Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
67
encryptionsecurity riskFreeBSDDiscontinuation of Md5crypt: Security Risks for Linux Systems
THE AUTHOR of md5crypt(), which is used to encrypt passwords on some FreeBSD and Linux-based operating systems, has said it is no longer secure despite being recommended as a password hashing function.. Poul-Henning Kamp implemented Ronald Rivest's MD5 one-way hashing algorithm in his md5crypt() function that has been in use on FreeBSD and Linux-based operating systems for many years. Now Kamp has been forced to say that md5crypt() is no longer secure after he claimed that people were still recommending it for production use. The link for this article located at The Inquirer is no longer available. . Poul-Henning Kamp implemented Ronald Rivest's MD5 one-way hashing algorithm in his md5crypt() functi. author, md5crypt(), which, encrypt, passwords, freebsd, linux-based, operati. . LinuxSecurity.com Team
Jun 08, 2012
•
Cryptography
79
security issueSHA-1brute forceThomas Roth Exploits Rentable GPUs to Crack SHA-1 Secure Hashing
A German security enthusiast has used rented computing resources to crack a secure hashing algorithm (SHA-1) password. Thomas Roth used a GPU-based rentable computer resource to run a brute force attack to crack SHA1 hashes. . Encryption experts warned for at least five years SHA-1 could no longer be considered secure so what's noteworthy about Roth's project is not what he did or the approach he used, which was essentially based on trying every possible combination until he found a hit, but the technology he used. What used to be the stuff of distributed computing projects with worldwide participants that took many months to bear fruit can now be done by a lone individuals in minutes and using rentable resources that cost the same price as a morning coffee to carry out the trick. Roth's proof-of-concept exercise cost just $2. This was the amount needed to hire a bank of powerful graphics processing units to carry out the required number-crunching using the Cuda-Multiforcer. The link for this article located at The Register UK is no longer available. . Cryptography experts emphasize weaknesses in SHA-1; a Belgian enthusiast cracks the code leveraging budget-friendly cloud GPU services.. Hashing Algorithm, GPU Rental, SHA-1 Security, Brute Force Attack, Encryption Research. . LinuxSecurity.com Team
Nov 19, 2010
•
Security Projects
67
data integritycryptographydigital authenticationRisks to Data Integrity and Authentication Due to SHA-1 Vulnerabilities
In a three-page research note, three Chinese scientists -- Xiaoyun Wang and Hongbo Yu of Shandong University and Yiqun Lisa Yin, a visiting researcher at Princeton University -- stated they have found a way to significantly reduce the time required to break a algorithm, known as the Secure Hashing Algorithm, or SHA-1, widely used for digital fingerprinting data files. Other cryptographers who have seen the document said that the results seemed to be genuine. . An attacker could use the flaw to create two documents or programs that have the same digital fingerprint, also known as a hash; one file could be a legitimate version of the data, while the other could be a forgery. For example, code signing -- where a program is posted online along with its SHA-1 fingerprint as a way to guarantee its integrity -- would essentially be rendered meaningless by this attack. The link for this article located at Builder AU is no longer available. . Uncover the vulnerabilities in SHA-1 that enable cybercriminals to forge identical cryptographic signatures, posing a threat to the authenticity of information.. SHA-1 Flaw, Data Integrity Risk, Cryptographic Security, Digital Encryption. . LinuxSecurity.com Team
Mar 09, 2005
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More