Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
81
legislationdata privacycommunicationsCLOUD Act: Impact On Data Privacy And Fourth Amendment Rights
There’s a new, proposed backdoor to our data, which would bypass our Fourth Amendment protections to communications privacy. It is built into a dangerous bill called the CLOUD Act, which would allow police at home and abroad to seize cross-border data without following the privacy rules where the data is stored.. This backdoor is an insidious method for accessing our emails, our chat logs, our online videos and photos, and our private moments shared online between one another. This backdoor would deny us meaningful judicial review and the privacy protections embedded in our Constitution.. The CLOUD Act aims to improve cross-border data access for law enforcement, yet it raises concerns over privacy erosion and unwarranted surveillance implications. Backdoor Access, Communications Privacy, Legal Framework, Data Protection, Cloud Act. . LinuxSecurity.com Team
Apr 02, 2018
•
Privacy
74
data breachmalwarecorporate securityOak Ridge Lab Breach: Phishing Attack Leads To Serious Malware Threat
The successful use of phishing emails to breach secure organizations like Oak Ridge National Laboratory and EMC's RSA security division is a stark reminder of the serious threat posed by a type of attack that was previously dismissed as low-tech.. The Oak Ridge lab last month disclosed that sophisticated data-stealing malware had infiltrated its networks. The breach originated in a phishing email sent to about 570 employees. The email was disguised to look like a memo about benefits changes written by the lab's HR department. When a handful of employees clicked on the embedded link in the email, malware was downloaded to their computers. Such emails now appear to be the preferred method for breaking into corporate networks, said Anup Ghosh, founder of security firm Invincea. The link for this article located at Network World is no longer available. . The Lawrence Livermore facility uncovers a complex social engineering scheme that resulted in an extensive information leak and cyber intrusion.. Phishing Attacks, Malware Detection, Data Breach Response, Network Security Procedures. . Anthony Pell
May 09, 2011
•
Network Security
74
cyber threatsrisk managementvoip securityInvestigating Security Threats in VoIP and Their Consequences Ahead
It's become a familiar pattern in online security. A groundbreaking way to communicate emerges, spreads like wildfire, and then hackers find a way to use it to their advantage. Security companies react—but not before the problem has succeeded in wreaking havoc. It happened with e-mail and is happening now with instant messaging and mobile devices. . The next area that could be targeted: Voice over Internet Protocol, or VoIP, which lets people make low-priced phone calls using the same technology that delivers e-mail. And the results could be just as damaging, if not worse, than with other technologies, some security experts warn. The link for this article located at BusinessWeek Online is no longer available. . The next area that could be targeted: Voice over Internet Protocol, or VoIP, which lets people make . become, familiar, pattern, online, security, groundbreaking, communicate, emerges. . Brittany Day
Jun 14, 2006
•
Network Security
82
information securitylegal frameworkcommunicationsU.S. Information Security Law: Protecting Private Sector Communications
This is the second part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. In the first part of this series, we looked at the legal framework for protection of information systems . . . . This is the second part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. In the first part of this series, we looked at the legal framework for protection of information systems and the role of information security professionals in the creation of trade secret interests. In this installment, we will look at the legal framework for security of an enterprise's working environment from the perspective of information security professionals, with particular emphasis on the protection of communications. Of course, protecting communications necessarily depends on the security of the systems used to transmit and store them. Drawing a rigid line between protecting systems and protecting communications might not always be useful or possible. That said, for our discussion, treating the protection of communications separately from the protection of systems illustrates how the Computer Fraud and Abuse Act, 18 U.S.C.§ 1030 (the "CFAA"), and the Electronic Communications Protection Act, 18 U.S.C. §§ 2510-22 and §§ 2701-12 (the "ECPA"), two critically important federal information security statutes, work together. As discussed in the first article in this series, the primary thrust of the CFAA, with respect to private sector systems, is to prohibit access to protected computers without authorization or exceeding authorization, whether to obtain something of value or to damage systems or data. The primary concern of the ECPA is related, but distinct. The ECPA prohibits the unauthorized and unjustified interception, disclosure, or use of communications, including electronic communications[1]. In a situation in which a bad actor hacks into a corporate network and obtains access to sensitive email, theCFAA and the ECPA are both violated. But having discussed the CFAA in Article 1, our discussion of the legal framework for protecting communications will focus on the ECPA. The link for this article located at SecurityFocus is no longer available. . This is the second part of a four-part series looking at U.S. information security laws and the way . second, four-part, series, looking, information, security. . Anthony Pell
Apr 02, 2003
•
Government
81
data managementsurveillancecommunicationsNSA Enhances Eavesdropping Technologies to Manage Global Communications
The largest U.S. intelligence agency will spend millions to upgrade the technology it uses to sift through the huge volume of telephone conversations, e-mail and other worldwide communications chatter it monitors, under a new contract. The National Security Agency has signed . . . . The largest U.S. intelligence agency will spend millions to upgrade the technology it uses to sift through the huge volume of telephone conversations, e-mail and other worldwide communications chatter it monitors, under a new contract. The National Security Agency has signed a $282 million contract with Science Applications International Corp. of San Diego to help develop a more refined system for culling useful intelligence from a flood of data it collects daily. Officials disclosed the 26-month contract on Monday. Most details about it are classified, as is most information about the security agency. But analysts said the deal reflects the growing challenge of electronic eavesdropping. ``There's a ton more communications out there and how to sift through that is an increasing problem for the NSA,' said Richard A. Best Jr. of the Congressional Research Service. The link for this article located at Security News Portal is no longer available. . The CIA allocates extensive resources to improve its capabilities in overseeing extensive intelligence reports efficiently.. Intelligence Agency, Eavesdropping Technology, Surveillance Techniques, Data Processing Solutions. . LinuxSecurity.com Team
Oct 02, 2002
•
Privacy
81
communicationscyber protestEchelon systemJam Echelon Day Highlights Public Protest Against Surveillance System
An international day of protest designed to jam the US-led communications spy system Echelon was a "rousing" success according to its organisers, who claim that the cyber-demonstration helped to raise public awareness about the surveillance system. Jam Echelon Day took . . . . An international day of protest designed to jam the US-led communications spy system Echelon was a "rousing" success according to its organisers, who claim that the cyber-demonstration helped to raise public awareness about the surveillance system. Jam Echelon Day took place on October 21, and encouraged members of the Internet community to send out as many email messages as possible, containing so-called trigger words that the Echelon system is believed to pick up on. The event was organised to raise public awareness about the Echelon intelligence system--its organisers claim that there was never an intention to overload the system. "If every single email user in the European Union sent the entire trigger word list on 21 October, Echelon wouldn't feel the impact," said Michael Tettering, joint organiser of the event. "The truth is, they are geared way beyond our ability to actually create an impact." The link for this article located at CNet is no longer available. . An international day of protest designed to jam the US-led communications spy system Echelon was a '. international, protest, designed, us-led, communications, system, echelon. . LinuxSecurity.com Team
Oct 26, 2001
•
Privacy
67
encryptionlegislationcybersecurityHigh-Tech Coalition Opposes Back Door Access Legislation By Sen. Gregg
A coalition of high-tech companies today urged Sen. Judd Gregg, R-N.H., not to move forward with legislation that would give law enforcement back door access to all U.S.-made encryption products. Gregg introduced the measure shortly after learning terrorists likely used . . . . A coalition of high-tech companies today urged Sen. Judd Gregg, R-N.H., not to move forward with legislation that would give law enforcement back door access to all U.S.-made encryption products. Gregg introduced the measure shortly after learning terrorists likely used encryption products to scramble their Internet communications prior to the Sept. 11 attacks. In a letter to Gregg today, the Computer & Communications Industry Association called the proposal an unprecedented attempt to impose government controls on technology and computer networks. The link for this article located at NewsBytes is no longer available. . Tech giants urge Senator Sarah Connor to pause any legislative moves on granting law enforcement access to encrypted communications.. encryption access, legislative issues, high-tech privacy, government technology policy, cybersecurity regulations. . LinuxSecurity.com Team
Oct 08, 2001
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More