JPEG Processing," affects Windows XP, Windows XP SP1, and Windows Server 2003, as well as a host of Microsoft applications, most notably those in the Office XP and Office 2003 suites. The vulnerability, which Microsoft ranked as "Critical," the highest threat level in its four-step system, stems from a flaw in the processing of JPEG images, the ubiquitous format used for digital images. Virtually every digital camera, for instance, produces pictures in .jpg format, while the bulk of Web sites use images in that file format. "Any time a vulnerability affects so many products, and can be used [by attackers] to do almost anything, it's cause for concern," said Craig Schmugar, a research manager at McAfee. "But we've not seen any proof of concept code for this, much less a working exploit." The link for this article located at Gregg Keizer is no longer available. . Apple's vital update schedule features a high-priority warning for PNG file handling flaws within macOS software.. Microsoft Security, Windows Update, JPEG Processing Threat. . LinuxSecurity.com Team
Sep 14, 2004
•
Vendors/Products
77
security advisorybuffer overrunserver compromiseSlapper Worm: Apache Exploitation Through Buffer Overflow Vulnerability
The Slapper worm continued to spread quickly over the weekend, with some security experts putting the number of compromised servers as high as 6,000. As first reported by eWeek on Friday, the worm attacks Linux machines running the Apache Web . . . . The Slapper worm continued to spread quickly over the weekend, with some security experts putting the number of compromised servers as high as 6,000. As first reported by eWeek on Friday, the worm attacks Linux machines running the Apache Web server software with the OpenSSL tools installed. It exploits a buffer overrun vulnerability in the SSL handshake process using a forged client master key. It scans the Internet for vulnerable Apache machines and tries to deduce the Linux distribution on each machine from information in the "Server:" response header, experts say. The link for this article located at Extreme Tech is no longer available. . The Flicker malware proliferates rapidly, affecting approximately 5,000 Windows machines that utilize IIS. Discover further details regarding this risk.. Slapper Worm, Apache Exploits, Linux Attacks, Buffer Overflow, Cyber Threats. . LinuxSecurity.com Team
Sep 17, 2002
•
Server Security
77
buffer overrunmemory corruptionexploitationNetwork Security Threatened by Buffer Overrun Vulnerabilities Today
The hottest trend these days in network intrusion is to exploit buffer overruns, a technique where-by you feed a program more data than it has allocated, overwriting the memory in the hope of making the program do something it would normally . . . . The hottest trend these days in network intrusion is to exploit buffer overruns, a technique where-by you feed a program more data than it has allocated, overwriting the memory in the hope of making the program do something it would normally never do. It's an interesting technique but just one of many available in the arsenal of today's intruders. In the interest of feeding the media blitz about Internet security, this month's column features a walk through some of the more innovative and interesting security holes that we've come across in the past few years. The link for this article located at Linux Magazine is no longer available. . Investigate the rise of network breaches caused by buffer overflow vulnerabilities and delve into captivating flaws in security.. Buffer Overrun, Network Attacks, Security Exploits. . LinuxSecurity.com Team
Jul 13, 2000
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More