Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 17 articles for you...
67
security analysisdigital certificatecryptographic systemGPG Collision Attack Calls For SHA-1 Phase-Out To Prevent Forgery
New research has heightened an already urgent call to abandon SHA-1, a cryptographic algorithm still used in many popular online services. A new, powerful GPG collision attack on the system which could enable attackers to fake digital certificates has been discovered. . In a paper called SHA-1 is a Shambles , researchers Gaëtan Leurent and Thomas Peyrin have demonstrated a new, powerful attack on the system that could enable attackers to fake digital certificates for as little as $45,000. Leurent, from INRIA in France, and Peyrin, from the Nanyan Technological University in Singapore, demonstrated their attack by creating a fake digital certificate using the GNU Privacy Guard (GPG or GnuPG) system. The link for this article located at Naked Security is no longer available. . Recent analyses underscore the urgent need to eliminate SHA-1, given that GPG collision exploits allow for the creation of fraudulent digital certificates.. GPG Attack, SHA-1 Security Risks, Cryptographic Analysis, Digital Certificate Issues. . LinuxSecurity.com Team
Jan 13, 2020
•
Cryptography
81
encryptionweb securityopen sourceLet's Encrypt: Free Digital Certificate Introduces Enhanced Web Security
. . Explore how Let's Encrypt launched its first free digital certificate, enhancing web security for sites.. Lets Encrypt, Free Digital Certificate, Open Source Security, Web Encryption. . LinuxSecurity.com Team
Sep 16, 2015
•
Privacy
67
data encryptiondigital certificatessl certificateUnderstanding Digital Certificates for SSL/TLS Security
Let. Digital certificates are used to encrypt data traffic between a computer and a server using SSL/TLS (Secure Sockets Layer/Transport Layer Security) and for checking that a website isn. Digital certificates are used to encrypt data traffic between a computer and a server using SSL/TLS . digital, certificates, encrypt, traffic, between, computer, server, using. . LinuxSecurity.com Team
Jun 17, 2015
•
Cryptography
82
security advisorycyber threatcertificate authorityGoogle Identifies Unapproved Digital Certificates by Indian NIC
Google has identified and blocked unauthorized digital certificates for a number of its domains issued by the National Informatics Centre (NIC) of India, a unit of India. National Informatics Center (NIC) holds several intermediate Certification Authority (CA) certs trusted by the Indian government The link for this article located at The Hacker News is no longer available. . National Informatics Center (NIC) holds several intermediate Certification Authority (CA) certs trus. google, identified, blocked, unauthorized, digital, certificates, number, domains. . Alex
Jul 10, 2014
•
Government
83
security advisorymalwareserver compromiseAdobe Security Advisory: Malware Threat from Compromised Certificates
The ongoing security saga involving digital certificates got a new and disturbing wrinkle on Thursday when software giant Adobe announced that attackers breached its code-signing system and used it to sign their malware with a valid digital certificate from Adobe.. Adobe said the attackers signed at least two malicious utility programs with the valid Adobe certificate. The company traced the problem to a compromised build server that had the ability get code approved from the company The link for this article located at Wired is no longer available. . Cybercriminals infiltrated Microsoft’s software certification framework, allowing them to digitally endorse harmful applications, prompting alarm in the cybersecurity community.. Adobe Security Breach, Malware Signing, Digital Certificate Issues. . LinuxSecurity.com Team
Sep 28, 2012
•
Hacks/Cracks
67
malwarecyber threatsecurity analysisAnalysis of Mediyes Malware and Conpavi AG Certificate Key Theft
When Kaspersky Lab last week spotted code-signed Trojan malware dubbed Mediyes that had been signed with a digital certificate owned by Swiss firm Conpavi AG and issued by Symantec, it touched off a hunt to determine the source of the problem. . The answer, says Symantec's website security services (based on the VeriSign certificate and authentication services acquisition), is that somehow the private encryption key associated with Conpavi AG certificate had been stolen. The link for this article located at Network World is no longer available. . Examine the breach involving a stolen confidential encryption key associated with a vulnerable digital certificate, revealing significant vulnerabilities in the security framework.. Mediyes Malware, Certification Disclosure, Key Compromise, Cyber Threats. . LinuxSecurity.com Team
Mar 19, 2012
•
Cryptography
67
security advisoryspywaredigital certificateTrustwave: Subordinate Root Certificate Raises SSL Security Issues
Digital Certificate Authority (CA) Trustwave revealed that it has issued a digital certificate that enabled an unnamed private company to spy on SSL-protected connections within its corporate network, an action that prompted the Mozilla community to debate whether the CA's root certificate should be removed from Firefox. . The certificate issued by Trustwave is known as a subordinate root and enabled its owner to sign digital certificates for virtually any domain on the Internet. The certificate was to be used within a private network within a data loss prevention system, Trustwave said in a blog post on Saturday. The link for this article located at InfoWorld is no longer available. . Trustwave has revealed a subordinate root certificate that poses SSL security issues in Firefox.. Trustwave Digital Certificate, SSL Security, Certificate Authority Issues. . LinuxSecurity.com Team
Feb 08, 2012
•
Cryptography
67
cybersecurityweb securitysecurity breachTrustworthiness of Digital Certificates Compromised by Security Breach
The keepers of the Internet have become acutely concerned about the Web's core trustworthiness. Hackers cracked three companies that work with the most popular Web browsers to ensure the authenticity of Web pages where consumers type in sensitive information, such as account log-ons, credit card numbers and personal data.. The hacked firms are among more than 650 digital certificate authorities, or CAs, worldwide that ensure that Web pages are the real deal when served up by Microsoft's Internet Explorer, Firefox, Opera, Apple's Safari and Google's Chrome. The link for this article located at USA Today is no longer available. . Digital certificate authorities (CAs) are vital for secure internet communications. Their compromise can lead to fraudulent certificates, posing significant security risks. Digital Certificates, Web Trust Issues, Cybersecurity Threats. . LinuxSecurity.com Team
Sep 28, 2011
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More