Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Ahead With Linux Security News

Filter%20icon Refine news
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security news

We found 3 articles for you...
72

Guide to Auditing UFW Firewall Rules on Long-Term Linux Environments

Over time, it’s common for the same service to be allowed by more than one rule. An older broad rule may still match traffic first, while newer, more restrictive rules below it are never evaluated. . If you already know UFW , the challenge is not writing rules. It’s auditing existing UFW rules to identify which still define exposure, which no longer serve a purpose, and which don’t affect traffic due to rule order, IPv6 parity, or underlying iptables behavior. This guide focuses on auditing. You’ll use ufw status numbered to inventory active rules, ufw show raw to confirm enforcement order, and validation steps to reconcile what UFW reports with what the host is actually listening on. Why UFW Rules Stop Matching Real Exposure on Long-Lived Servers Most searches that lead here start with a mismatch. ufw status says a port is blocked, but it’s still reachable. The rules look strict, yet the host is exposed in ways that aren’t obvious from the summary output. That’s the condition you’re auditing. On long-lived servers, it’s often unclear which rules are actually controlling access. The same service often ends up allowed in more than one way. Rules remain after a service changes ports or is no longer running. Temporary access added for debugging or migrations never gets cleaned up. A policy can look locked down in ufw status , while an early Anywhere rule still defines access. IPv4 gets reviewed and tightened while IPv6 remains permissive. Another common issue is incomplete visibility. Not all logic comes from the UFW CLI. Older hosts often include custom rules in /etc/ufw/before.rules , such as NAT handling or ICMP filtering, that run before user-defined UFW rules. If you don’t check that file, you’re not seeing the full enforcement path. A UFW ruleset is ready for restrictive changes only when you can answer two questions without digging or guessing. What the host is currently exposed to, and which specific rule allows a given connection. If youcan’t point to a line number and explain why it matches, tightening rules is premature. For long-lived hosts, auditing needs to happen before any restrictive changes. Until you identify which rules actually allow inbound traffic, changing the policy usually adds complexity instead of reducing it. How to Audit UFW Rules Before You Harden Anything Starting with restrictive changes before understanding exposure usually creates more rules, not less clarity. Without knowing which rules actually define access, tightening tends to pile exceptions on top of exceptions, making the ruleset harder to reason about, not safer. The audit in this guide follows the same order UFW uses to evaluate traffic . Each step answers a specific question about how your UFW rules behave on the host, and each one depends on the previous step. Pull the active policy view. Start with what is enforced right now. This is the complete set of UFW rules that apply to incoming traffic, not what you remember adding, nor what the documentation says should exist. Identify the rules that actually allow traffic. Broad allow rules usually define real exposure, even when more restrictive rules exist for the same service. Note: at the end of this step, you should be able to name the rule that actually allows traffic for each exposed service and explain why it wins. Verify rule order and enforcement. UFW applies first-match logic under the hood. If a broad rule matches early, narrower rules below it may never apply. This step confirms which rule actually decides a connection. Confirm IPv4 and IPv6 parity . Exposure often differs between stacks. A service restricted to IPv4 may still be reachable over IPv6. Both need to reflect the same intent. Validate with logging when behavior doesn’t match expectation. When rules look correct, but traffic behaves differently, logging is how you confirm what is really matching. This is about observation, not long-term monitoring. The order matters. Auditfirst, prove enforcement, then harden. If you reverse it, you usually don’t reduce exposure. You add new rules while the old ones still match, and the ruleset gets harder to explain. Step 1: Audit Active UFW Rules With ufw status numbered This step answers one question only. What is this host exposed to right now, based on the declared UFW rules? You are not proving enforcement yet. You are inventorying what the ruleset claims is allowed. Start by confirming UFW is active: sudo ufw status Then pull the numbered ruleset. The line numbers matter later when you start removing or consolidating rules. sudo ufw status numbered During audits, it’s also common to add context so you can see defaults, logging state, and policy direction: sudo ufw status verbose At this stage, resist the urge to fix anything. You’re reading for shape and volume, not correctness. First Pass: Scope and Volume Don’t overthink this. Run ufw status numbered and just get a feel for the mess. How many rules are we dealing with? 12 is one thing. 80 is a different problem. How many are Anywhere ? Those are usually the ones that matter. How many ports show up more than once? That’s almost always drift: old rules that never got cleaned up. If the ruleset is huge and half of it is Anywhere , assume this host has had “temporary” access added over the years, and nobody ever came back to remove it. Second Pass: Group Rules by Service Don’t read this top to bottom like it’s a story. Treat it like you’re triaging. Group it in your head by what it’s protecting: SSH : everything that touches port 22 (or whatever it got moved to) Web : 80/443, plus whatever random app ports are pretending they’re web Monitoring : node exporter, agents, metrics ports, etc. Databases : MySQL/Postgres, Redis, anything that should never be public “Why is this here?” : the weird ports you don’t recognize This is where stale access shows up fast. IfSSH is ALLOW Anywhere , that’s your real exposure. Treat it as public SSH and move on. Third Pass: Identify Dominant Allowances Broad allows usually define exposure. A single Anywhere rule often matters more than several narrow ones below it. Duplicate rules usually point to an old intent that was never removed. These are the rules you’ll validate and harden later. Example: Reading a Realistic Ruleset [ 1] 22/tcp ALLOW IN Anywhere [ 2] 22/tcp ALLOW IN 203.0.113.10 [ 3] 80/tcp ALLOW IN Anywhere [ 4] 443/tcp ALLOW IN Anywhere [ 5] 9100/tcp ALLOW IN 10.0.0.0/8 [ 6] 9100/tcp ALLOW IN Anywhere [ 7] 3306/tcp ALLOW IN 10.0.5.0/24 [ 8] 22/tcp (v6) ALLOW IN Anywhere (v6) In this ruleset, SSH traffic hits line 1 first. That rule allows SSH from anywhere, so the connection is accepted immediately. Line 2 never gets a chance to apply, even though it looks more restrictive. The same thing happens with the monitoring port. Line 6 allows port 9100 from Anywhere. Because it appears above, nothing more restrictive for that port defines access. Line 5 does not reduce exposure. Line 8 shows the same pattern on IPv6. SSH is allowed from Anywhere over IPv6, even though IPv4 access looks more controlled. That’s why multiple rules can exist for the same service, but only the first matching one affects access. The first rule that allows the traffic is the one that defines what the host is exposed to. Identify Stale Rules Using Temporary UFW Logging Sometimes you can’t tell whether a rule is still needed just by reading it. Use temporary UFW logging during a short audit window, then turn it back down. Increase logging temporarily during an audit window: sudo ufw logging high Verify the logging state: sudo ufw status verbose Watch UFW logs in real time: sudo journalctl -f | grep -i ufw If your environment logs to a file instead: sudo tail -f /var/log/ufw.log You’re not doing deep log analysis here. You’re confirming whether traffic still matches a rule you’re considering removing. Once you’ve answered that, logging should go back to its previous level before you move on. Step 2: Confirm Rule Order and Enforcement With ufw show raw Step 1 shows what the ruleset claims is allowed. That’s not the same as what actually decides a connection. This step answers a narrower question. Which rule wins when traffic hits the host? UFW doesn’t enforce packets by itself. It translates your policy into iptables rules, and that’s what actually gets evaluated. Order matters there, and the first match decides the outcome . If you don’t look at the generated rules, it’s easy to trust a summary that doesn’t reflect enforcement. Show the generated rules exactly as UFW loads them: sudo ufw show raw Think of UFW rules as a series of gates. If the first gate is wide open, the packet walks through immediately. Anything below it, no matter how strict, never even gets evaluated. This is why an audit has to prove which rule matches first, not just which rules exist. This output is the enforcement path. Rules are evaluated top to bottom . A broad rule early in the chain will accept traffic before a narrower rule below it ever gets a chance to apply. This is a common reason the summary output doesn’t reflect actual behavior. The policy looks tight in ufw status numbered . The raw output shows a permissive match earlier that defines access. Prove it: why a narrow rule doesn’t matter Consider a simplified example from ufw show raw : -A ufw-user-input -p tcp --dport 22 -j ACCEPT -A ufw-user-input -p tcp -s 203.0.113.10 --dport 22 -j ACCEPT Both rules allow SSH. The second one is narrower. It never matters. Any SSH connection that matches the first rule is accepted immediately. The presence of the restricted rule below it does not reduce exposure. This is why rule count and intent don’t tell you much on their own. Orderdoes. To separate intent from enforcement, it also helps to see which rules were added explicitly through the UFW CLI: sudo ufw show added This view is useful later when you clean up rules. It shows what was added deliberately, not what exists after rendering and defaults are applied. Finally, validate the firewall view against what the host is actually listening on: sudo ufw show listening Many admins also cross-check directly at the socket level: sudo ss -tulpen At this point, you should be able to reconcile three things. What services are listening, what UFW rules claim to allow them, and which raw rule actually decides the connection. If you are still unsure, check out our UFW Troubleshooting blog . Docker Reality Check: When UFW Rules Don’t Match Reachable Ports On long-lived hosts, Docker is one of the most common reasons UFW policy and real exposure diverge. Docker programs iptables directly. That includes NAT and forwarding paths that sit outside the usual UFW flow. Most admins assume UFW is deciding whether a port is reachable. With Docker, that’s often not true. When you run docker run -p 80:80 , Docker inserts NAT and forwarding rules (including PREROUTING and DOCKER-related FORWARD logic) that can make a port reachable even if ufw status looks strict. If you don’t inspect the underlying chains, it’s easy to mistake declared UFW policy for actual exposure. If Docker is present, don’t stop at UFW output. Verify the underlying rule path. Start with the full ruleset and Docker-specific chains: sudo iptables -S sudo iptables -S DOCKER-USER sudo iptables -S FORWARD sudo iptables -t nat -S If you prefer counters and packet visibility: sudo iptables -L DOCKER-USER -n -v sudo iptables -t nat -L -n -v If ufw status numbered says a port is blocked, but Docker published it, the host may still be reachable on that port. The audit step here is confirming the actual reachable surface, not relying on UFW’s declared intent alone. At this point, you’ve verified declared policy, enforcement order, and actual listeners. You now know what the rules say, how they’re enforced, and where UFW may not be the deciding layer. Hardening only makes sense after that picture is clear. Step 3: Identify the UFW Rules that Actually Allow Inbound Traffic After auditing the ruleset and confirming the enforcement order, the next task is deciding which UFW rules actually matter. Not every rule contributes to exposure. A small number of permissive rules usually define what the host allows. Work through the ruleset service by service. For each exposed service, apply the same checks. Identify the Most Permissive Rule Look for the rule with the widest scope. Anywhere sources, unrestricted interfaces, or broad subnets. That rule usually defines exposure, regardless of how many narrower rules exist below it. Once you identify it, treat it as the rule that represents the service’s real exposure. If you had to describe access in one sentence, this is the rule you’d use. Identifying Redundant or Overlapping Allows After you find the most permissive rule, look for other rules that allow the same traffic but with narrower conditions. If a rule matches, iptables stops and applies that target . Rules below it won’t change exposure. They often reflect older access paths, temporary exceptions, or later attempts to tighten access without removing the original rule. During an audit, the goal is not to decide what to delete. It’s to identify which rules actually affect traffic and which ones don’t change behavior at all. Write a One-Line Exposure Summary Per Service For each exposed port or service, you should be able to write a single line that describes access as enforced: SSH: allowed from Anywhere (IPv4), Anywhere (v6) MySQL: allowed only from 10.0.5.0/24 Node exporter: allowed from Anywhere because of rule 6 If you can’t summarize exposure without rereading the ruleset, you don’t yetknow which rule is actually controlling access. At the end of this step, you should be able to identify the dominant rule (the first rule that actually allows the traffic) for each exposed service and explain why it wins. Final Thoughts Don’t leave this as “the rules look fine.” The goal was to prove what’s actually happening on this host. You started with what UFW says ( status ), checked what it really loads ( show raw ), reconciled that against what’s listening ( show listening / ss ), and used logging when the behavior still didn’t line up. If you can’t point to the first rule that matches and explain why it wins, you’re not done yet. If you want the bigger picture behind why UFW summaries drift from enforcement on long-lived hosts, how UFW fits into Linux firewalls covers where UFW sits in the stack and what it abstracts away. If you’re ready to tighten access without breaking the box, UFW Hardening Patterns for Long-Lived Linux Servers picks up from here with add → test → remove, rollback safety, and validation checks so changes stay boring. . Audit your UFW rules on long-lived Linux hosts to tighten security and eliminate unnecessary exposure effectively.. UFW audit, Linux server security, firewall configuration, network access, rule management. . MaK Ulac

Calendar%202 Dec 30, 2025 User Avatar MaK Ulac Firewalls
77

Linux Security 2026: Emerging Risks Impacting Cloud and IoT Infrastructure

Linux security sits at the center of modern infrastructure. Most production systems, cloud workloads, and IoT devices run on it in some form. That reach gives it stability and risk in equal measure. The Identity Theft Resource Center reported 1,732 confirmed data compromises in the first half of 2025, an 11 percent rise from the same period, and more than half of 2024’s total. . It’s clear that a growing number of these incidents began on Linux-based systems. Attackers continue to use automation and AI to scan for unpatched packages, weak SSH setups, and kernel flaws faster than most teams can respond. The pattern isn’t new, but the tempo is. Linux security has shifted from a routine maintenance item to a continuous operational demand for every organization that depends on uptime. Who’s Targeting Linux Systems and What They Want You see the same names cycle through every year. What’s changed isn’t who they are, but how precise they’ve become. Most big operations now include Linux systems in the first wave, not as an afterthought. Lazarus Group uses compromised Linux servers to run crypto miners and collect financial data. They tuck payloads inside standard binaries, which helps them slip past shallow scans. APT28 (Fancy Bear) keeps brute-forcing SSH keys and planting implants that sit under kernel updates. Once inside, they stay dormant until needed. Carbanak aims at the financial infrastructure built on Linux. They blend credential theft with lateral movement across databases and payment networks. The Dark Overlord goes after smaller Linux environments that lag in patching. Data theft, extortion, or leaks — any of them will do. Anonymous offshoots still show up from time to time, taking swings at public Linux systems to prove a point more than to make money. Most of these groups start the same way. Automation finds the weak spots. Humans take over once a system looks promising. A working Linux exploit spreads fast once it hits the openweb. Linux security can’t rely on obscurity or reputation anymore. The focus has shifted to exposure management, tracking what’s accessible, what’s vulnerable, and how long it’s been overlooked. Why Linux Security Threats Keep Growing Linux security has scaled with the systems it protects. The workload is bigger, automation faster, and attackers better equipped. What’s changed is speed. Threats evolve between patch cycles, and open tools make exploitation easier for anyone paying attention. AI Is Changing the Balance AI now runs through both sides of the equation. Attackers use it to fingerprint Linux environments, identify kernel versions, and build payloads in minutes. Defenders lean on it for triage and anomaly detection, though results vary. The core problem is data. Most security teams don’t have enough clean logs to train reliable models. That’s why alert noise keeps growing while detection speed stays flat. AI can improve pattern recognition, but it doesn’t replace context. Human review still decides what’s real. Recent studies on how AI is transforming cybersecurity defenses point to the same issue — automation raises both capability and risk. Linux security will depend on how well teams balance the two. Supply Chain Exposure Across Linux Environments Every open-source package or container image carries inherited risk. Once a compromised build slips into the pipeline, it spreads quietly through dependencies. The 2024 XZ backdoor incident showed how deep that problem runs. A single malicious library nearly reached production repositories. The point was clear: linux security depends as much on verified code as on timely patching. Better linux vulnerability management means signed repositories, automated dependency checks, and traceable build chains. Trust without proof is no longer acceptable. IoT and Edge Devices Running Linux IoT hardware keeps widening the attack surface. Many devices still run old Linux kernels and default credentials.Once compromised, they become access points for internal scans or parts of DDoS networks. For smaller organizations, securing linux servers isn’t enough. Edge nodes, routers, and sensors need the same oversight. A breach rarely starts at the core; it starts where no one’s watching. Cloud and Container Complexity Most cloud and container workloads depend on Linux. The flexibility helps deployment, but it also multiplies risk. Misconfigured IAM roles, unused credentials, and stale Docker images create quiet openings. A few of these attacks rely on zero-days. They rely on drift, with old systems left exposed. Strong linux security practices like image scanning, access control, and regular audits cut that risk before it causes downtime. How to Strengthen Linux Security in 2026 Linux security still comes down to the basics. The teams that stay consistent usually get hit less, not because they’re lucky, but because they keep the small things tight. Kernel live patching Apply updates without downtime using tools like Canonical Livepatch or Oracle Ksplice. Kernel live patching keeps systems current and reduces the reboot gap that attackers often rely on. AppArmor and SELinux Run them in enforcing mode. Audit-only doesn’t block anything. Real enforcement cuts lateral movement before persistence takes hold. SSH key discipline Rotate keys often, disable password logins, and limit root access. It’s not exciting work, but most Linux breaches still start here. Package verification Sign and verify every package and repository. Anything unsigned should fail policy checks automatically. It’s one of the simplest ways to strengthen linux vulnerability management and close the loop on supply chain risk. AI-assisted log review Let automation flag anomalies, but keep humans in the loop. Machines handle speed; people handle context. Real linux security depends on both. Continuous compliance Bake CIS Benchmarks or OpenSCAP into CI/CD pipelines. Regularvalidation turns security from an audit event into a daily habit. Each step strengthens linux vulnerability management by improving control, response speed, and visibility. When these habits hold, securing linux servers becomes less about incident response and more about keeping exposure from forming in the first place. The Direction of Linux Security in 2026 Attackers have adjusted faster than most defenders expected. The same automation that powers modern DevOps pipelines now drives exploitation at scale. Linux systems sit in the middle of that change. They’re the foundation most teams build on and the one attackers know best. AI keeps raising the ceiling on both sides. It sharpens detection, but it also accelerates scanning, intrusion, and obfuscation. Over time, what separates a breach from a close call will come down to the fundamentals: patch cadence, identity control, and clear visibility across infrastructure. Strong linux security depends on staying close to those fundamentals. Teams that invest in automation for patching and validation tend to outlast the noise. When linux vulnerability management is treated as an active process instead of a cleanup task, small issues stop becoming big ones. For most organizations, securing linux servers will remain the backbone of resilience. Containers, IoT, and cloud workloads all start there. Focus on raising the cost and time of compromise so attackers look for easier targets. Linux security will define the next phase of enterprise defense. The platform isn’t new, but the threat model around it keeps moving. Staying steady means patching fast, verifying often, and never assuming yesterday’s fix still holds. The Future of Linux Security Linux security now defines how resilient infrastructure can be. Most critical systems run on it, which means every configuration choice matters. The flexibility that made Linux dominant is still its biggest strength, and still the hardest thing to secure. Attackers haven’t stoppedevolving. Automation and AI now run both sides of the fight. They scan, sort, and exploit faster than manual teams can react. They can match that pace by staying consistent with patches, access limits, and visibility. Securing linux servers starts with that baseline. Keep root access narrow, patch cycles short, and audit trails clean. It sounds simple, but it’s what keeps most environments from tipping into incident response. Good linux vulnerability management isn’t about closing every CVE. It’s about closing the ones that matter. Context decides priority. Systems that track and verify their own state recover faster because surprises are fewer. Linux remains open, flexible, and everywhere. That isn’t changing. The next phase of linux security will depend less on new tools and more on steady habits: review, verify, patch, repeat. . Explore the risks in Linux security for 2026, the influence of AI, and essential defense strategies to adopt.. Linux security risks, AI cybersecurity, exposure management, Linux defense strategies. . MaK Ulac

Calendar%202 Nov 24, 2025 User Avatar MaK Ulac Server Security
77

381,645 Kubernetes API Servers Exposed: Shadowserver Findings

A large number of servers running the Kubernetes API have been left exposed to the internet, which is not great: they're potentially vulnerable to abuse. . Nonprofit security organization The Shadowserver Foundation recently scanned 454,729 systems hosting the popular open-source platform for managing and orchestrating containers, finding that more than 381,645 – or about 84 percent – are accessible via the internet to varying degrees thus providing a cracked door into a corporate network. "While this does not mean that these instances are fully open or vulnerable to an attack, it is likely that this level of access was not intended and these instances are an unnecessarily exposed attack surface," Shadowserver's team stressed in a write-up . "They also allow for information leakage on version and build." . The Cyber Defense Coalition analyzed 512,310 devices, uncovering unprotected Docker Hub repositories.. Kubernetes Api Exposure, Shadowserver Scanning, Network Vulnerabilities. . LinuxSecurity.com Team

Calendar%202 May 23, 2022 User Avatar LinuxSecurity.com Team Server Security
210

Ring Doorbell Security Advisory: Wi-Fi Password Exposure

Are you a Ring doorbell owner? Have you heard about the security bug that researchers discovered in Ring doorbells that sent Wi-Fi passwords over the network in plain HTTP rather than being encrypted? Learn more: . Ring doorbells contained a security vulnerability that exposed passwords to the Wi-Fi networks they were connected to, according to research published by Bitdefender . The security technology company said that the doorbell, which is owned and sold by Amazon, was sending Wi-Fi passwords in cleartext, or unencrypted text, as the doorbell joined the network. This vulnerability would allow nearby hackers to learn the Wi-Fi password and potentially gain access to other devices connected to the network, TechCrunch reported . The link for this article located at Security Today is no longer available. . Smart home devices have exposed sensitive Wi-Fi credentials, allowing cybercriminals to infiltrate private networks.. Ring Doorbell Security, Wi-Fi Password Exposure, Amazon Security Issue. . Brittany Day

Calendar%202 Nov 13, 2019 User Avatar Brittany Day Security Vulnerabilities
81

Apache Misconfiguration Exposes 120 Million Brazilian CPF Numbers

The identity numbers of 120 million Brazilians have been found publicly exposed on the internet after yet another IT misconfiguration.. The data relates to Cadastro de Pessoas Físicas (CPFs): ID numbers issued by Brazil’s central bank to all citizens and tax-paying residents. The size of the leak represents data on over half the population of South America’s biggest country. The link for this article located at InfoSecurity is no longer available. . The data relates to Cadastro de Pessoas Físicas (CPFs): ID numbers issued by Brazil’s central ban. identity, numbers, million, brazilians, found, publicly, exposed, internet. . LinuxSecurity.com Team

Calendar%202 Dec 13, 2018 User Avatar LinuxSecurity.com Team Privacy
67

Lenovo: Superfish Man-In-The-Middle Risk From Password Crack

Lenovo laptop owners are at risk for man-in-the-middle attacks as a vulnerability disclosed in pre-installed Superfish adware went nuclear this morning.. Researcher Rob Graham of Errata Security published a report in which he said he cracked the password protecting the digital certificate shipped with Superfish. Superfish, according to Lenovo, analyzes images on the Internet and serves up ads for products similar to the image. The link for this article located at ThreatPost is no longer available. . Studies indicate that certain Lenovo laptop models are at risk for man-in-the-middle intrusions due to vulnerabilities exposed following the breach of Superfish password security.. Lenovo Superfish, Adware Risks, Man-in-the-Middle Attack. . LinuxSecurity.com Team

Calendar%202 Feb 20, 2015 User Avatar LinuxSecurity.com Team Cryptography
83

2006 Wal-Mart Breach: Internal Development Team Targeted

Wal-Mart was the victim of a serious security breach in 2005 and 2006 in which hackers targeted the development team in charge of the chain. Internal documents reveal for the first time that the nation The link for this article located at Wired is no longer available. . Internal documents reveal for the first time that the nationThe link for this article located at Wir. wal-mart, victim, serious, security, breach, which, hackers, targeted. . LinuxSecurity.com Team

Calendar%202 Oct 28, 2009 User Avatar LinuxSecurity.com Team Hacks/Cracks
83

Browser Cache Risks: User Information Exposed to Hackers

Your browser's cache may be helping hackers to help themselves to your information. During a Black Hat conference discussion on the topic, Corey Benninger, a senior consultant at McAfee's Foundstone division, described cached browser information as a ticket for instant hacker gratification. . The browser cache is intended as a usability feature that helps to expedite a user's browsing experience. It stores page and other data so that when a user clicks the back button in a browser session, for example, the browser can reload the page from cache. The link for this article located at Internet News is no longer available. . The browser cache is intended as a usability feature that helps to expedite a user's browsing experi. browser's, cache, helping, hackers, themselves, information, during, black. . LinuxSecurity.com Team

Calendar%202 Aug 07, 2006 User Avatar LinuxSecurity.com Team Hacks/Cracks
News Add Esm H340

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200