Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
82
data securityinformation securityOMBFederal Memo: OMB's New Data Security Measures Post WikiLeaks
Prompted by fallout from the WikiLeaks debacle, the White House Office of Management and Budget has asked all federal agencies and departments handling classified data to shore up efforts to identify untrustworthy and discontented employees. . A 14-page memo signed by OMB director Jacob Lew was sent to agency heads earlier this week. The contents of the memo were leaked to NBC News, which posted it online. The memo, the second sent by the OMB since the latest WikiLeaks brouhaha started last fall, lists dozens of questions that are designed to help government agencies to assess their readiness to deal with insider threats and a broad range of other information security issues. The link for this article located at Network World is no longer available. . A 14-page memo signed by OMB director Jacob Lew was sent to agency heads earlier this week. The cont. prompted, fallout, wikileaks, debacle, white, house, office, management, budget. . Anthony Pell
Jan 07, 2011
•
Government
79
cyber threatsdata breachmalwareUS Secret Service Insight: Cyber Threat Trends and Insider Risks
Both types of attack have increased in the past year, according to the 2010 Verizon Data Breach Investigations report in partnership with the US Secret Service. This is the first time private and commercial data has been combined in a data breach report, said Matthijs Van der Wel, head of the EMEA forensics team at Verizon Business.. The data from the financial crime investigations from the Secret Service has enabled a broader and deeper perspective on cybercrime, he said. "Most breaches are caused by external sources, but we now see a lot more cases that involve insiders combined with social engineering that we did not see in our previous data set," said Van der Wel. The data also highlights an increased use of customised malware in smaller attacks to avoid detection by anti-virus and intrusion detection software, he said.. The Intelligence Agency shares findings from Cisco's cybersecurity analysis on increasing digital dangers and employee vulnerabilities.. Cybersecurity Insights, Data Breach Analysis, Insider Threats, Malware Trends. . LinuxSecurity.com Team
Aug 02, 2010
•
Security Projects
76
security insightslaw enforcementcomputer crimeExpert Solutions For Businesses On Computer Crime Collaboration
How businesses should deal with law enforcement was a topic of discussion at INT Media Group's recent E-Security Conference and Expo in Vienna, Va. In separate sessions, attendees heard from David Green, principal deputy chief of the Department of Justice Computer . . . . How businesses should deal with law enforcement was a topic of discussion at INT Media Group's recent E-Security Conference and Expo in Vienna, Va. In separate sessions, attendees heard from David Green, principal deputy chief of the Department of Justice Computer Crime and Intellectual Property Section (CCIPS), and Bryan Palma, a special agent with the U.S. Secret Service Electronic Crimes Task Force. Both speakers explained how industry and law enforcement can work together to stem computer crime. Green succeeded in bringing humor to this serious subject, such as when he lamented the challenges the DOJ faces in prosecuting and sentencing perpetrators of computer crimes, many of whom turn out to be 14 or 15 years old. "We're looking at grounding as an alternative sentence," he said. And in talking about insider attacks, he said, "A very low percentage of these insider attacks come from gruntled ex-employees; they're always disgruntled." The link for this article located at Earthweb is no longer available. . Companies tackling digital offenses with law enforcement perspectives shared by professionals during INT Media's latest symposium.. Computer Crime Solutions, Law Enforcement Collaboration, Insider Threat Solutions. . Anthony Pell
Jun 14, 2002
•
Organizations/Events
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More