Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
77
security advisorymalware riskdnsNCSC Security Advisory: DNS Hijacking Attacks on Home Routers
Have you heard that the NCSC has warned about DNS hijacking threats focusing on home routers? These attacks aim to modify the settings on home routers, potentially via cross-site request forgery (CSRF) web-based attacks, so that they use rogue DNS servers. The end goal is to secretly redirect the user to a phishing page or one capable of installing malware on their machine. . The UK’s National Cyber Security Centre (NCSC) has issued a warning about DNS hijacking threats, as reports emerge of widespread attacks in Brazil affecting 180,000 users. The NCSC posted the advisory on Friday as a follow-up to one issued in January. DNS hijacking attackers typically take control of an authoritative DNS server, change the entries stored there and in so doing covertly redirect users to servers under their control, in a Man in the Middle attack. The link for this article located at InfoSecurity is no longer available. . The UK’s Cyber Security Agency (NCSA) alerts users to potential DNS spoofing risks affecting residential routers, stressing the vulnerabilities involved.. DNS Hijacking, Home Router Attack, NCSC Security Alert, Cybersecurity Threats, Malware Redirection. . LinuxSecurity.com Team
Jul 16, 2019
•
Server Security
83
network securityphishing techniquerouter attackKaspersky: 4.5 Million Routers Hacked Using CSRF and DNS Tactics
During a presentation at the Virus Bulletin Conference in Dallas, Fabio Assolini from Kaspersky Lab described how criminals in Brazil managed to compromise 4.5 million DSL routers for months without being noticed. . For their attack, the criminals first used two Bash scripts and a Cross-Site Request Forgery (CSRF) attack to change the admin password and then manipulated the router's DNS server entry. The CSRF attack even allowed them to bypass any existing password protection. Once compromised, the PCs were redirected to specially crafted phishing domains that mainly targeted users' online banking credentials; the attackers had set up 40 DNS servers to handle this redirection. The attack was limited to large parts of Brazil's IP address space. The link for this article located at H Security is no longer available. . For their attack, the criminals first used two Bash scripts and a Cross-Site Request Forgery (CSRF) . during, presentation, virus, bulletin, conference, dallas, fabio, assolini, kaspersky. . LinuxSecurity.com Team
Oct 03, 2012
•
Hacks/Cracks
83
xss exploitrouter attackmac addressRouter Location Theft Threat: Understanding XSS Exploit Risks
If you're surfing the web from a wireless router supplied by some of the biggest device makers, there's a chance Samy Kamkar can identify your geographic location. That's because WiFi access points made by Westell and others are vulnerable to XSS, or cross-site scripting, attacks that can siphon a device's media access control address with one wayward click of the mouse. . Once in possession of the unique identifier, Kamkar can plug it in to Google's Google Location Services and determine where you are. "It's actually scary how accurate it is," said Kamkar, the author of the Samy Worm, a self-replicating XSS exploit that in 2005 added more than 1 million friends to his MySpace account and in the process knocked the site out of commission. "I've found that with a single MAC address, I've always been spot on with the tests I've done." Kamkar, who tweeted about the vulnerability Tuesday, has posted a proof-of-concept attack here. For now, it works only on FiOS routers supplied by Verizon, and then only when users are logged in to the device's administrative panel. With a little more work, he said he can make it exploit similar XSS holes in routers made by other manufacturers. The link for this article located at The Register is no longer available. . Once in possession of the unique identifier, Kamkar can plug it in to Google's Google Location Servi. you're, surfing, wireless, router, supplied, biggest, device, makers. . LinuxSecurity.com Team
Jan 27, 2010
•
Hacks/Cracks
83
broadband securityhome network securitydrive-by pharmingDrive-By Pharming Risks for Home Broadband Users' Routers
Millions of broadband users are at risk for a new kind of attack called drive-by pharming, which targets password weaknesses in the victim's router, researchers from Symantec Corp. and Indiana University warned Thursday The threat is greatest for those who don't change their default passwords after using them to bring the router online. According to an informal study by Indiana University, up to 50% of home broadband users fail to reset the password after installing their router. . "What worries me if that it's so simple for people to fall for this kind of attack," said Zully Ramzan, senior principal researcher for Symantec Security Response. "Most people connect to the Internet through broadband today, but they don't adequately protect their routers." The link for this article located at ChannelNews is no longer available. . Worries escalate regarding emerging assault strategies aimed at broadband subscribers' routers and vulnerabilities in password protections.. Drive-By Pharming, Router Vulnerability, Password Management. . LinuxSecurity.com Team
Feb 19, 2007
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More