Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
83
security advisorymalwaresecurity riskUSB Attack Code Heightens Security Risks And Exploit Potential
Rarely in security is anything an absolute, but in the case of the BadUSB research that emerged during this year. Over the weekend, the situation may have gotten a bit more desperate with the release of code by two independent security researchers that replicates some of what Karsten Nohl and Jakob Lell of SR Labs in Germany demonstrated this summer during the desert hacker fest. The link for this article located at ThreatPost is no longer available. . Escalating worries about USB vulnerabilities emerge as newly unveiled attack scripts by experts heighten the likelihood of threats and breaches.. USB Exploits, Malware Analysis, Security Threats. . LinuxSecurity.com Team
Oct 06, 2014
•
Hacks/Cracks
74
exploit researchbotnet operationspam networkLEET '11: Botnet Operations Insights From Brett Stone-Gross
A presentation at this week's LEET '11, a USENIX workshop on large-scale exploit and emergent threats, delves into the inner workings of the underground economy, specifically the rental and operation of spam botnets.. Brett Stone-Gross, a PhD student at the University of California, Santa Barbara, gave an overview of recently completed research he conducted with fellow researchers Thorsten Holz, Gianluca Stringhini and Giovanni Vigna. In August 2010, the team worked with contacts at various Internet Service Providers and were able to gain access to 13 Command & Control servers and three development servers used by botnet operators of the Cutwail spam engine, a botnet that has been around since 2007 and at one time was estimated to be the largest botnet in existence with the most infected hosts. Cutwail is also often referred to as Pushdo because of a separate Trojan component that installs the software. The link for this article located at Network World is no longer available. . Ella Romanov, a graduate researcher at MIT, analyzed ransomware trends during the CyberSec '22 conference.. Botnet Operations, Spam Networks, Cybersecurity Research. . Alex
Mar 30, 2011
•
Network Security
79
vulnerabilitysecurity flawlocal escalationLocal Privilege Escalation in Mac OS X Tiger Exploited by Researcher
Before his coffee was cold he had found a local privilege escalation vulnerability in Mac OS X Tiger, which could allow people to elevate from normal user to full super user, and had written code that could exploit the hole.. "I just think that I got lucky, but that's what I always think when I find a bug that quickly," he said in an interview on Wednesday. Dai Zovi has been exploiting Macs for a long time, publishing his first Mac OS X shellcode (code used as the payload in an exploitation of a vulnerability) for the PowerPC in July 2001. He said he has reported more than 10 vulnerabilities to Apple over the years and does so out of love for the platform. The link for this article located at CNET is no longer available. . Investigate a regional privilege escalation flaw within Mac OS X and understand how analysts take advantage of weaknesses to enhance security.. Local Escalation, Exploit Research, Security Flaws, Mac OS Techniques. . LinuxSecurity.com Team
Aug 27, 2009
•
Security Projects
76
hacking toolssecurity conferencedatabase securityKey Takeaways From Black Hat USA 2005: Database Security Insights
Rootkits. Zero-day exploits. Social engineering. Encryption cracking. Cryptography. File format fuzzing. Kernel exploitation. These are just some of the buzzwords making the rounds at the Black Hat USA 2005 security conference here, where some of the sharpest minds in the research community will congregate to share information on computer and Internet security threats. . The powwow, organized by Black Hat Inc., promises 60 new security research presentations, 13 hacking tools, 15 new exploits, the first-ever example of exploit shellcode in Cisco IOS, and numerous debates on privacy, defense mechanisms and industry trends. When the briefings start on Wednesday, all eyes—and ears—will be on David Litchfield's presentation on new zero-day vulnerabilities. Litchfield, a founder of Next Generation Security Software Ltd., is best known for his work on finding gaping security holes in Oracle Corp. database products, and his discussion is expected to shine the spotlight on a new range of unpatched vulnerabilities in several Internet-facing applications. At last year's Black Hat, it was Litchfield who blew the lid off Oracle's tardiness in patching highly critical Oracle database flaws. His research work prompted widespread criticism of Oracle's response to known vulnerabilities and forced the company to implement a quarterly patching schedule. The link for this article located at eWeek is no longer available. . The Black Hat USA 2005 conference focused on database security, addressing vulnerabilities and innovative exploits to protect sensitive data effectively. Black Hat Conference, Database Exploits, Security Insights, Hacking Developments, Vulnerability Discussions. . Brittany Day
Jul 27, 2005
•
Organizations/Events
83
cyber threatssecurity toolsexploit researchIdentifying the Gap Between Security Holes and Exploited Threats
Experts who discover and report security holes seem to be far more industrious than the malicious hackers willing or able to exploit those holes. Despite the thousands of hackable holes that lurk in e-mail, on websites, in files and operating . . . . Experts who discover and report security holes seem to be far more industrious than the malicious hackers willing or able to exploit those holes. Despite the thousands of hackable holes that lurk in e-mail, on websites, in files and operating systems, most users' computers are never afflicted with more than the virtual version of a sniffle. Few of the ominous potential traumas reported in 2002 turned out to have any real impact on most computer users. The Klez virus infected some machines and spawned spam that continues to clutter many e-mail inboxes. And the Linux Slapper worm made more work for some systems administrators for a while. "I'd love to see people in the industry turn their attention to developing broad-reaching security tools that make a real difference rather than focusing on finding each and every little possible exploit," security consultant Richard Smith said. The link for this article located at Wired.com is no longer available. . Cybersecurity analysts identify weaknesses more swiftly than cybercriminals can leverage them, highlighting an ongoing security divide.. System Vulnerabilities, Security Holes, Cyber Threats, Digital Exploits, Security Tools. . LinuxSecurity.com Team
Dec 30, 2002
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More