Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 5 articles for you...
78
security advisorydata protectionLinux administrationSUSE AI and Rebranding: Transformative Solutions for Linux Admins
SUSE, an established player in Linux and open-source software development, recently embarked on an unprecedented journey with its announcements at KubeCon North America . At this event, SUSE unveiled a significant rebranding effort , numerous product offerings, and an innovative AI platform designed to prioritize data protection. Led by CEO Dirk Peter van Leeuwen, they have embarked upon this transformational voyage, charting new waters with their solid strategy outlined below. . In this article, I'll delve into what's new in their product lineup, the impact of these changes on Linux security, and the benefits these products can bring to Linux administrators. Understanding This Major Rebranding SUSE recently embarked on a significant rebranding initiative to make their product names more descriptive and user-friendly, not just cosmetically but strategically aligning them with their functions and the SUSE brand identity. Below is a summary of these recent changes: Rancher is now SUSE Rancher . Rancher is SUSE's Kubernetes offering, and the new name denotes its SUSE heritage. Liberty Linux becomes SUSE Multi Linux Support . This product supports RHEL/CentOS, attracting major clients like Deutsche Bank. Harvester is rebranded as SUSE Virtualization . The new name immediately conveys its purpose of virtualization. Longhorn is now SUSE Storage . This name makes it evident that the product is focused on storage solutions. SUSE Observability Of all the new programs from SUSE, SUSE Observability stands out as its entrance into software-as-a-service (SaaS) . This full-stack observability solution integrates with SUSE Rancher Prime for container management offerings. It is an essential step for SUSE as it enters SaaS markets by giving Linux admins an effective tool to monitor and manage their systems more efficiently. SUSE Rancher Prime SUSE Rancher Prime is an enhanced commercial version of SUSE's container management platform. Thisoffering combines SUSE Security (formerly New Vector) features with newly acquired full-stack observability capabilities to deliver a more secure and comprehensive container management experience that meets modern enterprise security and operational efficiency demands. SUSE AI: SUSE's New AI Platform One of the more notable announcements was the launch of SUSE AI, a secure platform explicitly designed to deploy and run generative AI (gen AI) applications. SUSE AI stands out among competitors because of its strong emphasis on security and compliance features compared with similar offerings available today, making it an appealing option for enterprises moving from AI experimentation to deployment. Key Features of SUSE AI Dirk Peter van Leeuwen recently highlighted the significance of security when deploying AI applications, "Our customers need a platform to safely and securely run AI. Their primary challenge lies with protecting their data - you don't want it lying around unprotected in an AI model that cannot guarantee its protection. In response to this issue, we have created something akin to Kubernetes - an operating system for AI where security is at the top of our minds." SUSE AI's key features include: Security by Design: SUSE AI has implemented comprehensive security and certifications at the software infrastructure and application levels, along with zero-trust security tools, templates, and compliance playbooks, to create a solid base for protecting AI operations. Multifaceted Trust: This platform ensures the accuracy and privacy of generated data while protecting private customer and IP data. It supports deployment across on-premise, hybrid cloud, and air-gapped setups. Choose and Deploy AI Components/LLMs of Your Choice: SUSE AI provides customers with flexibility by enabling them to select and deploy AI components/LLMs (large language models). Simplified Operations: The platform offers simplified cluster operations, persistent storage solutions, and accessto preconfigured shared tools and services to enable easier AI workload management. These features ensure that SUSE AI is well-equipped to address the complexity of AI deployment while offering enterprises the flexibility and ease of use they require for success. Examining the Benefits of These Offerings for Linux Admins SUSE's offerings bring many advantages for Linux administrators, particularly regarding security and operational efficiency. Enhanced Security As SUSE products prioritize security, Linux admins can expect enhanced deployment protection. SUSE AI's proactive security approach ensures sensitive data is kept secure against data breaches or cyber threats. SUSE Observability and Rancher Prime provide integrated security features to strengthen containerized environments and give administrators peace of mind. Improved Manageability SUSE's rebranding efforts aim to simplify and clarify each product, making it easier for Linux administrators to select the appropriate tools. SUSE Observability and Rancher Prime provide powerful management features, helping administrators monitor and administer their systems more efficiently. SUSE AI's simplified operations and persistent storage help admins focus on strategic tasks. Flexibility and Choice SUSE AI's flexibility gives customers and Linux admins the power to select and deploy AI components of their choice, allowing them to tailor AI environments specifically to meet the unique requirements of organizations with special requirements or those seeking to integrate specific tools into workflows. This level of customization is beneficial for organizations that may require special accommodations for specific AI tools or processes. Our Final Thoughts on This Recent Rebranding SUSE's latest announcements represent an essential step for the company. Their major rebranding initiative and introduction of groundbreaking products such as SUSE Observability, Rancher Prime, and SUSE AI demonstrate their dedication to innovationand security. These products provide Linux administrators with improved security, enhanced manageability, and greater flexibility, making SUSE an excellent fit for modern enterprise environments. As SUSE continues to develop and broaden its product lineup, it solidifies itself as an enterprise Linux provider and a leading cloud-native and secure AI provider. Watch for SUSE and Geeko the Chameleon; both will likely go far! . SUSE's rebranding highlights its dedication to innovation with AI-driven data protection solutions, enhancing Linux security and empowering users with advanced tools.. SUSE Rebranding, AI Data Protection, Linux Security Improvements, Container Management Innovations. . Brittany Day
Nov 18, 2024
•
Vendors/Products
78
security measuresOpenShiftKubernetesExplore OpenShift 4.17: AI Capabilities, Edge Computing, Security Focus
OpenShift has long been recognized as an outstanding platform for container orchestration and cloud-native app development, providing Linux administrators with a compelling suite of tools. With version 4.17's release, OpenShift continues its groundbreaking performance by unveiling numerous innovative features designed to strengthen AI integration, edge computing capabilities, and security measures - reinforcing Red Hat's commitment to providing cutting-edge solutions that address modern IT environments' changing demands. . In this article, I'll introduce the key new features of OpenShift 4.17 , exploring their impactful advances to operational efficiency, low latency workloads, and security measures. From AI-powered OpenShift Lightspeed virtual assistant to Red Hat Device Edge enhancements and security tools, we will show how these updates allow administrators to optimize infrastructures, drive AI initiatives, and ensure secure yet agile operations in an increasingly complex tech landscape. Introduction to OpenShift & Its Advantages for Linux Admins Red Hat's OpenShift Kubernetes distribution has steadily evolved into a robust platform that facilitates container orchestration and improves the cloud-native application management experience. Built upon Kubernetes, OpenShift seeks to offer developers and system administrators a smooth experience while simultaneously giving Linux administrators access to an enterprise-ready Kubernetes platform that simplifies deployment, management, and scaling for containerized apps. OpenShift brings many advantages to Linux administrators, beginning with comprehensive container management. Simple day-to-day operations are made simpler through its comprehensive approach to container orchestration, featuring automated rollouts and rollbacks, self-healing mechanisms, robust monitoring features, and properties that ensure optimal efficiency of operations. OpenShift also addresses security and compliance as its foundational focus. Its security architectureintegrates at every layer, from operating systems to container applications. OpenShift supports a secure environment with features like namespace isolation, role-based access control (RBAC) , and security policies to provide a protected environment for administrators to manage and deploy apps seamlessly across various cloud environments. Furthermore, its hybrid cloud approach makes OpenShift even more accommodating. OpenShift was designed flexibly, optimizing resource usage for organizations. It includes a suite of developer tools designed to streamline the application development lifecycle—from integrated CI/CD pipelines and source-to-image builds to user-friendly commands that accelerate development and deployment processes. New Features Introduced in OpenShift 4.17 OpenShift 4.17 brings several revolutionary enhancements aimed at AI integration , edge computing, and security - building upon its existing advantages. One such innovation is OpenShift Lightspeed , an AI-powered virtual assistant currently in technology preview. This assistant helps administrators troubleshoot applications and investigate cluster resources, significantly increasing operational efficiency through its intelligence and automation features. OpenShift AI 2.15 will offer new features, including a model registry for managing AI models, data drift detection to maintain model reliability, and integration with Nvidia's NIM microservices for large language model deployment and AI development and deployment processes. Red Hat Device Edge for edge computing specializes in AI-edge workloads with low latency requirements, supporting real-time data processing and decision-making at the edge with latency requirements below one millisecond for real-time processing and decision-making. Furthermore, this version expands support for Nvidia hardware through tech previews on Jetson Orin and IGX Orin platforms - two essential tools to accelerate AI workloads and boost edge performance. OpenShift 4.17 provides increasedvirtualization management through OpenShift Virtualization , including safe memory oversubscription and dynamic workload rebalancing to make managing virtual machines across multiple clusters easier. Furthermore, the Confidential Compute Attestation Operator provides native network isolation for namespaces to protect sensitive data during processing. "Red Hat AI's AI business unit offers significant improvements in terms of scalability, performance, and operational efficiency - making it possible for IT organizations to reap the benefits of powerful AI platforms without being limited by them in meeting individual business requirements," according to Joe Fernandes of Red Hat AI's AI business unit. This statement highlights Red Hat's dedication to providing enterprises with robust platforms that meet today's dynamic requirements. How to Download or Upgrade to the Latest Version of OpenShift Administrators and organizations looking to upgrade to OpenShift 4.17 can download it directly from Red Hat's official website . First, ensure a valid subscription before logging in and going directly to "Downloads. " Select "Red Hat OpenShift. " Select your infrastructure type installer from there, and follow on-screen instructions until the download completes. Upgrading existing OpenShift deployments to version 4.17 requires several steps. Before beginning, assessing whether your infrastructure is compatible with OpenShift 4.17 is essential, ensuring all custom resources or third-party integrations coexist. Back up your current OpenShift environment to protect against potential data loss and update the OpenShift client (oc) to the version that supports OpenShift 4.17. Use the OpenShift web console or CLI to initiate an upgrade and follow the step-by-step instructions in the upgrade documentation. After finishing an upgrade, thoroughly validate your environment to ensure all applications and services function as they should while addressing any potential issues as soon as they arise. Are you planning to tryOpenShift 4.17? Which new features are you most excited about? Connect with us @lnxsec, and let's discuss it ! Our Final Thoughts on the OpenShift 4.17 Release Red Hat's OpenShift continues to lead Kubernetes innovation with the release of version 4.17. By offering advanced AI capabilities, edge computing support enhancements, and strengthened security features, Red Hat provides an even more robust platform for developers and system administrators. OpenShift 4.17 equips developers and admins with all the tools necessary for success when developing cutting-edge AI apps or managing complex workloads at the edge. We encourage you to upgrade or download OpenShift 4.17 today to take advantage of these enhancements and reap the many benefits and improvements introduced in this release! It is a straightforward process that promises significant returns and benefits. . Discover the innovative features of OpenShift 4.17, such as AI integration, optimized edge computing, and strong security measures for efficient operations and management. OpenShift, Kubernetes, AI integration, edge computing, container management. . Brittany Day
Nov 15, 2024
•
Vendors/Products
212
security advisorysecurity enhancementscloud platformAzure Linux 3.0 Preview: Major Updates in Security and Development
Microsoft recently took an essential step in strengthening its cloud-native offerings with Azure Linux 3.0 Preview for Azure Kubernetes Service version 1.31. This exciting launch brings updated components, advanced security measures, and features designed for developers, further cementing Microsoft's commitment to an integrated cloud environment. . By transitioning away from CBL-Mariner and towards Azure Linux as its cloud OS offering of choice, Microsoft is solidifying its position among its rivals in this competitive industry. In this article, I'll explore the evolution of Azure Linux, notable updates and security measures introduced in this release, and its impact on Microsoft's cloud security architecture. I'll then explain how you can experience Azure Linux 3.0 Preview yourself! From CBL-Mariner to Azure Linux: Tracing its Development Microsoft's internal Linux distribution, CBL-Mariner, has been essential in supporting cloud and edge services since its debut in 2020. Intended to be lightweight yet efficient at containerized workload management, its shift to Azure Linux in 2017 represents Microsoft's strategy to integrate its cloud services ecosystem further. Under the management of its Linux Systems Group, Azure Linux optimizes performance with minimal packages while offering security features like a hardened kernel and an iptables-based firewall for enhanced protection. Key Technical Updates in Azure Linux 3.0 Azure Linux 3.0 boasts significant technical advancements, starting with an update from Linux Kernel version 5.15 to version 6.6 LTS for improved system performance and security, expanding hardware compatibility, and introducing modern security protocols. Additionally, improvements were made to Containerd , upgraded to version 1.7.13 with plans of upgrading to 2.0, and promoted greater container management efficiency. SystemD has also been upgraded from version 250 to 255 to simplify system and service management processes. An OpenSSL upgrade from Version 1.1.1k to3.3.0 provides enhanced encryption capabilities and more secure data transmission. These updates offer significant performance gains while showing a forward-thinking approach to integrating cutting-edge technologies to improve security and user experience. Reinforced Security Measures One of Azure Linux 3.0's hallmark features is its robust security enhancements. By default, Security-Enhanced Linux (SELinux) is activated in enforcing mode for containerized workloads to prevent unauthorized activities and significantly reduce vulnerability exposure. Furthermore, Azure Linux 3.0 offers FIPS-compliant images, demonstrating Microsoft's commitment to meeting stringent compliance requirements. Impact on Microsoft's Cloud Infrastructure Azure Linux is integral to Microsoft's cloud infrastructure, powering services like Azure Stack HCI and IoT Edge . Through integration with the Windows Subsystem for Linux , GUI applications from Linux can run natively within Windows to further cross-platform compatibility. Due to its lightweight nature and reliability, Azure Linux forms part of Microsoft's hybrid and multi-cloud solutions strategy. Enhanced Developer Experience Azure Linux 3.0 offers developers a streamlined experience with its expanded toolset and more efficient package management, making deploying more complex apps simpler. Furthermore, RPM package management enables custom package addition without impacting system efficiency. An iptables-based firewall ensures security is a top priority, creating a smooth development experience. Current Limitations and Preview Constraints While Azure Linux 3.0 presents many exciting possibilities, its current limitations and preview constraints limit users' usage to AKS version 1.31 only. Users must create new clusters or node pools as upgrades from Azure Linux 2.0 are unavailable. As part of the v20241025 rollout program, any feedback gathered during this phase will help refine the final version slated for public availability on AKS 1.32. How toEnable Azure Linux 3.0 Preview on AKS v1.31 To experience Azure Linux 3.0 on AKS v1.31, users and developers should follow these steps: Register the Feature Flag: az feature register --namespace Microsoft.ContainerService --name AzureLinuxV3Preview Check the Registration Status: az feature show --namespace Microsoft.ContainerService --name AzureLinuxV3Preview Deploy Azure Linux 3.0: After registration, new AKS clusters or node pools can be created using: --os-sku=AzureLinux Deployment can be facilitated using CLI, PowerShell, Terraform, or ARM templates, offering flexibility based on user preference. Our Final Thoughts on This Forward-Thinking Release Azure Linux 3.0 represents Microsoft's forward-thinking approach to cloud innovation. Boasting enhanced performance, tightened security measures, and an improved developer experience, this release represents an important step in Microsoft's cloud journey. With active community participation and a commitment to improving based on user feedback, Microsoft is poised to transform Azure Linux into one of its core cloud offerings. Are you using Azure Linux 3.0? We'd love to hear your thoughts! Tweet us @lnxsec. . Dive into the upgrades of Azure Linux 3.0, focusing on improvements in safeguarding systems, boosting efficiency, and enriching the developer's journey with newly implemented functionalities.. Azure Linux Release, Microsoft Cloud Security, Containerized Workloads, Azure Kubernetes Service. . Brittany Day
Nov 12, 2024
•
Cloud Security
212
security trendscontainer managementcloud-native2023 Container Market Outlook: Examining Security Hurdles and Skill Needs
Containers have become increasingly popular in recent years, they can be spun up quickly and offer developers the opportunity to deliver projects faster as well as gains in agility, portability and improved lifecycle management. . Here are what some industry experts think we'll see happening in the container market in 2023. Shira Shamban, CEO and co-founder of Solvo , believes securing containers will need an identity-centric approach. "Along with seeing a data-centric approach to security emerge, we will also see an identity-centric model grow. In previous years, when infrastructures were entirely on-premises, the network used to be the security perimeter. However, in today's cloud-native era and with the growth of APIs, it's necessary to have strong Identity and Access Management practices throughout the organization, creating a unique identity not only for each individual employee but also for the specific cloud components, such as containers, serverless functions and data resources. Maintaining a least-privileged state at scale will be increasingly important." . Analysts anticipate shifts in the container marketplace for 2023, focusing on emerging security patterns and essential competencies.. Container Management, Cloud-Native Security, Identity-Centric Security, Agile Development. . Brittany Day
Jan 02, 2023
•
Cloud Security
77
network securityvulnerabilityshadowserver381,645 Kubernetes API Servers Exposed: Shadowserver Findings
A large number of servers running the Kubernetes API have been left exposed to the internet, which is not great: they're potentially vulnerable to abuse. . Nonprofit security organization The Shadowserver Foundation recently scanned 454,729 systems hosting the popular open-source platform for managing and orchestrating containers, finding that more than 381,645 – or about 84 percent – are accessible via the internet to varying degrees thus providing a cracked door into a corporate network. "While this does not mean that these instances are fully open or vulnerable to an attack, it is likely that this level of access was not intended and these instances are an unnecessarily exposed attack surface," Shadowserver's team stressed in a write-up . "They also allow for information leakage on version and build." . The Cyber Defense Coalition analyzed 512,310 devices, uncovering unprotected Docker Hub repositories.. Kubernetes Api Exposure, Shadowserver Scanning, Network Vulnerabilities. . LinuxSecurity.com Team
May 23, 2022
•
Server Security
212
software deploymentvirtualizationcontainer managementTop 9 Docker Alternatives For Effective Container Management
Learn about nine great Docker alternatives for container management to consider using in your next project. . Containers are highly beneficial for software development, deployment, and management in a virtual environment. Docker is useful in the containerization process, but it's not the only platform around. If you're searching for some alternatives to Docker, look no further. This list showcases some feature-rich and efficient Docker alternatives to use in your next project. . Explore premier container orchestration platforms that rival Docker for your development tasks.. Container Management, Docker Alternatives, Virtual Deployment Solutions. . Brittany Day
Nov 09, 2021
•
Cloud Security
78
red hatOpenShiftkubernetesRed Hat OpenShift 4.6: Seamless Management Of Linux And Windows Containers
Most container work is done with Linux - but the fact that some jobs are also done with Windows-based containers can't be ignored. Now Red Hat makes it possible to manage both Linux and Windows containers with Kubernetes via OpenShift. . Containers are largely a Linux technology. But Microsoft, besides supporting Linux containers on Windows 10 and Azure, also has its own Windows-based containers. So it is that many Microsoft-oriented companies run both Linux and Windows containers. After all, these days, there are more Linux virtual machines (VM)s and containers running on Linux on Azure than there are Windows Server VMs. But managing Linux and Windows containers with one interface is not such an easy trick. So, I expect Red Hat to find many customers for its latest OpenShift Kubernetes feature: The ability to run and manage both Linux and Windows containers from one program . To pull off this trick, Red Hat OpenShift 4.6 uses the Windows Machine Config Operator (WMCO) . This is a certified OpenShift operator based on the Kubernetes Operator Framework , which is jointly supported by both Red Hat and Microsoft. . Red Hat OpenShift now supports both Linux and Windows containers, facilitating diverse workload deployment in Kubernetes while enhancing management and scalability.. Red Hat OpenShift, Container Management, Kubernetes Management, Windows and Linux Containers, Cross-Platform Container. . LinuxSecurity.com Team
Jan 08, 2021
•
Vendors/Products
77
malwarecybercrimesecurity awarenessDocker Security Insights: Malware Threats and Developer Responsibilities
Three years after the first malware attacks targeting Docker, developers are still misconfiguring and exposing their Docker servers online. Docker malware is now common, making this lackadaisical attitude toward Docker security increasingly problematic. . Towards the end of 2017, there was a major shift in the malware scene. As cloud-based technologies became more popular, cybercrime gangs also began targeting Docker and Kubernetes systems . Most of these attacks followed a very simple pattern where threat actors scanned for misconfigured systems that had admin interfaces exposed online in order to take over servers and deploy cryptocurrency-mining malware. Over the past three years, these attacks have intensified, and new malware strains and threat actors targeting Docker (and Kubernetes) are now being discovered on a regular basis. . Engineers must focus on improving Docker safety in light of the increase in malware aiming at container systems since 2017.. Docker Security, Malware Threats, Developer Awareness, Cybercrime, Container Security. . LinuxSecurity.com Team
Dec 01, 2020
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More