Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 8 articles for you...
74
network securitydata interceptionopen source toolWi-Fi Design Flaw Allows Data Interception on Linux and Other OS
Apple’s decision to support MAC Address Randomization across its platforms may provide some degree of protection against a newly-identified Wi-Fi flaw researchers say could let attackers hijack network traffic . iOS, Linux, and Android devices may be vulnerable. . The researchers have identified a fundamental flaw in the design of the IEEE 802.11 Wi-Fi standard attackers could exploit to trick access points (Wi-Fi base stations) into leaking information. The researchers do not claim the vulnerability is being actively exploited, but warn that it might enable the interception of network traffic. The attack exploits an inherent vulnerability in the data containers (network frames) routers rely on to move information across the network and how access points handle devices that enter power-saving mode. To achieve the attack, miscreants must forcibly disconnect the victim device before it properly connects to the network, spoof the MAC address of the device to connect to the network using the attacker’s credentials, then grab the response. The vulnerability exploits on-device power-save behavior within the Wi-Fi standard to force data to be shared in unencrypted form. The researchers have published an open source tool called MacStealer to test Wi-Fi networks for the vulnerability. . Research reveals a significant vulnerability within the Wi-Fi's IEEE 802.11 protocol, posing threats to data protection on devices running iOS, Linux, and Android systems.. Wi-Fi Flaw, IEEE 802.11, Linux Security, Network Data Threat. . Brittany Day
Apr 02, 2023
•
Network Security
81
encryptiondata interceptionmonitoringIndia Expands IT Act For Data Surveillance By Ten Agencies
On Thursday, the Indian government gave ten agencies the legal authority "to intercept, monitor or decrypt information generated, transmitted, received or stored in any computer.". The order, approved on December 20 by the Indian Ministry of Home Affairs, is an expansion of India's IT Act of 2000 and effectively gives the Indian government the legal power to snoop on all its citizens' Internet traffic, and the authority to request access to any encrypted information. The link for this article located at ZDNet is no longer available. . India broadens its IT regulations, permitting a decade of agencies to oversee and decrypt the digital communications of its populace.. Data Monitoring, Government Cyber Surveillance, Encryption Laws. . LinuxSecurity.com Team
Dec 23, 2018
•
Privacy
81
security researchdata interceptionencrypted communicationsMobily Telecom's Encrypted Data Interception Efforts for Compliance
Mobily, a Saudi Arabian telecommunications company with 4.8 million subscribers, is working on a way to intercept encrypted data sent over the Internet by Twitter, Viber, and other mobile apps, a security researcher said Monday.. Moxie Marlinspike, the pseudonymous cryptographer who has identified several security bugs in the secure sockets layer protocol used to protect website transactions, said he learned of the project after receiving an e-mail from company officials. Carrying the subject line "Solution for monitoring encrypted data on telecom," it said the project was required by "the regulator." Marlinspike believed this meant the government of Saudi Arabia.. A UAE-based telecommunications company investigates strategies to decrypt secure messages for adherence to legal standards.. Mobily Telecom, Encrypted Data, Telecom Monitoring, Encrypted Communications. . LinuxSecurity.com Team
May 14, 2013
•
Privacy
83
data interceptionsecurity risksensitive dataRisks Of Custom Firmware Exploits On PlayStation 3 PSN Security
A document written by the hackers has clarified what they did and what privacy and security risks they believe the PlayStation 3 poses. The PS3's connection to PSN is protected by SSL. As is common to SSL implementations, the identity of the remote server is verified using a list of certificates stored on each PS3.. The credit card and other information is sent over this SSL connection. So far so good; this is all safe, and your web browser depends on the same mechanisms for online purchases. The concern raised by the hackers is that custom firmwares could subvert this system. A custom firmware can include custom certificates in its trusted list. It can also use custom DNS servers. This raises the prospect of a malicious entity operating his own proxies to snaffle sensitive data. He would distribute a custom firmware that had a certificate corresponding to his proxy, and that used a DNS server that directed PSN connections to the proxy. His proxy would decrypt the data sent to it, and then re-encrypt it and forward it to the real PSN servers.. Bespoke software poses risks to PlayStation 3 security through SSL vulnerabilities, endangering the safety of confidential information. Discover the specifics.. PlayStation Security, Custom Firmware Risks, SSL Vulnerabilities. . LinuxSecurity.com Team
Feb 18, 2011
•
Hacks/Cracks
81
data interceptiondata collectionprivacy investigationFrance Investigates Google Data Collection Incident: Unsecured Wi-Fi Issues
Google intercepted passwords and email content while it was collecting unsecured Wi-Fi data from households, the French privacy watchdog has found. The search and advertising company admitted in May that its Street View cars had harvested information sent over Wi-Fi networks.. The company said it had collected "payload" data, but said it could not specify exactly what information it held, as its cars had gathered the data unintentionally. Data protection authorities in a number of countries are investigating the incident, including France's Commission nationale de l'informatique et des libert The link for this article located at ZDNet UK is no longer available. . French regulatory body discloses that Google captured passwords over open Wi-Fi networks during data collection, leading to inquiries.. Wi-Fi Security, Data Protection, Privacy Policy, Network Interception. . LinuxSecurity.com Team
Jun 22, 2010
•
Privacy
74
network monitoringweb securitydata interceptionWorking Ajax Sniffer Proof of Concept Based on Research Concepts
The original idea was discussed by Stefano Di Paola in his paper Subverting Ajax. I have simply created a working proof of concept of ajax based sniffer. I have taken the same files as I demonstrated in ajax worm PoC. . The link for this article located at Anurag Agarwal is no longer available. . Unveil a prototype Ajax interceptor that highlights network analysis inspired by Stefano Di Paola's innovative concepts.. ajax sniffer, web security, network monitoring, proof of concept, data interception. . Benjamin D. Thomas
Jan 18, 2007
•
Network Security
81
data interceptionemail privacywiretap lawsCourt Of Appeals E-Mail Provider Ruling Affects User Privacy Rights
LS: This story certainly appears at first glance to be a case of the court making a mind-numbingly stupid decision. However, the issues here are more subtle than they might first appear. The real issue is not that anyone thinks that email should not have privacy from random third parties, but rather that the law should be read to mean what it actually says. It can well be considered dangerous to allow arbitrary enforcement of laws in line with what they "should" have said, as opposed to what they do say. The best way to fix this is for wiretap privacy laws to be expanded to fit the modern age. Fortunately, if a bill preventing third parties from randomly reading each other's emails were brought before Congress, its hard to imagine that anyone would dare allow the record to show that they voted 'nay', so this situation seems fixable. . . .. E-mail privacy suffered a serious setback on Tuesday when a court of appeals ruled that an e-mail provider did not break the law in reading his customers' communications without their consent. The First Court of Appeals in Massachusetts ruled that Bradford C. Councilman did not violate criminal wiretap laws when he surreptitiously copied and read the mail of his customers in order to monitor their transactions. Councilman, owner of a website selling rare and out-of-print books, offered book-dealer customers e-mail accounts through his site. But unknown to those customers, Councilman installed code that intercepted and copied any e-mail that came to them from his competitor, Amazon.com. Although Councilman did not prevent the mail from reaching recipients, he read thousands of copied messages in order to know what books customers were seeking and gain a commercial advantage over Amazon. The link for this article located at wired.com is no longer available. . E-mail privacy suffered a serious setback on Tuesday when a court of appeals ruled that an e-mail pr. story, certainly, appears, first, glance, court, making, mind-numbingly. . LinuxSecurity.com Team
Jul 01, 2004
•
Privacy
81
data interceptionprivacy concernsISP regulationsUK ISPs Face Data Interception Requirement Amid Legislative Concerns
From 1 August, ISPs in the UK will be required to be able to intercept your data. Yet the Home Office has failed to explain how they will be reimbursed. And the rules mean that criminals will easily be able to . . . . From 1 August, ISPs in the UK will be required to be able to intercept your data. Yet the Home Office has failed to explain how they will be reimbursed. And the rules mean that criminals will easily be able to avoid interception ISPs across the UK will have to start intercepting and storing electronic communications including emails, faxes and Web surfing data from 1 August, but there still appear to be glaring loopholes in the legislation. The link for this article located at ZDNet.co.uk is no longer available. . From 1 August, ISPs in the UK will be required to be able to intercept your data. Yet the Home Offic. august, required, intercept, offic. . LinuxSecurity.com Team
Jul 10, 2002
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More