Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
79
risk managementsecurity measuressecurity frameworkEnhancing Security Effectiveness Through Proven Strategies
For the last few months, I. I The link for this article located at Newschool Security / Adam Shostack is no longer available. . IThe link for this article located at Newschool Security / Adam Shostack is no longer available.. months, article, located, newschool, security, shostack. . LinuxSecurity.com Team
Jul 22, 2015
•
Security Projects
76
IT leadershipsecurity surveyorganizational securityGlobal Information Security Survey: Perceptions of IT Security Leadership
An astonishing number of survey respondents believe they are IT security leaders. But what does it really take to be a leader, and how does your organization stack up? A surprisingly high. That was one surprising finding of this year's annual Global Information Security Survey, conducted by CSO and CIO magazines in partnership with PricewaterhouseCoopers. More than 9,600 business and technology executives from around the world took the survey, and 43 percent of those surveyed believe their organizations are IT security leaders. The other categories respondents could choose from were strategist, tactician and follower. Obviously those enterprises, by definition, can't all be at the forefront of security. "Most of these 'leaders,' in my opinion, have a false sense of their level of security," says Mark Lobel, a principal in the advisory services division of PwC. The link for this article located at CSO Online is no longer available. . The Worldwide Cybersecurity Assessment uncovers unexpected findings regarding perceptions and methodologies of IT security governance.. IT Leadership, Security Survey, Organizational Insights. . Anthony Pell
Oct 04, 2011
•
Organizations/Events
72
risk managementsecurity policydesktop firewallEstablishing Effective Desktop Firewall Policies for Security
The idea of a common desktop firewall policy in any size organization is a very good thing. It makes responses to external or internal situations such as virus outbreaks or network-oriented propagation of viruses more predictable. In addition to providing a level of protection against port scanning, attacks or software vulnerabilities, it can provide the organizations local security team a baseline or starting point in dealing with such events. The purpose of this article is to discuss the need for a desktop firewall policy within an organization, determine how it should be formed, and provide an example of one along with the security benefits it provides an organization. . The trick to a good desktop firewall policy is to provide a balance between security and the networking requirements of the applications needed by the organization. It's possible the organization may not yet have a complete knowledge of these requirements. This should make the first attempt to define a standard/global policy interesting, depending on the level of protection one is trying to provide and the situation or environment the desktops may be in. One thought on an initial policy is to provide a port-based firewall with all inbound ports blocked on the desktop. On the other hand, an old school of thought might involve one blocking only the ports that need to be blocked, by estimating software network requirements and then combining this with an effort to also block the most obvious of possible vulnerabilities or services. Evaluating FTP, Windows IIS or NetBIOS requirements might provide a first pass at a standard global policy. Our old school of thought again would leave the balance tipped toward the (as yet unknown) network requirements of the software, and less toward protection. In other words, offer functionality over security. While providing consistency, cases where the desktop (or laptop) is located off site may not fully satisfy security requirements of the organization. The link for this article located at is no longeravailable. . An effective desktop firewall strategy harmonizes protection with operational requirements for businesses.. Firewall Standards, Desktop Security Policy, Network Defense. . Brittany Day
Jun 07, 2006
•
Firewalls
74
security practicespassword managementorganizational securityTen Proven Strategies For Effective Password Management In Organizations
Passwords are fatally flawed, it's true, but for now they are the best option for many companies. But almost everybody could be managing them more effectively. In all likelihood passwords will remain a problem until the very day they are replaced by technologies such as biometrics, which is the direction the industry appears to be heading. However, until that day comes, below are some tips for fostering a culture of secure and more effective password management. . 1. Passwords must not be written down If it seems incredible that we are still talking about password management at all, then it is unimaginable that we have to make this first point. If staff are writing down their passwords, having been told why they must not do so, then the system is too complex and too much is being asked of them. Companies must strike a balance between security and usability because a failure to understand the latter can easily undermine the former. So consider whether employees have been properly educated about the need to keep passwords secure and then consult the measures below if you need to update your password policy. The link for this article located at https://www.zdnet.com/ is no longer available. . Strengthen your security framework through practical password stewardship strategies for your business.. Password Management,Sensitive Authentication,User Education,Security Policies. . Brittany Day
May 20, 2006
•
Network Security
74
risk managementorganizational securitydefensive strategyEnhancing Corporate Security With 10 Key Strategies for Readiness
This 10-point game plan will push the risks and liabilities associated with cybersecurity to the forefront of the corporate agenda and help to dramatically increase your preparedness. But this program won't remove the threat or eliminate the need for strong walls until the technology industry puts better weapons at our disposal. . . .. This 10-point game plan will push the risks and liabilities associated with cybersecurity to the forefront of the corporate agenda and help to dramatically increase your preparedness. But this program won't remove the threat or eliminate the need for strong walls until the technology industry puts better weapons at our disposal. For now, a truly secure enterprise remains the Holy Grail. Even before the Internet, computer security was a problem. In the 1986 movie War Games, we saw a young Matthew Broderick hacking his way into the computer that controls the U.S.' nuclear command and control. Today's hackers are the phone freakers of the 1980s, emulating telephone noises to obtain free long-distance calls. Viruses and worms have been part of the background noise of cyberspace since its earliest days. So what's new? Well, the numbers tell the tale. In 2000, there were 21,000 reported virus incidents. Three years later, the number was more than six times higher. In 2002, the worldwide cost of worms and viruses was estimated at $45 billion; August 2003 alone saw costs of almost the same magnitude, while the annual cost will rise 300% year over year. Twenty-seven million Americans have been the victims of identity theft in the past five years, but one-third of that total were victimized in the past 12 months. Patches to correct the kind of commercial-software vulnerabilities that hackers target most frequently were once issued at a rate of maybe 10 per month. In 2002, they appeared at a rate of dozens per week. And in 2003, worms that used to take several days to travel around the globe spread to more than 300,000 systems on six continents in less than 15 minutes from launch. Theimplications are huge for corporate America. Five years ago, U.S. corporations spent 2% to 3% of their IT budgets on security; now that portion is roughly 8% to 12% (see chart at left). And the worst is, it hasn't helped. In recent months, even the most security-aware companies have been victimized. These include airlines, large banks, electric utilities, investment houses, railroads, and other critical infrastructure enterprises that have developed IT security policies and spent lavishly on defensive technologies. The link for this article located at SecurityPipeline is no longer available. . This 10-point game plan will push the risks and liabilities associated with cybersecurity to the for. 10-point, risks, liabilities, associated, cybersecurity. . Anthony Pell
Jan 07, 2004
•
Network Security
67
risk managementsecurity practicesorganizational securityBruce Schneier Insights on Managing Security Processes Effectively
Here's an excellent (as always) article by Bruce Schneier on the process of thinking about security. "Security is a process, not a product. Products provide some protection, but the only way to effectively do business in an insecure world . . .. Here's an excellent (as always) article by Bruce Schneier on the process of thinking about security. "Security is a process, not a product. Products provide some protection, but the only way to effectively do business in an insecure world is to put processes in place that recognize the inherent insecurity in the products. The trick is to reduce your risk of exposure regardless of the products or patches." It ends with a list of things to keep in mind when you're the one responsible for security in your organization.. Bruce Schneier emphasizes a holistic security strategy that combines risk management with an understanding of evolving threats, urging proactive vulnerability recognition.. Bruce Schneier Insights, Effective Security Management, Risk Mitigation, Organizational Security Practices. . LinuxSecurity.com Team
Apr 20, 2000
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More