Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 34 articles for you...
78
network threatsserver securityLinux protectionMicrosoft Defender Enhances Linux Security with New EDR Capabilities
Microsoft Defender for Linux - Microsoft's server-based Linux protection program - is now offering a public preview of improved endpoint detection and response (EDR) features. . I know it's still hard for some of you to wrap your minds around it, but Microsoft really does support Linux these days. A case in point: Back in June, Microsoft released Microsoft Defender Advanced Threat Protection (ATP) for Linux for general use . Now, Microsoft has improved the Linux version of Defender, by adding a public preview of endpoint detection and response (EDR) capabilities . This is still not a version of Microsoft Defender you can run on a standalone Linux desktop. Its primary job remains to protect Linux servers from server and network threats. If you want protection for your standalone desktop, use such programs as ClamAV or Sophos Antivirus for Linux. The link for this article located at ZDNet is no longer available. . Red Hat Insights introduces advanced analytics tools, providing predictive capabilities to bolster cloud security and streamline operational efficiency.. Microsoft Defender, Linux Security, Endpoint Protection, Server Threats. . LinuxSecurity.com Team
Nov 18, 2020
•
Vendors/Products
83
network threatsDDoS attacksecurity analysisExploring the Historical Impact and Consequences of DDoS Attacks
In this article, Dave Dittrich discusses the buildup to his discovery of DDoS attacks 20 years ago. I was inspired to start a series of articles on the early history of DDoS by a few recent events. Rik Farrow interviewed me for a forthcoming issue (Fall 2019 Vol. 44, No. 3) ofUsenix ;login: magazine while I was also writing up ahistory of the early days of the Honeynet Project, which refreshed my memory on a number of events in 1999-2000. I also read this MIT Technology Review article on the 20th anniversary of the “first DDoS attack” on the University of Minnesota It took me a little while to remember that July 22 was not the first of the three days that the University of Minnesota spent off-line from persistent flooding. That happened almost a month later. Nor was July 22 even the start of the build up to that event. Now seemed like a good time to clarify this history. . The link for this article located at Medium is no longer available. . Investigating twenty years of Distributed Denial of Service (DDoS) incidents, tracing their beginnings and evaluating consequences on security measures in the digital realm.. DDoS Attacks, Cybersecurity Threats, Attack History, Network Security, Dave Dittrich. . LinuxSecurity.com Team
Jul 24, 2019
•
Hacks/Cracks
83
network threatscyber attacksmalicious softwareUnderstanding Network Risks Linked to Blu-Ray Exploits and Java Flaws
British hacker Stephen Tomkinson has found two Blu-Ray-borne attacks. His first exploit relies on a poor Java implementation in a product called PowerDVD from CyberLink. PowerDVD plays DVDs on PCs and creates menus using Java, but the way Oracle's code has been used allows naughty folk to circumvent Windows security controls.. The result, the NCC Group consultant says, is that it's possible to put executables onto Blu-Ray disks and to make those disks run automatically on startup even when Windows is set to stop that outcome. Users would have no reason to suspect the whirring of an optical drive indicated unknown software was running, making this a potentially nasty attack. The link for this article located at The Register UK is no longer available. . The result, the NCC Group consultant says, is that it's possible to put executables onto Blu-Ray dis. british, hacker, stephen, tomkinson, found, blu-ray-borne, attacks, first, exploit, relies. . LinuxSecurity.com Team
Mar 02, 2015
•
Hacks/Cracks
83
security advisoryunauthorized accessnetwork threatsRemote Code Injection in Network Devices: Millions Affected
During an IP scan of all possible IPv4 addresses, Rapid7, the security firm that is known for the Metasploit attack framework, has discovered 40 to 50 million network devices that can potentially be compromised remotely with a single data packet. . The company says that remote attackers can potentially inject code into these devices, and that this may, for example, enable them to gain unauthorised access to a user's local network. All kinds of network-enabled devices including routers, IP cameras, NAS devices, printers, TV sets and media servers are affected. The link for this article located at H Security is no longer available. . Countless connected gadgets display security flaws, enabling the potential for malicious code execution and unapproved entry threats.. UPnP Vulnerabilities, Remote Device Security, Network Device Threats. . LinuxSecurity.com Team
Jan 30, 2013
•
Hacks/Cracks
67
network threatsinternet securitydnssecDNS Security Study: 0.02% Domains Signed With DNSSEC, Major Threats
Use of the Domain Name System Security Extensions (DNSSEC) specifications for securing domain names increased by 340% from 2009 to 2010. Even so, only 0.02% of Internet zones are now being signed with DNSSEC, and 23% of those are using expired signatures.. Those results come from a new study released by networking automation vendor InfoBlox and Internet testing and monitoring tool vendor the Measurement Factory. While all Internet traffic -- browsing, checking email or conducting e-commerce transactions -- gets routed through domain name servers, the study found that organizations are doing little to safeguard those servers against attacks or outages. "This year's survey results -- along with recent related outages like those experienced by Rollingstone.com and Comcast -- should represent a huge wakeup call for any organization with an Internet presence," said Cricket Liu, VP of architecture at Infoblox, in a statement. The link for this article located at Information Week is no longer available. . An intriguing analysis indicates that a mere 0.02% of registered domains utilize DNSSEC, highlighting substantial vulnerabilities despite increasing awareness.. DNSSEC, Domain Name Security, Network Protection, Internet Threats. . LinuxSecurity.com Team
Dec 08, 2010
•
Cryptography
67
network threatsdata protectionopen sourceExploring Firesheep's Role in WiFi Security Risks and Protection
An open-source Firefox extension called Firesheep has shined a spotlight on just how insecure it is to use unprotected WiFi networks. It's widely known that unprotected WiFi networks make sensitive data readily available for anyone with the technical skill necessary to find it, as demonstrated by Google's four-year Street View WiFi data gathering odyssey. . Google got into trouble for being unaware that software in its Street View cars was vacuuming data, but those broadcasting sensitive information over their networks and those running Web services with inadequate security somehow escaped blame. That may change, thanks to Firesheep, which allows anyone to scan unprotected WiFi networks for users who are logged into Facebook, Twitter, Google, Amazon, and a variety of other Web 2.0 services and to impersonate those users by hijacking their session cookie. The link for this article located at Information Week is no longer available. . WiFi vulnerabilities come to light with Firesheep, highlighting the dangers of unsecured connections that jeopardize user information and facilitate account takeovers.. firesheep, wifi security, open source protection, session hijacking. . LinuxSecurity.com Team
Nov 02, 2010
•
Cryptography
78
network threatsintrusion preventionmalwareUTM Firewall Review: Testing Malware Defense Capabilities
Many of today's UTM boxes have their roots in Linux. Which perform best? The InfoWorld Test Center attacks Astaro, SonicWall, WatchGuard, and ZyXel firewalls, and only one puts up a fight. Indeed, a rapidly growing number of small and mid-size companies are opting for the administrative and operational simplicity of the single-box solution. And so we decided that UTMs aimed at the mid-size company were the perfect group to use for the rollout of InfoWorld's new firewall and UTM test protocols. When we began this process well over a year ago, we asked for input from virtually every firewall and UTM vendor we knew, and we invited every UTM vendor we could find to send us an appliance to test. In the end, four vendors answered the call. Astaro, SonicWall, WatchGuard, and ZyXel submitted units for this first set of tests. . Although all four fulfill the basic definition of a UTM -- combining firewall, VPN, intrusion detection and prevention, anti-malware, anti-spam, and Web content filtering -- we could not have asked for four more diverse units. There are differences in basic approaches to security (by default, allow most normal traffic or allow absolutely nothing), differences in administration capabilities, big differences in throughput, and most important of all, immense differences in effectiveness against malware. The link for this article located at ComputerWorld is no longer available. . Evaluating the security capabilities of five UTM firewalls against ransomware reveals significant discrepancies in their defensive strengths.. Firewalls Review, UTM Testing, Malware Security, Network Threats, Intrusion Prevention. . LinuxSecurity.com Team
May 30, 2009
•
Vendors/Products
83
network threatsbotnetsecurity researchersEmerging Botnets: P2P Architecture Changes Threat Dynamics
Think botnets are bad now? We ain't seen nothin' yet. A select group of some 40 security researchers gathered on April 10 in the first Usenix event devoted to these networks of infected machines. The invitation-only event, called HotBots, was held in Cambridge, Mass. At the event, researchers warned that botnets. Specifically, security researchers have spotted the early development stages of resilient botnets that have included peer-to-peer architectures. Botnets have traditionally been organized in a hierarchical structure, with one central command-and-control location. This centralization has been a blessing to researchers, as it gives them a single point of failure on which to focus. With a P2P botnet, however, there is no centralized point for command and control. Each node in the network acts as both client and server, eliminating the central chokepoint. Individual nodes can be knocked offline, but the gaps in the network will be closed without the loss affecting the botnet's operation or the attacker's control. The link for this article located at eWeek is no longer available. . Cybersecurity analysts alert about the preliminary emergence of a robust botnet structure utilizing decentralized networking, influencing management strategies.. Resilient Botnets, P2P Architecture, Distributed Attack Strategies. . LinuxSecurity.com Team
Apr 17, 2007
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More