Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
79
processor securityvulnerability reportingperformanceLinux 6.12 Unveils RISC-V CPU Vulnerability Reporting for Enhanced Security
With our increasingly complex technological ecosystem, ensuring the security and resilience of Central Processing Units (CPUs) has never been more essential. Traditional processors like x86 and ARM have long dominated the market, providing robust performance while facing severe security vulnerabilities. . With Linux 6.12's release comes a new chapter of vulnerability reporting across RISC-V processors . This step unifies RISC-V with industry standards and provides greater transparency and security assurance. In this article, I'll delve into the challenges traditional processors face regarding CPU vulnerabilities, the importance of Linux 6.12's implementation of RISC-V vulnerability reporting, and how this new feature will aid its adoption by mainstream markets. Challenges Faced by Traditional Processors Since their invention, CPUs have become the backbone of modern computing systems. As technology progressed, notable milestones, such as introducing multicore processors and multithreading capabilities, were reached. These innovations have significantly boosted the efficiency and performance of computing systems. Multicore processors allow simultaneous execution of multiple tasks on separate cores, while multithreading allows one core to manage several threads concurrently. These advances, while providing new capabilities, have also introduced additional layers of complexity. A primary security threat facing traditional processors involves side-channel attacks . These exploit the indirect effects of physical operations to gain unauthorized access to information. One such attack is the Spectre attack , which exploits speculative execution - an approach commonly employed by modern CPUs to increase speed - to gain and leak access to secure information. Power consumption patterns can provide insight into ongoing CPU operations, potentially exposing sensitive information. Mechanisms created to enhance CPU performance also render them vulnerable to sophisticated attacks. Features like speculativeexecution, intended to increase speed, can create vulnerabilities instead. As CPU architectures evolve with more cores and threads, the risk of vulnerabilities increases unless significant security measures are implemented to address them. Striking an optimal balance between high performance and robust security is the challenge. Linux 6.12 Introduces RISC-V Vulnerability Reporting Within emerging architectures, RISC-V has rapidly gained prominence, and its inclusion of in Linux 6.12 was an important milestone. Typically only available on x86 and ARM architectures, this feature provides an open window into potential vulnerabilities and their mitigation statuses. This represents a step toward maturation for RISC-V, making its security posture comparable with established architectures. Security researchers and developers from organizations like Huawei and Rivos have played an instrumental role in creating vulnerability reporting mechanisms for RISC-V. Including this feature demonstrates a robust commitment to future-proofing the architecture against potential security threats, signaling to the tech community that RISC-V prioritizes performance and security. Users of RISC-V processors will benefit from generic CPU vulnerability reporting to assess their systems' security status quickly. This transparency is vital, especially in identifying whether known vulnerabilities have compromised them and which are still secure. Vulnerabilities will be reported through an easy-to-access directory within the Linux kernel to provide visibility and ensure ease of access by users and developers. Benefits of RISC-V Vulnerability Reporting Linux 6.12's implementation of vulnerability reporting significantly boosts RISC-V processor security. By offering an organized and transparent mechanism for identifying and mitigating vulnerabilities, RISC-V processors have become an attractive option for industries prioritizing security. This ensures that RISC-V remains future-proof, capable of anticipating possible vulnerabilities before they arise. One of the key ingredients of successful processor adoption is user trust. Users need assurances that their systems will withstand emerging threats without issue. Linux 6.12 boosts confidence in RISC-V processors by providing transparency into vulnerabilities and their mitigation, which helps build trust between users, developers, and industry stakeholders. Adherence to industry standards is paramount for any architecture looking for mainstream adoption. With generic CPU vulnerability reporting now included as part of RISC-V's development, it stands on an equal footing with well-established architectures like x86 and ARM. This alignment establishes RISC-V as ready to compete in mainstream markets and assures stakeholders of its long-term viability and security. One of RISC-V's distinctive strengths is its open-source nature , which fosters collaborative environments for continuous improvement. The vulnerability reporting feature draws upon the expertise of global developers to quickly identify and address security issues, contributing to a more resilient and robust RISC-V architecture. Future-Proofing Potential RISC-V's proactive security features, such as generic CPU vulnerability reporting, exemplify its future-proofing capability. As technology continues to change and emphasize security and sustainability goals, RISC-V stands ready to meet these evolving demands. Innovations such as socketed processors could extend hardware lifespan while decreasing electronic waste, aligning with sustainability objectives. Our Final Thoughts on Redefining CPU Security with RISC-V Vulnerability Reporting Adding generic CPU vulnerabilities reporting for RISC-V processors in Linux 6.12 marks an impressive step forward for processor security. This feature enhances RISC-V security posture while building user confidence and aligning it with industry standards by providing an open and transparent mechanism for reporting vulnerabilities. As adoption increases for thisemerging processor platform, this proactive security measure will play an invaluable role in its adoption and help it remain competitive within an increasingly security-aware market. . Linux 6.12 strengthens security protocols for RISC-V architectures by introducing improved vulnerability disclosures, thereby increasing user trust in the technology.. Processor Security, RISC-V Architecture, Linux Vulnerability Reporting, CPU Security Challenges, Open Source Collaboration. . Brittany Day
Oct 25, 2024
•
Security Projects
77
security managementvirtualizationaccountabilityManaging Security Accountability in Virtualization Environments
As network boundaries blur and longstanding design paradigms fall by the wayside, how do we assign accountability for security? It's a pressing question: Because virtualization gives us so much power and flexibility, we're moving ahead at a breakneck pace, often without looking closely at whether security-assurance levels remain as the services delivery model morphs.. Whether adding virtualization will break security depends on how you do IT. A unified organization, where network, storage, application, and security groups work well together, communicate openly, and follow a documented security program can take the added complexity of multisite virtualization in stride. Sure, processes will need to be expanded and new standards developed, but as a whole, the team approach can extend. The link for this article located at Information Week is no longer available. The link for this article located at Information Week is no longer available. . The influence of cloud computing on privacy hinges on cohesive technology frameworks for robust protection and reliability.. Virtualization Security, IT Design Practices, Network Accountability, Security Assurance. . LinuxSecurity.com Team
Nov 22, 2011
•
Server Security
78
malware protectioninternet securityanti-virus softwareComodo Internet Security ICSA Certification Enhances Malware Protection
Comodo, a leading Certificate Authority and Internet security organization, today announced that its Comodo Internet Security (CIS) software earned the prestigious ICSA labs certification, a leading independent security product testing facility.. JERSEY CITY, NJ, December 9, 2010 - Comodo, (https://www.comodo.com/) a leading Certificate Authority and Internet security organization, today announced that its Comodo Internet Security (CIS) software earned the prestigious ICSA labs certification, a leading independent security product testing facility. Comodo Internet Security guarantees protection against viruses and malware by focusing on prevention not simply detection. Comodo's patent pending prevention-based technology creates an impenetrable shield that identifies safe, unsafe and questionable files. Comodo Internet Security offers real-time protection against Viruses, Trojans, Adware, Spyware and other Malware threats. "We are pleased that Comodo Internet Security has earned the respected ICSA Labs Certification, an important third-party validation of our detection capability of our Antivirus," said Melih Abdulhayoglu, Comodo CEO and chief security architect. "PC users can now have even greater confidence in Comodo's ability to protect their systems from today's security threats thanks to the rigorous, independent real-world testing performed by ICSA Labs." ICSA Labs, an independent division of Verizon Business, has been providing credible, independent, 3rd party product assurance for end users and enterprises for the last 20 years. ICSA Labs has provided vendor-neutral testing and certification for hundreds of security products and solutions for many of the world's top security product developers and service providers. Enterprises worldwide rely on ICSA Labs to set and apply objective testing and certification criteria for measuring product compliance and performance. ICSA Labs provides services in three areas: Consortium Operations, Security Product Testing, and Certification Programs, CustomTesting Services and Accredited Government Testing Services. For a product to be certified, the products are tested against updated test sets as well as against evolving threats and vulnerabilities. ICSA labs certification for Antivirus attests to the fact that Comodo's Internet Security system meets stringent quality standards. To browse the Certification for Desktop / Server Anti-Virus Detection you may go to: Comodo Internet Security protects against viruses and malware by focusing on prevention not simply detection. If Comodo Internet Security encounters an unknown application, it will run that application in a virtual operating environment (or 'sandbox'). While in the sandbox, the application has limited system access privileges and will write to a virtual file system and registry. This allows safe applications the freedom to run as required while denying malicious applications the ability to cause any damage to the users 'real' system. Simultaneously, the application is submitted to Comodo Antivirus labs who will run further tests to determine whether the application is safe or malicious. If the application is determined as safe it is taken out of the sandbox, added to the CIS whitelist and will execute normally on subsequent runs. If found to be malicious, the application will be added to the global blacklist of known threats (which will be distributed to all CIS users) and deleted or quarantined on the user's machine. Visit https://www.comodo.com/home/internet-security/internet-security-pro.php About Comodo Comodo . Avast Cyber Defense secures AV-Test Certification, boosting user trust in antivirus efficacy and threat identification.. Comodo Internet Security, Malware Protection, ICSA Certification. . LinuxSecurity.com Team
Dec 09, 2010
•
Vendors/Products
74
network securitycyber threateducationGunderson High School Network Security Assurance For Parents
When Gunderson High School launched its wireless network this fall, some parents were alarmed. Would a hacker be able to break into student laptops? View sensitive information stored on district servers? Tamper with grades? Cliff Herlth, the tech resource teacher, assured . . . . When Gunderson High School launched its wireless network this fall, some parents were alarmed. Would a hacker be able to break into student laptops? View sensitive information stored on district servers? Tamper with grades? Cliff Herlth, the tech resource teacher, assured them the network was secure. Only certain computers with registered wireless cards could connect to it. To anyone who lacked the proper technical IDs, the school network was virtually invisible. ``The only way you could get on our network at all if you are not on the list is by plugging in,' Herlth said. In other words, an electronic intruder would have to physically enter the school and connect to an ethernet cable. The link for this article located at Mercury News is no longer available. . Gunderson High School has reassured parents regarding the safety of its wireless network, addressing worries about potential cyber threats to student laptops.. Wireless Network Security, Cyber Threat Management, Educational Technology Risks. . Anthony Pell
Nov 13, 2003
•
Network Security
76
network securityinformation securitycertificationFifth Annual Cybersecurity Symposium: Perspectives on Risk Management
Matthew G. Marsh submits The Fifth Annual CERT Conference on Computer Security and Information Assurance will be held August 5-7, 2003. The online registration site is now open. Early bird registration closes July 10th. . .. Matthew G. Marsh submits The Fifth Annual CERT Conference on Computer Security and Information Assurance will be held August 5-7, 2003. The online registration site is now open. Early bird registration closes July 10th . Sessions will focus on Internet/Intranet/Extranet security, VPNs, PKI/cryptography, NT security, WWW, network intrusions and countermeasures, distributed denial of service attacks, response teams, management and awareness issues and much more. We will be posting more information about the sessions as it becomes available. The conference is designed for anyone with responsibility for or involvement or interest in information and network security, and has sessions for those new to security as well as for seasoned professionals. . Participate in the 2023 Global Cybersecurity Forum to explore trends in data protection and technology advancements.. CERT Conference 2023, Computer Security Insights, Network Security Issues. . Anthony Pell
Jul 10, 2003
•
Organizations/Events
79
security assurancecommon criterialinux certificationIBM, Oracle, And Red Hat Promote Linux Certification Under Common Criteria
IBM, Oracle and Red Hat are backing efforts to ensure the Linux operating system achieves security assurances recognised by the Australian government. IBM and Oracle are working to get Linux certified under the International Common Criteria for Information Technology Security . . . . IBM, Oracle and Red Hat are backing efforts to ensure the Linux operating system achieves security assurances recognised by the Australian government. IBM and Oracle are working to get Linux certified under the International Common Criteria for Information Technology Security standard. The Common Criteria push comes as Linux is gaining in popularity as an alternative to the proprietary operating systems of Microsoft and Unix vendors. The Common Criteria, an international standard administered by the National Institute of Standards and Technology, is an independently tested set of standards used by organisations and governments to evaluate the security and assurance levels of technology products. The link for this article located at news.com.au is no longer available. . Microsoft, AWS and Canonical support efforts for Windows to comply with UK cybersecurity regulations.. Linux Certification, Common Criteria, Open Source Security, Security Assurance. . LinuxSecurity.com Team
Mar 04, 2003
•
Security Projects
67
cryptographyonline bankingsslDebunking SSL Crack Claims: Experts Guarantee Online Banking Safety
Johannes Faustus submits Experts have poured cold water on claims sweeping the Internet that Swiss researchers have cracked the ubiquitous SSL (Secure Socket Layer) protocol. SSL, used by Internet browsers for protecting information such as online banking passwords . . . . Johannes Faustus submits Experts have poured cold water on claims sweeping the Internet that Swiss researchers have cracked the ubiquitous SSL (Secure Socket Layer) protocol. SSL, used by Internet browsers for protecting information such as online banking passwords and credit card numbers in e-commerce applications, is widely regarded as the most important security software in existence. Although several news sources--including the BBC--have proclaimed that a Swiss research team, operating from the Security and Cryptography Laboratory at the Department of Communication Systems at one of the country's highest-profile technology universities, EPFL, has "cracked" SSL, experts are keen to water down the claims. The link for this article located at ZDNet is no longer available. . Johannes Faustus submits Experts have poured cold water on claims sweeping the Internet that Swiss r. johannes, faustus, submits, experts, poured, water, claims, sweeping, internet, swiss. . LinuxSecurity.com Team
Feb 21, 2003
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More