Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 18 articles for you...
82
security advisoryinformation securitycritical flawDHS Information Security Program: Critical Flaws And Patch Delays
The Office of Inspector General (OIG) has released its “Evaluation of DHS' Information Security Program for Fiscal Year 2017” (pdf). In short, the Department of Homeland Security (DHS) is running outdated software, has unpatched critical vulnerabilities — including the flaw to allow WannaCry ransomware — and some workstation security patches haven’t been deployed for years.. When President Trump issued an executive order in May 2017 about strengthening the cybersecurity of federal networks and critical infrastructure, each federal agency was required to use the NIST Cybersecurity Framework to manage cybersecurity risk.. The Department of Homeland Security faces ongoing challenges with legacy systems, unresolved vulnerabilities, and extended delays in necessary software updates.. DHS Cybersecurity, Software Vulnerabilities, Security Program Assessment. . Anthony Pell
Mar 09, 2018
•
Government
82
security improvementfederal agencydata exposureOPM Breach Highlights Major Security Flaws in Federal Agency Systems
The massive hack at the Office of Personnel Management showed not just room for improvement but a lack of very basic security fundamentals -- and expertise.. The immediate thoughts from the security community when news broke of the data breach at the Office of Personnel Management (OPM) that exposed personnel files of four million federal workers were that this was yet another sign of the room for improvement in the federal government on the cybersecurity front. But as details continue to emerge about the true state of security at the agency prior to the breach and the plans officials have laid out to prevent such attacks in the future, the problem seems to be much bigger than originally thought. The link for this article located at Dark Reading is no longer available. . An extensive data breach at OPM uncovers significant vulnerabilities in their security framework, highlighting the pressing demand for upgrades in cybersecurity measures.. OPM Breach,Systemic Weakness,Cybersecurity Gap,Data Protection. . Anthony Pell
Jun 10, 2015
•
Government
82
security advisoryintrusion detectionvulnerabilityDHS Audit Findings: High-Risk Flaws in Monitoring Systems Reported
The federal agency in charge of protecting other agencies from computer intruders was found riddled with hundreds of high-risk security holes on its own systems, according to the results of an audit released Wednesday.. The United States Computer Emergency Readiness Team, or US-CERT, monitors the Einstein intrusion-detection sensors on nonmilitary government networks, and helps other civil agencies respond to hack attacks. It also issues alerts on the latest software security holes, so that everyone from the White House to the FAA can react quickly to install workarounds and patches. But in a case of The link for this article located at Wired is no longer available. . The United States Computer Emergency Readiness Team, or US-CERT, monitors the Einstein intrusion-det. federal, agency, charge, protecting, other, agencies, computer, intruders, found, riddled. . Alex
Sep 15, 2010
•
Government
82
federal agencysecurity certificationcyber professionalsThe Role Of Certifications In Cybersecurity Professionals' Skills
A pretty good read: So we can't help but wonder: What is the point of certification? How can federal agencies ensure that their cybersecurity staffers, and their contractors' staff, have the right skill sets? What do you think?. The link for this article located at FCW Insider is no longer available. . Learn about the importance of certifications for cybersecurity professionals and their skills in the industry.. Security Certifications, Cyber Skills, Cyber Professionals. . Brittany Day
Apr 09, 2009
•
Government
82
data securitylinux toolssecurity measuresExploring Linux Tools In Federal Agencies' Data Security Struggles
" Standing at the center of this debate on how much security is enough are agency chief information security officers, who report to chief information officers. " Join the debate. Do you think if the government use Linux machines and tools more it would help their security problems? I might come down to ease of use vs security. . Security measures are restrictive by definition and Federal Agencies can only implement so many of them before the backlash sets in. Many times, after being over-regulated, employees will simply find a route around the security precautions, eliminating the measures' function and even making data theft or loss easier. . Security measures are restrictive by definition and Federal Agencies can only implement so many of t. 'standing, center, debate, security, enough, agency, chief, information. . Bill Locke
Jul 14, 2007
•
Government
82
data protectionencryptiondata breachNew Reporting Mandate For Federal Agencies: One Hour PII Breach Protocol
The White House's Office of Management and Budget instructed U.S. federal agencies to alert the US-CERT within one hour to any breach involving personally identifiable information, even if the possibility of a breach is only suspected. The memo (PDF), dated last week, is the fourth letter regarding information-security policy sent to government agencies in the past two months. Another memo (PDF), dated Monday, required that government agencies report any computer systems missing from their inventory and outline the results of an investigation into handling of personally identifiable information within their agency. An earlier memo mandated that agencies use encryption to protect sensitive data on laptops. . The memos come after government agencies have revealed a number of embarrassing data breaches. In May, the Department of Veterans Affairs revealed that the names, social security numbers and birth dates of nearly 26.5 million veterans had been stored on a laptop and external hard drive that were stolen from an employee's home. The laptop and hard drive were later recovered. In June, the U.S. Department of Agriculture acknowledged that information on 26,000 employees had been stolen by online data thieves. The link for this article located at is no longer available. . The memos come after government agencies have revealed a number of embarrassing data breaches. In Ma. white, house's, office, management, budget, instructed, federal, agencies, alert. . Brittany Day
Jul 19, 2006
•
Government
82
data protectionencryptionsecurity measuresOMB: New Data Protection Recommendations For Federal Agencies
It's a start. On June 23, the Office of Management and Budget announced that federal agencies have 45 days to put new data-protection measures in place. The new requirements (technically, they're "recommendations," but the OMB appears serious about this anyway) include encryption for all sensitive data on mobile devices, logging of all extracts from databases containing sensitive information and verification that the downloaded sensitive data is deleted after 90 days. . The good news: This can be done now using off-the-shelf products. The bad news: It probably won't be successful -- not unless the IT people putting it in place remember that you can't just secure the data. You have to secure the people, too. And we already know, from incident after horrendous incident, that the employees of federal agencies aren't secure. Not at the Internal Revenue Service (laptop stolen with personal data on 291 employees and job applicants). Not at the Federal Trade Commission (two laptops stolen containing financial data related to investigations). Not at the Department of Veterans Affairs (laptop stolen with personal data on 26.5 million vets). And that's just laptop thefts in the past six weeks. . Government advisories promote the use of data protection measures, emphasizing the necessity for IT departments to safeguard confidential information and staff.. Data Protection, Encryption Measures, Federal IT Compliance. . Brittany Day
Jul 03, 2006
•
Government
82
data securitydata protectionsecurity measuresOMB Directs Federal Agencies To Enhance Personal Data Security
The Office of Management and Budget has directed agencies’ senior privacy officials to review and correct any policies and processes to ensure that they protect against misuse of or unauthorized access to personally identifiable information. . The memo, dated today from OMB acting director Clay Johnson, comes on the same day the Veterans Affairs Department announced that electronic data containing the personal information of up to 26.5 million veterans was stolen from the home of a VA employee. “Because federal agencies maintain significant amounts of information concerning individuals, we have a special duty to protect that information from loss and misuse, The link for this article located at Government Computer News is no longer available. . The OMB calls on departments to assess regulations safeguarding personal information against exploitation, prioritizing confidentiality in digital archives.. Data Protection Compliance, Privacy Management, Personal Data Security. . Brittany Day
May 23, 2006
•
Government
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More