Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
77
security advisorysystem managementsoftware updatesAPT Package Management Overview in Debian Linux Systems
What Is APT in Linux?. APT is the package management system used in Debian-based Linux distributions to install, update, and remove software. It runs through commands like apt install, pulling software from configured sources instead of downloading it manually. When a program needs other components to work, those are installed at the same time, so nothing is left incomplete. APT sits between the command and the system. It checks what’s already installed, looks at what’s available, and works out the full set of changes before starting the install. That’s why packages usually install cleanly. Everything is resolved first, so you don’t end up chasing missing pieces after the fact. Why APT Is Important for Linux Users APT matters because it keeps software installs from turning into maintenance work later. Centralized software management: Everything comes from defined sources. Instead of downloading programs manually, a linux package manager like APT keeps software organized in one place so it’s easier to track and manage. Automatic dependency handling: Software rarely runs alone. APT pulls in what’s needed alongside it, so installs don’t fail because something small was missed. Consistent updates and patching: The same system that installs software also updates it. Packages stay in sync, and patching doesn’t drift into manual fixes over time. Reduced risk vs manual installs: Most issues come from partial installs or version mismatches. APT resolves that up front, so changes land cleanly instead of leaving cleanup behind. It’s not just about installing software. It’s about keeping the system stable as more gets added over time. How APT Works APT follows a structured flow every time a command runs, which is really how APT works under the surface. Repositories APT doesn’t pull software from random websites. It checks configured sources, called repositories , which are maintained collections of packages the system trusts. Eachrepository holds programs along with details about their versions and what they need to run. When a command runs, APT looks there first instead of reaching out blindly. Package Lists and Updates Before installing anything, APT needs to know what’s available. That’s what sudo apt update does. It refreshes the local list of packages by syncing with those repositories, so the system knows what versions exist and what can be installed. Without the update , APT works with outdated information, which is where install issues usually start. Installation and dpkg Once that list is current, installation becomes predictable. APT figures out what the program needs, pulls those packages, and then passes everything to dpkg, which is the tool that actually installs the files onto the system. APT handles the logic. dpkg handles the actual install. Step What Happens User command apt install or similar is triggered APT Reads package lists and resolves what is needed Repositories Provide package data and files dpkg Installs files onto the system Result Software is installed and usable That flow is what keeps installs consistent. It’s a chain of controlled steps, not a single action firing in isolation. APT vs apt-get: What’s the Difference? The difference between apt and apt-get is that apt is a newer, user-facing command for managing packages, while apt-get is an older, lower-level tool commonly used in scripts. Feature apt apt-get User experience Cleaner output, progress indicators, easier to follow during installs Minimal output, built for consistency Functionality Groups common package tasks into one command More explicit command set, each action separated Best use case Every day use on a system Scripting, automation, and older guides Most systems default to apt for regular work. apt-get tends to stay where output stability matters, like scripts or older automation that hasn’t been touched in a while. Is APT Secure? APT is secure in normal use, but only as long as the sources it pulls from stay controlled. It verifies packages before installing them, so software doesn’t just land on the system unchecked. GPG signature verification: Packages are signed, and APT checks those signatures before anything is installed Trusted repositories: By default, software comes from official sources that are maintained and monitored Maintainer vetting: Packages go through packaging and review processes before they’re published apt-secure: This is what enforces those checks and blocks anything that can’t be verified The signature check is what actually holds this together. Packages are tied to known keys, and APT verifies those before install, so anything that doesn’t match gets stopped early. Problems usually don’t come from APT itself. They show up when new sources get added or trust boundaries change, which is where it starts to matter. Frequently Asked Questions About APT These tend to come up once installs are working and attention shifts to what’s actually being trusted. Can you get a virus from apt-get install? Not if it’s coming from a trusted repository. Packages are signed and verified before installation, so random malware doesn’t just get pulled in. It changes when the source changes. If a repository isn’t trustworthy, APT will still install from it once it’s added, and that’s where bad packages can come through. Why should you trust APT? APT doesn’t install blindly. It checks packages against known keys and only proceeds if they match what the repository claims. That trust is layered. Maintainers, signed packages, and controlled repositories all play a role, so it’s not relying on a single check. How does APT verify packages? Each package is signed with a key. APT checks that signature against its trusted key list before installing anything. If it doesn’t match, the install stops. That’s how modified or tampered packages get caught. Is APT safer than downloading software manually? In most cases, yes. APT pulls from known sources, verifies what it installs, and resolves everything the software needs ahead of time. Manual installs skip those checks. That’s where missing files, bad versions, or modified downloads start showing up. What happens if you add an untrusted repository? APT will treat it like any other source once it’s trusted. That’s the part people miss. At that point, it can install whatever the repository provides, which is how unstable or malicious packages end up on the system. Final Thoughts on APT Security APT ends up being one of those tools that fades into the background once it’s working. It handles installing, updating, and keeping software consistent without turning every change into manual work, which is really the point behind what APT is in Linux in the first place. It’s also why the question of is apt safe doesn’t have a simple yes or no. The system itself is built to verify and control what gets installed, but that only holds if the sources stay trusted and the setup isn’t bypassed. Keep it simple, stick to known repositories, and most of the risk never shows up. . Explore APT in Linux, its role in software management, security features, and why it's essential for users.. APT Package Management, Debian Security, Linux Software Updates. . MaK Ulac
Mar 23, 2026
•
Server Security
83
security advisorysoftware deploymentdata leakPyTorch Nightly Builds Compromised: Urgent Action Required
Users who deployed the nightly builds of PyTorch between Christmas and New Year's Eve likely received a rogue package as part of the installation that siphoned off sensitive data from their systems. The incident was the result of an attack called dependency confusion that continues to impact package managers and development environments if hardening steps are not taken. . "If you installed PyTorch nightly on Linux via pip between December 25, 2022, and December 30, 2022, please uninstall it and torchtriton immediately, and use the latest nightly binaries (newer than December 30, 2022)," the PyTorch maintainers said in a security advisory . PyTorch is a framework for developing machine learning applications in the fields of computer vision and natural language processing that is a continuation of the older and no longer maintained Torch library. PyTorch was originally developed by Meta AI, the artificial intelligence laboratory of Meta, Inc., but is now an open-source project maintained by the PyTorch Foundation under the Linux Foundation's umbrella. . Individuals using PyTorch's nightly builds from late December 2022 could have inadvertently downloaded a malicious module that jeopardized private information.. PyTorch, Supply Chain Attack, Dependency Confusion, Package Security, Data Protection. . LinuxSecurity.com Team
Jan 05, 2023
•
Hacks/Cracks
77
debiansystem administrationsecurity featuresStreamlining Debian Security: Effective Administration With DPKG
Debian has a package manager (DPKG) that resolves dependency problems automatically. It help us to automatically keep up to date programs looking for new versions on the internet, resolving and completing the files and libraries dependencies which a package requires, making system administration easy and keeping us up to date with the new security changes.. . .. Debian has a package manager (DPKG) that resolves dependency problems automatically. It help us to automatically keep up to date programs looking for new versions on the internet, resolving and completing the files and libraries dependencies which a package requires, making system administration easy and keeping us up to date with the new security changes. It also shows some important and substantial security features: it doesn't have commercial goals, also doesn't obey mercantile urgencies, It has a good pursuit of errors, problems are fixed in less than 48 hours and it's priority is to develop a complete and reliable operating system. From a security and reliability standpoint, it's better to have separate hard disk partitions for directories that are large, and especially to separate those which are frequently-changing (/tmp and /var) from those that can be mounted read-only except when installing software (/usr). Some people also make separate partitions for /home and /usr/local. Separate partitions mean that if one gets corrupted, the others won't be affected. It also means you can mount some partitions (especially /usr and /boot) read-only except when doing system administration: this decreases the likelihood of corruption or mistakes dramatically. Don't do the distribution default, which is usually to put everything in one partition. Of course, you can go overboard if you use too many partitions, and if you don't anticipate your sizes correctly you may end up with wasted space in some partitions and not enough space in others. In that case you'll either have to back up the files and repartition, or use symbolic links to steal space from anotherpartition. Both strategies are undesirable, so think beforehand about how many partitions are appropriate for this machine, which directories contain irreplaceable data, and leave some extra space for unexpected additions later. The link for this article located at Linux Gazette is no longer available. . Explore the ways in which Ubuntu's APT tool enhances security oversight and streamlines system configuration.. Debian Package Manager, System Administration, Security Features. . LinuxSecurity.com Team
Apr 03, 2003
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More