Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Stay Ahead With Linux Security News

14.Lock Code WorldMap Esm H350
Network SecurityPrice Tag 1system security Linux network

The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
1 min read Network Security
2.Motherboard Esm H350
Server SecurityPrice Tag 1open-source Linux administration

Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
3 - 6 min read Server Security
20.Lock AbstractDigital Circular Esm H350
Vendors/ProductsPrice Tag 1security breach linux

A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
5 - 10 min read Vendors/Products
30.Lock Globe Motherboard Esm H350
Security Trends Price Tag 1access control multi-tenant

Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
4 - 8 min read Security Trends
5.ShakingHands Esm H350
Vendors/ProductsPrice Tag 1incident response cloud security

Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
4 - 7 min read Vendors/Products
Filter Icon Refine news
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security news

We found -4 articles for you...
83
General Esm H240
Price Tag 1security advisorysecurity issuemalware

OpenBSD: Backdoor In Dsniff 2.3 And Fragroute 1.2 Critical Security Issue

the dsniff-2.3, fragroute-1.2, and fragrouter-1.6 tarballs were all modified at 3 AM on May 17th to include the same configure backdoor as described in the irssi advisory. no other public web content was modified, and the system was restored a week later, from scratch.. . .. the dsniff-2.3, fragroute-1.2, and fragrouter-1.6 tarballs were all modified at 3 AM on May 17th to include the same configure backdoor as described in the irssi advisory. no other public web content was modified, and the system was restored a week later, from scratch. Date: Fri, 31 May 2002 12:34:49 -0400 From: Dug Song To: bugtraq@ Cc: dsniff@monkey.org Subject: Re: Trojan/backdoor in fragroute 1.2 source distribution On Fri, May 31, 2002 at 09:55:21AM +0200, Anders Nordby wrote: > Although downloading it now seems safe, I think folks should know > this. The changes done were similar to what happened to irssi, but > with a different IP. monkey.org was compromised on May 14th, via an epic4-pre2.511 client-side hole which produced a shell to one of the local admin's accounts. this was later used to reattach to one of his screen sessions, which apparently had a root window open (su very bad!). the dsniff-2.3, fragroute-1.2, and fragrouter-1.6 tarballs were all modified at 3 AM on May 17th to include the same configure backdoor as described in the irssi advisory. no other public web content was modified, and the system was restored a week later, from scratch. the correct checksums are: MD5 (dsniff-2.3.tar.gz) = 183e336a45e38013f3af840bddec44b4 MD5 (fragroute-1.2.tar.gz) = 7e4de763fae35a50e871bdcd1ac8e23a MD5 (fragrouter-1.6.tar.gz) = 73fdc73f8da0b41b995420ded00533cc of the 1951 hosts that successfully downloaded one of the backdoored tarballs, 992 of them were Windows machines and 193 were automated ports downloads for the *BSD dsniff or fragrouter ports, leaving 746 Linux (and a few Solaris and MacOS) hosts potentially vulnerable, and 20 FreeBSD and OpenBSD hosts. we have since migrated our system to OpenBSD-current, importing NielsProvos' excellent systrace subsystem: /u/provos/systrace/ which allows us to run all user sessions under a restricted syscall policy (e.g. so an IRC client cannot exec(), open() anything outside ~/.irc, etc.), similar in spirit to Goldberg and Wagner's Janus sandbox, or Cowen's SubDomain. in the future, our software distributions may carry embedded signatures via gzsig: /~dugsong/gzsig-0.1.tar.gz but for the time being, please be careful what you download, and carefully audit or sandbox any third-party scripts or software you run... -d. --- /~dugsong/ . the dsniff-2.3, fragroute-1.2, and fragrouter-1.6 tarballs were all modified at 3 AM on May 17th to . dsniff-2, fragroute-1, fragrouter-1, tarballs, modified. . LinuxSecurity.com Team

Calendar 2 Jun 02, 2002 User Avatar LinuxSecurity.com Team Hacks/Cracks
News Add Esm H340

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here