Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 4 articles for you...
82
malwareinformation gatheringcyber warfareTrojan.Laziok Malware Targets Energy Firms And Political Entities
Two new malware campaigns have been spotted in the Middle East, according to reports released this week, one targeting energy companies and the other going after political targets in Israel and Lebanon.. Symantec researchers observed a brand-new information-gathering tool, Trojan.Laziok, this January and February, targeting primarily oil, gas and helium companies in the Middle East. The link for this article located at CSO Online is no longer available. . Kaspersky issues alert on the Xorist ransomware compromising financial institutions and government agencies in Asia.. Trojan.Laziok, Cyber Warfare, Energy Sector Threats, Malware Campaigns. . Alex
Apr 03, 2015
•
Government
76
social engineeringsecurity awarenessDefconDefcon 2023 CTF Contest: Concerns Over Social Engineering Challenges
A capture-the-flag-style competition slated to take place at Defcon later this month has raised eyebrows at a number of companies who are concerned they will be embarrassed or negatively impacted in some way. CSO first reported the CTF challenge earlier this month in Defcon contest to spotlight social engineering. The challenge asks contestants to collect information about a "target" company, which they are assigned to by contest coordinators at the web site social-engineer.org.. "In the excitement some have expressed concern that contestants might act improperly or that government, companies or individuals might be adversely impacted. We want to put these concerns to rest," officials with social-engineer.org said in a release, reacting to the fervor over the event. Chris Hadnagy, one of the site's founders, said he decided to issue the statement after hearing that due to the fear generated, many contestants who work for larger corporations were threatened with termination if they participated in the CTF. He stressed that the purpose of the contest is to raise awareness of the threat of social engineering, and challenge contestants to come up with creative, legal ways of obtaining information from companies The link for this article located at CSO Online is no longer available. . Worries grow about potential adverse effects of social manipulation challenges at Defcon. Knowledge is crucial for safeguarding.. Social Engineering Contest, Capture the Flag Event, Defcon 2023, Security Knowledge, Corporate Safety. . Anthony Pell
Jul 22, 2010
•
Organizations/Events
76
social engineeringsecurity challengeethical hackingDefCon 2023: Highlights of Social Engineering Skills Contest
This year's Defcon event will feature a contest that asks social engineers to infiltrate target companies. But the challenge is only one part of a large mission to get people thinking about social engineering.. How strong is your schmooze? That is the question participants in an upcoming contest at this year's Defcon event will attempt to answer at the end of July. The Social Engineering CTF (capture-the-flag contest) is sponsored by the group that runs the website social-engineer.org and will ask contestants to gather information and then plan a realistic and appropriate attack vector, according to Chris Hadnagy, one of the site's founders. "We thought 'How can we showcase social engineering skills and not go over that line of what is ethical and moral?'" explained Hadnagy. According to the rules of the contest, each social engineer/contestant is emailed a dossier with the name and URL of a "target" company. Before the conference, the contestants are allowed to gather any type of information they can get from the internet. No phone calls, emailing or contacting the company in any way before the Defcon event is allowed. The link for this article located at CSO Online is no longer available. . Competitors in this year's Black Hat competition will showcase their psychological manipulation tactics by breaching specified organizations.. DefCon 2023, Social Engineering Contest, Ethical Hacking. . Anthony Pell
Jul 06, 2010
•
Organizations/Events
79
network toolsinformation gatheringnetwork mappingFOCA 2 Enhancements: Advanced Network Mapping and Discovery Tools
FOCA 2 has a new algorithm which tries to discover as much info related to network infrastructure as possible. In this alpha version FOCA will add to the figured out network-map, all servers than can be found using a recursive algorithm searching in Google, BING, Reverse IP in BING, Well-known servers and DNS records, using an internal PTR-Scaning, etc. The link for this article located at Darknet UK is no longer available. . Explore the innovative features of FOCA 2 as it transforms network infrastructure mapping and data analysis with advanced algorithms for insightful information retrieval. Network Mapping, FOCA Analysis, Infrastructure Research. . LinuxSecurity.com Team
May 25, 2010
•
Security Projects
74
security toolinformation gatheringGPL licenseExplore Unicornscan v0.4.7: A Flexible Network Testing Tool
Unicornscan is a new information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL license. Have you heard about the port scanning tool called Unicormscan? There are so many port scanning tools out there but do you think Unicornscan has any advantages of the others? . The link for this article located at DarkNet is no longer available. . Unicornscan is a premier open-source tool designed for security analysis and research, facilitating effective vulnerability detection and network exploration. Unicornscan, Port Scanner, Network Analysis, Testing Tool. . Bill Locke
Jan 10, 2008
•
Network Security
81
security assessmentsecurity toolsweb serverMastering Information Gathering for Penetration Testing Success
Information Gathering is usually the first done when Penetration testing. It is indeed a very important part in Penetration testing, and no Penetration tester or Internet security enthusiast can be left with out the knowledge of not knowing how to successfully gather information on a target. This white paper goes through the steps and tools you can use in order to successfully gather information on a target web server. . The link for this article located at Info Sec Writers is no longer available. . An essential handbook on employing data collection instruments for efficient cybersecurity assessment techniques.. Penetration Testing, Information Gathering, Security Assessment. . LinuxSecurity.com Team
Oct 06, 2006
•
Privacy
74
security practicesthreat assessmentinformation gatheringEffective Information Gathering Techniques for System Exploration
The first step to exploring a system is not just another point and click. It is the part that suprisingly, no one really talks about; gathering information on the subject. In order to successfully get in a system, one must know . . . . The first step to exploring a system is not just another point and click. It is the part that suprisingly, no one really talks about; gathering information on the subject. In order to successfully get in a system, one must know enough about the entity to gain access to it. This can be acomplished by choosing a subject (network/computer) and learning all there is to know about how it ticks. This information can be found a number of ways; the main ones being searching the Internet, discovering the networks behind the domains, finding locations and phone numbers, and finding a path in. The first step to finding information about a subject is by simply searching the web for information. Once one finds the website of the subject, look for information about it, such as phone numbers, locations, and email address. Get as much information about the subject as possible. Read privacy policies to begin to learn about the security used and search for comment tags in the source code. Believe it or not, sometimes companies leave important information inside the sites source code, open to those who choose to read it. The link for this article located at Help Net Security is no longer available. . Discover key approaches for collecting crucial data while navigating a system proficiently.. System Exploration, Information Discovery, Threat Assessment. . Anthony Pell
Sep 06, 2001
•
Network Security
82
national securityinformation gatheringintelligence agencyNSA Technology Issues Impacting Global Intelligence Collection
The US National Security Agency, which uses satellites and electronic listening posts to gather intelligence globally, is falling behind in technology, causing deep concern in the spy community, the chairman of the House Intelligence Committee said on Thursday. Rep. Porter . . . . The US National Security Agency, which uses satellites and electronic listening posts to gather intelligence globally, is falling behind in technology, causing deep concern in the spy community, the chairman of the House Intelligence Committee said on Thursday. Rep. Porter Goss, the Florida Republican who chairs the panel, said the NSA, once a leader in technology, is now lagging behind the fast pace of advances and is unable to cover all necessary targets for gathering information and data. "NSA is the number one concern in the intelligence community right now in terms of capability," Goss told the Defense Writers Group. "It is true that there are targets that we cannot cover today that we used to be able to enjoy coverage on, because of technology." NSA, probably the most secretive of the US intelligence agencies, uses an array of technologies to monitor communications around the globe. It had an edge during the Cold War because it had computer power that no one else could match, Goss said. "NSA is an agency that has served the country brilliantly. It is now out of date." The link for this article located at TechTV is no longer available. . The waning prowess of the US National Security Agency in technological advancements has sparked apprehensions regarding international surveillance effectiveness.. NSA Challenges, Intelligence Technology, Global Surveillance, Information Gathering. . Anthony Pell
Mar 27, 2001
•
Government
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More