Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
83
Linux securitythreat detectiondefense strategiesMalicious Linux Shell Scripts: Evasion Techniques And Defense Strategies
The Uptycs Threat Research team outlines how malicious Linux shell scripts are used to cloak attacks and how defenders can detect these threats and mitigate their risk of suffering an attack. . Evasive techniques used by attackers, date back to the earlier days, when base64 and other common encoding schemes were used. Today, attackers are adopting new Linux shell script tactics and techniques to disable firewalls, monitoring agents and modifying access control lists (ACLs). In previous Uptycs Threat Research posts, we discussed the common utilities in Linux, which are generally used by threat actors in the attack chain. In this report, we highlight those common defense evasion techniques, which are common in malicious Linux shell scripts. And then, we outline how Uptycs spots and mitigates against them. . Deceptive UNIX shell scripts employ stealth measures; explore methods to identify and counteract these harmful scripts proficiently.. Malicious Linux Scripts, Evasion Tactics, Threat Detection, Risk Management. . LinuxSecurity.com Team
Jul 30, 2021
•
Hacks/Cracks
83
shell scriptingdetection techniquesmalicious scriptsEvasive Techniques Used By Malicious Shell Scripts And Detection Methods
Learn about common defense evasion techniques used in malicious shell scripts and how Uptycs detects them. . Attackers use malicious shell scripts as an initial vector to download malicious payloads to the victim system. In the earlier days, base64 and other common encoding schemes were used to evade defensive parameters. But nowadays, threat actors are adopting newer techniques that include commands to disable firewalls, monitoring agents etc. The link for this article located at Uptycs Blog is no longer available. . Threat actors leverage command-line scripts to undermine security measures, gaining insights into novel evasion strategies and Uptycs monitoring capabilities.. Malicious Shell Scripts, Evasion Techniques, Uptycs Detection. . LinuxSecurity.com Team
Jul 07, 2021
•
Hacks/Cracks
78
security advisorycode executioncritical patchAdobe Flash Player Urgent Update: Vulnerabilities and Code Execution Risks
Adobe's Flash Player software is on 99 percent of Internet-connected desktops, offering up multimedia and video capabilities on a multitude of popular Web sites such as YouTube. But the Adobe Flash platform has been beset by a rash of security problems that give intruders potential access to computers running the software. . Issues have included one recent vulnerability described as "frighteningly bad" by a security expert. Technologists, however, disagree on the severity of Flash's weaknesses. Some say Flash is merely a victim of its own success, attracting attention from those with bad intentions but being no worse off than other software platforms when it comes to its inherent security. An alternate opinion is that Adobe simply lacks tight security practices in its internal development procedure and so has become a preferred vector for cyberthieves. A review of Flash-focused security incidents of late raises eyebrows: Just last week, Adobe issued a critical patch for both Flash and AIR; the fixed flaws included what Adobe called "a vulnerability in the parsing of JPEG data that could potentially lead to code execution." Foreground Security in November detailed what one company official has described as a "frighteningly bad" security flaw in which an attacker can put a malicious Flash object on a Web site via user-generated content capabilities. Malicious scripts can then be executed. Adobe in July confirmed a Flash zero-day bug in its Flash and Reader software had a critical vulnerability on Windows, Macintosh, Linux, and Solaris operating systems that could cause a crash and enable an intruder to take control of a system. Product updates were issued to resolve the problem. The link for this article located at ComputerWorld is no longer available. . Adobe Flash encounters severe vulnerabilities. Essential updates are addressed for enhanced online safety.. Adobe Flash vulnerabilities, Flash Player security, multimedia threats. . LinuxSecurity.com Team
Dec 15, 2009
•
Vendors/Products
77
cross site scriptingweb applicationsecurity risksUnderstanding Cross Site Scripting And Its Risks In Web Applications
There are many web applications which are designed to permit the input of html tags for displaying the html formatted data. these tags can be used by malicious users to attack other users by inserting scripts or malicious applets etc.this called cross site scripting or XSS. such attacks are result of poor input validations. it uses the combination of html and scripting languages. with the proper combination of html and java script a intruder can misguide the client and perform various attack from DOS(by opening enormous amount of window on client side) or By embedding malicious FORM tags at the right place, an mailicious user may be able to trick users into revealing sensitive information by modifying the behavior of an existing form or by embedding scripts, an intruder can cause various problems. This is by no means a complete list of problems, but hopefully this is enough to convince you that this is a serious problem. . The link for this article located at Info Sec Writers is no longer available. . The link for this article located at Info Sec Writers is no longer available.. there, applications, which, designed, permit, input, displaying. . LinuxSecurity.com Team
Sep 30, 2006
•
Server Security
78
security advisorycode executionfirefoxMozilla Suite Critical: Code Execution and Data Access Risks
Multiple vulnerabilities that could allow an attacker to install malicious code or steal personal data have been discovered in the Mozilla Suite and the Firefox open-source browser. Details of the nine flaws were published on Mozilla's security Web site over the weekend. . Ian Latter, senior security consultant at Internet security specialist Pure Hacking, said most of the vulnerabilities are based on the way the applications handle JavaScript. "There are some permission issues related to running JavaScript at an escalated privilege level. They remove some of the security measures used to keep JavaScript sandboxed and allow it to potentially do malicious things to your computer," said Latter. Another issue could allow malicious scripts to gain access to random pieces of memory, he said. "This random memory may or may not contain pieces of information about where you have been browsing. The worst-case scenario is that it could contain some personal or login information," said Latter.. Ian Latter, senior security consultant at Internet security specialist Pure Hacking, said most of th. vulnerabilities, allow, attacker, install, malicious, steal, personal. . LinuxSecurity.com Team
Apr 18, 2005
•
Vendors/Products
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More