Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
79
Linux securityOpenSSLcommunity engagementOpenSSL's Governance Changes Enhance Community Input and Security
On July 24, 2024, OpenSSL took an extraordinary step toward improving community engagement and realigning with its core values when it announced the implementation of a new governance framework and the launch of several projects under its mission statement. This event marks a historic moment for OpenSSL and Linux administrators worldwide who depend on this foundational technology for secure applications. . OpenSSL, the open-source cryptographic library providing secure communications for websites and applications, plays an essential role in the digital security ecosystem. Linux systems rely on it heavily to ensure data integrity, confidentiality, and authentication across many applications. OpenSSL's newly unveiled governance structure seeks to better reflect the project's longstanding mission by engaging community participation more actively while leading decision-making processes more inclusively. To help you better understand this initiative, I'll explain what has changed in OpenSSL's new governance model, the security implications for admins like you and me, and the project's plans for the future. What Is OpenSSL's New Governance Model? OpenSSL's revised governance framework introduces two independent, co-equal entities: OpenSSL Foundation and Corporation. They specialize in non-commercial and commercial communities and operate autonomously to meet community needs. With this arrangement, decisions align more effectively with community requirements than before. As part of the move to disband the OpenSSL Management Committee (OMC), governance now rests in the hands of two elected boards of directors who share responsibility, similar to what previously was held by OMC. Furthermore, Community Advisory Committees consisting of the Business Advisory Committee (BAC) and Technical Advisory Committee (TAC) will act as conduits for community input, signaling a shift toward more democratic governance practices. This structural reform brings significant advances in security and reliability forOpenSSL-powered systems. Two focused entities provide enhanced tailored support and developments in security protocols to create more secure Linux environments. Community Advisory Committees will ensure that Linux administrators' security needs and challenges find an efficient means of expression and resolution, keeping OpenSSL's roadmap aligned closely with today's ever-evolving security landscape. OpenSSL Expands its Mission to Encompass New Projects & Advance Linux Security At this juncture of its development, OpenSSL has also welcomed Bouncy Castle and cryptlib under its mission, adhering to their respective missions and values. Both projects are longstanding players in cryptography: Bouncy Castle provides open-source cryptographic APIs for Java and C# apps, while cryptlib offers a toolkit for embedding encryption services into applications. Bouncy Castle has proven invaluable for developers and Linux administrators. Thanks to its FIPS-certified solutions, long-term support releases, and quantum-ready cryptographic support, it bolsters the security posture of Linux systems that use Java or C# programming languages, giving administrators peace of mind knowing their systems contain state-of-the-art cryptography features. Similarly, the portability and support for multiple security protocols, including SSL/TLS , make cryptlib an indispensable asset in Linux security. It streamlines implementing world-class encryption services while improving application efficiency and reliability on Linux-based devices. Integrating Bouncy Castle and cryptlib into OpenSSL's mission and transitioning to its new governance model will herald a new era of innovation and security for Linux administrators. Access to diverse cryptographic tools and solutions helps enhance security standards while meeting common challenges more efficiently. Linux administrators can look forward to more secure, robust cryptographic implementations backed by community insights and innovations facilitated by the new governancemodel. These developments will increase security on Linux-based systems and foster an environment conducive to continued collaboration in the open-source security space. Final Thoughts: What's Next for OpenSSL? As OpenSSL embarks on its transformative journey, Linux administrators stand to reap significant benefits in terms of enhanced security, innovation, and community engagement. With advisory committees slated to be created and an OpenSSL user conference planned soon after this transition period commences, its future and effect on Linux security look bright. OpenSSL has welcomed these modifications, reinforcing its dedication to digital security in an increasingly connected world. For Linux administrators, staying abreast of these developments is crucial to keeping pace with cybersecurity's ever-evolving landscape. At LinuxSecurity, we commend OpenSSL's newly announced governance structure and projects, representing a transformative leap forward for cryptographic security and community engagement. . OpenSSL fosters collaboration and transparency, elevating security protocols for Unix-like platforms.. OpenSSL Governance Structure, Linux Security Framework, Cryptography Tools, Open Source Community. . Dave Wreski
Jul 31, 2024
•
Security Projects
67
network protocolencryption toolsecure connectionExploring OpenSSL: Tools For Secure SSL/TLS Connections
Secure Sockets Layer (SSL) is an internet security protocol. It establishes encrypted connections between computers on a network, such as the internet. The OpenSSL Project dates back to 1998 to develop a free, versatile set of encryption tools for online use. . Amongst other things this includes open-source versions of both the SSL and TLS protocols . As the source code is freely available OpenSSL is supported on a number of platforms including Linux, macOS and Windows. The core library (libssl) of OpenSSL is written in the C Programming Language. It’s designed to allow users to enable support for SSL/TLS in both client and server applications. This is useful for websites, messaging apps , and VPN services , including free VPNs . The library relies heavily on OpenSSL’s comprehensive cryptographic library, libcrypto. This supports a huge number of algorithms including the industry standard Advanced Encryption Standard ( AES ). The libcrypto library also supports older encryption algorithms like Blowfish and Camellia. . LibreSSL provides free-to-use libraries and tools for establishing secure communications utilizing HTTPS and TLS safeguards for protected digital exchanges.. OpenSSL, Encryption Tools, TLS, Network Protocols, SSL. . LinuxSecurity.com Team
Feb 21, 2023
•
Cryptography
210
security advisoryOpenSSLcritical patchOpenSSL: Critical Security Flaw Addressed in Latest Update
Yesterday, we wrote about the waited-for-with-bated-breath OpenSSL update that attracted many column-kilometres of media attention last week. . The OpenSSL team announced in advance, as it usually does, that a new version of its popular cryptographic library would soon be released. This notification stated that the update would patch against a security hole with a CRITICAL severity rating, the project’s highest. . The latest OpenSSL release tackles significant security flaws and offers crucial guidance for upholding IT reliability.. OpenSSL Update,Critical Security Patch,Software Vulnerabilities. . Brittany Day
Nov 04, 2022
•
Security Vulnerabilities
67
security advisoryhigh severityencryptionOpenSSL: High Severity Update Notification for Server Admins
Server admins and developers beware: The OpenSSL Project plans to release security updates Thursday for its widely used cryptographic library that will fix a high severity vulnerability. . OpenSSL implements multiple cryptographic protocols and algorithms including TLS (Transport Layer Security), which underpins encryption on the Web as part of protocols like HTTPS (HTTP Secure), IMAPS (Internet Message Access Protocol Secure) and SMTPS (Simple Mail Transfer Protocol Secure). . Anticipate OpenSSL revisions targeting a critical vulnerability in encryption standards essential for safeguarding communications.. OpenSSL Updates, Cryptographic Security, High Severity Threats. . LinuxSecurity.com Team
Jul 07, 2015
•
Cryptography
67
security advisorysoftware updateperformance improvementLibgcrypt 1.4.5 Launch: Important Security Updates and Performance Boosts
Libgcrypt is a general purpose library of cryptographic building blocks. It is originally based on code used by GnuPG. It does not provide any implementation of OpenPGP or other protocols. Thorough understanding of applied cryptography is required to use Libgcrypt. . Hello! The GNU project is pleased to announce the availability of Libgcrypt version 1.4.5. Libgcrypt is a general purpose library of cryptographic building blocks. It is originally based on code used by GnuPG. It does not provide any implementation of OpenPGP or other protocols. Thorough understanding of applied cryptography is required to use Libgcrypt. Noteworthy changes in version 1.4.5: * Fixed minor memory leak in DSA key generation. * No more switching to FIPS mode if /proc/version is not readable. * Fixed a sigill during Padlock detection on old CPUs. * Fixed a hang on some W2000 machines. * Boosted SHA-512 performance by 30% on ia32 boxes and gcc 4.3; SHA-256 went up by 25%. Source code is hosted at the GnuPG FTP server and its mirrors as listed at . On the primary server the source file and its digital signature is: (1121k) This file is bzip2 compressed. A gzip compressed version is also available: (1386k) .sig Alternativley you may upgrade version 1.4.4 using this patch file: (93k) The SHA-1 checksums are: ef7ecbd3a03a7978094366bcd1257b3654608d28 libgcrypt-1.4.5.tar.bz2 8d83a60ca55f2ea40b5d5bc99463905b7a1dcb56 libgcrypt-1.4.5.tar.gz 5307e361da5232cd771c300adddc69e57f0e366d libgcrypt-1.4.4-1.4.5.diff.bz2 For help on developing with Libgcrypt you should read the included manual and optional ask on the gcrypt-devel mailing list [1]. Note that this version is from the stable branch; the current development version is available at . Improving Libgcrypt is costly, but you can help! We are looking for organizations that find Libgcrypt useful and wish to contribute back. You can contribute by reporting bugs, improve the software [2],order extensions or support or more general by donating money to the Free Software movement (e.g. ). Commercial support contracts for Libgcrypt are available [3], and they help finance continued maintenance. g10 Code GmbH, a Duesseldorf based company, is currently funding Libgcrypt development. We are always looking for interesting development projects. Many thanks to all who contributed to Libgcrypt development, be it bug fixes, code, documentation, testing or helping users. Happy hacking, Werner [1] See . [2] Note that copyright assignments to the FSF are required. [3] See the service directory at . . We're excited to unveil Libgcrypt 1.4.5, featuring significant enhancements and optimizations for cryptographic software.. Libgcrypt Release, Cryptography Updates, Security Fixes. . LinuxSecurity.com Team
Dec 11, 2009
•
Cryptography
67
security advisorydenial of servicethreatOpenSSL: Various ASN.1 Memory Vulnerabilities Causing DoS Risks
CERT is coordinating multiple security vulnerabilities in OpenSSL, the open source SSL/TLS implementation including an ASN.1 memory deallocation vulnerability and an ASN.1 tag vulnerability.. . .. CERT is coordinating multiple security vulnerabilities in OpenSSL, the open source SSL/TLS implementation including an ASN.1 memory deallocation vulnerability and an ASN.1 tag vulnerability. OpenSSL ASN.1 parser insecure memory deallocation - Vulnerability Note VU#935264 A vulnerability in the way OpenSSL deallocates memory used to store ASN.1 structures could allow a remote attacker to execute arbitrary code with the privileges of the process using the OpenSSL library. OpenSSL implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols and includes a general purpose cryptographic library. SSL and TLS are commonly used to provide authentication, encryption, integrity, and non-repudiation services to network applications such as HTTP, IMAP, POP3, LDAP, and others. Clients and servers exchange authentication information in X.509 certificates. While the SSL and TLS protocols are not directly based on ASN.1, they do rely on ASN.1 objects used in X.509 certificates and other cryptographic elements (e.g. PKCS#1 encoded RSA values). The ASN.1 parser in OpenSSL is also used to handle non-SSL/TLS elements such as PKCS#7 encoded S/MIME parts. There is a vulnerability in the way OpenSSL deallocates memory used to store ASN.1 structures (ASN1_TYPE). Parsing specially crafted ASN.1 encoded structures that OpenSSL determines to be invalid could cause memory to be deallocated insecurely, corrupting the stack. OpenSSL does not securely handle ASN.1 tags (1) - Vulnerability Note VU#255484 A vulnerability in the way OpenSSL handles ASN.1 tags could allow a remote attacker to cause a denial of service. OpenSSL contains a vulnerability in the way ASN.1 tags are handled. A specially crafted ASN.1 tag could cause the OpenSSL library to perform an out-of-bounds memory read operation. This couldresult in a denial of service, crashing the process using the OpenSSL library. Vendors are currently coordinating updates to all affected packages. Relevant links thus far include : OpenSSL ASN.1 parser insecure memory deallocation - Vulnerability Note VU#935264 OpenSSL does not securely handle ASN.1 tags (1) - Vulnerability Note VU#255484 NISCC Vulnerability Advisory 006489/OpenSSL - Background on the vulnerabilities . CERT is coordinating multiple security vulnerabilities in OpenSSL, the open source SSL/TLS implement. coordinating, security, vulnerabilities, openssl, source, ssl/tls, implement. . LinuxSecurity.com Team
Sep 30, 2003
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More