Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
210
security advisoryremote executionunauthenticated accessIBM Data Risk Manager Advisory: Critical Flaws Enable Remote Root Exec
IBM has admitted to making 'a process error, improper response' to a bug report that identified four vulnerabilities in its enterprise security software, and the tech giant plans to issue an advisory. . IBM Data Risk Manager offers security-focused vulnerability scanning and analytics, to help businesses identify weaknesses in their infrastructure. At least some versions of the Linux-powered suite included four exploitable holes, identified and, at first, privately disclosed by security researcher Pedro Ribeiro at no charge. Three are considered to be critical, and one is high risk. The software flaws can be chained together to achieve unauthenticated remote code execution as root on a vulnerable installation, as described in an advisory Ribeiro published today on GitHub. . Critical vulnerabilities in IBM Data Risk Manager have surfaced, tied to remote execution flaws due to unexpected response anomalies. Discover these security risks and their impacts. IBM Data Risk Manager, security vulnerabilities, remote code execution, data risk management, enterprise security. . Brittany Day
Apr 22, 2020
•
Security Vulnerabilities
78
security advisorycode executionfirefoxMozilla Suite Critical: Code Execution and Data Access Risks
Multiple vulnerabilities that could allow an attacker to install malicious code or steal personal data have been discovered in the Mozilla Suite and the Firefox open-source browser. Details of the nine flaws were published on Mozilla's security Web site over the weekend. . Ian Latter, senior security consultant at Internet security specialist Pure Hacking, said most of the vulnerabilities are based on the way the applications handle JavaScript. "There are some permission issues related to running JavaScript at an escalated privilege level. They remove some of the security measures used to keep JavaScript sandboxed and allow it to potentially do malicious things to your computer," said Latter. Another issue could allow malicious scripts to gain access to random pieces of memory, he said. "This random memory may or may not contain pieces of information about where you have been browsing. The worst-case scenario is that it could contain some personal or login information," said Latter.. Ian Latter, senior security consultant at Internet security specialist Pure Hacking, said most of th. vulnerabilities, allow, attacker, install, malicious, steal, personal. . LinuxSecurity.com Team
Apr 18, 2005
•
Vendors/Products
78
security advisorydata protectionpatchingOracle Database Critical Issues: Security Flaws and Patching Needed
In 2001, Oracle CEO Larry Ellison told the world his company's software was "unbreakable" and invited the hacker community to bring it on. The results? By Oracle's own admission, critical security flaws are now legion . . .. In 2001, Oracle CEO Larry Ellison told the world his company's software was "unbreakable" and invited the hacker community to bring it on. The results? By Oracle's own admission, critical security flaws are now legion. The problems affect all of Oracle's flagship products, including Oracle Database 8i, 9i and even the new 10g, with the exception of the just-released version 10.1.0.3. Oracle Application Server is also affected, though a patched version 9.0.4.2 is due out soon. The vulnerabilities run across multiple modules and functions. The database products have holes in the Database Server and Listener elements, and these don't even require a valid user account to exploit. Oracle Application Server is similarly vulnerable in its Portal and iSQL*Plus components. Oracle Enterprise Manager's holes are somewhat less severe--they can be exploited only by those with a valid OS-level user account--but other Oracle products, such as Oracle Collaboration Suite and E-Business Suite 11i, will necessitate full patching of their underlying database server and application server components. With no work-arounds available, Oracle recommends applying patches immediately. The link for this article located at Richard Hoffman, Network Computing is no longer available. . Microsoft's previously celebrated "impenetrable" systems encounter significant vulnerabilities; immediate updates are essential to safeguard information.. Oracle Database, Security Flaws, System Patching, Critical Issues, Data Protection. . LinuxSecurity.com Team
Sep 14, 2004
•
Vendors/Products
83
security researchvulnerability analysissoftware flawsBlack Hat 2023: Critical Software Flaws and Research Discussions
The last few months have seen the revelation of a rash of critical vulnerabilities in a wide variety of software, from Oracle Corp.'s database packages to Windows to Cisco Systems Inc.'s IOS code. And if 2003 is to be remembered for . . . . The last few months have seen the revelation of a rash of critical vulnerabilities in a wide variety of software, from Oracle Corp.'s database packages to Windows to Cisco Systems Inc.'s IOS code. And if 2003 is to be remembered for being one of the worst years on record for such problems, this week's Black Hat Briefings in Las Vegas may well go down as the event where security researchers began to turn the tide in the fight against faulty code. Vulnerability research right now is something of a black art. Its practitioners are often fiercely independent who typically log long hours poring through lines of code and prying into the darkest corners of modern computer systems, searching for the smallest crack, that sliver of daylight that could allow a cracker to slither into the machine and make it his own. And the job is often a thankless one. The security community is sharply divided over the value of independent vulnerability research; some observers feel it leads to better coding practices and more secure networks, while others believe it does nothing but hand crackers a detailed instruction set for breaking into systems. Two panel discussions on Wednesday will take on the topic of vulnerability research and try to inject some structure and analysis into the process. In the morning, the Organization for Internet Safety will formally unveil the final version of its long-awaited and much-discussed plan for handling security vulnerability disclosure and reporting. OIS, which is made up of security vendors and software makers including Microsoft Corp., @stake Inc. and BindView Corp. among others, released a draft version of the plan in early June and accepted public comments until July 4. The final version was posted to the group's Web site Monday. The link for thisarticle located at eWeek is no longer available. . The last few months have seen the revelation of a rash of critical vulnerabilities in a wide variety. months, revelation, critical, vulnerabilities, variety. . LinuxSecurity.com Team
Jul 30, 2003
•
Hacks/Cracks
82
security advisorygovernment systemscritical flawsGAO Report: Critical Flaws Expose Government Systems To Hackers
Senior officials of the U.S. Commerce Department go before Washington lawmakers Friday as a new government report details that the nation's business secrets are open to computer hackers. A new General Accounting Office (GAO) report says investigators were able to . . . . Senior officials of the U.S. Commerce Department go before Washington lawmakers Friday as a new government report details that the nation's business secrets are open to computer hackers. A new General Accounting Office (GAO) report says investigators were able to gain Internet access to Commerce Department computer systems, and that the government division is unable to detect outside intruders. The GAO will tell Congress that hackers could read and alter confidential business information. Other problems included using the word "password" for system access, misconfigured functions, and abuse of top-level security clearances. The link for this article located at E-Commerce Times is no longer available. . Senior officials of the U.S. Commerce Department go before Washington lawmakers Friday as a new gove. senior, officials, commerce, department, washington, lawmakers, friday. . Anthony Pell
Aug 03, 2001
•
Government
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More