Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
74
web applicationsecurity insightsjavascriptBilly Hoffman on AJAX Security: Insights into JavaScript Attacks
As more and more computing moves to the Web, Web application security has become a high priority -- at least for users. In this interview, Executive Editor Dennis Fisher talks to Billy Hoffman, manager of Hewlett-Packard Co.'s Web Security Research Group, about the security features in Google Chrome, the lack of security training for Web developers and how JavaScript has become the favored tool of attackers. This article is an interview with Billy Hoffman, manager of Hewlett-Packard Co.'s Web Security Research Group. Which he talks about how JavaScript has become the favored tool of attackers.. The link for this article located at is no longer available. . Uncovering AJAX security reveals critical vulnerabilities in async web applications. While JavaScript enhances user experience, it also invites potential exploits.. Web Application Security, JavaScript Attacks, AJAX Trends. . Bill Locke
Oct 10, 2008
•
Network Security
83
security advisoryvulnerabilityjavascriptAdobe Flex 3: DOM-Based XSS Risk Due To JavaScript Manipulation
We recently researched an interesting DOM-based XSS vulnerability in Adobe Flex 3 applications that exploits a scenario in which two frames (parent & son) interact with each other, without properly validating their execution environment. In our research, we have seen that in some cases, it is possible to manipulate JavaScript code flow, by controlling the environment in which it runs. Specifically, we managed to return hacker-controlled boolean values to conditional statements, and by that force the application to be vulnerable to an existing DOM-based XSS, which was otherwise unexploitable. . The link for this article located at wfblog is no longer available. . Investigations into a significant DOM-related XSS flaw in Adobe Flex 3 software indicate techniques for altering JavaScript.. JavaScript Vulnerability, Adobe Flex 3, DOM-Based Attack. . LinuxSecurity.com Team
Jun 24, 2008
•
Hacks/Cracks
83
security techniquesjavascriptreverse engineeringEvolving JavaScript Obfuscation Techniques Making Defense Harder
As JavaScript becomes an increasingly key component of online attacks, attackers are investing more energy in obfuscation and other techniques to make defenders' attempts at reverse engineering more difficult, a security researcher told attendees at the annual CanSecWest conference on Wednesday. . Attackers have adopted the same techniques used to hide the purpose of other types of malicious code, such as splitting up the code into many components and the use of custom encoders, to obfuscate JavaScript, said Jose Nazario, senior security engineer at network-protection firm Arbor Networks. Other advances include the addition of functions aimed at detecting any attempts at debugging or running the program in a virtual machine, he said. The link for this article located at SecurityFocus is no longer available. . Advancements in code encryption methods complicate the decryption of JavaScript scripts for security experts.. JavaScript Obfuscation,Cyberattack Strategies,Security Techniques. . LinuxSecurity.com Team
Apr 19, 2007
•
Hacks/Cracks
83
threatmalwarevulnerabilityEmerging JavaScript Tool Poses Significant Threat to Browser Security
A new tool too dangerous to give away can turn any PC. After silently inserting itself to run inside any browser The link for this article located at eWeek is no longer available. . An application surfaces that can stealthily transform any web browser with JavaScript support into a harmful agent, presenting considerable dangers.. JavaScript Threat, Malware Tool, Browser Security Issue, Cyber Attack Software. . LinuxSecurity.com Team
Mar 28, 2007
•
Hacks/Cracks
74
network securityremote attackcyber threatHome Routers: Remote Attacks Through Malicious JavaScript Exploit
They have demonstrated that users could open up their router's traffic as a result of visiting a web page loaded with malicious javascript. The researchers said, "Settings on the router can be changed, including the DNS servers used by members of small, quickly erected internal networks. The attacks do not exploit any vulnerabilities in the user's browser. Instead, all they require is that the browser run JavaScript and Java Applets." While the threat to home routers is real, said the researchers, no actual attacks have so far taken place. Users would also first have to be persuaded to visit a malicious website for any attack to take place. . . Individuals face dangers since residential networking devices can be exploited remotely through harmful codes embedded in websites.. home routers security, remote attack prevention, javascript risks. . Benjamin D. Thomas
Feb 20, 2007
•
Network Security
81
cross-site scriptingjavascriptweb attackExploiting XSS: Capturing User Search Queries with JavaScript
SPI Labs has discovered a practical method of using JavaScript to detect the search queries a user has entered into arbitrary search engines. All the code needed to steal a user's search queries is written in JavaScript and uses Cascading Style Sheets (CSS). This code could be embedded into any website either by the website owner or by a malicious third party through a Cross-site Scripting (XSS) attack. There it would harvest information about every visitor to that site. . . Innovative Security Team uncovers a technique utilizing Python to hijack user browsing histories via CSRF exploitation.. JavaScript Attacks, Cross Site Scripting, Data Harvesting Techniques, Web Security Analysis, Security Threats. . LinuxSecurity.com Team
Oct 03, 2006
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More