Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
83
security advisoryInteldata extractionIntel: Platypus Attack Method Threatens Data Extraction
Security researchers have discovered a new attack method dubbed "Platypus" that can extract data from Intel CPUs. Intel has now released microcode updates to prevent malicious actors from exploiting the Intel RAPL mechanism with Platypus. . A team of academics has disclosed today a new attack method that can extract data from Intel CPUs. Named Platypus , an acronym for " P ower L eakage A ttacks: T argeting Y our P rotected U ser S ecrets," the attack targets the RAPL interface of Intel processors. RAPL , which stands for Running Average Power Limit, is a component that allows firmware or software applications to monitor power consumption in the CPU and DRAM. . A novel exploit technique dubbed Otter has been identified, allowing data retrieval from AMD processors, which has now been mitigated through firmware patches.. Intel Data Extraction, Platypus Attack Method, CPU Security Measures. . LinuxSecurity.com Team
Nov 11, 2020
•
Hacks/Cracks
67
document securitypdf attackdata extractionPDFex Attack: Data Exfiltration Threat to Widely Used PDF Readers
Have you heard about the new attack that German academics have developed that can extract and steal data from encrypted PDF files, sometimes without user interaction? Learn more: . Named PDFex, the new attack comes in two variations and was successfully tested against 27 desktop and web PDF viewers, including popular software such as Adobe Acrobat, Foxit Reader, Evince, Nitro, and Chrome and Firefox's built-in PDF viewers. The attack doesn't target the encryption applied to a PDF document by external software, but the encryption schemes supported by the Portable Document Format (PDF) standard, itself. The link for this article located at ZDNet is no longer available. . Uncover the techniques behind the PDFex vulnerability, which takes advantage of the encryption features in PDF documents, impacting leading systems and posing risks to sensitive information.. PDFex Attack, Data Extraction, PDF Encryption, Document Security. . LinuxSecurity.com Team
Sep 30, 2019
•
Cryptography
67
security attackdata extractioncryptographic keyChristopher Tarnovsky's Insights on TPM Attacks and Key Extraction
An American hacker has, with a great deal of effort, managed to crack a Trusted Platform Module (TPM) by Infineon. He was able to read the data stored on the TPM chip, for instance cryptographic keys (RSA, DES) such as those also used by Microsoft's BitLocker on appropriate motherboards.. TPM hardware incorporates various levels of logical as well as physical measures designed to counter a range of attacks, such as differential electromagnetic analyses (DEMA) and even physical intrusions. Once the keys are retrieved, however, an attacker can read the encrypted data stored on a hard disk without needing a password. Previously known as the smart card hacker, Christopher Tarnovsky of Flylogic Engineering has presented his work at the Black Hat DC security conference. He apparently managed to suss out a processor in the "SLE 66CLX360PE"PDF family used in the TPM. For this purpose, he extracted the actual chip from the housing in his special lab using various procedures that involved liquids and gases (a video about this is available online). The link for this article located at H Security is no longer available. . A skilled programmer showcases breaching a Hardware Security Module to retrieve digital encryption keys and access secured information.. Trusted Platform Module,Cryptographic Keys,Data Encryption,Physical Security. . LinuxSecurity.com Team
Feb 11, 2010
•
Cryptography
74
packet analysistoolsdata extractionIn-Depth Exploration of CDPSnarf for CDP Packet Analysis
CDPSnarf is a network sniffer exclusively written to extract information from CDP packets. It provides all the information a . The link for this article located at Darknet.org is no longer available. . Dive into CDPSnarf, an advanced utility for harvesting information from CDP packets, and elevate your abilities in network analysis.. CDP Tools, Packet Analysis, CDPSnarf, Network Monitoring, Data Sniffer. . Brittany Day
Apr 30, 2008
•
Network Security
82
data collectionISPdata extractionCTX's NetWitness: A Tool for ISPs to Ensure Data Compliance Safely
The Forensics Explorers division of CTX is ready to go to market with a Carnivore-like suite called NetWitness which, the company says, can enable ISPs to surrender to the Feds only those specific bits of information about a suspect which a court has authorized for collection.. . .. The Forensics Explorers division of CTX is ready to go to market with a Carnivore-like suite called NetWitness which, the company says, can enable ISPs to surrender to the Feds only those specific bits of information about a suspect which a court has authorized for collection. The NetWitness package can separate data to ensure strict, minimal compliance with a pen register or trap and trace order, and later associate the original content if a search warrant or a wiretap warrant is issued, Forensics Explorers General Manager Mark Longworth told The Register. Because Carnivore is capable of capturing far more data than a pen register or trap and trace order is meant to make available, an ISP may well prefer to install its own kit rather than trust Carnivore operators to stick to the letter of the law. . CTX's Forensics Team unveils DataGuardian, an adherent information gathering solution for internet service providers aimed at fulfilling legal inquiries from authorities.. Forensics Explorers, NetWitness, Data Collection, Compliance Tool. . Anthony Pell
Oct 02, 2001
•
Government
81
user privacyweb bugsadvertisingWeb Bugs And Tracking Devices Disrupting User Privacy Online
Piracy advocates claim that the use of sophisticated Web bug tracking devices "has grown dramatically" over the past year. More than 30 per cent of Web pages sampled during last year's Christmas season contained new generations of Web bugs that the . . . . Piracy advocates claim that the use of sophisticated Web bug tracking devices "has grown dramatically" over the past year. More than 30 per cent of Web pages sampled during last year's Christmas season contained new generations of Web bugs that the advertising industry is using to secretly track online surfers, said Richard Smith, CTO at the University of Denver's Privacy Foundation. He used a search engine and identified four million Web bugs planted by 30 vendors. Smith said he has found that bugs are planted by the Boston bank he uses for online banking, and on a hotel site offering Internet room-booking services. He said many companies aren't disclosing their use of bugs in their privacy policies, and at least one Web bug version he uncovered searches a user's computer while they are looking at the site. The link for this article located at Lexis-Nexis is no longer available. . Cybersecurity proponents argue that advanced tracking technologies have significantly escalated, affecting individual privacy rights.. Web Bugs, User Tracking, Privacy Risks, Digital Surveillance. . LinuxSecurity.com Team
Apr 16, 2001
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More