Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -3 articles for you...
79
system integritysecurity featureperformance impactEvaluating the Benefits and Drawbacks of TPM Bus Encryption in Linux 6.12
Linux Kernel 6.10 introduced an impressive feature to strengthen the security of the Trusted Platform Module (TPM) . Bus encryption and integrity protection safeguard it against potential interposers or sniffing attacks against TPM. Due to performance bottlenecks associated with this feature, the Linux 6.12 update introduced an option to disable its protection . The tpm.disable_pcr_integrity= kernel command line parameter was added to disable PCR integrity protection. PCR integrity protection is enabled by default for Linux x86_64 systems. . In this article, I'll explore the benefits and drawbacks of TPM bus encryption and integrity protection and weigh the pros and cons of opting out, helping you balance security and performance for your Linux systems. Advantages of TPM Bus Encryption and Integrity Protection Source: Phoronix Implementing TPM bus encryption and integrity protection offers numerous benefits, primarily increased security. Encrypting data transmitted between a TPM and the system bus makes it much more difficult for malicious entities to intercept and manipulate this sensitive data. Encryption and integrity checks protect against TPM sniffing attacks involving intercepting and analyzing signals on the TPM bus to retrieve sensitive information. Integrity protection ensures that any attempts at altering data are detected, further fortifying the system against threats like theft of sensitive information or compromise by hackers. Likewise, TPM plays an instrumental role in attesting the integrity of systems by securely recording measurements ( PCR extend operations ). Integrity protection ensures that measurements taken are reliable and undisturbed by third parties, thus maintaining trustworthiness for an entire security architecture. Drawbacks of TPM Bus Encryption and Integrity Protection One major drawback of TPM bus encryption and integrity protection lies in its performance bottlenecks. Integrating TPM and IMA can create performance issues due to additionaloverhead for encryption and integrity checks, especially during PCR extend operations. It is crucial for maintaining system integrity but is often performed more frequently due to encryption/integrity checks than expected. Furthermore, implementation can significantly increase resource consumption - potentially burdensome on systems with limited processing power or already near their peak capacity. Benefits of Opting Out of TPM Bus Encryption and Integrity Protection Opting out of TPM bus encryption and integrity protection offers significant performance gains for systems. By disabling this feature, performance bottlenecks associated with Integrity Measurement Architecture (IMA) are eliminated, leading to faster and more efficient PCR extend operations - especially helpful when used heavily for integrity measurements. Furthermore, disabling encryption and integrity protection reduces additional computational burden, freeing up system resources for other crucial operations. Risks Associated With Opting Out of TPM Bus Encryption and Integrity Protection Opting out of TPM bus encryption and integrity protection increases the risk of attacks, particularly TPM sniffing attacks. Without encryption and integrity checks, data transmitted between the TPM and system bus becomes more vulnerable to being intercepted and altered by malicious entities. Disabling integrity protections may compromise system measurements, as the absence of these protections creates the risk of undetected tampering, which could compromise security measures in place. Specific industries and regulatory frameworks also mandate stringent security measures, such as TPM bus encryption and integrity protection. Skipping out could result in noncompliance with such regulations, potentially leading to legal or financial repercussions. Our Final Thoughts on the Pros & Cons of Opting Out of TPM Bus Encryption and Integrity Protection Linux Kernel 6.10 introduced TPM bus encryption and integrity protection, providing significant securitybenefits by protecting systems against TPM sniffing attacks while maintaining the trustworthiness of system measurements. Unfortunately, due to performance bottlenecks associated with this feature, an opt-out option had to be included in Linux Kernel 6.12. While disabling TPM bus encryption and integrity protection may help boost system performance and reduce resource overhead, it increases vulnerabilities to attacks and risks to regulatory requirements. Linux admins must carefully consider these factors when deciding whether or not to turn this feature off. What are your thoughts on this Linux kernel update? Will you be disabling TPM bus encryption? Connect with us @lnxsec and let us know! . Explore TPM bus encryption pros and cons, evaluating security benefits against performance impacts for Linux systems.. linux, kernel, introduced, impressive, feature, strengthen, security, trusted, platfor. . Brittany Day
Nov 18, 2024
•
Security Projects
78
web applicationsecurity solutionbrowser securityMicrosoft's Ripley: A New Approach to Web App Integrity Security
I'd sure like to see something like this for Linux. Could be very useful for secure helpdesk troubleshooting. Are you already doing something like this with a secured VNC? Nowadays, it's easy for developers to build fully fledged applications that run inside the browser. Keeping these applications safe from hackers is another matter. With this in mind, scientists at Microsoft Research have unveiled a new way to secure complex Web applications by effectively cloning the user's browser and running it remotely. . Many of the latest Web applications split their executable code between the server and the client. The problem is detecting whether the code running on the user's home PC has been compromised in some way. The new Microsoft solution, known as Ripley, was announced on Tuesday at the Association for Computing Machinery's Computer and Communications Security Conference in Chicago. Ripley goes further than previous efforts to secure the integrity of Web applications. "It takes integrity protection to its logical extreme," says Adam Barth, a researcher at the University of California, Berkeley who specializes in the security of Web applications. He was not involved with the project. "Instead of just verifying that a request came from the proper website, Ripley verifies that the user's actions are actually allowed by the application's user interface." The link for this article located at Technology Review is no longer available. . Web applications divide coding tasks between server and client sides, but protecting against cyber threats remains a constant challenge. Explore new strategies.. Web Application Security, Integrity Protection, Remote Troubleshooting. . LinuxSecurity.com Team
Nov 13, 2009
•
Vendors/Products
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More