Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
81
certificate managementsecurity incidentkey leakTrustico: 23,000 HTTPS Certs Axed Due to Private Key Exposure
Customers of HTTPS certificate reseller Trustico are reeling after being told their website security certs – as many as 23,000 – will be rendered useless within the next 24 hours. . This is allegedly due to a security blunder in which the private keys for said certificates ended up in an email sent by Trustico. Those keys are supposed to be secret, and only held by the cert owners, and certainly not to be disclosed in messages. In the wrong hands, they can be used by malicious websites to masquerade as legit operations.. A significant security mishap at Certify has resulted in 25,000 SSL certificates being rendered invalid after private keys were compromised.. HTTPS Certificate Revocation, Trustico Security Issue, Private Key Protection, Certificate Management. . LinuxSecurity.com Team
Mar 01, 2018
•
Privacy
76
vulnerabilitybrowser securitycertificate authorityExploring SSL Certificate Revocation Challenges and Expert Solutions
The way that browsers perform SSL certificate-revocation checking is so fundamentally flawed that some browser vendors have turned it off altogether, according to browser vendor representatives in a panel at RSA last week. . Moderated by a Certificate Authority (CA) representative, the panel involved key players from Mozilla, Google, and Opera, who all put forward potential solutions to the problem of how to check the valid status of SSL certificates issued by CAs. At the moment, sites depend on two methods for checking the valid status of SSL certificates online. One is through a certificate revocation list (CRL) published by the CAs, which post revoked certificates periodically on these lists. The other is through the Online Certificate Status Protocol (OCSP) responder systems CAs have in place to relay the up-to-date status of the certificate for a site to a user's browser when the user visits the site. The link for this article located at Dark Reading is no longer available. . A recent panel featuring Mozilla, Google, and Opera explored SSL certificate revocation flaws, emphasizing collaboration for enhanced security in web communications.. SSL Revocation, Certificate Authority, Browser Security. . Anthony Pell
Mar 05, 2012
•
Organizations/Events
78
security advisoryweb securitySSL certificateGoogle Chrome: Future Removal Of SSL Revocation Checks Impacts Security
Google plans to remove online certificate revocation checks from future versions of Chrome, because it considers the process inefficient and slow. Browsers currently check if a website's SSL certificate has been revoked by its issuing Certificate Authority (CA) when trying to establish an HTTPS connection. . These checks are done by querying CA-operated servers through a special protocol known as OCSP (Online Certificate Status Protocol). The problem is that browsers can't always communicate with the validation servers because of various technical problems and when something like this happens, the HTTPS connections should not be established; at least in theory. The link for this article located at Network World is no longer available. . Uncover the revelation that Google has opted to remove the online verification process for invalidated SSL certificates in Chrome, influencing practices in digital security.. Google Chrome, SSL Certificate, Online Certificate Status Protocol, Web Security, Revocation Checks. . LinuxSecurity.com Team
Feb 09, 2012
•
Vendors/Products
83
security advisorysecurity incidentbrowser securityDigiNotar: 257 Bogus Certificates Blocked in SSL Security Issue
Dutch SSL Certificate Authority (CA) DigiNotar is still keeping a low profile regarding the extent of the recently disclosed intrusion by hackers. The source code of the Chromium browser project, on which Google Chrome is based, has now provided some evidence of the extent of the compromise: its list of blocked certificates has grown from 10 to 257. . A source code comment makes it clear that the newly added certificates were issued by DigiNotar. Whether the blocked certificates affect further popular web sites remains unknown. In addition to the CA's root certificate, the Chromium developers have also blacklisted two intermediate certificates derived from it. While other browser makers such as Mozilla and Google released updated versions of their browsers, Opera's security team announced that it sees no need to respond with an update: bogus certificates don't present a problem for Opera, because the browser uses a Certificate Revocation List (CRL) to check the validity of a certificate before it accesses a HTTPS page. The link for this article located at H Security is no longer available. . A source code comment makes it clear that the newly added certificates were issued by DigiNotar. Whe. dutch, certificate, authority, diginotar, still, keeping, profile, regarding, extent. . LinuxSecurity.com Team
Sep 01, 2011
•
Hacks/Cracks
77
identity protectione-governmentdigital certificateDOD Chooses Tumbleweed And CoreStreet For PKI Email Validation Services
Defense Department officials selected two companies to provide digital certificate validation for the department's public-key infrastructure (PKI), a decision that some officials feel could spur a faster move to paperless e-government. After a yearlong, worldwide pilot test, military officials chose Tumbleweed Communications and CoreStreet as the two certificate validation providers for its Identity Protection and Management Program, which includes the Common Access Card smart card program. . DOD requires that all e-mail messages be digitally signed, which means PKI users must download a Certificate Revocation List (CRL) that is currently a 30M file. With names constantly being added to the list, users would have to download that file at least daily to make sure the digital signatures on e-mail messages were allowed. That might be feasible for land-based sites, said John Hines, director of Tumbleweed's validation authority product development, but it's practically impossible for ships at sea, where users share relatively low-bandwidth pipes. Tumbleweed and CoreStreet get around the download requirement by setting up a middleman, which forwards a request for a signature validation posted by the PKI user to a CRL, collects the response and prompts the desktop application to accept or reject the e-mail. This all takes place in a fraction of a second, and the request and response files are typically only 1K in size. The link for this article located at fcw.com is no longer available. . DOD requires that all e-mail messages be digitally signed, which means PKI users must download a Cer. defense, department, officials, selected, companies, provide, digital, certificate, validation. . LinuxSecurity.com Team
Feb 16, 2005
•
Server Security
67
identity verificationpublic key infrastructuresecure communicationThe Role of Certificates in Secure Communication within PKI
A certificate is a structured document that binds some information (such as Bob's name) to a public key, and is digitally signed by a trusted third party called a certification authority or CA. To verify a certificate, the user of the . . . . A certificate is a structured document that binds some information (such as Bob's name) to a public key, and is digitally signed by a trusted third party called a certification authority or CA. To verify a certificate, the user of the public key must first obtain the public key of the CA by some other trusted means. Although it seems that we are now back to square one, the difference is that we now only have to get one key in order to communicate with any entity which has a certificate issued by that trusted CA. Additionally, if the CA is able to certify the public key of other CAs, which in turn certify other CAs, we will be able to securely communicate with any entity, providing that we can find a chain of certificates between the CA which we trust and the CA which certified the key of the entity with whom we wish to communicate. A CA is also responsible for revoking certificates when they are no longer considered valid; that is, the bond between the user?s identity and the use of the private key associated with the public key that is established in the certificate is no longer valid. The most common mechanism for distributing certificate revocation information is a certificate revocation list (CRL). A registration authority (RA) is an authority equipped with software responsible for verifying that certificate requestors identify themselves according to the policies defined by the issuing organization. The RA software authorizes the CA to issue a certificate and also securely passes the certificate request to the CA. The link for this article located at SC Magazine is no longer available. . Certificates are vital in PKI, linking public keys with entities to enhance security in digital communications, ensuring trusted identity and secure data exchange. DigitalCertificates, Public Key Infrastructure, Secure Communication, Identity Verification. . LinuxSecurity.com Team
Jan 12, 2001
•
Cryptography
67
enterprise securityPKIdigital certificatesManaging PKI Trust and Certificate Revocation in Enterprises
Installing and managing a PKI (public key infrastructure) have far-reaching implications in an enterprise. A PKI by itself offers no value until it is paired with applications and services designed to leverage its functionality. Briefly, a PKI needs to issue digital . . . . Installing and managing a PKI (public key infrastructure) have far-reaching implications in an enterprise. A PKI by itself offers no value until it is paired with applications and services designed to leverage its functionality. Briefly, a PKI needs to issue digital certificates to individuals and organizations, manage the certificates during their life cycles and publish information about the certificates to directories. In this article, we'll explain managing and applying certificate revocation. The link for this article located at Network Computing is no longer available. . Explore the intricacies of PKI governance and the scenarios that warrant reliance on certificate invalidation in organizational ecosystems.. PKI Management, Certificate Revocation, Digital Certificates, Enterprise Security, Certificate Lifecycle. . LinuxSecurity.com Team
Jun 29, 2000
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More