Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 6 articles for you...
82
threatmalwaregovernmentAPT36 Threatens Indian Government Agencies with Custom Malware
APT36 is a highly sophisticated APT (Advanced Persistent Threat) group known for conducting targeted espionage in South Asia and is strongly linked to Pakistan. . While this APT group is known for targeting the following Indian sectors: Government Defense Education Since 2013, this APT group has been active, and to conduct cyber espionage, it uses the following methods:- Credential harvesting Malware distribution Here below, we have mentioned the resources used by APT36:- Custom-built remote administration tools targeting Windows Lightweight Python-compiled cyber espionage tools serving specific purposes targeting Windows and Linux Weaponized open-source C2 frameworks like Mythic Trojanized installers of Indian government applications like KAVACH multi-factor authentication Trojanized Android apps Credential phishing sites targeting Indian government officials Zscaler analysts dubbed the Windows backdoor used by APT36 ‘ElizaRAT,’ because of unique strings in observed C2 commands. The link for this article located at CyberSecurity News is no longer available. . APT36 utilizes tailored malicious software targeting Indian governmental divisions such as education and defense, representing significant risks.. APT36,CyberEspionage,GovernmentMalware,EducationSecurity,DefenseAttacks. . Brittany Day
Sep 16, 2023
•
Government
209
security practicesopen sourcesoftware developmentImportance of Teaching Secure Software Development Practices
Addressing a decades-old deficiency in coding curriculums could have a profound effect on the security of the software supply chain, a leading expert on the subject tells The Daily Swig . . In particular, David A Wheeler, director of open source supply chain security at the Linux Foundation, draws a link between a failure to incorporate security into entry-level developer courses and the vast majority of vulnerabilities belonging to a small number of common bug classes. The IT PhD and Certified Information Systems Security Professional (CISSP) also moonlights as adjunct professor of computer science at Virginia’s George Mason University, and in 2020 concluded a 33-year spell at the US Institute for Defense Analyses. . Focusing on cybersecurity within programming education may strengthen the integrity of software supply chains, asserts David A. Wheeler.. Secure Coding Practices, Software Supply Chain, Developer Education, Open Source Security. . Brittany Day
Dec 14, 2022
•
Security Trends
83
data breachphishingeducationSan Diego Unified School District Data Breach Exposes 500,000 Records
A hacker has stolen the personal details of over 500,000 San Diego Unified School District staff and students; the district revealed in a breach notice posted on its website on Friday, before the Christmas holiday.. The breach occurred because the attacker gained access to staff credentials via a tactic known as phishing -- sending authentic-looking emails that redirect users to fake login pages were attackers collect login credentials. The link for this article located at ZDNet is no longer available. . The breach occurred because the attacker gained access to staff credentials via a tactic known as ph. hacker, stolen, personal, details, diego, unified, school, district, staff. . LinuxSecurity.com Team
Dec 25, 2018
•
Hacks/Cracks
81
security advisorydata breachincident reportMelbourne High School Incident Reports Appalling Healthcare Data Leak
A data breach has taken place at a Melbourne high school which resulted in the confidential healthcare records of students being published online.. The security incident, which took place at Strathmore secondary college in Melbourne, was deemed "nothing short of appalling" by Victoria education minister, James Merlino, as reported by The Guardian. The link for this article located at ZDNet is no longer available. . Sensitive medical files of teenagers from a Melbourne high school exposed online in a breach considered unacceptable.. Melbourne Data Breach, Students Health Records, Data Security Incident. . LinuxSecurity.com Team
Aug 23, 2018
•
Privacy
77
software practicessecure codingeducationExploring Secure Coding Education Challenges in Programming
We've been trying to educate programmers about writing secure code for at least a decade and it flat-out hasn't worked. While I'm the first to agree that beating one's head against the wall shows dedication, I am starting to wonder if we've chosen the wrong wall. What's Plan B? . . .. It doesn't seem that a day goes by without someone announcing a critical flaw in some crucial piece of software or other. Is software that bad? Are programmers so inept? What the heck is going on, and why is the problem getting worse instead of better? One distressing aspect of software security is that we fundamentally don't seem to "get it." In the 15 years I've been working the security beat, I have lost track of the number of times I've seen (and taught) tutorials on "how to write secure code" or read books on that topic. It's clear to me that we're: * Trying to teach programmers how to write more secure code * Failing miserably at the task We're stuck in an endless loop on the education concept. We've been trying to educate programmers about writing secure code for at least a decade and it flat-out hasn't worked. While I'm the first to agree that beating one's head against the wall shows dedication, I am starting to wonder if we've chosen the wrong wall. What's Plan B? The link for this article located at acmqueue.com is no longer available. . Ongoing awareness is essential since programming vulnerabilities endure, prompting inquiries into the adequacy of cybersecurity training.. Secure Coding, Education Challenges, Software Protection. . LinuxSecurity.com Team
Jun 29, 2004
•
Server Security
74
network securitydata integritydata privacyK-12 Network Security Concerns: Privacy and Integrity Challenges
In many ways, a K-12 public education data network will be designed and constructed in the same manner as any other business data network. While all business networks will have some degree of security built into them, a K-12 school environment presents special needs and requirements. It goes beyond the obvious items such as physical security, routers, sub-netting, firewalls, and anti-virus. These will be addressed as well, but we will be looking at several other very important issues, which include privacy (confidentiality), data integrity, and content filtering.. . .. In many ways, a K-12 public education data network will be designed and constructed in the same manner as any other business data network. While all business networks will have some degree of security built into them, a K-12 school environment presents special needs and requirements. It goes beyond the obvious items such as physical security, routers, sub-netting, firewalls, and anti-virus. These will be addressed as well, but we will be looking at several other very important issues, which include privacy (confidentiality), data integrity, and content filtering. There are laws in place regarding privacy and the confidentiality of student information. There are repeated concerns with students hacking into school data systems and modifying files. It is also a hot topic regarding having Internet content filtering within schools. We will be doing some comparisons between the United States and Canada in regards to these items. As well, funding always comes up in any conversation pertaining to the public school system, so this will be looked at too. Many decisions that are made are done within the confines of the available funding structure. Enterprise network hardware SANS We are all used to seeing large data centres located behind locked doors, maybe even several doors, with alarms; possibly even with a security guard out front. Some of you may have even encountered this setting before starting to actually work in the IT world. What thesepeople were subscribing to even then, was Law #3 of the Ten Immutable Laws of Security. It states "If a bad guy has unrestricted physical access to your computer, it's not your computer anymore" (Microsoft). However, much more than just the computer room portion of the data network needs to be secured. It extends to the other physical devices as well, such as the routers, hopefully located within a locked wiring closet, and with access for only a limited number of personnel. The link for this article located at Sans Institute is no longer available. . K-12 public schools face significant hurdles in ensuring security, focusing on student privacy, data integrity, and effective content filtering for a safer learning space. K12 Network Security, Education Data Privacy, Network Integrity, Content Filtering Solutions. . Anthony Pell
Dec 22, 2003
•
Network Security
74
network securitycyber threateducationGunderson High School Network Security Assurance For Parents
When Gunderson High School launched its wireless network this fall, some parents were alarmed. Would a hacker be able to break into student laptops? View sensitive information stored on district servers? Tamper with grades? Cliff Herlth, the tech resource teacher, assured . . . . When Gunderson High School launched its wireless network this fall, some parents were alarmed. Would a hacker be able to break into student laptops? View sensitive information stored on district servers? Tamper with grades? Cliff Herlth, the tech resource teacher, assured them the network was secure. Only certain computers with registered wireless cards could connect to it. To anyone who lacked the proper technical IDs, the school network was virtually invisible. ``The only way you could get on our network at all if you are not on the list is by plugging in,' Herlth said. In other words, an electronic intruder would have to physically enter the school and connect to an ethernet cable. The link for this article located at Mercury News is no longer available. . Gunderson High School has reassured parents regarding the safety of its wireless network, addressing worries about potential cyber threats to student laptops.. Wireless Network Security, Cyber Threat Management, Educational Technology Risks. . Anthony Pell
Nov 13, 2003
•
Network Security
74
security toolsnetwork managementeducationImproving WLAN Security by Focusing on Education and Regular Updates
Wireless security is a complicated topic, and one that requires much education and know-how. Unfortunately, this education is largely lacking, according to experts. Deploying first-rate wireless security tools is a worthless endeavor if the enterprise is not diligent in keeping . . . . Wireless security is a complicated topic, and one that requires much education and know-how. Unfortunately, this education is largely lacking, according to experts. Deploying first-rate wireless security tools is a worthless endeavor if the enterprise is not diligent in keeping them current. Not updating security in access points and other gear can be worse than having no security at all. Some companies are so skittish about WLAN security that they refuse to deploy it -- even if their enterprises are prime candidates for its benefits -- despite the availability of tools that can make their WLAN as secure as a wired network. Some executives just don't want to risk deploying a WLAN. Devin Akin, the CTO of Planet3 Wireless, says, "This is perfectly valid if they do not understand the technology. Most people don't. That's one of the problems. It falls back to educating the user, the installer, and the administrator." The link for this article located at ZDNetUK is no longer available. . Network protection plays a vital role in organizations; ongoing education and modern resources are key for security and productivity.. Wireless Security,WLAN Management,Network Safety,Continuous Education,Security Updates. . Anthony Pell
Mar 25, 2003
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More