Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
82
cybersecuritysoftware developmentprogramming practicesWhite House ONCD Advocates Memory-Safe Programming Adoption
The Office of the National Cyber Director (ONCD) emphasizes the urgent need for developers to adopt memory-safe programming languages like Rust to minimize vulnerabilities in software. The ONCD's Back to the Building Blocks: A Path Toward Secure and Measurable Software" report is a strong recommendation rather than an executive order or law. . What Is ONCD's Recommendation for Secure Software Development? Memory-unsafe languages such as C and C++ have long been a staple in software development, but significant cybersecurity risks have also accompanied it. As Anjana Rajan, the ONCD Assistant National Cyber Director for Technology Security, points out, past catastrophic cyber incidents like the Morris worm and the Heartbleed vulnerability have often stemmed from memory safety vulnerabilities. The prevalence of security bugs in the C language is a significant issue. Almost 50% of reported vulnerabilities in the seven most widely used languages over the past decade were in C. While factors like its longevity and widespread use can contribute to this statistic, Kees "Case" Cook, a Google Linux kernel security engineer, notes that C's inherent weaknesses and undefined behaviors make it prone to security flaws. The growing endorsement of memory-safe languages like Rust by industry giants such as Microsoft further emphasizes the need for a fundamental shift in programming practices. Microsoft Azure's CTO Mark Russinovich advises developers to avoid using C or C++ and opt for Rust. This aligns with Microsoft's ongoing efforts to rewrite core libraries in Rust and integrate them into their products, like Microsoft 365. This has significant implications for the security community, as it signals a shift towards safer programming languages and the potential abandonment of traditional languages like C and C++. From the perspective of a Linux admin, infosec professional, internet security enthusiast, or sysadmin, ONCD's report highlights the immediate impact and long-term consequences of usingmemory-unsafe languages. The report prompts critical thinking and raises important questions regarding the security of existing codebases. It also serves as a call to action for these professionals to consider adopting memory-safe languages and implementing advanced diagnostics to improve software security. Our Final Thoughts on ONCD's Recommendation The recommendation from the White House's Office of the National Cyber Director to move towards memory-safe programming languages like Rust sheds light on the critical issue of software vulnerabilities. Making informed decisions in software development can help minimize cybersecurity risks. Industry leaders' growing endorsement of memory-safe languages and the potential long-term consequences for traditional languages like C and C++ should prompt a renewed focus on software security and adopting safer programming practices. What are your thoughts on ONCD's recommendation? Do you agree or disagree? Connect with us on X @lnxsec and let's have a discussion! . The ONCD's latest advisory highlights the need for a shift to memory-secure programming languages to combat cybersecurity threats in software engineering. Memory Safety, Secure Languages, Cybersecurity Recommendations. . Brittany Day
Mar 04, 2024
•
Government
82
secure developmentthreat managementcybersecurity educationEnhancing Cybersecurity Education for Safe Software Practices
It could be years before the results of education show up in software that is being sold, but the effort is needed more than ever because the problem is getting worse, officials said. Describing the problems facing Internet users, Hale said an increasing number of cyberattacks are done for profit. . . .. It could be years before the results of education show up in software that is being sold, but the effort is needed more than ever because the problem is getting worse, officials said. Describing the problems facing Internet users, Hale said an increasing number of cyberattacks are done for profit. "Worms are turning machines into mail servers," he said. "Your machines are being used to spam. There's profit in this game now." The link for this article located at Federal Computer Week is no longer available. . Enhancing training for software developers is essential to address the rising challenges of cyber security and guarantee the creation of safe applications.. Cybersecurity Education, Secure Development, Threat Management. . Anthony Pell
Mar 26, 2004
•
Government
77
risk managementphp securitysecurity guidelinesEffective Security Practices for PHP Scripts With Safe Mode Strategies
The way to secure PHP scripts is through a carefully selected combination of configuration settings and safe programming practices. Based on the vulnerabilities that we have studied so far, we will now set forth to establish some rules that can help avoid dangerous situations. . . .. The way to secure PHP scripts is through a carefully selected combination of configuration settings and safe programming practices. Based on the vulnerabilities that we have studied so far, we will now set forth to establish some rules that can help avoid dangerous situations. PHP can be set up so that it executes scripts in a restricted environment to decrease the amount of damage that can be inflicted by insecure programs. This modus operandi is called "safe mode". The configuration directive safe_mode in php.ini turns safe mode on and off. The safe_mode_exec_dir directive specifies a directory from which scripts can be loaded. PHP will not execute a script if it is not in this directory. Furthermore, PHP will not let a script call another program that is not in this directory. This way, even if there is a security hole in the script that allows attackers to run arbitrary commands on the script, they will be limited to whatever is in the safe mode executable directory. The link for this article located at EarthWeb is no longer available. . Enhance your PHP script security by employing robust configurations and adhering to best coding principles to reduce vulnerability exposure.. PHP Security Practices, Script Configuration, Safe Programming Guidelines. . LinuxSecurity.com Team
Nov 14, 2001
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More