Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 5 articles for you...
81
storage securityauthentication flawinternet exposureExposed iSCSI Storage Clusters Present Major Data Breach Threats
Over 13,000 iSCSI storage clusters are currently accessible via the internet after their respective owners forgot to enable authentication. . This misconfiguration has the risk of causing serious harm to devices' owners, as cyber-criminal groups could access these internet-accessible hard drives (storage disk arrays and NAS devices) to replace legitimate files with malware, insert backdoors inside backups, or steal company information stored on the unprotected devices. The link for this article located at ZDNet is no longer available. . More than 12,000 open SMB file shares can be found on the internet, posing a threat of unapproved access and possible information leaks.. iSCSI Access Risk, Storage Cluster Security, Internet Vulnerability. . LinuxSecurity.com Team
Apr 02, 2019
•
Privacy
81
data protectioncorporate securitycomplianceUnderstanding GDPR Compliance Impact on Global Companies
For many companies, GDPR has become a four-letter acronym. The European Union's new General Data Protection Rule – which applies to virtually any kind of data that can be used to identify a person – goes into effect May 25. And companies around the world are rushing to make sure they're in compliance, or at least can demonstrate that they're hard at work trying to meet the EU demands. . GDPR is designed to protect personal privacy, (hopefully) make companies more secure from data breaches and force them to get their collective hands around all the data they collect, use and distribute.. Firms around the globe strive to adhere to CCPA guidelines, aiming to protect individual privacy and bolster data defenses against unauthorized access.. GDPR Compliance, Data Privacy Regulation, Corporate Security. . LinuxSecurity.com Team
May 20, 2018
•
Privacy
74
data backupdisaster recoverycloud securityCloud Security Concerns Delay Firms From Using Cloud For Backup
BLACK BOX CLOUD DEPLOYMENTS are being shunned by firms looking to backup data due to security concerns. Cloud deployments, which have gained popularity in the past five years through the promise of accessing seemingly unlimited resources conjured up out of thin air, are being shunned for use as redundant storage due to fears about data security. . Talking to The INQUIRER, Bob Roudebush, VP of marketing at Neverfail, said that "worries of having data in other datacentres is why cloud adoption is not higher, even for disaster recovery". In recent months there have been several data breaches on cloud deployed services and Neverfail, which works with firms to harden operations against failure, said that customers are still wary of clouds. Roudebush said "the cloud sounds ideal for disaster recovery" but that one of the big issues with backing up data is to "ensure the security of data in more than one location". The link for this article located at The Inquirer is no longer available. . Worries about the security of data kept in cloud platforms discourage organizations from leveraging cloud solutions for backup and business continuity.. Cloud Security Solutions, Data Backup Strategies, Disaster Recovery Planning, Cloud Data Breaches. . Anthony Pell
Jul 20, 2011
•
Network Security
83
threat analysiscybercrimecybersecurityMan-in-the-Browser Threats: Risks to Corporate Networks and Data Security
Cybercriminals are increasingly targeting the information assets of some of the world's most well-known organizations, according to the findings of a recent global study by McAfee and Science Applications International Corp. (SAIC) entitled "Underground Economies: Intellectual Capital and Sensitive Corporate Data Now the Latest Cybercrime Currency.". With firewalls, antivirus and other security mechanisms protecting corporate networks, how do attackers manage to penetrate enterprise computer systems? Simply by exploiting the weakest link in the security chain. One of the newest methods is tunneling in via employees' browsers using an attack known as "Man-in-the-Browser" (MitB). The link for this article located at Network World is no longer available. . Explore the ways in which Man-in-the-Middle threats breach business environments and compromise confidential information.. Man-in-the-Browser, cybersecurity threats, corporate data security, employee risk, enterprise protection. . LinuxSecurity.com Team
Mar 31, 2011
•
Hacks/Cracks
77
security practicesdatabase securitysecurity challengesTop Five Database Security Risks Identified by IOUG Survey
Though database security best practices have circulated the conference circuit for years now and existing database security tools are now mature, today's typical enterprise is still far behind in shoring up its most sensitive stores of data. . In fact, the Independent Oracle Users Group's (IOUG) recently released data security survey findings are enough to open the eyes of anyone who has ever read news reports about embarrassing data breaches and wondered if his company could be breached next time. Taking a look at the results, it's clear that most organizations today are still running database security by the seats of their pants. The vast majority of organizations do not monitor their databases at all, or do so in an ad hoc fashion. Even more troubling, most enterprises don't even know where their sensitive data resides -- with many administrators admitting in the survey that they are not sure of all of the databases that contain sensitive information. The link for this article located at Dark Reading is no longer available. . The IOUG survey reveals critical insights on why database security issues persist in enterprises, primarily due to insufficient employee training and awareness. Database Protection, Enterprise Risks, Security Monitoring. . LinuxSecurity.com Team
Sep 27, 2010
•
Server Security
83
data protectionsecurity researchattack techniquesExploring Full-Disk Encryption Risks with the Evil Maid Attack
Full-disk encryption is often heralded as a panacea to the huge problems of data breaches and laptop thefts, and with good reason. Making the data on a laptop or other device unreadable makes the machine far less attractive or valuable to a thief. However, researchers are showing that this solution has its share of weaknesses, too.. Joanna Rutkowska, a well-known security researcher known mostly for her work on low-level rootkits and virtualization, has published a tool that enables an attacker to boot a protected laptop from a USB drive, record the encryption tool's passphrase and then decrypt its contents without trouble. Known as Evil Maid, Rutkowska said the attack is simple enough to be pulled off by a hotel housekeeper and is effective against TrueCrypt. The attack works like this: A laptop user, even one who is paranoid enough to power down his encrypted machine, leaves it alone for a few minutes. An attacker inserts the USB drive containing Evil Maid into the laptop and boots the machine from the USB drive. The tool installs a sniffer on the laptop, which will then log the encryption passphrase the next time the user enters it. The passphrase can be stored on the disk and then recovered by the attacker later. The link for this article located at Threat Post is no longer available. . Joanna Rutkowska, a well-known security researcher known mostly for her work on low-level rootkits a. full-disk, encryption, often, heralded, panacea, problems, breaches, laptop. . LinuxSecurity.com Team
Oct 20, 2009
•
Hacks/Cracks
81
consumer protectionidentity theftfraud9.9 Million Identity Theft Victims in America: $48 Billion Impact
A staggering 27.3 million Americans have been victims of identity theft in the last five years, according to Federal Trade Commission survey out this week. In the last year alone, 9.9 million people have had their identity purloined. Identity theft . . . . A staggering 27.3 million Americans have been victims of identity theft in the last five years, according to Federal Trade Commission survey out this week. In the last year alone, 9.9 million people have had their identity purloined. Identity theft cost businesses and financial institutions nearly $48 billion and consumer victims reported $5 billion in out-of-pocket expenses last year, according to the FTC. "Identity theft is affecting millions of consumers and costing billions of dollars," said Howard Beales, Director of the FTC's Bureau of Consumer Protection. "This information can serve to galvanize federal, state, and local law enforcers, the business community, and consumers to work together to combat this menace." The survey was released in the wake of the formation of an industry coalition to fight online identity theft (involving leading financial services, IT and e-commerce companies) earlier this week. Microsoft Corp, eBay, Amazon.com and Visa are among founder members of the Coalition on Online Identity Theft. . Over the last half-decade, approximately 30.2 million individuals in the U.S. experienced compromises of their personal data, significantly impacting the nation.. Identity Theft, Consumer Protection, Cyber Safety, Fraud Issues, Online Security. . LinuxSecurity.com Team
Sep 09, 2003
•
Privacy
74
insider threatcyber risksIT operationsMitigating Insider Risks in IT Operations and Cybersecurity Measures
The biggest single threat to your IT operation is someone you probably know by name. Think about it. Who knows better how to penetrate your systems--a hacker or someone down the hall who already has access to your systems? . . .. The biggest single threat to your IT operation is someone you probably know by name. Think about it. Who knows better how to penetrate your systems--a hacker or someone down the hall who already has access to your systems? IT departments' employees, especially administrators, have access to the organisation's most confidential and valuable data, yet IT managers continue to focus most of their security resources on patching systems and building better firewalls (both of which are certainly important). Perhaps this is because they are afraid to acknowledge the real threat of an insider attack, or perhaps it's because they don't know how to deal with it. We're going to take a closer look at this problem and provide some suggestions. The link for this article located at TechRepublic.co.uk is no longer available. . The biggest single threat to your IT operation is someone you probably know by name. Think about it.. biggest, single, threat, operation, someone, probably, think, about. . Anthony Pell
Apr 03, 2002
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More