Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 4 articles for you...
210
security advisorydebiancritical severityDebian: DSA-5462-1 Critical: Zenbleed Microcode Info Disclosure
It was discovered that under specific microarchitectural circumstances, a register in "Zen 2" CPUs might not be written to 0 correctly, potentially causing data from another process and/or thread to be stored in the YMM register ( CVE-2023-20593 , also known as Zenbleed). . This vulnerability could result in the exposure of sensitive data. Updated microcode packages that mitigate this flaw are now available for Amd Epyc gen 2 CPUs. Other Zen 2-based CPUs will get their microcode update later when AMD has fixed and validated the microcodes. Given that this bug poses a severe threat to the confidentiality of sensitive information, it is crucial that all impacted users apply the updates issued by Debian , D ebian LTS , Fedora , Mageia , Oracle , Slackware , SUSE and Ubuntu now to prevent potential compromise of their critical data. To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user , subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems. Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s) . . This risk may reveal confidential information. Firmware updates are being deployed promptly to address the concern.. Microcode Update, AMD Security, Zen 2 Threat, Data Exposure, Information Disclosure. . Brittany Day
Aug 03, 2023
•
Security Vulnerabilities
210
security advisoryGentooremote code executionGentoo: GHSA-gc2x-86p3-mxg2 high: SQL Injection Remote Code Execution
Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems. "These SQL injections happened despite the use of an Object-Relational Mapping (ORM) library and prepared statements," SonarSource researcher Thomas Chauchefoin said , adding they could result in RCE on Soko because of a "misconfiguration of the database." . The two issues , which were discovered in the search feature of Soko, have been collectively tracked as CVE-2023-28424 (CVSS score: 9.1). They were addressed within 24 hours of responsible disclosure on March 17, 2023. Soko is a Go software module that powers packages.gentoo.org , offering users an easy way to search through different Portage packages that are available for Gentoo Linux distribution. But the shortcomings identified in the service meant that it could have been possible for a malicious actor to inject specially crafted code , resulting in the exposure of sensitive information. The link for this article located at The Hacker News is no longer available. . A couple of significant vulnerabilities in OpenWeb Resto can lead to unauthorized system access and confidential information leakage.. SQL Injection, Remote Code Execution, Gentoo Security. . Brittany Day
Jun 30, 2023
•
Security Vulnerabilities
210
security advisoryremote code executionprivilege escalationCISA: Seven Old Linux Issues Critical: RCE and Escalation Risks
The Cybersecurity & Infrastructure Security Agency (CISA) added seven new Linux vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on Friday based on evidence of active exploitation, some of which have been known for a decade: . CVE-2023-25717: Multiple Ruckus Wireless Products CSRF and RCE Vulnerability CVE-2021-3560: Red Hat Polkit Incorrect Authorization Vulnerability CVE-2014-0196: Linux Kernel Race Condition Vulnerability CVE-2010-3904: Linux Kernel Improper Input Validation Vulnerability CVE-2015-5317: Jenkins User Interface (UI) Information Disclosure Vulnerability CVE-2016-3427: Oracle Java SE and JRockit Unspecified Vulnerability CVE-2016-8735: Apache Tomcat Remote Code Execution Vulnerability (This flaw exists because a component was not updated to take account of Oracle’s fix for CVE-2016-3427.) The Impact These bugs could result in remote code execution (RCE), privilege escalation attacks, denial of service (DoS) attacks leading to memory corruption and system crashes and the compromise of sensitive information. They have recived National Vulnerability Database (NVD) ratings of "critical" or "high-severity" due to the high confidentiality, integrity and availability impact of these issues. All of these vulnerabilities are connected to Linux, and may have been leveraged in attacks on Linux systems. The Ruckus product vulnerability has been exploited by a DDoS botnet called AndoryuBot. There do not appear to be any public reports describing exploitation of the other vulnerabilities recently added to CISA’s catalog; however, technical details and proof-of-concept (PoC) exploits are available. How Can I Protect Against These Vulnerabilities? Many Linux distributions have released advisories for these vulnerabiliies to describe impact of these flaws and the availability of patches. LinuxSecurity tracks advisories for fifteen popular Linux disros, and the advisories released for thesevulnerabilities can be easily found by searching our site for the specific CVE you are interested in. To stay on top of important updates released by the open-source programs and applications you use, be sure to register as a LinuxSecurity user , then subscribe to our Linux Advisory Watch newsletter and customize your advisories for the distro(s) you use. This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems. Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s) . . CISA alerts on ongoing attacks exploiting seven dated Linux vulnerabilities. Details on consequences and mitigation steps available.. Linux Vulnerabilities, Cybersecurity Threats, Patches, Privilege Escalation, Remote Code Execution. . Brittany Day
May 26, 2023
•
Security Vulnerabilities
210
security advisorybuffer overflowsoftware updateVLC Media Player 3.0.11: Critical Security Fix For Remote Code Execution
Have you heard that VideoLAN has released a new version of VLC Media Player to resolve a critical security vulnerability that could eventually allow for remote code execution? . The update, which brings VLC to version 3.0.11 on Linux, Windows, and Mac, specifically targets the vulnerability documented in CVE-2020-13428 and which only affects the desktop client. VideoLAN explains that a potential exploit can use a specifically crafted file which when launched with VLC Media Player can trigger a buffer overflow in the H26X packetizer. In most of the cases, the whole thing would just cause the application to crash, which albeit isn’t something very convenient, is not really that dangerous. But on the other hand, VideoLAN warns that a more complex attack could actually lead to an RCE attack and a potential leak of user information. The link for this article located at Softpedia News is no longer available. . A recent VLC upgrade addresses a severe vulnerability impacting Linux, Windows, and Mac, aiming to mitigate potential remote code exploitation.. VLC Media Player Update, Buffer Overflow Fix, Remote Code Execution, VideoLAN Security, Software Update. . Brittany Day
Jun 17, 2020
•
Security Vulnerabilities
83
security advisorySQL injectioncritical severityJoomla 3.4.5 Security Alert: Urgent SQL Injection Vulnerability Found
Four hours -- that's the time Joomla website owners had to apply a patch recently before attackers started to exploit the flaw it fixed. Those who still haven't updated their websites are likely to find them compromised. . On Thursday, the developers of Joomla released version 3.4.5 of the popular content management system in order to fix an SQL injection vulnerability that allows attackers to gain administrative privileges by hijacking an active administrator session. . On Thursday, the developers of Joomla released version 3.4.5 of the popular content management syste. hours, that's, joomla, website, owners, apply, patch, recently, attackers. . LinuxSecurity.com Team
Mar 14, 2017
•
Hacks/Cracks
83
security advisorycritical severitysystem vulnerabilitySupermicro: Critical Advisory On Admin Password Exposure In BMC
An alarming number of servers containing motherboards manufactured by Supermicro continue to expose administrator passwords despite the release of an update that patches the critical vulnerability, an advisory published Thursday warned.. The threat resides in the baseboard management controller (BMC), a motherboard component that allows administrators to monitor the physical status of large fleets of servers, including their temperatures, disk and memory performance, and fan speeds. Unpatched BMCs in Supermicro motherboards contain a binary file that stores remote login passwords in clear text. Vulnerable systems can be detected by performing an Internet scan on port 49152. A recent query on the Shodan search engine indicated there are 31,964 machines still vulnerable, a number that may not include many virtual machines used in shared hosting environments.. Unsecured Supermicro BMCs reveal admin credentials, jeopardizing numerous servers. Discover the implications of this critical vulnerability.. Supermicro Servers, Admin Passwords, BMC Vulnerability. . LinuxSecurity.com Team
Jun 23, 2014
•
Hacks/Cracks
77
security advisoryremote accesslocal attackNetBSD 5.0.2 Security Advisory: Issues with TLS Session Renegotiation
The NetBSD development team have announced the release of the second "critical/security" update of the 5.0 release branch, NetBSD 5.0.2. The latest maintenance release includes a number of important security and stability fixes for the BSD based operating system.. NetBSD 5.0.2 features two fixes related to security advisories, including an issue in the OpenSSL Transport Layer Security (TLS) session renegotiation that could allow an attacker to remotely intercept communication. The developers have disabled TLS session renegotiation in order to prevent Man-in-the-Middle attacks. The second advisory fix corrects an issue that could allow a local attacker to invoke a kernel panic due to issues in the azalia(4) and hdaudio(4) drivers. The link for this article located at H Security is no longer available. . NetBSD 5.0.2 introduces essential patches for OpenSSL SSL concerns and safeguards against kernel crash exploits within audio components.. NetBSD Update, OpenSSL Fixes, Kernel Issues, NetBSD Security, TLS Vulnerability. . LinuxSecurity.com Team
Feb 16, 2010
•
Server Security
83
security advisoryremote accesscross-site scriptingFirefox 1.0.3 Security Advisory: Critical Cross-Site Scripting Risks
Two vulnerabilities in the popular Firefox browser have been rated "extremely critical" because exploit code is now available to take advantage of them. The cross-site scripting and remote system access flaws were discovered in Firefox version 1.0.3, but other versions may also be affected, said security company Secunia, which issued the ratings Sunday. . The two vulnerabilities, when combined, can be exploited, but no known cases have yet emerged where an attacker took advantage of the public exploit code. One flaw involves "IFRAME" JavaScript URLs, which are not properly protected from being executed in the context of another URL in the history list. "If you visit a malicious Web site, it can steal cookie information from other Web sites you had previously visited," said Thomas Kristensen, Secunia's chief technology officer. The attacker could then use that information to engage in identity theft or gain access to other password-protected sites that the victim visited. A second vulnerability exists in the IconURL parameter in InstallTrigger.install(). Information passed to this parameter is not properly verified before it's used, allowing an attacker to gain user privileges. This flaw could allow an attacker to gain and escalate user privileges on a system.. The two vulnerabilities, when combined, can be exploited, but no known cases have yet emerged where . vulnerabilities, popular, firefox, browser, rated, 'extremely, critical', because. . LinuxSecurity.com Team
May 09, 2005
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More