Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
210
local privilege escalationsecurity flawssystem securityExploring Local Privilege Escalation Risks In Linux And Windows Systems
Recently discovered flaws impacting Linux and Windows users alike could give attackers the highest system privileges. Remediations have been released for a security shortcoming affecting all Linux kernel versions from 2014 that can be exploited by malicious users and malware already deployed on a system to gain root-level privileges. . Microsoft's Windows 10 and the upcoming Windows 11 versions have been found vulnerable to a new local privilege escalation vulnerability that permits users with low-level permissions access Windows system files, in turn, enabling them to unmask the operating system installation password and even decrypt private keys. "Starting with Windows 10 build 1809, non-administrative users are granted access to SAM, SYSTEM, and SECURITY registry hive files," CERT Coordination Center (CERT/CC) said in a vulnerability note published Monday. "This can allow for local privilege escalation (LPE)." The link for this article located at The Hacker News is no longer available. . New vulnerabilities in both Windows and Linux platforms have been discovered, permitting adversaries to escalate privileges. Swift action is essential to mitigate the risks.. Linux Kernel Flaws, Local Privilege Escalation, Windows Vulnerabilities. . Brittany Day
Jul 21, 2021
•
Security Vulnerabilities
79
security advisoryremediationvulnerability managementMaximize Open-Source Security in Linux Using WhiteSource Solutions
When it comes to modern applications, did you know that up to 80% of code is made up of open-source components? There are several reasons why open-source software is utilized, including its cost-effective nature, reliability, and the freedom to access, modify, and distribute source codes. Yet, the nature of open-source components means security efforts can be overlooked. After all, developers usually take components which are readily available and implement them within their own projects. This saves considerable time where they gain useful features without having to write their own code. It also means exploits can exist – and these can be easily missed when working on applications. There are plenty of examples where an organization has been devastated by lackadaisical open-source security. The most infamous was back in September 2017. Equifax, the international credit reporting agency, suffered a hack on an unprecedented scale. The open-source component known as Apache Struts2 featured an exploit, and this was all it took for attackers to make off with the personal data of at least 143 million people . As a result, it is essential your organization doesn’t just detect vulnerabilities in open-source code, but also rectifies any issues before they cause damage. This is where WhiteSource can take center stage for your Linux projects. Open-source security: the challenges Open-source security relies on a community-based approach. SAST and other technology for application security testing are beneficial for proprietary code, but it’s a different story with Open Source. The community is very much a resource for identifying and fixing vulnerabilities found within code. However, even though the open-source community is capable of devising fixes for vulnerabilities, there’s one point to remember: Open Source isn’t controlled by one authority. It is a decentralized operation. This means information about vulnerabilities/fixes is spread across various resources, which ultimately resultsin it being impossible for organizations to match these to their own applications. What is WhiteSource? So how can a corporation keep its open-source inventory secure? To avoid a potential ticking time bomb due to vulnerable components, one of the best solutions on the market is WhiteSource. In essence, WhiteSource allows you to automatically check every open-source component found within your applications. By doing this, you can stay secure from vulnerabilities while also enforcing all license policies during the development lifecycle of your software. Along with staying secure from hackers, it also results in faster, smoother, and more affordable development. The following points will go through the steps the WhiteSource platform takes to keep software safe, and why 1.3 million developers use it for their projects. Detecting vulnerabilities As mentioned already, even with community feedback, it’s difficult to know which of your open-source components feature any vulnerabilities. WhiteSource can rectify that issue – and go beyond any manual application checks. The platform detects any vulnerability in an application, including those found in your transitive dependencies, and does this across 200+ programming languages. Along with this comprehensive database, WhiteSource cuts out those resource-eating false positives. Plus, the platform’s patented Effective Usage Analysis tool ensures your development team can prioritize the vulnerabilities that truly need resolving. Vulnerability remediation When a vulnerability has been detected, it’s essential that it is corrected as soon as possible. When the community issue trackers list a vulnerability, hackers are quick to react in an effort to exploit the security flaw. Due to remediation requiring the cooperation of your developers and security teams, a swift fix for vulnerabilities is not always possible – especially if they’re working on code they didn’t write themselves. With WhiteSource; however, you canaccurately pinpoint any vulnerable functionality found within your code. It also maps out how your application is using the vulnerability. With these insights, you can significantly reduce your remediation efforts. WhiteSource adds further convenience by suggesting fixes for any vulnerability. Whether this is a configuration change to the system blocking a certain function or a link to the latest patches, the platform lists all known remedies. WhiteSource also automates the process for every new issue discovered. Continuous monitoring When you factor in the sheer size of the open source community in terms of data and combine this with its decentralized nature, it is practically impossible to manage every facet of open-source security manually. This is why an automated solution like WhiteSource is so vital for the process. When it comes to monitoring, it is vital to combine shift right and shift left testing. The “shift right” methodology is particularly imperative as open-source project vulnerabilities are usually found years after the release of the vulnerable version. The good news: WhiteSource keeps automatic track of the latest deployed version of a component. As for “ shift left ”, this approach allows developers to spot vulnerable components prior to them even being downloaded from the Internet. WhiteSource’s browser extension, Web Advisor, ensures developers can pick the most suitable component right from the start. WhiteSource also enables you to automatically enforce quality/security/license compliance policies throughout the software development life cycle. By automating this aspect, you can save considerable time and resources compared to manually reviewing new components. . . Open-source software may harbor security flaws; learn how WhiteSource safeguards your Linux applications proficiently.. Open Source Security, Vulnerability Management, WhiteSource, Software Integrity, Application Monitoring. . LinuxSecurity.com Team
Jan 25, 2021
•
Security Projects
83
security advisorythreatmalwareFBI Alert: Reboot Your Routers Against VPNFilter Malware Threat
The FBI is urging small businesses and households to immediately reboot routers following Cisco's report that 500,000 infected devices could be destroyed with a single command.. The malware, dubbed VPNFilter, was developed by the Russian state-sponsored hacking group Sofacy, also known as Fancy Bear and APT28, according to the FBI, which last week obtained a warrant to seize a domain used to control the infected routers. The link for this article located at ZDNet is no longer available. . The Cybersecurity Agency recommends that individuals restart their modems to mitigate the impact of the VPNFilter virus associated with Russian adversaries compromising numerous gadgets.. VPNFilter, Router Security, Malware Removal, Cybersecurity, State-Sponsored Attacks. . LinuxSecurity.com Team
May 29, 2018
•
Hacks/Cracks
79
malwaredetectioncybersecurityInnovative Method To Tackle Sality Botnet Infections Effectively
On Tuesday, a user who is known as "lawabidingcitizen" posted an unusual request to the Full Disclosure mailing list, a forum that is mainly used by the security community: "Please do not take down the Sality botnet." . The contributor says that he found a way of dramatically reducing the number of infected computers after analysing the botnet. He adds that the required actions are unlawful, however, but proceeds to describe the method in considerable detail and makes special tools for the task available. Essentially, the method involves exploiting the botnet update feature to inject a scrubbing tool that causes the trojans to remove themselves from the zombie computers. The author has also released an adapted version of AVG's Sality Removal Tool. In addition, lawabidingcitizen has developed a Python script that produces a list of the URLs that are currently used for updating the bot code. When tested by The H's associates at heise Security, the script did display URLs that deploy malicious code. Virus scanners such as Avast, G Data and Ikarus detected the Win32.Eldorado malware, which has connections to Sality. The link for this article located at H Security is no longer available. . Investigate a peculiar inquiry linked to the Sality botnet and explore a viable strategy for minimizing the number of compromised devices efficiently.. malware remediation,Sality botnet tools,cybersecurity defenses,Eldorado detection. . LinuxSecurity.com Team
Mar 28, 2012
•
Security Projects
74
security practicesrisk assessmentremediationEffective Vulnerability Management Strategies for Organizations
DON'T shortchange remediation. Surprisingly, organizations will perform vulnerability scans, or hire someone to conduct a scan, get a report and then not follow through. They may cherry-pick one or two critical items and neglect the rest. The result is that the organization has spent time and money without doing much for its security.. "Some organizations stop at detection as an end point," says Chenxi Wang, a principal Forrester analyst. "That tells you where you are, but doesn't do much for your risk posture." The link for this article located at CSO Online is no longer available. . Entities need to emphasize correction over mere identification to enhance their risk management stance.. Vulnerability Management,Risk Assessment,Security Practices,Remediation Strategies,Scanning Tools. . Alex
Feb 14, 2011
•
Network Security
74
incident responsesecurity incidentattack mitigationMitigation And Remediation Strategies For Unix Security Incidents
As we all know, prevention, detection and response are our three main lines of defence against threats, with a good administrator putting most focus on prevention. As the old adage goes, "an ounce of prevention is worth a pound of cure" - a 1:16 ratio for the metrically inclined - but there's always going to be the odd occasion where prevention fails, either through a lack of time or a mistake in one's security procedure. In this article we describe a few hardening and alerting methods for Unix servers that help block vectors for various attacks, including two web-based application attacks and the brute-forcing of SSH passwords. The article then looks at what an administrator should do post-compromise. These incidents have been drawn from both honeypots and real systems. . Today, devices such as stateful firewalls are common and people are paying more attention to vendor patches. This correlates with a trend of more attacks being carried out at the application level. For example, we are seing more and more instances of SQL injection, SSH password guessing, cross-site scripting attacks and leveraging browser flaws. For the purposes of this article, we assume the reader has a reasonable firewall configuration and that he makes an effort to keep up with OS and application patches; if not, this is an area to fix this first. We all benefit from applying a defence-in-depth strategy - ideally a network should still be secure even if any single security measure fails. The link for this article located at is no longer available. . Today, devices such as stateful firewalls are common and people are paying more attention to vendor . prevention, detection, response, three, lines, defence, against, threa. . Brittany Day
Jul 24, 2006
•
Network Security
74
network securitymalwarecountermeasuresUnderstanding Spyware Risks and Protection for Enterprise Networks
Spyware is challenging spam and viruses for the top spot on IT worry lists. Spyware poses considerable threats and risks to enterprise networks and remediation and countermeasures are now being regarded as critical to network security. . How Spyware Threatens Enterprises Spyware is defined as covertly installed software that hijacks web browsers, invades Internet user privacy, displays unsolicited and offensive advertising, and impedes PC performance. The most commonly cited spyware issues worrying enterprise IT staff are loss of productivity and increased helpdesk costs; liability associated with privacy violations; intellectual property theft, information and premature disclosure; and loss of credibility and damage to brand. The link for this article located at Dave Piscitello is no longer available. . Malware presents a serious risk to corporate infrastructures. Discover essential strategies for safeguarding against attacks.. Spyware Protection Strategies, Enterprise Malware Defense, Network Security Practices. . Joe Shakespeare
Jan 11, 2005
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More