Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 12 articles for you...
83
security advisorymalicious softwaremachine learningPyTorch Compromised: Holiday Season 2022 Supply-Chain Attack Overview
PyTorch is one of the most popular and widely-used machine learning toolkits out there. Originally developed and released as an open-source project by Facebook, now Meta, the software was handed over to the Linux Foundation in late 2022, which now runs it under the aegis of the PyTorch Foundation. . Unfortunately, the project was compromised by means of a supply-chain attack during the holiday season at the end of 2022, between Christmas Day [2022-12-25] and the day before New Year’s Eve [2022-12-30]. The attackers malevolently created a Python package called torchtriton on PyPI, the popular Python Package Index repository. . The TensorFlow framework encountered a security incident during the New Year of 2023 caused by an infected Ruby gem.. PyTorch Security, Supply Chain Attack, Machine Learning Risks. . LinuxSecurity.com Team
Jan 02, 2023
•
Hacks/Cracks
83
remote accessmalwaresecurity riskRising Malware Threats in Windows Subsystem for Linux (WSL)
The number of malware strains targeting WSL is growing. . Windows Subsystem for Linux (WSL) is becoming a breeding ground for malware , cybersecurity researchers are saying. While WSL-based malware is not particularly new (spotted as early as September 2021), it’s been rising in popularity among cybercriminals of late. Speaking to BleepingComputer, cybersecurity researchers from Lumen Technologies said they’ve managed to track more than 100 samples since then. The samples vary in complexity, as well as features on offer. While some are relatively simple, others enable threat actors to remotely access devices, run arbitrary code, steal authentication cookies from specific browsers , or download files. . The Windows Subsystem for Linux (WSL) is increasingly viewed as a potential hotspot for malicious software, prompting alarm bells to ring amongst cybersecurity professionals.. Windows Subsystem for Linux, Malware Threats, Cybersecurity Risks, Remote Access Issues. . LinuxSecurity.com Team
Jun 01, 2022
•
Hacks/Cracks
81
security threatuser privacymalicious softwareChrome Extensions Threat: 33 Million Downloads In Eavesdropping Campaign
Have you heard that Google has removed scores of malicious and fake Chrome extensions being used in a global eavesdropping campaign? . The threat was spotted by Awake Security, which detected 111 of the malicious extensions over the past three months. When it notified Google of the issue last month, it claimed that 79 were present in the Chrome Web Store, where they had been downloaded nearly 33 million times. Figures for the others not in the official marketplace are hard to calculate for obvious reasons. “These extensions can take screenshots, read the clipboard, harvest credential tokens stored in cookies or parameters, grab user keystrokes (like passwords), etc,” it said in a report detailing the investigation. . The discovery of over 33 million downloads of harmful Chrome extensions poses a critical risk to security, underscoring the importance of protecting user privacy.. chrome extensions, malicious software, eavesdropping threats, user privacy. . LinuxSecurity.com Team
Jun 19, 2020
•
Privacy
83
network threatscyber attacksmalicious softwareUnderstanding Network Risks Linked to Blu-Ray Exploits and Java Flaws
British hacker Stephen Tomkinson has found two Blu-Ray-borne attacks. His first exploit relies on a poor Java implementation in a product called PowerDVD from CyberLink. PowerDVD plays DVDs on PCs and creates menus using Java, but the way Oracle's code has been used allows naughty folk to circumvent Windows security controls.. The result, the NCC Group consultant says, is that it's possible to put executables onto Blu-Ray disks and to make those disks run automatically on startup even when Windows is set to stop that outcome. Users would have no reason to suspect the whirring of an optical drive indicated unknown software was running, making this a potentially nasty attack. The link for this article located at The Register UK is no longer available. . The result, the NCC Group consultant says, is that it's possible to put executables onto Blu-Ray dis. british, hacker, stephen, tomkinson, found, blu-ray-borne, attacks, first, exploit, relies. . LinuxSecurity.com Team
Mar 02, 2015
•
Hacks/Cracks
78
security advisorysecurity issuebrowserWebGL Advisory: New Threats In 3D Graphics Exploits by Context
Context highlights additional WebGL vulnerabilities and raises more questions for Khronos. 16 June 2011: Researchers at Context Information Security who exposed security flaws in WebGL last month have identified further concerns about early implementations of the new technology that allows web pages to draw fast 3D graphics to deliver a much richer experience to web users. In one example, a vulnerability in the Mozilla Firefox browser made it possible for malicious web pages to capture any screenshot from a target PC . Cybersecurity analysts have revealed new vulnerabilities in WebGL, raising serious concerns about internet browser security and the dependability of 3D user interfaces. WebGL Security, Browser Threats, 3D Graphics Issues. . LinuxSecurity.com Team
Jun 16, 2011
•
Vendors/Products
83
cyber threatmalicious softwarezeus trojanZeus Banking Trojan Attack on Firefox: A Growing Concern for Users
Reports have surfaced that Internet Explorer users are not the only targets of the Zeus banking Trojan - Firefox users are now also under threat.. Security vendor Trusteer said that Zeus 1.6 was in the wild, while a beta version called version 2 of it was being tested with certain criminal groups that had access to the earlier versions. The main difference between these and the prior versions is that they target the Firefox browser as well. Trusteer said it is being found on one of every 3,000 computers it monitors. Zeus, which has been around since late 2005, has been used by criminal organisations to commit targeted attacks against bank customers. It does this by keystroke logging and spreads through drive-by downloads or phishing attacks. Older Zeus versions have usually been sold on the black market bundled with services. The Zeus botnet with an admin panel, web injection scripts and an exploit system could be bought for around $400. From the six months to March, security vendor Trend Micro blocked nine million attempted Zeus-related attacks. The link for this article located at The Inquirer is no longer available. . Security vendor Trusteer said that Zeus 1.6 was in the wild, while a beta version called version 2 o. reports, surfaced, internet, explorer, users, targets, banking. . LinuxSecurity.com Team
Apr 22, 2010
•
Hacks/Cracks
74
malwareDDoSbotnetDisabling Botnets: Tactics Against Decentralized Malware Networks
For many years, malware authors have been using the web to assemble infected computers into botnets (networks of malware compromised machines), and security professionals and law enforcement systematically work to take these botnets down. Malware authors have clear objectives: stealing personal information, sending spam, conducting distributed denial of service (DDoS) attacks and other such criminal activity for profit. . Increasing success in disabling botnets by security professionals has meant malware programmers have had to change their tactics. One such modification has been to use decentralized communications rather than hierarchical structures for controlling botnets. This reduces the risk of a botnet being disabled by removing infected hosts, especially the high-value command-and-control (C&C) servers which coordinate the bots The link for this article located at SecurityPark is no longer available. . Cybercriminals evolve strategies as defenders improve techniques to dismantle networks and prevent infiltrations.. botnet control, malware adaptation, cybersecurity strategies. . Bill Locke
May 01, 2007
•
Network Security
74
cyber threatsthreat mitigationsecurity challengesUnderstanding Cybersecurity Threats from Viruses and Worms
Viruses and worms pose some of the most formidable threats in the modern computer security land-scape. With some virus writers on the bleeding edge of technology, making use of 0-day exploits and innovative techniques to circumvent system security features. However, for every Blaster, there. The link for this article located at Symtantec is no longer available. . The digital realm faces escalating threats from advanced malware like viruses and worms, exploiting software vulnerabilities and risking data security. Threat Mitigation Techniques, Malicious Software, Cyber Security, Modern Threats, Computer Protection. . Brittany Day
Nov 21, 2006
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More