Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
83
security breachhacking toolcustom firmwareBlueDisk-CFW: Custom Firmware Bypasses PS3 Security Effectively
Chinese hacker group, BlueDisk-CFW, releases leaked tool which circumvents the game console's latest 3.60 firmware that had plugged security holes from the unauthorized access by another hacker group last year. . A Chinese hacking group says it has released a Sony PlayStation 3 (PS3) custom firmware which can circumvent the firmware on the game console. BlueDiskCFW released the custom firmware CFW which contains the LVO encryption keys to enable users to bypass the current PlayStation Network (PSN) passphrase security protocol, according to The Hacker News Web site on Wednesday. The link for this article located at ZDNet Blogs is no longer available. . An underground hacking collective from China has unveiled a modified software package for the PS3, effectively circumventing the newest security measures.. PS3 Hack, Custom Firmware, Security Tool, BlueDisk-CFW, Console Exploit. . LinuxSecurity.com Team
Oct 24, 2012
•
Hacks/Cracks
83
security advisoryprinter exploitHPHP Printer Security Advisory: Custom Firmware Risk Of Fire Hazard
Researchers from Columbia University have demonstrated a security flaw found in, but perhaps not limited to, HP printers which can actually lead to fires. The exploit allows hackers to reprogram printers with custom firmware, giving the attacker full control of printer functions. As a result, the hacker can continually heat a laser printer's fuser until paper begins to burn, MSNBC reports.. Update: HP has released an official statement debunking Msnbc's claim that printers can be set ablaze remotely, although smouldering paper appears to still be a possibility. The link for this article located at TechSpot is no longer available. . Security analysts have raised alarms regarding the susceptibility of HP printers to various attacks, potentially creating significant fire risks.. HP Printers, Fire Risk, Custom Firmware, Security Exploit, Fire Hazards. . LinuxSecurity.com Team
Nov 30, 2011
•
Hacks/Cracks
83
data interceptionsecurity risksensitive dataRisks Of Custom Firmware Exploits On PlayStation 3 PSN Security
A document written by the hackers has clarified what they did and what privacy and security risks they believe the PlayStation 3 poses. The PS3's connection to PSN is protected by SSL. As is common to SSL implementations, the identity of the remote server is verified using a list of certificates stored on each PS3.. The credit card and other information is sent over this SSL connection. So far so good; this is all safe, and your web browser depends on the same mechanisms for online purchases. The concern raised by the hackers is that custom firmwares could subvert this system. A custom firmware can include custom certificates in its trusted list. It can also use custom DNS servers. This raises the prospect of a malicious entity operating his own proxies to snaffle sensitive data. He would distribute a custom firmware that had a certificate corresponding to his proxy, and that used a DNS server that directed PSN connections to the proxy. His proxy would decrypt the data sent to it, and then re-encrypt it and forward it to the real PSN servers.. Bespoke software poses risks to PlayStation 3 security through SSL vulnerabilities, endangering the safety of confidential information. Discover the specifics.. PlayStation Security, Custom Firmware Risks, SSL Vulnerabilities. . LinuxSecurity.com Team
Feb 18, 2011
•
Hacks/Cracks
83
device securityfirmware blockNAND lockHTC G2 Misunderstanding: Firmware Block And NAND Lock Analysis
Policy group New America has written a scathing blog entry that criticizes the HTC G2 for including a "hardware rootkit" that prevents users from installing custom firmware on the device. The report appears, however, to be based on a misunderstanding of technical issues raised in an XDA discussion thread. . The G2 isn't unique in blocking third-party firmware, and it doesn't come with anything that could correctly be described as a rootkit. In fact, the NAND write-blocking mechanism in the G2 is nearly identical to the one that HTC has included in the EVO 4G and other previous devices. Android modders say that it will eventually be cracked, just like every previous attempt by carriers and handset makers to impede third-party firmware modification. The issue of phone openness is worth exploring, but it's a lot broader and more nuanced than New America realizes. The article located at arsTechnica is no longer available. . The G2 isn't unique in blocking third-party firmware, and it doesn't come with anything that could c. policy, group, america, written, scathing, entry, criticizes. . LinuxSecurity.com Team
Oct 12, 2010
•
Hacks/Cracks
83
open sourcesecurity issueshacking newsGeoHot vs. Sony: PS3 Update Poses Risks to Linux Functionality
iPhone hacker George Hotz, aka "GeoHot," was able to finally crack the PlayStation 3... three years after the system's release. He praised the hardware for its security, but now that Sony has responded by removing the Linux capabilities of the PlayStation 3 entirely, the hacker has decided to fight back, warning gamers not to update their systems until he finds a way to keep the Other OS option on the PlayStation 3. . The problem for Sony is that GeoHot is now threatening to release custom firmware for the system, which is quite the escalation from what was previously available from the hacking community. "I never intended to touch [custom firmware], but if that's how you want to play..." Hotz wrote on his blog. Sony may have done much more harm than good with its April 1 update. The hacker speaks Hotz is skeptical about the reasons for the update. "What security concerns? It's not like the exploit can be run even close to without the users knowledge. You have to open the f**king thing up. How could this harm users?" He points out that the blog post doesn't give users any positive gains from the update, simply threatens what they'll lose if they don't. Urging gamers to wait on the update, he says he's working on a workaround that will allow you to continue to play games online as well as keep your Linux partition. The article located at arsTechnica is no longer available. . The problem for Sony is that GeoHot is now threatening to release custom firmware for the system, wh. iphone, hacker, george, 'geohot, finally, crack, playstation, three, years. . LinuxSecurity.com Team
Apr 01, 2010
•
Hacks/Cracks
74
network securityservice providerembedded systemsCustom Firmware Exposes Eavesdropping Threats in Cable Modems
A small and diverse band of hobbyists steeped in the obscure languages of embedded systems has released its own custom firmware for a popular brand of cable modem, along with a technique for loading it -- a development that's already made life easier for uncappers and service squatters, and threatens to topple long-held assumptions about the privacy of cable modem communications. The program, called Sigma, was released in its final version last month, and has reportedly been downloaded 350 to 400 times a day ever since. It's designed to be flashed into the non-volatile memory of certain models of Motorola's Surfboard line, where it runs in parallel with the device's normal functionality. It gives users almost complete control of their cable modem -- a privilege previously reserved for the service provider. . . .. A small and diverse band of hobbyists steeped in the obscure languages of embedded systems has released its own custom firmware for a popular brand of cable modem, along with a technique for loading it -- a development that's already made life easier for uncappers and service squatters, and threatens to topple long-held assumptions about the privacy of cable modem communications. The program, called Sigma, was released in its final version last month, and has reportedly been downloaded 350 to 400 times a day ever since. It's designed to be flashed into the non-volatile memory of certain models of Motorola's Surfboard line, where it runs in parallel with the device's normal functionality. It gives users almost complete control of their cable modem -- a privilege previously reserved for the service provider. The project is the work of a gang of coders called TCNiSO. With about ten active members worldwide, the group is supported by contributions from the uncapping community -- speed-hungry Internet users who rely on TCNiSO's research and free hackware to surmount the bandwidth caps imposed by service providers, usually in violation of their service agreement, if not the law. To them, Sigma is a delight,because it makes it simple to change the modem's configuration file -- the key to uncapping, and, on some systems, to getting free anonymous service using "unregistered" modems. "I've known TCNiSO for two years now and I've done a lot of things with their techniques," wrote a Canadian uncapper in an e-mail interview. "Sigma is the greatest one I've seen." While it's a boon to uncappers, the security implications of firmware hacking go beyond mere bandwidth-boosting and theft-of-service. The topography of cable modem networks typically puts between 500 and 1,000 homes in a neighborhood on the same circuit, their Internet traffic all mingled on the same co-ax cable. Subscribers are prevented from eavesdropping on their neighbors' traffic by their own modem, which is programmed to only pass packets destined for them. By building on TCNiSO's hacking technique, a malefactor could write custom code to forward all the raw network traffic to their PC. Outside security experts have generally dismissed any eavesdropping threat on modern cable systems based on a belief that cable companies are encrypting customer traffic, a capability built into all DOCSIS-certified modems since 1999. But while encryption would indeed thwart any eavesdropping attempt, in the most commonly-deployed version of the DOCSIS standard, version 1.0, the encryption option is just that -- an option, and one that's turned off by default. "The security has to be there" in the modem, says Oscar Marcia, chief security architect at for CableLabs, the industry group responsible for DOCSIS. "But the [service provider] can decide when to turn it on." And turning it on they are, Marcia says, but slowly, and in bits and pieces, even five years after the option became available. "It's kind of a gradual process... They want to make sure that they have all the kinks worked out of their system." He adds that he expects the process to accelerate as cable companies migrate to newer versions of the DOCSIS specifications, where encryption is "on" by default, insteadof off. SecurityFocus asked four U.S. cable modem service providers if they protected their customers with the encryption option. Comcast, Adelphia, and CableVision's Optimum Online declined comment; a spokesman for Time Warner's Road Runner service didn't return repeated phone calls on the question. Comcast's terms of service, however, acknowledges a risk of eavesdropping by "other subscribers," and Optimum Online's bluntly admits the company doesn't utilize encryption: "All Subscriber's ethernet traffic... will be reflected by the cable Modem in an unencrypted form onto the cable network and be subject to eavesdropping." The link for this article located at is no longer available. . A small and diverse band of hobbyists steeped in the obscure languages of embedded systems has relea. small, diverse, hobbyists, steeped, obscure, languages, embedded, systems, relea. . Anthony Pell
Feb 09, 2004
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More