Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 5 articles for you...
212
security advisoryexploit riskdata compromiseExploit Risks of Misconfigured Azure Services in EmojiDeploy Attack Chain
Multiple misconfigurations in a service that underpins many Azure features could have allowed an attacker to remotely compromise a cloud user's system. . An attack chain exploiting misconfigurations and weak security controls in a common Azure service is highlighting how lack of visibility impacts the security of cloud platforms. The "EmojiDeploy" attack chain could allow a threat actor to run arbitrary code with the permission of the Web server, steal or delete sensitive data, and compromise a targeted application, Ermetic stated in its Jan. 19 advisory . An attacker could use a trio of security issues affecting the common Source Code Management (SCM) service — a cloud service used by many Azure applications without an explicit indication to the user, according to Ermetic. The issues demonstrate that the security of cloud platforms are undermined by the lack of visibility into what those platforms do under the hood, says Igal Gofman, head of research for Ermetic. The link for this article located at DarkReading is no longer available. . A vulnerability pathway leveraging insufficient configurations and lax defenses in a widely used Azure platform could present significant threats.. AzureService, CloudSecurity, MisconfigurationRisk, AttackChain. . Brittany Day
Jan 26, 2023
•
Cloud Security
79
malwarerootkitdetectionExploring Microsoft Project Freta: Free Service For Linux Forensics
Have you heard about Microsoft's Project Freta - a new free-to-use Linux forensics and rootkit malware detection service? . The cloud offering, dubbed Project Freta , is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with capabilities to spot malicious software, kernel rootkits , and other stealthy malware techniques such as process hiding . The project is named after Warsaw's Freta Street , the birthplace of Marie Curie, the famous French physicist who brought X-ray medical imaging to the battlefield during World War I. The link for this article located at The Hacker News is no longer available. . Google's Project Tremor provides a complimentary online platform for Windows memory analysis and malware identification tools.. Linux Forensics, Project Freta, Rootkit Detection, Cloud Service, Malware Detection. . LinuxSecurity.com Team
Jul 07, 2020
•
Security Projects
74
risk assessmentcloud serviceSaaSKey Security Questions For Assessing Cloud Service Providers
As security teams try to help line-of-business users and other IT practitioners take advantage of cloud benefits as safely as possible, they're increasingly stepping into the role of trusted advisor. The scalability, flexibility, and convenience of software-as-a-service (SaaS), infrastructure-as-a-service (IaaS), and platform-as-a-service (PaaS) offerings frequently come at the cost of added risk to the business. . It is up to information security pros to help evaluate potential providers to best evaluate where those risks are coming from. Dark Reading talked to a number of experts to come up with 10 must-answer questions that security personnel should get the business in the habit of asking before signing a service agreement. The link for this article located at Dark Reading is no longer available. . It is up to information security pros to help evaluate potential providers to best evaluate where th. security, teams, line-of-business, users, other, practitioners, advantage. . Anthony Pell
May 14, 2015
•
Network Security
83
data breachcyber attackcustomer dataCodeSpaces.com Cloud Breach: Critical Data Loss Incident
A code-hosting and project management services provider was forced to shut down operations indefinitely after a hacker broke into its cloud infrastructure and deleted customer data, including most of the company's backups. . The customers of CodeSpaces.com, run by a company based in Wayne, New Jersey, called AbleBots, were informed Wednesday that their data might have been permanently lost following the compromise of the company's account on Amazon's Elastic Compute Cloud (EC2). The link for this article located at TechWorld is no longer available. . DataVault.io faced a significant security incident that compromised user information and system backups, leading to a halt in operations.. Cloud Security Threats, Code Hosting Risks, Data Breach Incidents. . LinuxSecurity.com Team
Jun 19, 2014
•
Hacks/Cracks
74
security advisoryDebianopen sourceGoogle Cloud Transitioning To Debian Distribution For Services
Google has been using its own custom version of Linux, Google Compute Engine Linux, as it loads its customers' applications into its infrastructure as a service. . It announced Thursday that it's dropping that approach in favor of using the Debian Linux distribution. Debian Linux is the output of the Debian open source code project. All Linuxes use a kernel produced by the Linux kernel development process, led by Linus Torvalds. But Linux distributors surround the kernel with features that may match other Linux distributions or may differentiate that particular distribution. For example, Ubuntu was an early cloud supporter when it included Eucalyptus modules; then it switched to OpenStack as its primary cloud offering. The link for this article located at Information Week is no longer available. . Amazon moves from proprietary software to Ubuntu for its server solutions, boosting interoperability within the open-source ecosystem.. Google Cloud, Debian Linux, Cloud Infrastructure, Open Source Project. . Anthony Pell
May 13, 2013
•
Network Security
83
security advisorydata securitypassword resetEvernote Data Breach: 50 Million Users Affected After Password Reset
Evernote and its 50 million-user population are having a bad week. The productivity software-as-a-service issued a systemwide password reset for all of its users on Saturday after a hacker or group of hackers broke into its user database and swiped various bits of user information, including usernames, emails and passwords.. It's another weapon in the arsenal of cloud skeptics, who tend to point at breaches like this as proof the cloud is not secure. Of course, that's ridiculous, as these breaches are less common than attacks or theft within the four walls of a business. Still, Evernote is coming under fire The link for this article located at Read this full article is no longer available. . It's another weapon in the arsenal of cloud skeptics, who tend to point at breaches like this as pro. evernote, million-user, population, having, productivity, software-as-a-se. . LinuxSecurity.com Team
Mar 06, 2013
•
Hacks/Cracks
67
wireless securitybrute forcecloud serviceSHA-1 Exploit By Thomas Roth: Cloud Services And Wireless Security
A hacker claims he's used Amazon's cloud services to bust open SHA-1, a wireless network security standard, and he says he'll be demonstrating his process at an upcoming Black Hat get-together. Malicious hackers could quickly set up brute-force attack systems using the cloud, but critics say real-world password cracks might not come so easily.. German hacker Thomas Roth's announcement that he used Amazon.com's (Nasdaq: AMZN) cloud service to crack a wireless network security standard has left some security researchers scratching their heads. Others are merely shaking them in disbelief. That attack was launched against the SHA-1 hash algorithm. Roth's conclusions are that the SHA-1 algorithm is not fit for password hashing, and the compute power offered by cloud services makes it cheap and easy to launch brute-force attacks on passwords. However, it's been known since 2005 that the SHA-1 algorithm has flaws, and the National Institute of Standards and Technology is seeking to replace it. The link for this article located at Tech News World is no longer available. . German hacker Thomas Roth's announcement that he used Amazon.com's (Nasdaq: AMZN) cloud service to c. hacker, claims, amazon's, cloud, services, sha-1, wireless, network, security. . LinuxSecurity.com Team
Jan 12, 2011
•
Cryptography
74
infrastructure securitydnssecdomain securityVeriSign Launches Cloud-Based DNSSec Signing Service for Registrars
VeriSign has announced the rollout of its cloud-based DNSSec Signing Service for registrars, which allows DNSSec provisions to be added to second-level domain names. Pat Kane, assistant general manager of naming services at VeriSign, told V3.co.uk that progress being made is at the registry and root levels. . "Root signing is key to building a safer infrastructure and the real heavy lifting on that is done by the registrars. Today we've begun to enable the tools to help registrars meet the demands of their customers," he said. More and more domains are signing up to DNSSec, Kane added, including full integration with .edu. Registrars will be able to evaluate the service until the end of next year. DNSSec provides a better level of security that existing provisions and is useful at thwarting man-in-the-middle and cache poisoning attacks. . Cloudflare launched a new DNS Firewall solution aimed at improving protection for enterprise networks against threats.. DNSSec Signing Service, VeriSign Security, Registrar Tools, Domain Signing, Cloud Security. . Alex
Dec 02, 2010
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More