Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
82
encryptionsecure communicationsECCNSA Acquires Certicom's ECC Technology for Enhanced Secure Comms
In an extraordinary move, the National Security Agency has purchased a license for Certicom Corp.'s elliptic curve cryptography (ECC) system, and plans to make the technology a standard means of securing classified communications.. . .. In an extraordinary move, the National Security Agency has purchased a license for Certicom Corp.'s elliptic curve cryptography (ECC) system, and plans to make the technology a standard means of securing classified communications. As part of the $25 million agreement, the NSA can grant sublicenses within a limited field of use. This most likely will include other government agencies, federal contractors and other parties that send sensitive data to the agency. This is the first time that the NSA has endorsed any sort of public-key cryptography system. Certicom officials said the agency approached the company about licensing Certicom's ECC intellectual property. ECC is a type of public-key cryptography that utilizes much smaller keys than other systems such as RSA. The technology is designed for use in constrained environments where memory and computing power are at a premium. In the case of the NSA deal, the agency wanted to use a 512-bit key for the ECC system. This is the equivalent of an RSA key of 15,360 bits. Certicom has worked with the NSA, based at Fort Meade, Md., on several classified projects in the past, and this agreement is essentially an outgrowth of that work, officials said. "They were very interested in getting the best IP out there, and we own a lot of the patents in this area," said Tony Rosati, director of marketing at Certicom, based in Mississauga, Ontario. "If you want to build an NSA-approved product, they want this in there." The agreement, announced Friday, runs for the life of Certicom's patents on the ECC technology, which are valid for an average of about 14 years, Rosati said. Certicom implements its ECC technology in a variety of encryption products, including movianVPN, movianMail and movianCrypt. The company also provides securityand cryptographic toolkits for developers. All of article. The link for this article located at eWeek is no longer available. . The CDC acquires Quantum Systems' QKD technology for enhanced data protection, signaling a transformation in quantum encryption strategies.. NSA Encryption, Public-Key Technology, Secure Communication Systems. . Anthony Pell
Oct 27, 2003
•
Government
82
software patchsecurity enhancementcybersecurity$10.8M Government Contract for Software Security Enhancement
In a deal involving the new Department of Homeland Security, two companies teamed up to win a multimillion-dollar contract to create a system for patching security flaws in software used by U.S. government agencies. . .. In a deal involving the new Department of Homeland Security, two companies teamed up to win a multimillion-dollar contract to create a system for patching security flaws in software used by U.S. government agencies . Information-system provider Veridian and security company SecureInfo announced the $10.8 million contract this week. Under the deal, they'll create a Web-based service for the secure dissemination of software patches to network administrators within the federal government. The service, as part of the Federal Computer Incident Response Center, will be managed by the Department of Homeland Security, created by President Bush on Monday. "FedCIRC has funded (the service) and will provide this tool to the other agencies free of charge," said John Linton, chief operating officer for San Antonio, Texas-based SecureInfo. The link for this article located at news.com is no longer available. . A pair of firms has been awarded a multi-million dollar agreement aimed at improving the software patching system for government security vulnerabilities.. Cybersecurity System, Software Patching, Government Security Solutions, Cyber Defense Partnership. . Anthony Pell
Nov 27, 2002
•
Government
82
public key infrastructuredigital certificatesecure transactionsDOD to Use GSA Digital Certificates for Secure Contractor Transactions
The Defense Department intends by the end of this year to use the General Services Administration's governmentwide digital certificates to authenticate electronic trans.actions with many of its contractors and outside partners. In 1999, DOD awarded its own contract to create the . . . . The Defense Department intends by the end of this year to use the General Services Administration's governmentwide digital certificates to authenticate electronic trans.actions with many of its contractors and outside partners. In 1999, DOD awarded its own contract to create the Interim External Certificate Authority (IECA), which issues and manages public-key infrastructure certificates to Defense partners. Those certificates are equivalent to the medium-level certificates issued internally to DOD personnel. The Pentagon is now working with GSA to bring together the IECA and GSA Access Certificates for Electronic Services (ACES) contracts. That will enable the department to take advantage of the governmentwide pricing the GSA contract provides, and it also sets a single strategy for the private-sector entities that work with both Defense and civilian agencies, officials said. The link for this article located at FCW is no longer available. . The Defense Agency intends to implement GSA's digital credentials for validating online interactions with vendors.. Digital Certificates, Authentication, PKI, Government Contract, Defense Department. . Anthony Pell
Jul 02, 2001
•
Government
67
open sourcecryptographyPKIUK Government Awards Open Source PKI Contract To netproject
The office of the e-Envoy has awarded netproject a contract to examine how to achieve an Open Source PKI that could be used in the second round of PKI interoperability trials to be conducted by the UK Communications-Electronics Security Group (CESG) . . . . The office of the e-Envoy has awarded netproject a contract to examine how to achieve an Open Source PKI that could be used in the second round of PKI interoperability trials to be conducted by the UK Communications-Electronics Security Group (CESG) later this year. 'The importance of this contract is that the UK Government has recognised the need for a vendor neutral entrant to the PKI Interoperability Trials and because Open Source is free the initial survey and study is being funded by the office of the e-Envoy.' said Eddie Bleasdale, director of netproject. Project director Dr Andrew Findlay said 'It is desirable that an open-source PKI be entered in the interoperability testing and demonstration. Among the benefits to flow will be the provision of a non-proprietary 'neutral ground' where vendors can work directly with the code at both ends of a communication.' The background is that netproject, which is a consultancy club of user organisations including Royal Sun Alliance, Nationwide, National Grid, Racal Defence Systems, Government Departments, etc, has been working on the issues of achieving secure single sign on for the past 18 months. 'Public-key cryptography is not used to encrypt data directly' said Andrew Findlay, 'It is used for key exchange, key distribution, and digital signatures. Its primary benefit is allowing people who have no pre-existing security arrangement to exchange messages securely, or for a sender to authenticate a message to a random receiver.' For those who want to know more netproject will be running a workshop 'Secure Authentication and Authorisation of Remote Users' on Friday 15th June. This will detail the approach that is being proposed and to solicit input from interested parties. Full details are at --Eddie Bleasdale netproject, 124 Middleton Road, Morden, Surrey, SM4 6RW Tel: +44 (0)20 8715 0072 Mobile: +44 (0)7989 012 847 . A federal agreement granted to techinnovators focuses on investigating Open Source PKI in forthcoming integration tests.. Open Source PKI, UK Government, Secure Authentication, Cryptography. . LinuxSecurity.com Team
May 21, 2001
•
Cryptography
78
secure computinggovernment contractLinux platformSecure Computing Awarded NSA Contract For Linux Type Enforcement
Here's an older announcement from Secure Computing, but serves as a precursor to a shortly forthcoming interview with their senior corporate members. "Secure Computing Corporation announced that it has been awarded a sole source contract by the National Security Agency (NSA) . . . . Here's an older announcement from Secure Computing, but serves as a precursor to a shortly forthcoming interview with their senior corporate members. "Secure Computing Corporation announced that it has been awarded a sole source contract by the National Security Agency (NSA) to develop a Secure Linux Operating System (OS). This contract calls for Secure Computing to apply its patented Type Enforcement TM technology, to develop a robust and secure Linux platform. This award furthers the goal of Secure to pursue and acquire contracts that will provide enabling technologies to both the Federal government infrastructure as well as commercial electronic business applications." The link for this article located at Secure Computing is no longer available. . Guardian Technologies has secured a partnership with the FBI to create a fortified version of Unix that incorporates mandatory access controls.. Secure Computing, Type Enforcement, Linux Security, Government Contracts. . LinuxSecurity.com Team
Jul 07, 2000
•
Vendors/Products
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More