Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 11 articles for you...
79
security advisorydata protectionsystem enhancementAlmaLinux 10: New Features for Enhanced Security and Management
AlmaLinux 10 beta has arrived with exciting features designed to increase system security and streamline configuration management. This latest release introduces the revolutionary sudo system role, making user permission management more straightforward than ever while decreasing misconfigurations and privilege escalation risks. Furthermore, with Sequoia PGP encryption tools, your encryption game will be significantly upgraded, ensuring sensitive data stays protected against the latest threats. . AlmaLinux 10 goes beyond traditional Linux offerings. It also features comprehensive support for older x86 chipsets to ensure compatibility with legacy systems and critical updates to SELinux policies that enable greater control over security configurations. When combined with an updated software stack and security configurations, these enhancements make AlmaLinux 10 an incredibly secure operating system suitable for any enterprise, and security administrators will want to explore these features fully to best secure and manage systems in 2025 and beyond. AlmaLinux 10 promises to streamline your workflow while offering comprehensive support for new and legacy systems. In this article, we'll highlight its most remarkable features - such as the Sudo system role or Sequoia PGP tools - among many other significant enhancements. Simplified Sudo Configuration with the New Sudo System Role Managing sudo permissions can be a challenging and error-prone task for any Linux admin. Misconfigurations may lead to significant vulnerabilities, allowing unauthorized users to gain administrative access and potentially causing havoc. AlmaLinux 10 addresses this challenge by offering a more straightforward solution: the new sudo system role. This role's primary goal is to simplify and standardize how sudo configurations are managed across your systems by offering an intuitive user interface and robust set of tools that ensure sudo policies are consistently and correctly applied - thus lowering risk related toprivilege-based vulnerabilities by decreasing chances for accidental administrative permissions to be granted by mistake. Administrators no longer need to manually edit the sudoers file when assigning sudo permissions. Rather, the sudo system role can now define explicit permissions and provide more granular control, enabling admins to specify precisely which commands can be executed under sudo by each user or group. This granular approach simplifies management and enhances overall security by limiting privilege escalation risk. Enhanced Encryption with Sequoia PGP Tools Encryption has become an essential element of data security in today's digital sphere. AlmaLinux 10 significantly upgrades its encryption capabilities by integrating Sequoia PGP (Pretty Good Privacy) tools - explicitly designed to meet advanced encryption requirements while giving it a modernized aesthetic compared to classic PGP solutions. Sequoia PGP tools (sq and sqv) offer an efficient and secure encryption framework, making protecting data communications and stored information simpler than ever before. As cyberattacks proliferate, having advanced encryption tools available is becoming increasingly critical to maintaining integrity and confidentiality in your information systems. Sequoia PGP tools stand out as one of the premier post-quantum cryptography solutions, as their design ensures they can handle future security threats posed by quantum computing. While quantum computing threatens many encryption methods currently employed, Sequoia PGP tools were created with this future threat in mind to ensure your encrypted data remains protected even as new computational capabilities emerge. This provides peace of mind, knowing AlmaLinux 10 will meet security challenges head-on! Updates to SELinux Policies for Improved Security Management SELinux (Security-Enhanced Linux) is a kernel security module that supports access control security policies. AlmaLinux 10 introduces updates to its policies and tools designed togive administrators greater control while making security configurations more straightforward. Enhancements to this release's policies offer more granular control of various aspects of system security, making it more straightforward to define and enforce policies to ensure your systems are better protected against unauthorized access and other threats. Furthermore, improved tools for administering SELinux policies facilitate a better administration experience, making implementing and maintaining strong security measures more efficient. These updates make implementing consistent security policies across multiple systems easier, reducing misconfigurations that could open up vulnerabilities. As a security administrator, these tweaks enable a higher level of control, making your job less about reactive protection than proactive security. AlmaLinux 10 provides broad compatibility and an up-to-date software stack, making it a great choice for organizations relying on legacy systems. The latest release still supports older x86-64-v2 architecture, so users with older hardware won't feel left behind, thus providing enterprises with cost-effective ways of updating their operating systems while keeping operational continuity intact. AlmaLinux 10 comes preloaded with an up-to-date software stack, including modern Python 3.12, Ruby 3.3, and Node.js 22 versions that help ensure optimal performance and security. Staying current is crucial in terms of performance and security, as outdated software can contain vulnerabilities exploitable by attackers, while having the latest versions ensures you're protected against known threats. Future-Proof with Post-Quantum Cryptography Quantum computing is a promising new field transforming many areas of technology, yet it also poses risks to our current cryptographic standards. Traditional encryption methods could be rendered useless due to quantum computers' advanced processing power requiring new cryptographic techniques for protection. Future-proofing yoursystems against such threats is of utmost importance, and AlmaLinux 10 provides solutions through post-quantum cryptography support. By including encryption methods designed to withstand quantum attacks, this release ensures that your data will remain protected regardless of evolving computing technologies. Security administrators can take comfort in knowing their encryption strategies will provide long-term protection. You can reduce anxiety about potential security breaches by opting for a system capable of adapting to future technology threats that offers long-term protection. Our Final Thoughts: AlmaLinux 10 Offers a Secure, Efficient Linux Environment AlmaLinux 10 brings many enhancements designed to make your job as a Linux security administrator simpler and more effective. For instance, its new sudo system role standardizes configuration management while decreasing risks related to errors that could expose vulnerabilities. Its Sequoia PGP tools offer robust encryption solutions capable of meeting quantum computing challenges, and its updates in SELinux policies enhance control over security configurations to protect your systems against threats. AlmaLinux 10 is an attractive option thanks to its broad hardware compatibility and cutting-edge software stack, making it a secure and efficient choice for any organization. These features show evidence that AlmaLinux 10 can help manage systems efficiently while adhering to high security standards in today's fast-changing digital landscape. Are you curious to test AlmaLinux 10 beta? To do so, download an ISO from their official download page. . Rocky Linux 9 introduces innovative features for strengthened data privacy and cybersecurity, ensuring robust defense for networks.. AlmaLinux, system security, encryption tool, sudo management, advanced features. . Brittany Day
Jan 21, 2025
•
Security Projects
67
network protocolencryption toolsecure connectionExploring OpenSSL: Tools For Secure SSL/TLS Connections
Secure Sockets Layer (SSL) is an internet security protocol. It establishes encrypted connections between computers on a network, such as the internet. The OpenSSL Project dates back to 1998 to develop a free, versatile set of encryption tools for online use. . Amongst other things this includes open-source versions of both the SSL and TLS protocols . As the source code is freely available OpenSSL is supported on a number of platforms including Linux, macOS and Windows. The core library (libssl) of OpenSSL is written in the C Programming Language. It’s designed to allow users to enable support for SSL/TLS in both client and server applications. This is useful for websites, messaging apps , and VPN services , including free VPNs . The library relies heavily on OpenSSL’s comprehensive cryptographic library, libcrypto. This supports a huge number of algorithms including the industry standard Advanced Encryption Standard ( AES ). The libcrypto library also supports older encryption algorithms like Blowfish and Camellia. . LibreSSL provides free-to-use libraries and tools for establishing secure communications utilizing HTTPS and TLS safeguards for protected digital exchanges.. OpenSSL, Encryption Tools, TLS, Network Protocols, SSL. . LinuxSecurity.com Team
Feb 21, 2023
•
Cryptography
67
data privacyencryption toolcybersecurity toolExplore Shufflecake: Create Hidden Filesystems For Data Privacy
Thursday the Kudelski Group 's cybersecurity division released "a tool for Linux that allows creation of multiple hidden volumes on a storage device in such a way that it is very difficult, even under forensic inspection, to prove the existence of such volumes." . "Each volume is encrypted with a different secret key, scrambled across the empty space of an underlying existing storage medium, and indistinguishable from random noise when not decrypted." "The reason why this is important versus "simple" disc encryption is best illustrated in the famous XKCD comic 538 ," quips Slashdot reader Gaglia (in the original submission . But the big announcement from Kudelski Security Research calls it "a tool aimed at helping people whose freedom of expression is threatened by repressive authorities or dangerous criminal organizations, in particular: whistleblowers, investigative journalists, and activists for human rights in oppressive regimes. . Delve into Shufflecake, an innovative solution for crafting concealed filesystems, safeguarding your data integrity from potential vulnerabilities.. Shufflecake, Hidden Filesystems, Linux Encryption, Cybersecurity Solution, Plausible Deniability. . LinuxSecurity.com Team
Dec 14, 2022
•
Cryptography
79
encryptionopen sourcefile transferCroc: Secure File Transfers With Encryption Across Platforms
croc is a free and open-source command line tool for secure file transfers between computers. It uses relay-assisted peer-to-peer transactions and end-to-end encryption via password-authenticated key exchange. The program is written in Go and is available for Linux, Windows, macOS and *BSD. Learn about croc's key features and see how easy it is to use croc to send a file or folder in this Linux Uprising tutorial. . The idea behind croc is being able to transfer files and folders between cross-platform computers securely, fast and easy. With support for resumable, peer-to-peer transfers. As a bonus feature, croc is also able to securely transfer a short text or URL directly. The data transfer is done using a relay, either using raw TCP sockets or websockets. When the sender and the receiver are on the same LAN, croc uses a local relay, otherwise a public relay is used. Thanks to this, croc can send files between computers in the same LAN, or over the Internet, without having port-forwarding enabled. The data going through the relay is encrypted using a PAKE -generated session key. For this, croc uses code phrases, a combination of three random words. By default, a code phrase can only be used once between two parties, so an attacker would have a chance of less than 1 in 4 billion to guess the code phrase correctly to steal the data. . Explore croc, a powerful command-line tool crafted for secure and efficient file transfers across multiple platforms, featuring advanced encryption for superior data safety. Croc Tool, Secure File Transfers, Command Line Tool, Security, Encryption Tool. . LinuxSecurity.com Team
Mar 05, 2021
•
Security Projects
67
open sourceinstant messagingsecurity analysisAnalyzing Off The Record Encryption Tool for Pidgin and Adium IM
The digital watchdog Electronic Frontier Foundation (EFF) lent a technical hand to fix security problems in a tool used to encrypt instant messenger conversations using the Adium and Pidgin programs. . The EFF wrote on Thursday that it analyzed the "Off the Record" (OTR) tool, a plugin for Pidgin and Adium for Mac, which are both open-source programs that accommodate multiple instant-messaging protocols into one client. The link for this article located at Network World is no longer available. . The EFF wrote on Thursday that it analyzed the 'Off the Record' (OTR) tool, a plugin for Pidgin and . digital, watchdog, electronic, frontier, foundation, (eff), technical, security. . LinuxSecurity.com Team
Sep 26, 2011
•
Cryptography
67
encryption toolweb applicationsdata decryptionIntroduction to the Poet Tool and Its Use in Padding Oracle Attacks
Two researchers have released a tool which can be used to crack web server-encrypted session data contained in cookies and parameters hidden in HTML pages. The method used by Juliano Rizzo and Thai Duong's Padding Oracle Exploitation Tool (Poet) can also be used to crack CAPTCHAS.. Poet utilises the Padding Oracle AttackPDF, first discovered in 2002, to decrypt cypher block chaining (CBC) mode encrypted data without the key. Web applications such as those generated using the popular JavaServer Faces framework (JSF) are affected. The Padding Oracle Attack makes use of the fact that during encryption individual blocks must always be 8 or 16 bytes long. In order to meet this requirement it is usually necessary to pad out the final block with additional bytes. There are various methods of performing this padding, some of which facilitate cracking. This is where Padding Oracle The link for this article located at H Security is no longer available. . Poet utilises the Padding Oracle AttackPDF, first discovered in 2002, to decrypt cypher block chaini. researchers, released, which, crack, server-encrypted, session. . LinuxSecurity.com Team
Jun 09, 2010
•
Cryptography
79
open source softwareweb securityencryption toolEssential Password Managers That Enhance Your Online Security
It is good practice to use a different password for each Web site you need to log in to. Good passwords tend to be long and contain a wide selection of characters. That can make remembering all your passwords difficult. But you can make things easier on yourself by storing passwords for various Web sites in an encrypted file on your computer. I'll take a look at a four programs that give you easy access to your passwords when you need them and protect the password file itself against compromise. Do you use any software to manage your passwords? This article looks at four of the more popular ones and reviews them. . The link for this article located at Linux.com is no longer available. . Explore five reliable password managers to enhance your digital account security and safeguard your credentials.. Password Management, Encryption Tools, Web Security Solutions, Open Source Password Managers. . LinuxSecurity.com Team
Oct 21, 2008
•
Security Projects
67
data securitysoftware releaseencryption toolExplore TrueCrypt 6.0: New Encryption Features For Linux Users
You and I may have taken the 4th of July off, but the folks over at TrueCrypt didn't. Instead, they pushed out version 6.0 of their on-the-fly encryption utility, with more options than ever for protecting - and hiding - the critical data on your hard drives. Available for Linux, OS X, and Windows, the software is licensed under its own TrueCrypt license, which is not OSI-approved. Check out the latest release of TrueCrypt. Have you ever used it on your Linux machine to protect personal data? If so what do you think about it.. . Explore the possibilities with VeraCrypt 1.25, the newest iteration offering advanced security features for Windows enthusiasts to protect their files reliably.. TrueCrypt Encryption, Data Protection, Linux Users, Data Security Tools. . LinuxSecurity.com Team
Jul 08, 2008
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More