Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 3 articles for you...
77
security advisoryransomwarecompromiseVMware Worldwide Ransomware Attack: 3200 Servers Impacted by CVE-2021-21974
Warnings of a major globe-spanning ransomware attack began circulating on social media in early February, but at first there were few details save for reports of the occasional victim. It has now been established that the campaign targeted an old (and previously patched) vulnerability in VMware servers, and that it has grown to become the largest attack of its type in history not involving Windows machines. . Though the vulnerability has been known for some time (and was patched nearly two years ago), the ransomware attack has nevertheless compromised at least 3,200 VMware servers to date. Some of the more prominent victims include the Florida Supreme Court, Houston’s Rice University and the Georgia Institute of Technology. The attackers are not believed to be a major ransomware gang, however, and the Cybersecurity and Infrastructure Security Agency (CISA) released a recovery tool to the public on February 8. Security agencies around the world, including government teams in Italy and France, began sounding warning of the massive ransomware attack and the involvement of VMWare servers on February 5. The attack has been global and very visible, scooping up unpatched VMware servers that have been neglected since the CVE-2021-21974 vulnerability was reported and patched in February 2021. The breadth of the attack is due to the vulnerability being in VMware ESXI servers, which are used to partition hardware and manage multiple virtual machines. This can create a cascading compromise as the breach of these VMware servers provides further access to whatever virtual servers they are hosting on the hardware they manage. . Numerous Cisco devices compromised by malware exploit of addressed flaw, impacting key organizations worldwide.. VMware Ransomware Attack, ESXi Security Incident, Global Cyber Threat. . LinuxSecurity.com Team
Feb 15, 2023
•
Server Security
83
data breachcyber attackpersonal informationAshley Madison Hack: Impact Team Publishes Compromised User Data
The group responsible for the Ashley Madison hack published the compromised records on Tuesday, delivering on the promise made when the hack was announced in July. The compromised records include account profile information, personal information, financial records, and more. . In July, a group calling themselves Impact Team leaked a selection of files that they claimed originated form Avid Life Media (ALM), the company behind adult playgrounds of Ashley Madison, Cougar Life, Established Men, and others. The link for this article located at CSO Online is no longer available. . In July, a group calling themselves Impact Team leaked a selection of files that they claimed origin. group, responsible, ashley, madison, published, compromised, records, tuesday. . LinuxSecurity.com Team
Aug 19, 2015
•
Hacks/Cracks
67
authenticationcompromiseSSHPreventing SSH Brute Force Attacks and Strengthening Weak Passwords
One common and stupidly simple way hosts are compromissed is weak SSH passwords. You would think people have learned by now, but evidently there are still enough systems with root passwords like 12345 around to make scanning for them a worthwhile exercise. . As a result, one of my favorite honeypot tools is kippo, and we have talked about the tool before. I figured it is a good time again to write a quick update on some recent compromisses. Unauthorized access attempts via SSH expose vulnerabilities in password strength, underscoring the importance of implementing robust authentication techniques.. SSH Attacks, Password Strength, Brute Force Protection. . LinuxSecurity.com Team
Jul 26, 2013
•
Cryptography
83
intrusion detectionremote accesscompromiseAustin Incident: Vehicle Disabling Due to Web-Based Breach Incident
Great article by Kevin Poulsen. More than 100 drivers in Austin, Texas found their cars disabled or the horns honking out of control, after an intruder ran amok in a web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments. . Police with Austin The link for this article located at Wired is no longer available. . Police with AustinThe link for this article located at Wired is no longer available.. great, article, kevin, poulsen, drivers, austin, texas, found, their, disabled. . LinuxSecurity.com Team
Mar 18, 2010
•
Hacks/Cracks
82
compromiseUS militarysurveillanceIraqi Insurgents Compromise U.S. Military Drone Surveillance Feeds
Iraqi insurgents have reportedly intercepted live video feeds from the U.S. military's Predator drones using a $25.95 Windows application that allows them to track the pilotless aircraft undetected.. Hackers working with Iraqi militants were able to determine which areas of the country were under surveillance by the U.S. military, The Wall Street Journal reported Thursday, adding that video feeds from drones in Afghanistan also appear to have been compromised. Meanwhile, a senior Air Force officer said Wednesday that a wave of new surveillance aircraft, both manned and unmanned, were being deployed to Afghanistan to bolster "eyes in the sky" protection for the influx of American troops ordered by President Obama. The link for this article located at CNET is no longer available. . Cyber intruders exploited an inexpensive application to tap into U.S. military UAV transmissions, jeopardizing operational integrity in Iraq and Afghanistan.. DroneHacking, CyberOps, USMilitary, SurveillanceExploitation, IraqiInsurgents. . Alex
Dec 17, 2009
•
Government
83
exploitwormmalicious redirectMySpace Worm Redirects Users To Malicious Sites: Security Advisory
A worm is targeting MySpace users, compromising their "About me" pages and infecting visitors to them, Symantec has warned. . When a logged-in MySpace user goes to another member's "About me" page affected by the ACTS.Spaceflash worm, they are quietly redirected to a URL that holds a malicious Macromedia Flash file, the security company said in an advisory on Spaceflash Tuesday. That file, in turn, will replace the visitor's own "About me" page with one that is compromised. "It's an annoyance, at this point, for users, but the capability exists where it can lead to malicious actions and steal sensitive information," said Dean Turner, senior manager of Symantec, which currently rates the Spaceflash threat as low. The link for this article located at ZDNet is no longer available. . When a logged-in MySpace user goes to another member's 'About me' page affected by the ACTS.Spacefla. targeting, myspace, users, compromising, their, 'about, pages, infecting, visitors. . LinuxSecurity.com Team
Jul 19, 2006
•
Hacks/Cracks
83
security advisoryapachecyber threatApache.org Compromise: Understanding the Recent Cyber Threat Incident
As you've probably heard by now, Apache.org was broken into last week, and the system was compromised. How this happened is much more interesting then your usual "known hole in an old piece of software" scenario (although this was the final . . . . As you've probably heard by now, Apache.org was broken into last week, and the system was compromised. How this happened is much more interesting then your usual "known hole in an old piece of software" scenario (although this was the final nail in the coffin for Apache.org). The link for this article located at SecurityPortal is no longer available. . As you've probably heard by now, Apache.org was broken into last week, and the system was compromise. you've, probably, heard, apache, broken, system, compromise. . LinuxSecurity.com Team
Jun 06, 2001
•
Hacks/Cracks
83
security advisoryapachehackerSourceForge Apache Security Breach: Fluffy Bunny's Online Claims Revealed
The cracker who broke into the Web servers of open source development site SourceForge has broken cover to boast of his exploits, and brag he also compromised the systems of the Apache project. Fluffy Bunny defaced a Web site (themes.org) to . . . . The cracker who broke into the Web servers of open source development site SourceForge has broken cover to boast of his exploits, and brag he also compromised the systems of the Apache project. Fluffy Bunny defaced a Web site (themes.org) to list the accounts he had managed to compromise and to brag that his actions had gone unnoticed by SourceForge administrators for five months (against the week SourceForge has publicly admitted). The defacement has since been removed but can still be seen (thankfully minus confidential account information) on defacement archive Alldas.de here. According to the posting, Fluffy Bunny obtained passwords and user names for SourceForge accounts after successfully placing a Trojan horse program on a Secure Shell (SSH) server. Apparently this was possible because Fluffy Bunny had already compromised the servers run by an ISP. The link for this article located at The Register is no longer available. . The cracker who broke into the Web servers of open source development site SourceForge has broken co. cracker, broke, servers, source, development, sourceforge, broken. . LinuxSecurity.com Team
Jun 01, 2001
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More