Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 11 articles for you...
81
encryptioncybersecuritynetworkingExperts Warn Against DNS-Over-HTTPS And Recommend DNS-Over-TLS
Several experts, companies, and national entities have voiced very convincing concerns about DoH and its features. What is your opinion on DoH? . The DNS-over-HTTPS (DoH) protocol is not the privacy panacea that many have been advocating in recent months. If we are to listen to networking and cybersecurity experts, the protocol is somewhat useless and causes more problems than it fixes, and criticism has been mounting against DoH and those promoting it as a viable privacy-preserving method. The TL;DR is that most experts think DoH is not good, and people should be focusing their efforts on implementing better ways to encrypt DNS traffic -- such as DNS-over-TLS -- rather than DoH. The link for this article located at ZDNet is no longer available. . The DNS-over-HTTPS (DoH) protocol is not the privacy panacea that many have been advocating in recen. experts, companies, national, entities, voiced, convincing, concerns, about. . LinuxSecurity.com Team
Oct 07, 2019
•
Privacy
77
security advisorymalware riskdnsNCSC Security Advisory: DNS Hijacking Attacks on Home Routers
Have you heard that the NCSC has warned about DNS hijacking threats focusing on home routers? These attacks aim to modify the settings on home routers, potentially via cross-site request forgery (CSRF) web-based attacks, so that they use rogue DNS servers. The end goal is to secretly redirect the user to a phishing page or one capable of installing malware on their machine. . The UK’s National Cyber Security Centre (NCSC) has issued a warning about DNS hijacking threats, as reports emerge of widespread attacks in Brazil affecting 180,000 users. The NCSC posted the advisory on Friday as a follow-up to one issued in January. DNS hijacking attackers typically take control of an authoritative DNS server, change the entries stored there and in so doing covertly redirect users to servers under their control, in a Man in the Middle attack. The link for this article located at InfoSecurity is no longer available. . The UK’s Cyber Security Agency (NCSA) alerts users to potential DNS spoofing risks affecting residential routers, stressing the vulnerabilities involved.. DNS Hijacking, Home Router Attack, NCSC Security Alert, Cybersecurity Threats, Malware Redirection. . LinuxSecurity.com Team
Jul 16, 2019
•
Server Security
74
security advisorythreatmalwareInternet Systems Consortium Offline Due To Malware Threat
The Internet Systems Consortium website is offline today after the non-profit domain name service maintainer announced its website had possibly become infected with malware.. The ISC, as it is commonly known, is perhaps best known as the developers of BIND, the most widely used DNS software on the Internet. However, the group also maintains the F-root server, one of the Internet The link for this article located at ThreatPost is no longer available. . The XYZ portal is currently down because of a cyberattack, disrupting its web services around the world.. Internet Systems, DNS Security, Malware Alert. . Alex
Dec 30, 2014
•
Network Security
79
dns attackinternet securitysecurity measureEnhance Internet Security With DNSSec To Combat DNS Attacks
DNS without DNSSec (DNS Security Extensions) is not secure. It's that simple.. As an example, a recent interview with a successful black-hat hacker included the following quote: "They patch SQL but choose a DNS that is vulnerable to DNS cache poisoning. You can break in and be gone within an hour." DNSSec prevents not just DNS cache poisoning, but a host of other DNS hacking attacks. The link for this article located at InfoWorld is no longer available. . Boost your online security by implementing DNSSec to thwart DNS tampering threats and cache corruption.. DNSSec Protection, DNS Attacks, Internet Security. . LinuxSecurity.com Team
Jun 11, 2013
•
Security Projects
83
security advisorysecurity enhancementcache poisoningDNS Security Enhancement: Significant DNSSec Deployment Against Attacks
The typical end-of-year security story generally involves a looming cyber threat or yet another major misstep by Microsoft. Well, there's good news on the security front this year -- and, like our other picks, it's gone largely unnoticed. A major hole in security has been plugged with the full deployment of Domain Name System Security Extensions (DNSSec) at the Internet's authoritative root zone. . (InfoWorld awarded one of the main drivers of fixing the flaw in its CTO 25 awards earlier this year, but little has been said since.) The extensions will make it much more difficult for black hats to engage in cache poisoning, an attack that strikes at the fundamental nature of the Internet. "If you can't trust your DNS server, you can't trust anything," says Paul Smith, a senior analyst for Symantec's Hosted Services division. The link for this article located at Network World is no longer available. . Significant vulnerability in DNS addressed through DNSSec implementation, improving online safety against cache poisoning exploits.. DNSSec Deployment, Internet Security Enhancement, Cyber Threat Mitigation. . LinuxSecurity.com Team
Dec 31, 2010
•
Hacks/Cracks
77
security advisorycybersecurityinternet threatsImprove DNS Security: Best Practices for Implementing DNSSEC
The Domain Name System (DNS) plays a critical part in Internet communications, as it's used to translate a human-readable computer hostname into an IP address -- such as searchsecurity.co.uk to 65.214.43.49 -- so that it can be understood and used by networking equipment, computers and software programs. . It's the world's largest distributed database, but when it was originally designed back in 1984, scalability and availability were the key goals and little attention was given to security. This lack of security has lead to a series of DNS-related vulnerabilities. For example, if attackers can change your DNS zone data -- the DNS namespace for which you're administratively responsible -- they can set up counterfeit Web servers, or cause email to be redirected to other servers. Cybercriminals are increasingly using false DNS servers to intercept legitimate Web addresses and redirect users to fake sites in order to capture personal information or install malware. A fix for the critical shortcomings of DNS server security has been a long time coming, in large part due to the problem of maintaining backwards compatibility. But Domain Name System Security Extensions (DNSSEC) has finally been rolled out, and this new security layer is a major step towards a more secure Web address The link for this article located at Search Security is no longer available. . Explore DNS security and the essential role of DNSSEC in fighting internet threats, enhancing the integrity of DNS data and boosting overall cybersecurity.. Dns Security,Dnssec Implementation,Internet Threats,Network Security,Cybersecurity Best Practices. . LinuxSecurity.com Team
Oct 18, 2010
•
Server Security
74
digital signaturecache poisoningdnsNominet Begins DNSSEC Implementation for .uk Domain Protection
Nominet, the U.K.'s domain name registry, will begin implementing a security protocol on Monday designed to protect the DNS (Domain Name System). The system, called DNS Security Extensions (DNSSEC), uses public key cryptography to digitally "sign" the DNS records for Web sites. It is designed to stop attacks such as cache poisoning, where a DNS server is hacked, making it possible for a user to type in the correct Web site name but be directed to a fake Web site.. In 2008, security researcher Dan Kaminsky showed it was possible to poison a cache in just a few seconds with a special kind of attack. Almost every organization running a DNS server have deployed a patch, but DNSSEC is a long-term fix. Nominet will begin signing the ".uk" top-level domain beginning Monday, a process which will conclude a week later, said Simon McCalla, director of IT at the registry. Interestingly, there are just a little over a dozen Web sites that use ".uk" since a decision was made more than a decade ago to close off registrations, he said. Much more common are second-level domains, such as ".co.uk" and ".org.uk," among others. The link for this article located at IT World is no longer available. . Nominet is introducing DNS Security Extensions aimed at bolstering defenses against threats such as DNS spoofing.. DNS Security,Nominet,DNSSEC,Domain Security,Cache Poisoning. . Alex
Feb 26, 2010
•
Network Security
79
open sourceinternet safetydnsEnhancing Security With OpenDNSSEC for Automated DNSSEC Implementation
Very cool. It would be really nice to see a review of this project, and follow it as it progresses. Is anyone interested in reviewing it and letting us know how you make out? A group of developers has released open-source software that gives administrators a hand in making the Internet's addressing system less vulnerable to hackers. . The software, called OpenDNSSEC, automates many tasks associated with implementing DNSSEC (Domain Name System Security Extensions), which is a set a set of protocols that allows DNS (Domain Name System) records to carry a digital signature, said John A. Dickinson, a DNS consultant working on the project. The link for this article located at Network World is no longer available. . DNSCurve integrates cryptography with DNS, providing protection against eavesdropping and manipulation.. OpenDNSSEC,DNS Security,Security Automation,DNS Protection,Internet Safety. . LinuxSecurity.com Team
Jul 30, 2009
•
Security Projects
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More