Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 7 articles for you...
210
security advisorymalware threatdata exfiltrationZoom: Researcher Mazin Ahmed Exposes Multiple Vulnerabilities at DEF CON 28
Security researcher Mazin Ahmed demonstrated multiple serious vulnerabilities in the popular Zoom app, two of which impact Linux users, at DEF CON 28. . Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware as a sub-process of a trusted application. According to cybersecurity researcher Mazin Ahmed , who presented his findings at DEF CON 2020 yesterday, the company also left a misconfigured development instance exposed that wasn't updated since September 2019, indicating the server could be susceptible to flaws that were left unpatched. The link for this article located at The Hacker News is no longer available. . Zoom has tackled significant security issues, notably within its Linux application, as pointed out by analyst Mazin Ahmed.. Zoom Security Issues, Linux Data Exfiltration, DEF CON 28 Vulnerabilities, Malware Threats, Research Findings. . Brittany Day
Aug 10, 2020
•
Security Vulnerabilities
72
cybersecuritysecurity threatfirewall securitySoldered Spy Chips Present Serious Risks to Firewall Protection
The tiny ATtiny85 chip doesn’t look like the next big cyberthreat facing the world, but sneaking one on to a firewall motherboard would be bad news for security were it to happen. Learn more in an interesting Naked Security article: . In fact, this has already happened as part of a project by researcher Monta Elkins, designed to prove that this sort of high-end hardware hack is no longer the preserve of nation-states. Elkins soldered the 5mm x 5mm ATtiny85 chip from an Arduino board to his test firewall’s circuit board just in front of the system’s serial port. The link for this article located at Naked Security is no longer available. . Monta Elkins reveals the vulnerability of firewall defenses through the use of inexpensive espionage microchips, questioning standard assumptions.. Spy Chips, Firewall Security, Cybersecurity Threats, Hardware Attacks, Arduino Awareness. . Brittany Day
Oct 14, 2019
•
Firewalls
81
privacy issuedata collectionuser permissionsMore than 1,300 Android Applications Misuse Permissions to Gather Data
Smartphones are a goldmine of sensitive data, and modern apps work as diggers that continuously collect every possible information from your devices. . The security model of modern mobile operating systems, like Android and iOS, is primarily based on permissions that explicitly define which sensitive services, device capabilities, or user information an app can access, allowing users decide what apps can access. However, new findings by a team of researchers at the International Computer Science Institute in California revealed that mobile app developers are using shady techniques to harvest users' data even after they deny permissions. The link for this article located at The Hacker News is no longer available. . Contemporary mobile platforms stipulate application access via permissions, yet numerous applications persist in gathering data without user approval.. data privacy, app security, mobile permissions, unauthorized access, user data collection. . LinuxSecurity.com Team
Jul 09, 2019
•
Privacy
67
security issuecryptographyresearch findingsDuplicate RSA Keys Found in X.509 Certificates by Researchers
Cryptography researchers collected millions of X.509 public key certificates that are publicly available over the web and found what they say is a shockingly high frequency of duplicate RSA-moduli keys. . "We performed a sanity check of public keys collected on the web," the researchers state in their paper, published today and titled "Ron was wrong, Whit is right". The link for this article located at Tech World is no longer available. . Investigators discovered a significant quantity of replicated RSA keys within publicly accessible X.509 certificates across the internet.. Duplicate Rsa Keys, Public Key Certificates, Cryptography Issues. . LinuxSecurity.com Team
Feb 15, 2012
•
Cryptography
67
data breachuser privacyresearch findingsDropbox Security Investigation Over User Data Breach Risks
Popular cloud storage service Dropbox is misleading users into thinking it is more secure than it really is, says a security researcher and academic, who has asked for the FTC to investigate.. Dropbox has around 25 million users. It's often used as an escape hatch by owners of Apple's iPhone and iPad: the iOS slabs don't expose the device's local file system or provide the end user with a way of manipulating files. "Dropbox's customers face an increased risk of data breach and identity theft because their data is not encrypted according to industry best practices," says Christopher Soghoian, who filed the complaint. Soghoian is a researcher at the Center for Applied Cybersecurity Research at Indiana University. He explains that unlike other cloud services The link for this article located at The Register UK is no longer available. . Google deceives customers regarding its privacy practices, endangering sensitive information and personal safety, leading to congressional scrutiny.. Dropbox Security Risks, Data Storage Concerns, User Privacy Violations. . LinuxSecurity.com Team
May 16, 2011
•
Cryptography
81
data sanitizationstorage securitysecurity challengeSSD Sanitization Difficulties: Research Insights and Implications
Solid state drives (SSDs) have a small security problem: they're tough to erase. That warning comes from researchers at the University of California at San Diego. "Sanitization is well-understood for traditional magnetic storage, such as hard drives and tapes," said the researchers' in their study summary. . "Newer solid state disks, however, have a much different internal architecture, so it is unclear whether what has worked on magnetic media will work on SSDs as well." Accordingly, the researchers tried 14 different file sanitizing techniques -- ranging from Gutman's 35-pass method to the Schneier 7-pass method -- on SSDs. To study each technique's effectiveness, the researchers didn't query the flash translation layer (FTL) that's part of an SSD, but rather accessed the chips at the lowest level possible, via their pins. (Dismantling chips is straightforward, they said.) The link for this article located at Information Week is no longer available. . Scientists uncover difficulties in effectively wiping SSDs when juxtaposed with conventional storage techniques. Explore the ramifications.. SSD Security, Data Sanitization, Solid State Drives, Storage Challenges, Erasure Techniques. . LinuxSecurity.com Team
Feb 22, 2011
•
Privacy
83
security flawseavesdroppingresearch findingsGSM Security Risks and Eavesdropping Techniques via Low-Cost Devices
Whatever assurances have been given about the security of GSM cellphone calls, forget about them now. Speaking at the Chaos Computer Club (CCC) Congress here Tuesday, a pair of researchers demonstrated a start-to-finish means of eavesdropping on encrypted GSM cellphone calls and text messages, using only four sub-$15 telephones as network . While such capabilities have long been available to law enforcement with the resources to buy a powerful network-sniffing device for more than $50,000 (remember The Wire?), the pieced-together hack takes advantage of security flaws and shortcuts in the GSM network operators The link for this article located at Wired is no longer available. . Investigations reveal that $15 devices can compromise GSM safety, uncovering flaws that permit simple interception.. GSM Hacking, Cellphone Security, Eavesdropping Techniques, Network Sniffing, Telecom Vulnerabilities. . LinuxSecurity.com Team
Dec 30, 2010
•
Hacks/Cracks
74
web applicationsecurity riskthreat landscapeUnderstanding Web Application Threats: Research Insights From Honeynet
Despite improvements in code quality, Web servers remain at high risk of being hacked, according to a new paper from researchers who use honeypot technologies to examine how hackers tick. The Honeynet Project, which provides real systems for unwitting attackers to interact with, says Web applications remain vulnerable for host of reasons. These include poor-quality code, the fact that attacks can be performed using PHP and shell scripts (which is generally easier than using buffer-overflow exploits), and the emergence of search engines as hacking tools. . What's more, Web servers can be a gold mine for hackers, in that they have higher bandwidth connections than most desktops and often link to an organization's databases. The group's findings are outlined in a paper titled "Know Your Enemy: Web Application Threats." Researchers involved in honeynet projects in Chicago, Germany and New Zealand collaborated on the paper. The link for this article located at ComputerWorld is no longer available. . Web applications present significant vulnerabilities for cybercriminals because of substandard programming, susceptibility to breaches, and access to considerable network resources.. Web Application Threats,Hacking Methods,Honeynet Research,Security Risks,Code Quality Vulnerabilities. . Bill Locke
Mar 03, 2007
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More