Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
82
cyber defenseonline threatsinternational lawUK Attorney General Jeremy Wright: Responding to State Cyber Threats
The UK’s attorney general has clarified the government’s position on state-sponsored cyber-attacks, saying the country will fight back against any nation seeking to cause it harm and continue to attribute serious online threats. . Speaking at the Chatham House Royal Institute for International Affairs on Wednesday morning, Jeremy Wright became the first minister to set out the UK’s opinion on how international law applies to cyberspace. The link for this article located at InfoSecurity is no longer available. . The UK Attorney General has revealed the government's stance on state-sponsored cyber ops, highlighting efforts to align with global legal standards in cyber warfare. State Cyber-Attack, Cyber Defense, UK Strategy, Online Threats. . Brittany Day
May 24, 2018
•
Government
82
civil libertiessurveillancecybercrime treatyU.S. Cybercrime Treaty Concerns Over International Surveillance and Rights
he treaty is open to any country, with the approval of those that have already ratified it, and some fear that it could put the United States' surveillance capabilities at the disposal of foreign governments with poor human rights records, who may be investigating actions that are not considered crimes elsewhere. . . .. Critics took aim this week at a controversial international treaty intended to facilitate cross-boarder computer crime probes, arguing that it would obligate the U.S. and other signatories to cooperate with repressive regimes--a charge that the Justice Department denied. The U.S. is one of 38 nations that have signed onto the Council of Europe's "Convention on Cybercrime," but the U.S. Senate has not yet ratified the measure. In a letter to the Senate last November, President Bush called the pact "the only multilateral treaty to address the problems of computer-related crime and electronic evidence gathering." The treaty, "would remove or minimize legal obstacles to international cooperation that delay or endanger U.S. investigations and prosecutions of computer-related crime," said Bush. Drafted under strong U.S. influence, the treaty aims to harmonize computer crime laws around the world by obliging participating countries to outlaw computer intrusion, child pornography, commercial copyright infringement, and online fraud. Another portion of the treaty requires each country to pass laws that permit the government to search and seize e-mail and computer records, perform Internet surveillance, and to order ISPs to preserve logs in connection with an investigation. A "mutual assistance" provision then obligates the county to use those tools to help out other signatory countries in cross-border investigations: France, for example, could request from the U.S. the traffic logs for an anonymous Hotmail user suspected of violating French law. That worries civil libertarians. The treaty is open to any country, with the approval of those that have already ratified it, and some fear that it could put theUnited States' surveillance capabilities at the disposal of foreign governments with poor human rights records, who may be investigating actions that are not considered crimes elsewhere. The link for this article located at is no longer available. . Debate over global digital security pact ignites fears regarding privacy and individual freedoms as nations collaborate on enforcement.. Cybercrime Treaty, International Cooperation, Digital Rights, Surveillance Risks. . Anthony Pell
Apr 26, 2004
•
Government
76
information securityopen sourcehuman rightsHacktivismo License: Legal Enforcement for Human Rights Violations
International hacker organization issues software license that allows the group or its licensees to take human rights violators to court. This story is important for anyone interested in hacking, human rights, information security, open-source software, Internet censorship, international law, international politics, or technology transfer.. . .. International hacker organization issues software license that allows the group or its licensees to take human rights violators to court. This story is important for anyone interested in hacking, human rights, information security, open-source software, Internet censorship, international law, international politics, or technology transfer. LUBBOCK, TX, November 25 -- Hacktivismo, an international group of hackers and human rights activists, today issued the Hacktivismo Enhanced-Source Software License Agreement (HESSLA). The license offers open-source transparency, enhanced by legal remedies both for Hacktivismo, as licensor, and for end-users. "The Hacktivismo Enhanced-Source Software License Agreement marks the first time technology transfer has been linked to protecting human rights," said Oxblood Ruffin, founder of Hacktivismo. "Our clients and end-users aren't building the firewalls to keep democracy out. They're locked inside trying to break free." In contrast with more-traditional "free" or "open-source" software licenses, The HESSLA contains some novel terms unique to the history of information technology. These enhanced terms are designed to promote a broad range of human rights worldwide, as well as to empower end-users to seek new and additional remedies against human-rights violations by governments and governmental officials. "Hacktivismo has sought to preserve, to the maximum degree, the primary advantages of 'free' and 'open-source' software," said Eric Grimm, an attorney with CyberBrief, PLC, who assisted Hacktivismo with drafting the license. "These advantages include ease of customization, the ability of any end-user to redistribute thesoftware to friends and colleagues without paying any license fees, transparency, and enabling collaboration among volunteer and commercial developers worldwide." The license enables both Hacktivismo and its end-users to go to court if someone tries to use the software in a malicious manner, or to introduce harmful changes into the software. It also contains more robust language than has previously been used to maximize enforcement against governments around the world. The HESSLA explicitly prohibits anybody from introducing "spy-ware, surveillance technology, or other undesirable code into modified versions of HESSLA-licensed programs. Additionally, the license prohibits any use of the software by any government that has any policy or practice of violating human rights. The most novel innovation in the license distributes enforcement power instead of concentrating it in Hacktivismo's hands. If a private citizen happens to violate the license, then Hacktivismo is in charge of enforcement. But the situation is different if the violation is by a government or a governmental official. When Governments subvert human rights, and try to use Hactivismo-licensed software as part of any aspect of such a project, then the license empowers end-users act as enforcers too. It is not unusual for victims of torture and other human rights abuses in other countries, to seek a remedy for violations of international law in U.S. court. But there's a difference between suing Slobodan Milosevic, and suing Republica Srpska for the official policies and abuses of the Milosevic regime. When victims have tried to name foreign governments as defendants, they have run into a brick wall called sovereign immunity. The Hacktivismo license makes it clear that the act of voluntarily using Hacktivismo software, if it is used by a government as a part of any project that has the effect of violating human rights, explicitly constitutes a waiver by that government of its sovereign immunity in the courts of other countries. In otherwords, if Myanmar or China want to keep violating human rights -- then they have no choice but to steer clear from using Hacktivismo's software in connection with any of their wrongful projects. If not, then this software license just may be the victims' long-needed ticket into court; their pathway over the obstacle to justice previously presented by sovereign immunity. Full text of the Hacktivismo Enhanced-Source Software License Agreement is available at: PRESS CONTACT Krass Katt
Nov 29, 2002
•
Organizations/Events
82
extraditionlaw enforcementcybercrime treatyImplications of Cybercrime Treaty on International Prosecution
The Cybercrime Treaty is an international law enforcement regime that makes it easier for prosecuting countries to get evidence from abroad and to extradite and prosecute foreign nationals for certain kinds of crimes. The treaty has three primary sets of provisions. . . . . The Cybercrime Treaty is an international law enforcement regime that makes it easier for prosecuting countries to get evidence from abroad and to extradite and prosecute foreign nationals for certain kinds of crimes. The treaty has three primary sets of provisions. All three are aimed at setting basic computer -related criminal law standards for signatory nations. First, it would require nations to outlaw such things as unauthorized computer intrusion; the release of viruses; and the use of a computer to commit acts that are already crimes, such as fraud and the distribution of child pornography. Moreover, there is a move to bring copyright under criminal law and the expansion of child pornography statutes to so-called virtual child porn. The link for this article located at Symantec is no longer available. . The Cybercrime Treaty enhances international law enforcement collaboration to prosecute cyber offenses, improving mutual legal assistance, data sharing, and training for agencies. Cybercrime Treaty, International Law, Law Enforcement, Computer Crime Standards. . Anthony Pell
May 04, 2001
•
Government
82
law enforcementcorporate securitydata privacyExamining The Cybercrime Treaty: Corporate Ramifications And Rights
... if you counsel U.S. corporations on computer-related issues, you should be concerned about a new proposed treaty known as the "Convention on Cybercrime." The Council of Europe, a 43-nation public body created to promote democracy and the rule of law, . . . . ... if you counsel U.S. corporations on computer-related issues, you should be concerned about a new proposed treaty known as the "Convention on Cybercrime." The Council of Europe, a 43-nation public body created to promote democracy and the rule of law, is nominally drafting the treaty. Curiously, however, the primary architect is the United States Department of Justice. The Department of Justice and Federal Bureau of Investigation are using a foreign forum to create an international law-enforcement regime that favors the interests of the feds over those of ordinary citizens and businesses. Their goal is to make it easier to get evidence from abroad and to extradite and prosecute foreign nationals for certain kinds of crimes. Maybe you trust the law-enforcement chiefs in D.C. to do the right thing. But here's the catch. The same new powers given to the United States will also handed over to Bulgaria, Romania, Azerbaijan, and other Council of Europe nations that-although officially democratic now-don't have a strong traditions of checks and balances on police power. The link for this article located at Cryptome is no longer available. . The upcoming Convention on Cybercrime raises critical concerns for American businesses and individual privacy rights, particularly regarding increased regulation and oversight.. Cybercrime Treaty, International Law, Data Privacy, Corporate Security. . Anthony Pell
Mar 22, 2001
•
Government
81
cyber crimelaw enforcementinternet regulationsInternational Cyber Crime Laws Raise Concerns Over User Privacy
U.S. and European officials drafting the first international laws against Internet crimes have ignited protests from civil liberties groups, who claim the new convention will invade Internet users' privacy across the globe. Officials are putting the final touches this week on . . . . U.S. and European officials drafting the first international laws against Internet crimes have ignited protests from civil liberties groups, who claim the new convention will invade Internet users' privacy across the globe. Officials are putting the final touches this week on the document, which they say the USA is almost certain to sign. The agreement, being drafted by the Council of Europe in Strasbourg, France, will include the first international laws against such crimes as hacking, Internet fraud and online child pornography, and allow police forces to investigate cases across national boundaries. The link for this article located at USA TODAY is no longer available. . Concerns about privacy have emerged worldwide as U.S. and European policymakers collaborate to create laws addressing online offenses.. International Law, Cyber Crime Laws, Privacy Issues, Internet Regulations. . LinuxSecurity.com Team
Nov 21, 2000
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More