Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
83
security advisorymalwareadobe readerAdobe Reader: Unpatched Flaw Exposes Users to ZeuS Bot Threat
According to several reports by anti-virus vendors, criminals have attempted to exploit an unpatched hole in Adobe Reader disclosed about two weeks ago to infect Windows PCs. The relevant malware includes the particularly dangerous ZeuS bot. The specially crafted documents are apparently sent to users as email attachments.. The "Launch Actions/Launch File" function in Adobe Reader allows the execution of scripts or EXE files embedded in PDFs. Although Adobe Reader asks users to agree to the execution of the file, this dialogue can be designed in such a way that users have no idea they may be allowing an infection in to their systems. Sophos have posted a demo which tries to persuade users to click an OK button on their blog. A report from M86Security describes a PDF document that tries to install the ZeuS bot. When opened, the document tries to save a further PDF document which contains the actual malware. The documents are probably nested in an attempt to trick virus scanners. Interestingly, Reader opens a user dialogue before saving the file, but Foxit automatically saves the file without requesting confirmation. The current version of Foxit at least opens a dialogue when trying to start the bot that is hidden in the PDF The link for this article located at H Security is no longer available. . Intrusive efforts to take advantage of a vulnerability in Microsoft Word allow cybercriminals to run code, such as Dridex malware, through DOCX documents.. Adobe Reader Exploit, Malware Threats, PDF Security Risks. . LinuxSecurity.com Team
Apr 16, 2010
•
Hacks/Cracks
83
security flawmalicious codecode injectionExploring Malicious Code Spreading Through PDF Exploits
Security researcher Jeremy Conway says he has discovered a way to spread malicious code across PDF documents on a victim's computer. The attack leverages a flaw in the way the PDF file format works, adding malicious data to legitimate PDF files that could then be used to attack anyone who opens them.. Conway, a product manager with NitroSecurity, had already developed a technique for injecting the malicious commands into PDFs. But his attack only worked when there was some other malicious program on the system that added the code. That all changed last week, when researcher Didier Stevens showed how a PDF document could be altered to run an executable file on a victim's computer. "When I saw Didier's hack, it was the first time I could do it from completely inside the PDF," Conway said. Hackers have known for some time that PDF readers could be manipulated in this way, but Stevens' attack showed how one reader -- Foxit Reader -- could launch the executable without even notifying the user. Foxit has now patched this bug, but the underlying flaw in the PDF standard can't be fixed without changing the PDF standard itself. The link for this article located at Computer World is no longer available. . Conway, a product manager with NitroSecurity, had already developed a technique for injecting the ma. security, researcher, jeremy, conway, spread, malicious, across. . LinuxSecurity.com Team
Apr 08, 2010
•
Hacks/Cracks
83
malwaresecurity risksuser awarenessInvestigating Risks And Exploits Associated With Adobe Reader PDFs
A security researcher has demonstrated a mechanism that exploits PDF files without taking advantage of any particular vulnerabilities. Didier Stevens' proof of concept exploit relies on running an executable embedded in a PDF file - something that ought to be blocked - by launching a command that ultimately runs an executable.. In the case of Adobe Reader, such attempted launches generate a pop-up dialog box asking users if they want to proceed. However, this is not necessarily a major hurdle because Stevens was also able to manipulate the text displayed by the pop-up in a way that might easily fool most users. "With Adobe Reader, the only thing preventing execution is a warning," Stevens explains. "Disabling JavaScript will not prevent this, and patching Adobe Reader isn The link for this article located at The Register UK is no longer available. . Discover how a cybersecurity analyst altered PDF documents, which were free from flaws, to sway user decisions in Adobe Acrobat.. PDF Threats, Security Exploits, Adobe Reader Risks, Malware Mechanisms, User Awareness. . LinuxSecurity.com Team
Apr 06, 2010
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More