Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 4 articles for you...
212
security advisoryexploit riskdata compromiseExploit Risks of Misconfigured Azure Services in EmojiDeploy Attack Chain
Multiple misconfigurations in a service that underpins many Azure features could have allowed an attacker to remotely compromise a cloud user's system. . An attack chain exploiting misconfigurations and weak security controls in a common Azure service is highlighting how lack of visibility impacts the security of cloud platforms. The "EmojiDeploy" attack chain could allow a threat actor to run arbitrary code with the permission of the Web server, steal or delete sensitive data, and compromise a targeted application, Ermetic stated in its Jan. 19 advisory . An attacker could use a trio of security issues affecting the common Source Code Management (SCM) service — a cloud service used by many Azure applications without an explicit indication to the user, according to Ermetic. The issues demonstrate that the security of cloud platforms are undermined by the lack of visibility into what those platforms do under the hood, says Igal Gofman, head of research for Ermetic. The link for this article located at DarkReading is no longer available. . A vulnerability pathway leveraging insufficient configurations and lax defenses in a widely used Azure platform could present significant threats.. AzureService, CloudSecurity, MisconfigurationRisk, AttackChain. . Brittany Day
Jan 26, 2023
•
Cloud Security
83
security issuecyber threatexploit riskWebcam Security Risks: Minor Bugs Create Major Cyber Threats
More insecure webcams! Inattention to IoT security! Who would have thought?. Unfortunately, cybersecurity still seems to sit way down in Nth place for many vendors when they start programming their latest and greatest Internet of Things (IoT) devices. In this case, the bugs are in a family of webcams – and not just any old webcams, but security webcams. The link for this article located at Naked Security/Sophos is no longer available. . The security of IoT gadgets frequently gets neglected, resulting in substantial risks stemming from trivial flaws in smart speakers and beyond.. IoT Devices, Webcam Security, Cyber Threats, Exploit Risks. . LinuxSecurity.com Team
Jun 13, 2018
•
Hacks/Cracks
78
security advisorysecurity issueUbuntuUbuntu: Unpatched Unix Flaw Exposes Risk After Official Fix
A security flaw in a common Unix software component remains unpatched in one of the most popular Linux distributions, more than a year after an official fix was published.. . An oversight in a Unix software module stays unresolved in widely-used Ubuntu, putting systems at potential hazards.. Unix Flaw, Ubuntu Security, OS Threats, Risk Exposure, Security Issues. . LinuxSecurity.com Team
May 01, 2015
•
Vendors/Products
83
security advisorycode executionheap overflowInternet Explorer Heap Overflow Advisory: Serious Code Execution Threat
US-CERT on Wednesday warned of a fresh hole in Internet Explorer that could allow attackers to take control of a PC via an HTML e-mail message or a malicious Web page. The flaw is all the more serious because exploit code has been published on public mailing lists, according to security researchers. . . .. US-CERT on Wednesday warned of a fresh hole in Internet Explorer that could allow attackers to take control of a PC via an HTML e-mail message or a malicious Web page. The flaw is all the more serious because exploit code has been published on public mailing lists, according to security researchers. The flaw, a heap buffer overflow, is in the way IE handles two attributes of the "frame" and "iframe" HTML elements. An exploit currently circulating uses overly long SRC and NAME attributes to cause IE to execute an attacker's shell code, according to US-CERT. Users could be attacked via a malicious Web page viewed in an affected version of IE or possibly through an HTML e-mail viewed in an application such as Outlook, Outlook Express, AOL or Lotus Notes that relies on the WebBrowser ActiveX control, according to researchers. The bug has been confirmed in IE 6.0 on Windows XP with SP1 and all patches installed, as well as the same browser on a fully patched Windows 2000, according to an advisory from security firm Secunia. Microsoft Corp. has not yet released a patch. The link for this article located at eweek.com is no longer available. . US-CERT on Wednesday warned of a fresh hole in Internet Explorer that could allow attackers to take . us-cert, wednesday, warned, fresh, internet, explorer, allow, attackers. . LinuxSecurity.com Team
Nov 05, 2004
•
Hacks/Cracks
77
security advisorydesktop softwaresecurity flawsRealNetworks: Media Players Security Flaws Affecting Exploit Risk
EEye Digital Security has uncovered new security holes affecting a wide range of RealNetworks' media players, the latest desktop-based bugs set to worry IT managers. The flaws could be exploited via a malicious webpage or a RealMedia file run from a local drive to take over a user's system or delete files, according to RealNetworks. . . .. EEye Digital Security has uncovered new security holes affecting a wide range of RealNetworks' media players, the latest desktop-based bugs set to worry IT managers. The flaws could be exploited via a malicious webpage or a RealMedia file run from a local drive to take over a user's system or delete files, according to RealNetworks. Researchers have turned up a myriad of serious security flaws in client software over the past few weeks, and such bugs can be difficult to patch because of the sheer number of desktops in use. Recently vulnerabilities have been revealed in WinAmp, WinZip, and Apple Computer's iChat messaging program. The link for this article located at Matthew Broersma is no longer available. The link for this article located at Matthew Broersma is no longer available. The link for this article located at Matthew Broersma is no longer available. The link for this article located at Matthew Broersma is no longer available. . Uncover significant vulnerabilities in RealNetworks media applications that may allow unauthorized access or data loss.. RealNetworks Media Players, Security Risks, Media Player Flaws. . LinuxSecurity.com Team
Oct 04, 2004
•
Server Security
78
security advisoryMicrosoftexploit riskMicrosoft: Internet Explorer 5 Exploit Risk From Source Code Leak
We have not covered much about the Microsoft source code leak that has been inundating the computer security news-sites recently, mostly because its not very relevant to open-source security. However, an exploit has been found due to the leak already. This brings up one of the major bonuses of open-source code: it does not at all depend on obscurity. Defense-by-obscurity leads to sloppy coding habits and opens the door to massive security vulnerabilities should the code be leaked, especially if its no longer supported, but still widely used, like Windows 9x. Bear in mind that, according to the Microsoft EULA, no one else is technically allowed to patch the code, and Microsoft likely won't . They might even claim that the ruling against them on the Java VM issue with Sun means that they cannot, since that was the reason given for dropping support for legacy products in the first place. . . .. A security company on Monday alerted clients of a new vulnerability to Internet Explorer 5, one attributed to the recent leak of Microsoft Corp. Windows source code. Microsoft confirmed the problem late in the day. A security company on Monday alerted clients of a new vulnerability to Internet Explorer 5, one attributed to the recent leak of Microsoft Corp. Windows source code. The quick attack appears to contradict some optimistic expectations that the recent leak of Windows 2000 and NT code would not pose a significant opportunity for hackers. In a statement released late on Monday, the company said it was investigating the reported exploit, but added that "This exploit is a known issue that Microsoft had discovered internally and addressed with the latest release of Internet Explorer--Internet Explorer 6.0 Service Pack 1." According to a message posted by SecurityGlobal.net LLC's Security Tracker Web site, a vulnerability was reported in Microsoft Internet Explorer Version 5 that lets a "remote user execute arbitrary code on the target system." A hacked bitmap file can trigger an integer overflow and executearbitrary code, the security bulletin said. The author of the warning said that this flaw was uncovered by reviewing the recently leaked Windows source code. The link for this article located at eweek.com is no longer available. . An issue found in Explorer 5 discloses risks stemming from exposed Microsoft code, underscoring lingering security gaps.. Internet Explorer Exploit, Microsoft Source Code Leak, Legacy Software Security. . LinuxSecurity.com Team
Feb 17, 2004
•
Vendors/Products
83
security advisorysendmailexploit riskSendmail And Snort Exploit Risks Reported: IT Threats Identified
Vulnerabilities have been uncovered in Sendmail and the Snort open source intrusion detection system IT departments suffered two serious vulnerabilities in enterprise-grade open source software systems last week. Top of the list was a newly reported vulnerability in Sendmail, which is a widely used mail transport agent (MTA). The second vulnerability was found in Snort, a popular open-source intrusion detection system (IDS). . . .. Vulnerabilities have been uncovered in Sendmail and the Snort open source intrusion detection system IT departments suffered two serious vulnerabilities in enterprise-grade open source software systems last week. Top of the list was a newly reported vulnerability in Sendmail, which is a widely used mail transport agent (MTA). The second vulnerability was found in Snort, a popular open-source intrusion detection system (IDS). Last week showed how quickly news of vulnerabilities can be exploited to produce software that wreaks havoc on the Net. Within 24 hours of the problems being made public, an easy-to-use exploit program for the Sendmail vulnerability was posted on the Bugtraq mailing list. According to Bugtraq, default installations of Sendmail and Red Hat Linux are not vulnerable to this particular exploit, but firms that have compiled Sendmail for use with Red Hat 7.1, 72 or 7.3 are vulnerable. The link for this article located at vnunet is no longer available. . Vulnerabilities have been uncovered in Sendmail and the Snort open source intrusion detection system. vulnerabilities, uncovered, sendmail, snort, source, intrusion, detection, system. . LinuxSecurity.com Team
Mar 11, 2003
•
Hacks/Cracks
77
web securitycertificate authorityexploit riskExploring Site Seal Misleading Facts And Real-World Security Threats
Secure site seals handed out to sites by certificate authorities and lock icons shown by browsers can often mislead consumers into believing that a site is more secure than it actually is, according to the latest Netcraft Web Server Survey.. . .. Secure site seals handed out to sites by certificate authorities and lock icons shown by browsers can often mislead consumers into believing that a site is more secure than it actually is, according to the latest Netcraft Web Server Survey. The survey said a recent dialogue between the two leading certificate authorities - Verisign and Geotrust has highlighted the fact that though the site seal and browser lock may look reassuring, there was no assurance at all that the site is not vulnerable to some well known exploit, and typically many are. It said the discovery of remote vulnerabilities in Microsoft Commerce Server and Microsoft-IIS published last month, had left many commerce and financial sites open to attack, and there was often no clear cut way in which a site's prospective customers can legally determine whether their transactions and data were likely to be safe or not. Due to these factors, Netcraft said it was likely that payment mechanisms on the Internet would increasingly become centralised. The survey also showed that IIS has made a gain of three percent in number of sites hosted on the Net due to the fact that register.com putting a Windows-based front end back in place on their domain parking system. It said register.com had alternated recently between a Windows and Linux front end, and this caused a fluctuation when it changed. All of article. . In today's digital landscape, website security is vital, yet consumers often misinterpret site seals as definitive proof of safety, which can be misleading and risky. Secure Site Seals, Consumer Protection, Exploit Risks, Web Security Standards. . LinuxSecurity.com Team
Jul 29, 2002
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More