Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
78
security advisorymedium severityDoSIntel November Update: Critical CPU Security Flaws and DoS Risks
Intel recently issued critical updates to its CPU microcode , providing fixes for numerous security vulnerabilities across a broad selection of its processors. As part of November 2024's Patch Tuesday event, these updates aim to mitigate two newly disclosed vulnerabilities while offering fixes for some older, previously identified issues. . Addressing these issues promptly is essential for Linux admins to maintain system security and stability. I'll explain the recent Intel updates, their impact on Linux administration, and how you can obtain them. New Security Advisories Intel SA-01101 is classified as a medium-severity denial of service (DoS) issue that could impact specific 4th and 5th Generation Xeon Scalable processors. If exploited, these faulty finite state machines (FSMs) within hardware logic could allow malicious actors to cause denial of service conditions that effectively disrupt regular system operation. Denial-of-service attacks are generally less severe than data breaches or privilege escalations attacks; however, they still pose significant threats, especially in environments that depend on uptime and availability, such as server environments or cloud infrastructure utilizing Intel Xeon processors. Such interruptions could result in downtime, service disruptions, and revenue or credibility losses for an organization. Updates to Previously Disclosed Issues Source: Phoronix Intel has also issued advisories regarding two previously discovered vulnerabilities—Intel SA-01097 and SA-01103— which ensure that systems running older generations of Intel hardware remain protected against known threats. Furthermore, this microcode update includes various fixes for functional issues in Intel Core Ultra CPUs, 12th Generation Core Processors (11th, 13th, and 14th Gen Core), 3rd, 4th, and 5th Gen Xeon Scalable processors, and D-1700, D-1800, and D-2700 processors. These updates help ensure these processors maintain their overall performance and reliabilitypost-security patch installation. Understanding the Impact of These Updates on Linux Admins Linux administrators recognize the significance of microcode updates for CPU microcode vulnerabilities. These vulnerabilities are incredibly complex to address as they require updates at both the OS and firmware levels. Intel's recent updates affect our system administration in the following ways: Security and Stability The primary implication of applying these patches for Linux systems running Intel CPUs with vulnerabilities will be improved security. These patches protect against potential attackers exploiting these weaknesses, especially in data centers, cloud environments, and enterprise servers. Stability is another essential concern. By mitigating denial of service conditions, systems are less likely to experience unexpected downtime—a crucial factor in maintaining high availability and service reliability. Systems administrators can thus ensure a more reliable operation of services. Performance While security patches are crucial, their effects may also adversely impact system performance. Administrators must be wary of potential performance implications when applying these updates. Some microcode updates have historically led to performance regressions, although Intel strives to mitigate these adverse reactions. Implementing These Updates Intel has posted its new CPU microcode binaries on GitHub, so administrators can download authenticated microcode updates directly from its official repository to ensure they apply only genuine versions. Our Final Thoughts on These Recent Microcode Updates Intel's November 2024 CPU microcode update brings critical fixes for recently discovered and previously disclosed vulnerabilities, making them essential to maintain the security and stability of systems using Intel CPUs. Applying these updates can protect your infrastructure from DDoS attacks or privilege escalation vulnerabilities, providing a more reliable and safe operatingenvironment for you and your systems. . Vital Intel processor microcode updates strengthen Linux OS defense and reliability. Tackle problems swiftly.. Intel CPU Security, Microcode Updates, Linux System Stability, DoS Vulnerabilities, Security Patches. . Anthony Pell
Nov 14, 2024
•
Vendors/Products
78
security patchperformance impactmicrocode updateIntel Core CPUs Face Up To 40% Slowdown From Downfall Update
Downfall is the latest speculative execution vulnerability discovered in Intel’s x86 CPU architecture. As custom dictates, the chipmaker has released a microcode update and Linux kernel patches to mitigate the flaw. Like most security fixes, these updates degrade performance as they essentially block speculative execution in certain scenarios. . Phoronix has compiled some benchmarks showing the impact of the security update on Intel’s Core CPUs: Downfall primarily affects Skylake, Ice Lake, and Tiger Lake, and we see performance drops as large as 40% after the update. OpenVKL is 10-12% slower following the patch, while the OSPRay ray-tracing benchmark sees a much larger decline. Ambient Occlusion is a whopping ~40% slower with the new kernel and microcode, while path tracing sees a 20% reduction in real-time performance. . Test findings indicate pronounced declines in performance for Intel’s Core processors following the security patch addressing the Downfall vulnerability.. Intel CPU Security, Microcode Update Impact, Downfall Vulnerability Benchmarks. . LinuxSecurity.com Team
Aug 14, 2023
•
Vendors/Products
79
security advisoryLinux kernelmicrocode updateAMD Family 19h Microcode Update: Inception Vulnerability Mitigation
Following yesterday's disclosure of the AMD "Inception" security vulnerability and the Linux kernel patches merged for reporting the mitigation status as well as the kernel-based handling for earlier generation Zen CPUs, the Family 19h microcode mitigations have now been picked up by the linux-firmware.git repository. . Mitigating the Inception vulnerability for Zen 3 and Zen 4 processors mean updated microcode while earlier Zen CPUs can get by with the kernel patches alone. Today the AMD Family 19h CPU microcode was updated, which covers Zen 3 / Zen 3+ / Zen 4 processors. The update today landed with this commit . As usual there is no formal change-log but simply: * Update AMD cpu microcode for processor family 19h The link for this article located at Phoronix is no longer available. . The latest firmware revision mitigates the Spectre flaw in Intel's Core series, enhancing protection protocols considerably.. AMD Microcode Update, Inception Mitigation, Kernel Security Patches. . LinuxSecurity.com Team
Aug 11, 2023
•
Security Projects
78
security advisoryIntelprocessor securityIntel CPU Microcode Update: Gen8 To Gen 13 Raptor Lake Security Advisory
Well, this is a bit strange... Intel just published Friday afternoon CPU microcode updates for all supported processor families back to Coffee Lake "Gen 8" for undisclosed security updates. . Earlier this week was Patch Tuesday and Intel issued a round of new security advisories for various -- mostly software -- security issues. Of this month's security advisories, there was nothing pertaining to CPU microcode explicitly nor any "Intel Processor" advisories this month. But hitting this Friday afternoon now for the Intel Linux CPU microcode repository are a new set of firmware binaries... The mentioned change is "Security updates for [INTEL-SA-NA]." The ID format is for the Intel Security Advisory (SA) and presumably NA is for "Not Available." Given it's dropping a few days past Patch Tuesday, it would appear to be for some new and not publicly disclosed issue. Concerning as well is the scope of the new CPU microcode for the security update(s) are basically all supported CPU families. From Gen8 Coffee Lake and Whiskey Lake Mobile up through the latest Xeon Scalable Gen 4, Xeon Max, and Gen 13 Raptor Lake are all updated. Plus this is the first time seeing updated CPU microcode published for Alder Lake N CPUs as well as Atom C1100 "Arizona Beach" platforms. The link for this article located at Phoronix is no longer available. . Intel's latest firmware enhancements, spanning from Generation 8 through current processors, tackle unidentified vulnerabilities; learn additional insights.. Intel CPU Microcode, Microcode Updates, Processor Security. . LinuxSecurity.com Team
May 15, 2023
•
Vendors/Products
210
security advisorymicrocode updateIntel SGXIntel SGX: Microcode Patch Needed for PLATYPUS Secrets-Leaking Attack
The new PLATYPUS attack can be used to access and leak encryption keys and other sensitive information from the Linux kernel's memory or Intel SGX enclaves. In response to PLATYPUS, Linux kernel developers have released a security update that revokes unprivileged access to energy consumption data. . Researchers have devised a new method that allows potential attackers to leak sensitive information such as encryption keys from the Linux kernel's memory and Intel SGX enclaves. The attack, dubbed PLATYPUS, abuses a legitimate CPU interface for monitoring and controlling the power consumption. "Using PLATYPUS, we demonstrate that we can observe variations in the power consumption to distinguish different instructions and different Hamming weights of operands and memory loads, allowing inference of loaded values," the team of researchers from the Graz University of Technology, the University of Birmingham in UK, and CISPA Helmholtz Center for Information Security said on a website dedicated to the attack . "PLATYPUS can further infer intra-cacheline control flow of applications, break KASLR, leak AES-NI keys from Intel SGX enclaves and the Linux kernel, and establish a timing-independent covert channel." . Uncover the ways PLATYPUS exploits vulnerabilities to expose confidential data and the critical update to CPU microcode necessary for mitigation.. PLATYPUS Leak, Intel SGX Patch, Microcode Security, Encryption Secrets, Linux Kernel Attack. . Brittany Day
Nov 13, 2020
•
Security Vulnerabilities
83
security advisoryInteldata extractionIntel: Platypus Attack Method Threatens Data Extraction
Security researchers have discovered a new attack method dubbed "Platypus" that can extract data from Intel CPUs. Intel has now released microcode updates to prevent malicious actors from exploiting the Intel RAPL mechanism with Platypus. . A team of academics has disclosed today a new attack method that can extract data from Intel CPUs. Named Platypus , an acronym for " P ower L eakage A ttacks: T argeting Y our P rotected U ser S ecrets," the attack targets the RAPL interface of Intel processors. RAPL , which stands for Running Average Power Limit, is a component that allows firmware or software applications to monitor power consumption in the CPU and DRAM. . A novel exploit technique dubbed Otter has been identified, allowing data retrieval from AMD processors, which has now been mitigated through firmware patches.. Intel Data Extraction, Platypus Attack Method, CPU Security Measures. . LinuxSecurity.com Team
Nov 11, 2020
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More