Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
76
cyber defenseinformation sharingthreat intelligenceExploring New England Cyber Center's Cyber Defense and Resilience Efforts
The Advanced Cyber Security Center is a three year old organization with a bold mission to . Network World editor in Chief John Dix attended their most recent meeting in Boston and later tracked down ACSC Executive Director Charlie Benway and ACSC Board Chair William Guenther (CEO and Founder of Mass Insight) for a deep dive on the organization The link for this article located at Network World is no longer available. . The Innovative Digital Defense Hub aims to bolster community strength via knowledge exchange and partnership.. Advanced Cyber Security, Cyber Defense, Network Security, Threat Intelligence. . Alex
Dec 17, 2014
•
Organizations/Events
82
internet securitymilitary communicationanonymous accessDARPA SAFER Program: Secure Access For Military Communications
Internet security experts at the U.S. Defense Advanced Research Projects Agency (DARPA) in Arlington, Va., are asking industry to develop ways to guarantee the military safe and anonymous access to the Internet amid hostile attempts to disrupt government cyber communications. . DARPA released a broad agency announcement Thursday (DARPA-BAA-10-69) for the Safer Warfighter Communications (SAFER) program to develop technology that gives the military services safe, resilient Internet communications -- particularly to frustrate third-party attempts to identify and locate end users or block Internet communications. DARPA wants industry to develop technology that also provides the quality of service to enable the government to use Internet services like instant messaging, e-mail, social networking, streaming video, voice over Internet protocol (VoIP), and video conferencing. The four-year SAFER program concerns any technologies that enable anonymous Internet communications to bypass techniques that suppress, localize, and/or corrupt information such as: Internet protocol (IP)-address filtering or "blocking," typically by blacklisting the IP addresses of Websites or other services -- possibly by the network operator -- to deny the user access; domain naming service (DNS) hijacking, redirecting a user to a different website or service from what the user intended, by supplying a false reply to the user's domain name resolution request; and content filtering that captures and analyzes the content of the user's network traffic through deep packet inspection to check whether the traffic contains predefined signatures or sensitive keywords. The DARPA SAFER program involves three technical areas of interest: ways to measure and evaluate the system; tools to overcome the suppression, localization, and corruption of Internet communications; and support to host the developed technology, provide configuration management, and use an existing server-side network test bed. Companies interested should respond to DARPA by 6 July 2010, and the solicitation's final closing is 24 Nov. 2010. DARPA's program manager for the SAFER initiative is Drew Dean, who can be reached by e-mail at
May 22, 2010
•
Government
82
incident responsefederal securitycybersecurity initiativeKey Priorities for Cybersecurity in the Private Sector by Howard Schmidt
Cybersecurity coordinator Howard Schmidt also announces release of unclassified version of Obama administration's plan for securing government, private industry networks. During a Town Hall meeting session here today, the nation's new cybersecurity czar mapped out his top priorities in the post and provided a glimpse at how the Obama administration might handle security issues with other countries.. In a keynote address earlier in the day, national cybersecurity coordinator Howard Schmidt also announced that the White House was releasing an unclassified version of its plan for securing government and private industry networks -- the so-called Comprehensive National Cybersecurity Initiative, which is now available for download from the White House Website (PDF). Among Schmidt's priorities are the "resilience" of federal government networks and ensuring those networks are properly secured, and ensuring that private-sector partners also have sufficiently secured systems and networks. "The government is not going to secure the private sector," Schmidt said. "[But] we are making sure our [private sector] partners have more security as part of what we're doing." And when it comes to security incident response (IR), he says, these firms have not had a central point of contact. He says he's looking over IR issues for these partners, who want to know who to call when an incident occurs and how to protect their intellectual property. Schmidt says he also wants to ensure state and local governments have law enforcement cyber operations. The link for this article located at Dark Reading is no longer available. . In a keynote address earlier in the day, national cybersecurity coordinator Howard Schmidt also anno. cybersecurity, coordinator, howard, schmidt, announces, release, unclassified, version, obama. . Alex
Mar 03, 2010
•
Government
74
DoS threathack attacksnetwork resilienceIETF Launches Working Group on ICMP Traceback Messages for DoS Threats
The Internet engineering community is developing technology that promises to minimize the damage these hacker attacks cause by quickly identifying the computer systems where they originate. . . .. The Internet engineering community is developing technology that promises to minimize the damage these hacker attacks cause by quickly identifying the computer systems where they originate. The Internet Engineering Task Force (IETF) last week launched a working group to develop ICMP Traceback Messages, which would let network managers discover the path that packets take through the Internet. Nicknamed itrace, the new working group plans to submit a proposed standard for traceback messages to the IETF leadership next January. The link for this article located at NWF is no longer available. . The online technical community is working on innovations to reduce the impact of distributed denial-of-service attacks.. Denial of Service, Network Management, Internet Engineering, IETF, Hacker Attacks. . Anthony Pell
Jul 27, 2000
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More