Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 6 articles for you...
82
IT solutionsdata controlopen-source softwareSchleswig-Holstein Transitions To Open-Source for Enhanced Data Control
The German state, Schleswig-Holstein, has decided to move away from proprietary software, such as Windows and Office, to open-source alternatives , including Linux and LibreOffice . The move is motivated by the need to "ensure that their data is kept safe with us, and we must ensure that we are always in control of the IT solutions we use and that we can act independently as a state," as stated by Dirk Schrödter, the digitalization minister for Schleswig-Holstein. . What Are the Motives & Implications of This Decision? One interesting point to note is the reason behind the decision. It is not based on technical superiority but on the need to achieve "digital sovereignty," which means protecting citizens' data from foreign companies and enabling European tech companies to compete with their American and Chinese rivals. This raises some critical questions for infosec professionals and IT managers, such as how much control we have over our data and how we can ensure that it's not being used for nefarious purposes by third parties. Another intriguing point is the state's plan to replace Microsoft Office with LibreOffice, Windows with a yet-to-be-determined Linux desktop distro, and other Microsoft-specific programs with open-source equivalents. This indicates a growing trend towards open-source, cost-effective, secure solutions allowing seamless collaboration between different systems. However, this move away from proprietary software could have profound implications for businesses and governments that rely heavily on Microsoft's products. As Microsoft is trying to meet the EU's digital sovereignty requirements, some may argue that switching to open-source solutions is unnecessary and costly. It's also important to consider the impact on the workforce and how it would affect their productivity and user experience. This highlights the increasing importance of open-source solutions and their critical role in ensuring digital sovereignty for Linux admins and other sysadmins. It also reminds us ofthe importance of data ownership and control for individuals and organizations. Our Final Thoughts on the German State's Decision We support and commend the German state's decision to move away from proprietary software and towards open-source solutions. While this move is motivated by the need to achieve digital sovereignty and control over data, it raises crucial questions about the impact on businesses and the workforce. It reminds IT professionals of the importance of open-source solutions in ensuring data security and sovereignty and their critical role in modern IT infrastructures. . Schleswig-Holstein's shift to open-source software marks progress in data management, enhancing control, security, and cost efficiency while fostering local tech ecosystems. Schleswig-Holstein Germany, Open Source Software, Digital Sovereignty, Linux Transition, IT Solutions. . Brittany Day
Apr 05, 2024
•
Government
82
data controlISP regulationsgovernment surveillanceNew Russian Sovereign Internet Law Fuels Control and Surveillance Concerns
The Russian government calls it the “sovereign internet” law and from 1 November it compels the country’s ISPs to forward all data arriving and departing from their networks through special gateway servers. What are your thoughts on this new form of government surveillance? Let's have a discussion. Learn more in a great Naked Security article: . Promoted since 2018 , from the government’s point of view the sovereign internet is a way of protecting the country from the bad stuff the internet – or other countries – might throw at it. To its critics, Runet, as it’s also known, is a straight power grab by a government obsessed with the idea of control, surveillance and censorship of its population. The link for this article located at Naked Security is no longer available. . The national internet regulation aims to manage information exchange within China, prompting worries about privacy breaches and potential limitations on free speech.. Russian Internet Law, Data Control, ISP Regulations, Surveillance Policies, Internet Governance. . Brittany Day
Nov 04, 2019
•
Government
82
cyber lawinternet regulationsuser privacyVietnam's New Cyber Law Affects Free Speech and Data Control
The Vietnamese government has passed a sweeping new cybersecurity law which critics claim will help the one-party state continue to crack down on free speech.. The law will force internet companies like Facebook and Google to open offices in the country, store data on users locally and allow access to that data at the request of the authorities. The link for this article located at InfoSecurity is no longer available. . Vietnam's recent legislation on cybersecurity enforces stringent regulations on digital companies and poses risks to freedom of expression across the nation.. Vietnam Cyber Law, Data Privacy, Cybersecurity Regulations. . Brittany Day
Jan 02, 2019
•
Government
82
data protectionprivacy lawdata controlCalifornia Legislation: Unprecedented Data Control and User Rights
Lawmakers in California have introduced a sweeping privacy bill to the state legislature that would give Californians unprecedented control over their data and rein in the power of their Silicon Valley neighbors.. Introduced by State Assembly member Ed Chau and state senator Robert Hertzberg, the bill would allow California residents to find out what information businesses and data brokers collect about them, where that information comes from, and how it's shared. It would give people the power to ask for their data to be deleted and to order businesses to stop selling their personal information. It places limits on selling data on users younger than 16 years of age, and prohibits businesses from denying service to users for exercising their rights under the bill. The link for this article located at Wired is no longer available. . Texas announces a legislation aimed at enhancing consumer security, empowering citizens to manage their information and restricting corporate usage.. California Data Control, Privacy Rights, User Information, Data Management. . Brittany Day
Jun 25, 2018
•
Government
76
privacydata controlonline privacySXSWi 2023: Danah Boyd Addresses Privacy Concerns in Social Media
Privacy is not dead in the era of online social networking. It just needs careful curation. That was the message Saturday from Danah Boyd, a social-media expert who works for Microsoft Research and who was Saturday's keynote speaker at the South by Southwest Interactive (SXSWi) festival here. . Boyd is one of the original social-media researchers, having spent years studying the dynamics of how systems like MySpace and Facebook impact teens and youth culture, and how that culture is impacting such services. But she also has demonstrated over the years a keen sense of how people across all age groups use social networks, and her talk touched on many different communities. To begin with, she said, privacy is by no means dead. "People care very much about privacy, no matter how old they are," Boyd said. "The challenge is that what privacy means may not be what you think...Fundamentally, it's about having control over how information flows...When people feel they don't have control over their environment or their setting, they feel as though their privacy has been violated. And they cry foul." To begin with, Boyd used the recent Google Buzz debacle as an example of how people of all stripes demonstrated that they care deeply about their privacy. She explained that while there was nothing technically wrong with the way Google's new social-networking system integrated with Gmail, it nonetheless resulted in a PR nightmare for the search giant because "they made nontechnical mistakes that ended up in social disruption." The link for this article located at CNET is no longer available. . Data protection remains crucial in online communities; it requires thoughtful management as emphasized by specialist Danah Boyd.. Social Media Privacy Control, Information Flow, Online Networking, User Dynamics. . Alex
Mar 22, 2010
•
Organizations/Events
81
user privacydata controlprivacy managementTake Charge of Your Data Management Through Google Dashboard Now
Ever wonder exactly what Google knows about you? Google today took a step to help answer that question with the unveiling of Google Dashboard, which is designed to let users see and control the copious amounts of data that Google has stored in its servers about them.. "Over the past 11 years, Google has focused on building innovative products for our users. Today, with hundreds of millions of people using those products around the world, we are very aware of the trust that you have placed in us, and our responsibility to protect your privacy and data," said Google in a blog post today. "In an effort to provide you with greater transparency and control over their own data, we've built the Google Dashboard." The link for this article located at Network World is no longer available. . Uncover the ways in which the Google Control Center allows you to monitor and handle the information that Google has gathered regarding your activities. Enhance your privacy management!. Google Dashboard, Data Control, Privacy Management. . LinuxSecurity.com Team
Nov 09, 2009
•
Privacy
67
encryptionsecurity issuesdigital rights managementUnderstanding Encryption Limitations In Digital Rights Management
Now let’s be clear right from the start that if you want to have any kind of control over the content of an electronic document you have first of all got to use encryption. But encryption is only the start of implementing a DRM service. Poorly packaged encryption, badly thought out licensing, integration that exposes weaknesses in the packaging of the method for displaying the document, are all ways in which even the most powerful encryption system can be made useless. And, of course, there is the very important question about what is actually encrypted, and what, if anything, is not. . The link for this article located at InfoSecWriters is no longer available. . Encryption is crucial for Digital Rights Management (DRM) but has limitations that can reduce its effectiveness, often hinging on key management practices.. Data Protection, Digital Rights Management, Encryption Techniques. . LinuxSecurity.com Team
Dec 09, 2005
•
Cryptography
81
data controlprivacy policyuser trustConcerns Over Google Gmail Privacy Affecting Usage in Enterprises
Another obstacle to Google's ascendancy is the company's own privacy and usage policies: "All this assumes that people will trust Google with their data, of course. That's yet to be proven," Sullivan said. Even though the Gmail is not yet available, "consumer watchdogs are attacking it as a creepy invasion of privacy that threatens to set a troubling precedent," the AP wrote. Critics are pressuring Google to "drop its plans to electronically scan e-mail content so it can distribute relevant ads alongside incoming messages." Another policy being criticized permits Google to retain copies of people's e-mails even after the users' close their accounts. . . .. Another obstacle to Google's ascendancy is the company's own privacy and usage policies: "All this assumes that people will trust Google with their data, of course. That's yet to be proven," Sullivan said. Even though the Gmail is not yet available, "consumer watchdogs are attacking it as a creepy invasion of privacy that threatens to set a troubling precedent," the AP wrote. Critics are pressuring Google to "drop its plans to electronically scan e-mail content so it can distribute relevant ads alongside incoming messages." Another policy being criticized permits Google to retain copies of people's e-mails even after the users' close their accounts. Gartner recommended that enterprises avoid using Gmail for the same reason Gartner recommends enterprises avoid all web-based e-mail services: the service isn't under the enterprise's control. "Enterprises should steer clear of Gmail, and all other free Web-based mail services, the Gartner analysts added, because they lack the kind of management tools and security demanded by business." John Gilmore, co-founder of the Electronic Frontier Foundation warned that Google's proposed Gmail terms of service don't just "restate the law. They sweep it aside.... You agree to accept any future changes to the terms or policies. Any. If you don't agree NOW to all future changes, you can't ever use the service, even now underthe current terms." Google can investigate your use of the service and access and disclose your information in compliance with any government request, no subpoena or court order necessary, Gilmore said. Users, meanwhile, are forbidden from extracting copies of their own e-mail from the service, he said. The link for this article located at linuxpipeline.com is no longer available. . Tech giants encounter hurdles in consumer confidence and data security, with experts cautioning against the use of Google Docs for enterprise solutions.. Privacy Policies, Data Security, Cloud Solutions, Enterprise Email, Google Gmail. . LinuxSecurity.com Team
Apr 13, 2004
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More