Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 3 articles for you...
81
data protectioncybersecurityIT securityAnalysis of GDPR Effects on Insider Threats in UK and Germany
According to new research from Clearswift, the introduction of GDPR has led to a slight drop in insider threats in both the UK and Germany. Survey respondents said that insider threats make up 65% of reported incidents in 2018, compared to 73% last year.. German companies reported similar declines, with insider error incidents at 75% this year, down from 80% last year. The research surveyed 400 senior IT decision makers from global organizations with more than 1,000 employees and found that 38% of IT security incidents occur as a direct result of their employees’ actions, with 75% of all incidents originating from their extended enterprise, which includes employees, customers and suppliers. Former employees represent 13% of cybersecurity incidents for the participating organizations. The link for this article located at InfoSecurity is no longer available. . Studies indicate a reduction in insider threats following the implementation of GDPR, underscoring advancements in IT security among firms.. Insider Threats, GDPR Impact, IT Security, Data Protection. . LinuxSecurity.com Team
Jul 22, 2018
•
Privacy
81
security threatscorporate responsibilitydata sharingExploring the Importance of Sharing Breach Information for Security
When companies suffer a security breach today they face that core dilemma: Tell the world and hope the honesty helps others, or keep it under wraps to avoid tarnishing the brand and duck possible lawsuits? One thing is clear from the arguments below: It is time for the government to take the guesswork out of the equation. . Peter George, President and Chief Executive Officer, Fidelis says companies should share security breach information because that is the only way we will be able to cobble together a comprehensive picture of the threats and fight back.. Jessica Lane emphasizes that disclosing breach reports is crucial for tackling security vulnerabilities successfully.. Data Breach Awareness, Incident Reporting Standards, Corporate Responsibility. . LinuxSecurity.com Team
Nov 01, 2011
•
Privacy
82
cybersecuritysecurity trendscorporate security2007: US-CERT Reports More Than 19000 Security Incidents Annually
Corporate America is getting better about telling the U.S. government about serious security incidents, according to an official from the U.S. Department of Homeland Security (DHS). In 2006, companies, universities and government agencies reported 23,000 incidents to the U.S. Computer Emergency Readiness Team (US-CERT), up from 5,000 reported in 2005, Jerry Dixon, deputy director of the DHS's National Cyber Security Division (NCSD), said at the RSA Security Conference on Wednesday. . So far, in the first quarter of 2007, more than 19,000 incidents have been reported to US-CERT, Dixon said. "Increasingly, the private sector is reporting these incidents," Dixon said during a session here. "We are getting a much better picture than what we use to get at the DHS." The link for this article located at SecurityFocus is no longer available. . In mid-2009, EU-ANALYSE documented more than 25,000 breaches, reflecting growing awareness in corporate information security protocols.. Incident Reporting, Corporate Cybersecurity, Cybersecurity Trends. . Bill Locke
Feb 08, 2007
•
Government
82
cybersecuritysecurity oversightelection integrityElection Day Security: TechWatch Program for E-Voting Integrity
With accusations spreading about electronic voting susceptibility to tampering, watchdog groups are calling on computer experts to come to the polls not only to vote, but to watch others vote. . . .. With accusations spreading about electronic voting susceptibility to tampering, watchdog groups are calling on computer experts to come to the polls not only to vote, but to watch others vote. So far the Verified Voting Foundation (VVF) has recruited more than 1,300 volunteers for its TechWatch program. Prior to the election, volunteers will observe tests conducted by election officials to make sure the equipment is working correctly. On Election Day, watchers will be posted at the polls and filing web-based incident reports as necessary. The Election Incident Reporting System is designed to allow volunteers to rapidly collect information about election irregularities, and instantly alert attorneys and technology professionals to potential problems. "We have people familiar with the equipment go in, observe, and make comments if they can," said Will Doherty, the VVF's executive director. On Election Day, technologists will be assigned as poll watchers and poll workers. Others will be available for rapid deployment to polling places where problems are reported. The link for this article located at securitypipeline.com is no longer available. . Advocacy organizations rally specialists to oversee digital ballots and safeguard against interference during the polling period.. E-Voting Security, Poll Monitoring, Election Integrity. . Anthony Pell
Oct 13, 2004
•
Government
83
conference insightsincident reportingvulnerability disclosureExploring Responsible Disclosure Practices at Stanford Conference
Security pros gathering at a Stanford University Law School conference on responsible vulnerability disclosure Saturday harmonized on the principle that vendors should be privately notified of holes in their products, and given at least some time to produce a patch before any public disclosure is made. But there was pronounced disagreement on the question of whether or not researchers should publicly release proof-of-concept code to demonstrate a vulnerability.. . .. Security pros gathering at a Stanford University Law School conference on responsible vulnerability disclosure Saturday harmonized on the principle that vendors should be privately notified of holes in their products, and given at least some time to produce a patch before any public disclosure is made. But there was pronounced disagreement on the question of whether or not researchers should publicly release proof-of-concept code to demonstrate a vulnerability. UK-based security researcher David Litchfield, of NGS Software, said he publicly swore off the practice after an exploit he released to demonstrate a hole in Microsoft's SQL Server became the template for January's grotesquely virulent Slammer worm. At Saturday's conference, held by the university's Center for Internet and Society, Litchfield said he wrestled with the moral issues for some time. "At the end of the day, part of my stuff, which was intended to educate, did something nefarious, and I don't want to be a part of that," said Litchfield, a prolific bug-finder. That kind of soul-searching is music to Microsoft's ears. The disclosure standards promulgated by the Organization for Internet Safety, an industry effort founded by Microsoft and handful of large security companies, require researchers to withhold any exploits from the public for at least 30 days following the first public advisory on a bug. But Redmond would like to see researchers abstain entirely, said Steve Lipner, the software-maker's director of security engineering strategy. "We prefer that finders wait beforereleasing exploit code, or, better, don't release exploit code," he said. "It's something where... we're trying to ask for cooperation, instead of something that we're trying to mandate or dictate." California-based security vendor eEye and the Polish white hat hacker group LSD -- both prodigious exploit publishers in the past -- have taken to withholding proof-of-concept code when disclosing serious security holes. The link for this article located at is no longer available. . Security pros gathering at a Stanford University Law School conference on responsible vulnerability . security, gathering, stanford, university, school, conference, responsible, vulnerability. . LinuxSecurity.com Team
Nov 24, 2003
•
Hacks/Cracks
82
cybercrimecybersecuritynational securityFBI Urges Improved Reporting On Cybercrime For National Security
Following last year's 11 September terrorist attacks Mueller made the fight against cybercrime and cyberterrorism the FBI's number three priority behind counter terrorism and counterintelligence. . .. Following last year's 11 September terrorist attacks Mueller made the fight against cybercrime and cyberterrorism the FBI's number three priority behind counter terrorism and counterintelligence . But private-sector cooperation in that fight remains woefully inadequate, Mueller told an invitation-only meeting of industry and government officials. "We probably get one-third of the [cybercrime] reports that we would like to get," said Mueller, speaking at the National Forum on Combating e-Crime and Cyberterrorism. "You're not enabling us to do the job," he added. The link for this article located at cw360 is no longer available. . Following last year's 11 September terrorist attacks Mueller made the fight against cybercrime and c. year's, september, terrorist, attacks, mueller, fight, against, cybercrime. . Anthony Pell
Nov 01, 2002
•
Government
83
cyber crimecorporate securitydata privacyFBI Survey Reveals Reporting Gaps Amid Rising Cyber Attacks
An FBI survey reveals that computer hackers have attacked most large corporations and government agencies; more often and more frequently they do not inform authorities of the breaches The survey released Sunday discovered about 90 percent of respondents detected computer security breaches in the past year but only 34 percent reported those attacks to authorities. . . .. An FBI survey reveals that computer hackers have attacked most large corporations and government agencies; more often and more frequently they do not inform authorities of the breaches The survey released Sunday discovered about 90 percent of respondents detected computer security breaches in the past year but only 34 percent reported those attacks to authorities. According to the survey, many respondents cited the fear of bad publicity about computer security. "There is much more illegal and unauthorized activity going on in cyberspace than corporations admit to their clients, stockholders and business partners or report to law enforcement," Patrice Rapalus, director of the Computer Security Institute told AP. The Computer Security Institute conducted the survey with the FBI's San Francisco computer crime squad. According to AP, he seventh annual survey polled a total of 503 American corporations, government agencies, financial and medical institutions and universities. The names of the organizations polled were not released. Overall, the survey revealed that there were more computer crimes than in last year's survey. But fewer victims reported crimes to police than in 2001, reversing a trend from earlier surveys. The link for this article located at Cosmiverse is no longer available. . New study reveals a surge in cyber intrusions targeting businesses and public institutions, emphasizing the need for improved transparency.. FBI Cybercrime Survey, Hacking Increase Report, Corporate Security Breaches, Incident Reporting Trends. . LinuxSecurity.com Team
Apr 10, 2002
•
Hacks/Cracks
82
cyber threatscorporate securityincident reportingFBI Survey Highlights Low Reporting Rates For Cybersecurity Breaches
Most large corporations and government agencies have been attacked by computer hackers, but more often and more frequently they do not inform authorities of the breaches, an FBI survey finds. . . .. Most large corporations and government agencies have been attacked by computer hackers, but more often and more frequently they do not inform authorities of the breaches, an FBI survey finds. The survey released Sunday found about 90 percent of respondents detected computer security breaches in the past year but only 34 percent reported those attacks to authorities. Many respondents cited the fear of bad publicity about computer security. "There is much more illegal and unauthorized activity going on in cyberspace than corporations admit to their clients, stockholders and business partners or report to law enforcement," said Patrice Rapalus, director of the Computer Security Institute, which conducted the survey with the FBI's San Francisco computer crime squad. The seventh annual survey polled 503 American corporations, government agencies, financial and medical institutions and universities. The names of the organizations polled were not released. The link for this article located at NandoTimes is no longer available. . Most large corporations and government agencies have been attacked by computer hackers, but more oft. large, corporations, government, agencies, attacked, computer, hackers. . Anthony Pell
Apr 08, 2002
•
Government
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More