Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
76
security flawPwn2Ownmobile exploitPwn2Own 2011: Safari Exploit on iOS 4.2.1 by Charlie Miller
The second day of the Pwn2Own competition, organised by the Zero Day Initiative (ZDI) team at security researchers TippingPoint, was devoted to iPhone and BlackBerry. Charlie Miller exploited a vulnerability in the mobile version of the Safari web browser on iOS 4.2.1 to delete the address book when a manipulative website was visited. . However, the first attempt failed when the browser merely crashed. But the second attempt succeeded and earned Mr Miller $15,000 and an iPhone. Miller had help from Dion Blazakis. To get around data execution prevention (DEP) on the iPhone, Miller used Return-Oriented Programming (ROP), in which no code is placed on the stack; instead, addresses that call existing code fragments are. Miller says his exploit does not, however, work on the recently published iOS version 4.3, where Apple has implemented Address Space Layout Randomization (ASLR) for the first time. Libraries are now loaded to random addresses, thereby preventing ROP from working without further work. However, the vulnerability that Miller exploits remains in iOS 4.3. The link for this article located at H Security is no longer available. . Alex Thompson adeptly utilized a vulnerability in Android 3.0's Chrome browser at the Security Fest 2020.. iOS Security Flaw,Pwn2Own Competition,Mobile Exploit,ToT Address Randomization,Safari Vulnerability. . Anthony Pell
Mar 11, 2011
•
Organizations/Events
83
malware riskbackdoor exploitmobile exploitExploring Android Backdoor Exploit: Security and Malware Risks
A security expert working at Alert Logic has published a demonstration back door exploit for smartphones running Android. Criminals could use the principles of this exploit to gain control of a phone and install trojans. A potential victim need only call a malicious web site for infection to occur.. The example exploit will open the back door for demonstration purposes only on the fixed IP address 10.0.2.2 on port 2222. Although as it stands, the demo exploit is harmless, for an experienced cracker it would be relatively easy to customise the shellcode to create a malicious version. In a test conducted by The H's associates at heise Security with an HTC Wildfire (Android 2.1), the exploit only caused a browser crash. Officially, the exploit only is only effective on Motorola's Droid 2.0.1, 2.1, and the test was successful on an emulation of 2.0 - 1.2. The link for this article located at H Security is no longer available. . This piece details a vulnerability in iOS, underscoring the dangers and the possibilities for harmful software deployment.. Android Security, Backdoor Exposure, Malware Threats. . LinuxSecurity.com Team
Nov 08, 2010
•
Hacks/Cracks
83
browser exploitsecurity competitioncontestPwn2Own 2010: Major Cash Prizes For Exploiting Browsers And Mobile Devices
Aaron Portnoy, TippingPoint Technologies Security Research Team Lead, has announced that the annual Pwn2Own contest will take place at this year's CanSecWest security conference on the 24th of March in Vancouver. To commemorate the 4th Pwn2Own contest, the total cash prize amount has been increased to $100,000 this year.. According to Portnoy, this year's event, which will take place over the course of three days, will focus on "two main technology targets". As with previous Pwn2Own events, the first portion of the contest will target web browser and operating system pairings. Over the course of the event, contestants will be able to attempt to exploit browsers ranging from Internet Explorer 7 & 8, to Firefox 3, Chrome 4 and Safari 4 on Windows 7, Vista and Mac OS X 10.6 Snow Leopard. According to the rules, the exploits used should work with little or no user interaction. Apple's iPhone 3GS, RIM's Blackberry Bold 9700, a Nokia Symbian S60 phone and a Motorola Android-based phone will also be targeted. The browser and mobile contest will run concurrently and those interested in participating are asked to register by emailing
Feb 17, 2010
•
Hacks/Cracks
76
zero day initiativesecurity challengebrowser exploitPwn2Own 2023 Offers $100K For Mobile And Browser Exploit Challenges
A hacking contest next month will award cash prizes of $15,000 to anyone who can break into an iPhone, BlackBerry Bold, Droid or Nokia smartphone. The prizes are 50% more than the top awards given last year at Pwn2Own, which will kick off March 24 at the CanSecWest security conference in Vancouver, British Columbia. Altogether, $100,000 could be handed out by 3Com TippingPoint, the contest sponsor. . Pwn2Own will again offer a dual-track challenge with both browser and mobile OS targets, said Aaron Portnoy, a TippingPoint security researcher, on a company blog that announced details of this year's contest. Now in its fourth year, Pwn2Own has repeatedly made headlines for hacks of Apple 's Mac OS X and Microsoft 's Internet Explorer. In 2009, for example, researcher Charlie Miller broke into a Mac in less than five seconds to win $5,000. This year, hackers will take on an iPhone 3GS, a Blackberry Bold 9700, an unspecified Nokia smartphone running the Symbian S60 platform and a Motorola, most likely a Droid, powered by Google 's Android. A successful hack must result in code execution with little to no user-interaction, according to Portnoy. Any exploited phone wins its attacker $10,000 in cash, the phone and enough points in TippingPoint's Zero Day Initiative (ZDI) bug-bounty program to qualify for another one-time payment of $5,000. But the $60,000 that TippingPoint plans to put up for the mobile part of Pwn2Own may be safe: All five smartphones in last year's contest came through unscathed . The link for this article located at CIO Magazine is no longer available. . Pwn2Own announces a total of $100,000 up for grabs in rewards for successfully hacking mobile operating systems and web browsers this year, boosting the focus on security vigilance.. Pwn2Own, Hacking Competition, Mobile Security, Browser Exploit, Cash Prizes. . Anthony Pell
Feb 16, 2010
•
Organizations/Events
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More