Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
78
security advisoryencryption standardsmission criticalRocky Linux 8 and 9.2 Confirm FIPS 140-3 Compliance for Enhanced Security
Rocky Linux has taken a major leap forward by achieving FIPS 140-3 compliance for versions 8 and 9.2. This achievement makes the already popular distro an even more attractive option for admins managing environments that require stringent encryption and cryptographic standards, such as in government agencies and regulated industries. . This recent achievement also makes Rocky Linux a trusted open-source alternative for mission-critical workloads in industries that are often hesitant to adopt open-source technology. Beyond raising encryption standards, FIPS 140-3 compliance minimizes vulnerabilities and reduces liability risks—a win-win for organizations prioritizing security. For us admins, the message is clear: adopting and properly configuring Rocky Linux 8 or 9.2 ensures secure, enterprise-grade cryptographic functionality, enabling us to build resilient systems without sacrificing the flexibility of open-source software. In this article, I'll explore what FIPS 140-3 compliance means for Rocky Linux users, how it can improve your overall security posture, and the practical steps you can take to maximize the benefits of this certification. Understanding FIPS 140-3 and its Significance for Rocky Linux Admins Federal Information Processing Standards (FIPS) 140-3 is an evaluation and certification standard established by the U.S. government that validates cryptographic modules used in software, devices, and systems. It's designed to ensure encryption-related functions meet stringent security requirements while being resilient against attacks. FIPS 140-3 certification is essential in industries where privacy and security are of utmost importance. For instance, this certification is particularly vital when protecting sensitive government data, safeguarding patient records in healthcare systems, or securing transactions in the financial sector. Rocky Linux versions 8 and 9.2 now meet FIPS 140-3 requirements, giving organizations confidence that this open-source platform meets federal andindustry security regulations for workloads in regulated environments. FIPS-compliant cryptographic modules provide encrypted communications, data integrity protection , secure access controls, and communication across systems. This gives us admins peace of mind as we deploy Rocky Linux, knowing it meets expectations for secure computing as outlined by government and industry regulators. Rocky Linux achieving FIPS certification marks a significant shift within the open-source ecosystem. While open-source solutions have historically had their credibility questioned in regulated environments, Rocky Linux's FIPS achievement demonstrates that community-driven platforms can deliver enterprise-grade security without relying on proprietary operating systems to meet compliance requirements. As a result, Rocky Linux is an attractive option among organizations looking to reduce their dependency while meeting compliance obligations. Why FIPS Compliance Enhances Security Posture FIPS compliance offers organizations significant value by assuring encryption functions are operating securely under audited standards. Cryptographic modules form the cornerstone of system security, protecting sensitive information while also securing communications and providing strong authentication solutions. Any vulnerabilities within these modules could expose organizations to significant risks, including data breaches, unapproved access, and noncompliance fines. By installing Rocky Linux 8 or 9.2 in environments that require FIPS-certified cryptographic functions, we can substantially reduce these risks. FIPS compliance offers peace of mind because encryption systems within Rocky Linux have passed thorough tests assessing algorithm strength, key management practices, and protection against potential exploits. This validation reduces cryptographic vulnerability risks while ensuring that critical workloads are protected with industry-leading standards. FIPS compliance provides another key advantage during regulatory audits.Many industries, including healthcare and finance, require organizations to demonstrate that they adhere to security standards during routine evaluations. Rocky Linux, equipped with FIPS-compliant cryptographic modules, makes this easier. Administrators simply document their use of certified software without needing complex workarounds or additional justification for operating environments that require FIPS compliance. How Does Rocky Linux's Achievement Benefit Us Admins? Those looking to take full advantage of Rocky Linux's FIPS 140-3 compliance should ensure they are running either Rocky Linux 8 or 9.2 and configure their systems securely. Admins will need to assess whether specific workloads, systems, or applications require further adjustments to fully comply with FIPS compliance standards. They might need to enable specific cryptographic libraries or disable non-compliant algorithms to align systems with FIPS guidelines. Understanding these nuances will help us maximize the benefits of this certification while ensuring consistency across different environments. Rocky Linux adoption can also help organizations strengthen their security posture in other ways. FIPS certification enables admins to replace less secure or non-compliant tools and platforms with standard ones for managing cryptographic security. This reduces complexity for security teams, improves audit readiness, and mitigates liabilities associated with outdated or insecure infrastructure. Bridging the Gap Between Open Source and Enterprise Security Rocky Linux's FIPS certification marks an outstanding victory not just for its users but for open-source technology in general. Open-source solutions have traditionally found it challenging to gain widespread trust across regulated industries due to concerns about consistency, vendor support, and compliance readiness. Rocky Linux is evidence that modern open-source platforms can meet even the most stringent security standards. At a time when organizations are increasinglylooking to diversify their technology stacks while reducing license fees and vendor lock-in, Rocky Linux stands as an attractive drop-in replacement for CentOS, appealing to organizations seeking stability and community-driven support. Thanks to FIPS 140-3 compliance, Rocky Linux has become even more suitable as a secure choice when government standards must be met, making it especially appealing to organizations that want to deploy open-source solutions while maintaining tight security control. FIPS certification extends far beyond technical considerations. Rocky Linux now carries more credibility within industries accustomed to proprietary solutions, potentially speeding adoption rates by businesses seeking cutting-edge open-source tools without jeopardizing compliance in regulated environments . Furthermore, this opens the door for admins to take full advantage of Linux's flexibility without compromising enterprise-grade security—an invaluable feature when managing modern IT infrastructures. Our Final Thoughts on This Notable Achievement Rocky Linux's FIPS 140-3 certification is a significant step forward for those seeking an open-source platform that meets enterprise-grade security standards. Deployed across government agencies, regulated industries, or businesses seeking to adopt modern best practices, Rocky Linux stands out as an impressive candidate for fulfilling mission-critical workloads. Rocky Linux administrators gain an enormous opportunity with Rocky's FIPS certification: an enterprise-grade solution that offers unsurpassed flexibility at a reasonable cost, simplifying compliance while mitigating everyday risks. By adopting Rocky Linux 8 or 9.2, we can realize the full potential of FIPS certification, not only improving our security posture but also paving the way for further open-source adoption in sensitive environments. Looking ahead, Rocky Linux's rising credibility in security-focused industries indicates promising progress - not only for users themselves but for allopen-source ecosystems. Its combination of flexibility, security, and trust makes Rocky Linux an indispensable resource in building resilient systems in an era when reliability and security must always come first. . Achieving FIPS 140-3 compliance in Rocky Linux strengthens encryption standards and minimizes vulnerabilities in controlled settings.. FIPS Compliance, Rocky Linux Security, Encryption Standards. . Brittany Day
Apr 29, 2025
•
Vendors/Products
78
linux distributionlinux updatemigrationCentOS 8 End Of Life: Migrate To Rocky Linux Or AlmaLinux Today
CentOS Linux 8 has reached end of life, meaning it’s time to migrate your installations to an alternative distro like Rocky Linux or AlmaLinux OS. . The time has come to say goodbye to the CentOS Linux 8 distribution as it reached end of life on the last day of 2021, December 31st. As of today, the distribution is no longer supported, which means that it will no longer receive software and security updates, making your installations vulnerable to attacks, in time. CentOS Linux is a GNU/Linux distribution built using and compatible with the sources of the commercial Red Hat Enterprise Linux operating system. CentOS Linux 8 was initially released only two years ago, on September 24th, 20219, and it was supposed to be maintained for 10 years, until the year 2029. The link for this article located at 9 to 5 Linux is no longer available. . With CentOS Linux 8 reaching its end of life, transitioning to alternatives such as Rocky or AlmaLinux is crucial for continual security and updates.. CentOS Migration, Alternative Linux Distro, Linux Security. . LinuxSecurity.com Team
Jan 04, 2022
•
Vendors/Products
78
linux distributionLinux distributioncloud infrastructureRocky Linux Project Schedule for Releases in the Second Quarter of 2021
It has now been almost two weeks since the announcement of Red Hat dropping support for CentOS Linux 8 and shifting full focus to its future CentOS Stream - a decison which has led to the creation of Rocky Linux by CentOS creator Greg Kurtzer. . Now, in the very first community update, Rocky Linux Community Manager Jordan Pisaniello has shared all the progress done so far and updates for future releases of Rocky Linux. The team has targeted 2021 Q2 that includes April, May, and June to deliver the first release of Rocky Linux. And the release won’t just be available in standard commercial regions, but it will also be available in AWS GovCloud, and China. The core team is already laying down the infrastructure to deliver and support an initial release. It has also selected AWS (Amazon Web Services) as the primary build platform for the development of Rocky Linux. . The Community Director of Rocky Linux provides insights regarding the launch of Q2 2021, emphasizing advancements and strategies for infrastructure development.. Rocky Linux, Linux Distribution, Community Update, Cloud Infra. . LinuxSecurity.com Team
Dec 23, 2020
•
Vendors/Products
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More