Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
83
malwarerootkitcyber threatB1txor20: New Botnet Exploiting Log4j To Attack Arm And x86 Systems
A new Linux botnet, B1txor20, that targets Arm and 64-bit x86 systems shows log4j isn't going away any time soon. . We’re months into the disclosure of the log4j vulnerability and new attacks are still popping up. Cybersecurity researchers from Qihoo 360, a Chinese cybersecurity company, have just discovered a new Linux botnet, taking advantage of the flaw to distribute rootkits and steal sensitive data. They named the botnet B1txor20, and claim it uses the log4j vulnerability to target Linux Arm and 64-bit x86 systems. "In addition to traditional backdoor functions, B1txor20 also has functions such as opening a Socket5 proxy and remotely downloading and installing a rootkit," the researchers said. . An emerging Linux botnet, B1texploit21, exploits vulnerabilities in log4j to compromise both Arm and x86 architectures, disseminating malware and exfiltrating sensitive information.. Linux Botnet, Log4j Exploits, Cybersecurity Threats, Rootkit Attack, B1txor20 Malware. . LinuxSecurity.com Team
Mar 18, 2022
•
Hacks/Cracks
209
cybersecuritysoftware securityopen source riskCall For Federal Aid In Addressing Log4j Open Source Risks
The tech industry is readying solutions to the security risks posed by the collaborative software that underpins modern-day computing — but aid from Washington could be essential to the project’s success. . The cyber community’s scramble to address major vulnerabilities in the widely used code library Log4j is just the latest wake-up call about the security risks of the open-source software ecosystem — and it’s fueling new calls for more government support in plugging those gaps. The discovery of the Log4j flaw early this month spawned immediate alarm throughout the cyber world because of the enormous number of internet-connected systems it exposed to potential attacks. CISA estimated that “hundreds of millions” of devices run software that uses the Java-language logging tool. The link for this article located at Politico is no longer available. . The recent rush within the tech sector to address significant flaws in OpenSSL underscores a pressing demand for enhanced government assistance.. Log4j Vulnerabilities, Open Source Risks, Cybersecurity Support. . Brittany Day
Jan 10, 2022
•
Security Trends
78
security advisorysecurity updatecriticalDebian 11.2: Security Advisory on Critical Bug Fixes and Updates
The Debian project has released a second update for the stable distribution Debian 11 , codenamed “Bullseye”. Although the latest update is not a major revision, it includes more than 40 security updates, in addition to 60+ bug fixes. . Nearly two months after releasing Debian 11.1, the team behind the Linux distro has sent out an incremental update that fixes multiple bugs, and also addresses several security issues. One of the most prominent of the patches, include a fix for actively exploited Log4j vulnerability. If you have been applying updates, you'll automatically be on Debian 11.2. You can check to see if you have the latest updates through the graphical update tool. Alternatively, experienced users can fire up the Terminal and update Debian with the command sudo apt update && sudo apt full upgrade. . Debian 11.2 rolls out numerous enhancements, addressing over 40 vulnerabilities and defects since the preceding 11.1 version. Upgrade today for improved performance.. Debian 11.2 security fixes, Bullseye update, Debian patch details. . LinuxSecurity.com Team
Dec 21, 2021
•
Vendors/Products
210
remote code executionJavascriptattack vectorBlumira Uncovers New Log4j Attack Vector via Javascript WebSocket
A basic Javascript WebSocket connection can trigger a local Log4j remote code attack via a drive-by compromise. Wonderful. Truly wonderful. . It doesn't rain, but it pours. Previously, one assumption about the 10 out of 10 Log4j security vulnerability was that it was limited to exposed vulnerable servers. We were wrong. The security company Blumira claims to have found a new, exciting Log4j attack vector . You didn't really want to take this weekend off, did you? Of course not! Instead, you'll be chasing down vulnerable Log4j code ever deeper into your network. According to Blumira, this newly-discovered Javascript WebSocket attack vector can be exploited through the path of a listening server on their machine or local network. An attacker can simply navigate to a website and trigger the vulnerability. Adding insult to injury, WebSocket connections within the host can be difficult to gain deep visibility into. That means it's even harder to detect this vulnerability and attacks using it. The link for this article located at ZDNet is no longer available. . Uncovering a fresh vulnerability in Log4j via JavaScript WebSocket communications prompts significant security alarms.. Log4j Attack Vector, Javascript Exploit, Remote CodeExecution. . Brittany Day
Dec 18, 2021
•
Security Vulnerabilities
210
security advisoryvulnerabilitythreat alertLog4j Critical Risk: CISA's Jen Easterly Issues Urgent Warning
Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned the recently-revealed Log4j vulnerability was “one of the most serious” she’s seen in her entire career, “if not the most serious”. . “We expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damage,” Easterly explained. Adding to the conversation was Jay Gazlay, of CISA’s vulnerability office, who said that “hundreds of millions of were likely to be affected by the flaw. . The Log4Shell security flaw presents a pressing danger from advanced cyber adversaries, as noted by the director of CISA.. Log4j Vulnerability,CISA Alert,Cybersecurity Threats. . Brittany Day
Dec 15, 2021
•
Security Vulnerabilities
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More