Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
210
security advisorybuffer overflowFedoraUbuntu and Fedora: Critical Glibc Bug Leads to Privilege Escalation
A notorious buffer overflow vulnerability dubbed “Looney Tunables” was recently found in the GNU C Library. This severe bug exists in the glibc dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable ( CVE-2023-4911 ). This vulnerability was introduced in April 2021 and poses a significant threat to systems with default installations of Fedora 37 and 38, Ubuntu 22.04 and 23.04, and Debian 12 and 13. . According to the security researchers who discovered this vulnerability, "This environment variable, intended to fine-tune and optimize applications linked with glibc, is an essential tool for developers and system administrators. Its misuse or exploitation broadly affects system performance, reliability, and security." A local user can exploit the Looney Tunables flaw to gain full root privileges on impacted systems, potentially resulting in data breaches and system compromise. Debian , Fedora , Gentoo , Oracle , RedHat, and Ubuntu have released critical glibc security updates to mitigate this severe bug. Given this vulnerability's damaging repercussions on impacted systems, if left unpatched, we urge all impacted users to update immediately to protect against privilege escalation attacks potentially leading to downtime and compromise. To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user , subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems. Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s) . . A significant Linux kernel vulnerability enables unauthorized users to gain elevated privileges, jeopardizing system integrity on several operating systems.. glibc Security Update, Local Privilege Escalation, Linux Critical Bug. . Brittany Day
Oct 19, 2023
•
Security Vulnerabilities
215
security advisorycritical threatconfiguration issueX.Org Server CVE-2023-0494 Critical Local Escalation Threat
The X.Org Server, a commonly used component to the Linux desktop, keeps on giving when it comes to security vulnerabilities with its massive, aging, and ill-maintained code-base. Disclosed on Monday night was CVE-2023-0494 as the latest security advisory and another discovery by the Trend Micro Zero Day Initiative. . CVE-2023-0494 entails local privilege elevation on systems where the X.Org Server is privileged and remote code execution is supported for SSH X forwarding sessions. Thankfully for many modern X.Org Server environments these days, the X.Org Server is no longer run as root / elevated privileges but for older systems and in other select configurations unfortunately remains running in such a vulnerable configuration. The CVE-2023-0494 vulnerability involves a use-after-free condition within DeepCopyPointerClasses for allowing reading and writing to freed memory via ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo(). The link for this article located at Phoronix is no longer available. . CVE-2023-0495 leads to unauthorized access in OpenSSH installations under certain conditions.. X.Org Server, Local Escalation, Security Threat. . Brittany Day
Feb 22, 2023
•
Desktop Security
79
vulnerabilitysecurity flawlocal escalationLocal Privilege Escalation in Mac OS X Tiger Exploited by Researcher
Before his coffee was cold he had found a local privilege escalation vulnerability in Mac OS X Tiger, which could allow people to elevate from normal user to full super user, and had written code that could exploit the hole.. "I just think that I got lucky, but that's what I always think when I find a bug that quickly," he said in an interview on Wednesday. Dai Zovi has been exploiting Macs for a long time, publishing his first Mac OS X shellcode (code used as the payload in an exploitation of a vulnerability) for the PowerPC in July 2001. He said he has reported more than 10 vulnerabilities to Apple over the years and does so out of love for the platform. The link for this article located at CNET is no longer available. . Investigate a regional privilege escalation flaw within Mac OS X and understand how analysts take advantage of weaknesses to enhance security.. Local Escalation, Exploit Research, Security Flaws, Mac OS Techniques. . LinuxSecurity.com Team
Aug 27, 2009
•
Security Projects
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More