Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 5 articles for you...
210
security advisoryFedoracritical riskOpenSSH: Urgent Warning Regarding MitM and DoS Security Vulnerabilities
Qualys researchers have recently identified two significant vulnerabilities in OpenSSH that put Linux and FreeBSD systems at severe risk. These bugs enable man-in-the-middle (MitM) attacks and denial-of-service (DoS) attacks to compromise secure communications channels. . Now is the time to ensure your systems are bulletproof by understanding these vulnerabilities' implications, how they work, determining if your systems are vulnerable, and taking measures to secure infrastructures of all sizes - single servers or fleets! Here's everything you need to stay ahead of the game and address these vulnerabilities before adversaries can exploit them. Understanding these New OpenSSH Vulnerabilities Let's begin with a quick review of both vulnerabilities identified by Qualys. CVE-2025-26465 allows attackers to intercept and manipulate communications between OpenSSH clients and servers, potentially leading to attacks against either. By default, VerifyHostKeyDNS settings on FreeBSD systems were typically disabled permanently. However, from September 2013 until March 2023, they were temporarily enabled - creating an opportunity for attackers who can pose as legitimate servers while intercepting sensitive information like passwords and confidential files being transmitted back and forth between clients and servers. CVE-2025-26466 allows pre-authentication denial-of-service attacks by exploiting memory and CPU consumption asymmetry. An attacker could exploit this flaw to cause prolonged outages that impede administrators from performing maintenance on critical servers. This could lead to severe disruption where uptime and reliable access are crucial. Debian , Fedora, Gentoo, and Slackware have released important security advisory updates regarding available fixes for these flaws. Assessing Your Risk The first step in mitigating these risks is assessing your systems' vulnerability. Start by checking your OpenSSH version. You can quickly determine which version you’re runningwith the simple command ssh -V. This command will display your current OpenSSH version. If you’re not on version 9.9p2, updating as soon as possible is crucial. The patches released in this version address these recent vulnerabilities and safeguard your systems against potential exploitation. Next, review your SSH configuration files, typically located at /etc/ssh/ssh_config or /etc/ssh/sshd_config , to check the status of the VerifyHostKeyDNS option. You want to ensure this option is set to "no" unless you need it to be otherwise. Use the following command grep VerifyHostKeyDNS /etc/ssh/ssh_config to check this. If you see an output indicating that VerifyHostKeyDNS is set to "yes" or "ask", you should change it to "no" to mitigate the MitM vulnerability. Additionally, monitoring your system logs regularly can help you detect any unusual activity that might indicate an attempted or successful exploit of these vulnerabilities. Look closely at your logs for patterns or anomalies suggesting a compromised system. Enhancing Security Patching systems regularly is key in defending against OpenSSH bugs like these, but additional measures can help mitigate vulnerabilities and ensure robust system protection. One key principle in security is the principle of least privilege: ensure only users who need SSH access for their roles receive it! Having less access also decreases potential points of attack. Strong authentication methods are integral in offering optimal protection, including using key-based rather than password authentication (which tends to be less secure). Relying on SSH keys dramatically decreases the chance of unauthorized entry, while two-factor authentication (2FA) can add extra layers of defense against intrusions. Tools like Fail2Ban monitor log files to detect potential maliciousness, such as multiple failed login attempts. By automatically banning IPs associated with these attempted log-ins, an IDS like Fail2Ban can stop brute force attacks and any unauthorizedattempts at access. Regular updates and patch management are critical when using OpenSSH, mainly to ensure optimal functionality of its software, dependencies, and components. Staying current by patching every aspect of your system, including OpenSSH, reduces risks related to known vulnerabilities or exploitable flaws that could compromise its proper workings and ensures smooth operations. Network segmentation can further strengthen security. Limiting SSH access with appropriate firewall rules and using virtual private networks (VPNs) to connect sensitive servers create an even safer environment with additional encryption and authentication measures in place. Our Final Thoughts on Mitigating These Recent OpenSSH Bugs Recent vulnerabilities discovered in OpenSSH illustrate the necessity of staying vigilant to maintain secure systems. Beyond patching, strong authentication, minimal access privileges, intrusion detection, regular updates, network segmentation, and vigilant monitoring can protect your systems more effectively and guarantee their security while keeping operations running efficiently. Keep informed , remain protected, and prioritize security across every aspect of your system administration! . Address vulnerabilities from recent OpenSSH flaws impacting protected interactions; discover security upgrades today.. OpenSSH Issues, MitM Risks, DoS Strategies, Linux Protection, System Security. . Brittany Day
Feb 24, 2025
•
Security Vulnerabilities
210
security advisoryupdatecriticalLinux Kernel Netfilter Vulnerability: CVE-2024-26925 Critical DoS Threat
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential risks to systems worldwide. The vulnerability, CVE-2024-26925 , arises from improperly releasing a mutex within the garbage collection (GC) sequence of nf_tables. It could potentially lead to race conditions and compromise the stability and security of the Linux kernel. . What Is the Impact of This Vulnerability on Linux Security? The technical details of the vulnerability and its impact on the Linux kernel's security should be highlighted. During the critical section, the commit mutex must not be released between nft_gc_seq_begin() and nft_gc_seq_end. The async GC worker could collect expired objects and get the released commit lock within the same GC sequence if this occurs. The implications of this kernel flaw are severe for systems utilizing the nf_tables for network packet filtering. Thus, admins and users should apply the latest updates to safeguard their systems. This proactive patching underscores the Linux community's commitment to security and stability and the importance of staying updated and informed on Linux security patches and best practices. For Linux admins, infosec professionals, internet security enthusiasts, and sysadmins, this vulnerability could have substantial long-term consequences for their systems and networks. It raises questions about the overall security of the Linux kernel and prompts critical analysis of the patching process and its effectiveness. However, the implications of this vulnerability extend beyond the immediate need for patching, elevating the importance of understanding and addressing potential weaknesses in open source and Linux security . This article aims to ensure that users are aware of their risks and equipped to take necessary actions to mitigate potential threats. Our Final Thoughts on This Critical Kernel Bug The critical vulnerability identified in the Linux kernel's netfiltersubsystem underscores the ongoing challenges in maintaining robust security measures for open-source software. The implications of this vulnerability on systems worldwide necessitate a heightened focus on proactive security measures, patching, and ongoing monitoring to ensure the resilience of Linux environments. This article aims to provide valuable insights and takeaways for the global community of Linux admins, infosec professionals, internet security enthusiasts, and sysadmins by emphasizing the impact of this flaw on security practitioners and offering actionable mitigation recommendations. . This critical weakness in the Linux kernel presents considerable dangers, requiring immediate response from system administrators and cybersecurity personnel.. Linux Kernel, Netfilter, Critical Risk, DoS, Security Update. . Brittany Day
Apr 30, 2024
•
Security Vulnerabilities
210
security advisorysecurity updatecritical riskPHP: CVE-2023-0567 Critical Risk: Bypass Password Check Threat
It was recently discovered that PHP could be made to bypass password checking if a specially crafted input was provided (CVE-2023-0567). . This flaw could possibly allow applications to accept any password as valid, contrary to expectations, potentially leading to the compromise of critical systems and sensitive information. With a low attack complexity, no user interaction required, and a high confidentiality impact, it is crucial that all impacted users apply the PHP updates issued but their distro(s) immediately to protect the privacy and confidentiality of their systems and their sensitive data. To stay on top of important updates released by the open-source programs and applications you use, be sure to register as a LinuxSecurity user , then subscribe to our Linux Advisory Watch newsletter and customize your advisories for the distro(s) you use. This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems. Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s) . . A significant vulnerability in PHP may allow applications to circumvent password verification, thereby endangering confidential information.. PHP Vulnerability, Bypass Security, Critical Threat. . Brittany Day
May 11, 2023
•
Security Vulnerabilities
83
security advisorycritical riskzero-dayQEMU Zero-Day Advisory: Critical Risk for Cloud Services and VMs
Critical vulnerability in the open-source QEMU hypervisor lets attackers break out of a virtual machine, execute code on a host machine and access all the other VMs on the host.. A zero-day vulnerability affecting a variety of virtualization platforms and cloud services allows attackers to break out of a virtual machine (VM), execute code on the host machine and access any other VMs running on it, CrowdStrike researchers revealed today. The link for this article located at Dark Reading is no longer available. . An undisclosed vulnerability in QEMU enables cybercriminals to run arbitrary code on the host system, impacting various cloud services and virtual machines.. QEMU Attack, Hypervisor Threat, Cloud VM Vulnerability. . LinuxSecurity.com Team
May 18, 2015
•
Hacks/Cracks
83
security advisorycritical riskprivilege escalationNvidia Driver Exploit: Privilege Escalation Risk by Dave Airlie
An anonymous hacker has found a security hole in the Nvidia binary. He or she allegedly reported it to Nvidia "over a month ago" and did not receive a reply, nor was the flaw ever patched. The exploit has now been made public.. Software Engineer Dave Airlie was sent details of the vulnerability. After testing it out and discovering that it indeed works, he posted the exploit for everyone to see over at the mailing list
Aug 03, 2012
•
Hacks/Cracks
83
security advisorybuffer overflowcritical riskF-Secure: Critical Buffer Overflow Threat in Antivirus Products
F-Secure has become the latest security firm to be embarrassed by a flaw in its flagship security product line, but the company manged to patch the flaw while it was still only 'theoretical' F-Secure has released a patch for a serious flaw in its antivirus products, the second time in a week a security company has warned of a risk in its software. . The security hole in the antivirus library affects 18 products for desktops, servers and gateways, with the network products at "critical" risk, F-Secure said in a bulletin on Thursday. By creating a specially crafted ARJ archive file, an intruder could use a buffer overflow to run arbitrary code on an unpatched machine, said Tony Magellanez, a systems engineer at F-Secure. The link for this article located at ZDNet.co.uk is no longer available. . A critical vulnerability in F-Secure security solutions impacts 18 devices. Learn more about the buffer overflow threat and the necessary updates.. F-Secure Patch, Antivirus Security Threat, Critical Risk Fix. . LinuxSecurity.com Team
Feb 14, 2005
•
Hacks/Cracks
83
security advisorycritical risksecurity threatWindows Advisory: Critical Exploit Threats Reported, December 2023
A Chinese security group has released sample code to exploit two new unpatched flaws in Microsoft Windows. The advisory comes in the week before Christmas, a time when many companies and home users are least prepared to deal with the problems. Security firm Symantec warned its clients of the vulnerabilities on Thursday, after the Chinese company that found the flaws published them to the Internet. One vulnerability, in the operating system's LoadImage function, could enable an attacker to compromise a victim's PC when the computer displays a specially crafted image placed on a Web site or in an e-mail. The other vulnerability, in the Windows Help program, likewise could affect any program that opens a Help file. . Because the flaws are in a library used by Windows programs, almost all browsers and e-mail clients are likely affected by the flaws, said Alfred Huger, senior director of engineering at Symantec. "They are rather serious," Huger said. "Both can be exploited by anything that processes images or reads help files." Because the flaws were accompanied by sample code--known as exploit code--that shows how to take advantage of the security holes, Huger expected the exploits to be quickly incorporated into the tools of malicious Internet users. "The fact that there is an exploit out there is very concerning," he said. "I think you will see it in phishing scams and spyware in very short order." A mass-mailing computer virus could also quickly begin using the vulnerabilities to spread. Microsoft could not immediately be reached for comment on the issues.. Because the flaws are in a library used by Windows programs, almost all browsers and e-mail clients . chinese, security, group, released, sample, exploit, unpatched, flaws, microsoft. . LinuxSecurity.com Team
Dec 24, 2004
•
Hacks/Cracks
83
security advisorysoftware updatecritical riskPHP-Nuke 6.0 SQL Injection Advisory - Critical DoS Threat
All PHP-Nuke versions, including the just released 6.0, are vulnerable to a very simple SQL injection that may lead to a basic DoS attack. When the script is stopped, the server will take a few minutes to recover from the load and become acessible again.. . .. All PHP-Nuke versions, including the just released 6.0, are vulnerable to a very simple SQL injection that may lead to a basic DoS attack. When the script is stopped, the server will take a few minutes to recover from the load and become acessible again. Date: 25 Sep 2002 17:25:46 -0000 From: Pedro Inacio To: bugtraq@ Subject: PHP-Nuke x.x SQL Injection Hello, All PHP-Nuke versions, including the just released 6.0, are vulnerable to a very simple SQL injection that may lead to a basic DoS attack. For instance, if you create a short script, to send a few requests, (I have tested with just 6) similar to this:;file=article&sid=1234%20or% 201=1 after a real short time the load of the machine is so high that it will become inacessible. When the script is stopped, the server will take a few minutes to recover from the load and become acessible again. Well, the number of requests depends on your MySQL parameters and hardware, but in general all the tested php-nuke sites where vulnerable and become inacessible. If you are running PHP-Nuke, I suggest the creation of some filters to avoid this kind of attack. Other things can be made, but I will not talk about them now. I will wait until Francisco fix them. Francisco was noticed a month ago, but the problems persist. Maybe he is busy reading the new revision of the "Building Secure Web Applications and Web Services" OWASP document.:] Cheers, Pedro Inacio . Various PHP-Nuke 6.0 iterations expose simple SQL injection flaws, leading to potential Denial of Service attacks. Safeguard your server immediately.. PHP-Nuke Security, SQL Injection Risk, DoS Prevention, Attack Mitigation. . LinuxSecurity.com Team
Sep 25, 2002
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More