Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
67
cryptographyNSAkey exchangeNSA Claims On Breaking Diffie-Hellman Key Exchange Through Precomputation
The Internet is abuzz with this blog post and paper, speculating that the NSA is breaking the Diffie-Hellman key-exchange protocol in the wild through massive precomputation. . I wrote about this at length in May when this paper was first made public. (The reason it's news again is that the paper was just presented at the ACM Computer and Communications Security conference.) . Discussions reveal that the NSA may undermine the Diffie-Hellman key exchange by leveraging its computational power for precomputing keys, raising security concerns.. Diffie-Hellman Key Exchange, NSA Cybersecurity, Cryptography Insights. . LinuxSecurity.com Team
Mar 14, 2017
•
Cryptography
67
cryptographysecurity claimsanalysisAnalyzing The Snake Oil Phenomenon In Cryptography Claims
The term snake oil is often used to describe cryptography that does not actually provide the level of security that its proponents claim. The origin of the term is somewhat unclear, but one story is that it can be traced back to one of the traditional remedies for joint pain and inflammation that was brought to the US in the nineteenth century by Chinese immigrants. The fat from Chinese water snakes is high in eicosapentaenic acid (EPA), which has been shown to have some medicinal properties, so there may be some basis for believing that the traditional remedy actually had useful effects. Like the effects of many medications, however, the benefits from the traditional snake oil were subtle and varied significantly from person to person, making it difficult to rigorously prove the effectiveness of the remedy. . The link for this article located at IT Observer is no longer available. . The world of cryptography is fraught with dubious claims, resulting in a snake oil contagion within security practices that misleads organizations seeking protection. Cryptography Analysis,Safety Claims,Skeptical Insights,Threat Perception. . LinuxSecurity.com Team
Sep 04, 2006
•
Cryptography
83
industry responsesecurity claimshacker practicesSir Dystic Denies Microsoft Affiliations Amid Industry Claims
I've been hanging on to several excellent flames relating to an article called Security industry's hacker-pimping slammed and another called 'Hacker' security biz built on FBI snitches , in hopes that Sir Dystic, slammed in a speech at H2K2 by Gweeds (and covered in both), would contact me. He's done so and he denies flatly any suggestion that he's ever worked for Microsoft, as Gweeds claimed. His is the first letter posted below.. . .. I've been hanging on to several excellent flames relating to an article called Security industry's hacker-pimping slammed and another called 'Hacker' security biz built on FBI snitches , in hopes that Sir Dystic, slammed in a speech at H2K2 by Gweeds (and covered in both), would contact me. He's done so and he denies flatly any suggestion that he's ever worked for Microsoft, as Gweeds claimed. His is the first letter posted below. Note: Letters are unedited except for occasional slips where the authors have used a subject's normally-aliased IRL name. These I've changed back to the corresponding aliases. --tcg . This week, Sir Dystic addressed rumors about his links to Microsoft and hacking, denying formal ties and stressing his dedication to ethical tech practices.. Sir Dystic, Hacker Controversy, Microsoft Allegations, Security Insights, Industry Practices. . LinuxSecurity.com Team
Jul 24, 2002
•
Hacks/Cracks
78
security advisoryRed Hatoperating systemRed Hat 7.2 Enigma Security Report Denied Over Digital Signature Issue
Red Hat downplayed a security expert's report today of potential security problems with the latest release of its popular operating system software. The company confirmed that two files distributed with Red Hat Linux 7.2 lack digital signatures used for determining their . . . . Red Hat downplayed a security expert's report today of potential security problems with the latest release of its popular operating system software. The company confirmed that two files distributed with Red Hat Linux 7.2 lack digital signatures used for determining their authenticity. But Red Hat does not consider the issue a security threat, according to Marty Wesley, operating system product manager for Red Hat. "Security should always be an important concern, but this is not a security problem," said Wesley. Red Hat Linux version 7.2, also known by its code name, "Enigma," was released to the public Monday. The link for this article located at Newsbytes is no longer available. . Red Hat dismisses allegations of vulnerabilities in Enigma, clarifying that issues primarily pertain to absent digital signatures.. Red Hat Linux, Enigma software, security issues, digital signature problems. . LinuxSecurity.com Team
Oct 24, 2001
•
Vendors/Products
67
network securityman-in-the-middleSSHClarifying Misinterpretations in Kurt Seifried's SSL and SSH Claims
The following essay clarifies the facts in the "End of SSL and SSH" article written by Kurt Seifried a few days ago. "On 17 December 2000, Dug Song released a new version of his well-known package of network sniffing tools, dsniff. . . . . The following essay clarifies the facts in the "End of SSL and SSH" article written by Kurt Seifried a few days ago. "On 17 December 2000, Dug Song released a new version of his well-known package of network sniffing tools, dsniff. The new release includes a tool named "sshmitm," which performs a man-in-the-middle attack (MITM) on the SSH-1 protocol. The following day, Kurt Seifried wrote an article titled The End of SSL and SSH? The article has generated a fair amount of discussion and buzz, not least because of its dire-sounding title. And there are certainly important implications to the appearance of sshmitm. Seifried's piece, however, contains several factual errors and misleading statements in discussing the details of SSH (secure shell), SSL (secure sockets layer), and MITM. This is unfortunate, since these shortcomings blur the essential message, which is valid and important to get out. This article attempts to correct some of those mistakes, and to clarify the issues involved." See the Slashdot article as well. The link for this article located at Read this full article is no longer available. . The following essay clarifies the facts in the 'End of SSL and SSH' article written by Kurt Seifried. essay, clarifies, facts, article, written, seifried. . LinuxSecurity.com Team
Dec 24, 2000
•
Cryptography
83
data breachsecurity claimsfinancial softwareFiserv Provides Official Statement on Observer Data Breach Allegations
Banking software firm Fiserv has denied claims by the Observer newspaper that data accessed through one of its Web sites gave a UK security expert access to thousands of genuine bank accounts. Fiserv says security engineer Ralph Dressel . . . . Banking software firm Fiserv has denied claims by the Observer newspaper that data accessed through one of its Web sites gave a UK security expert access to thousands of genuine bank accounts. Fiserv says security engineer Ralph Dressel actually accessed fake data that it uses for training and sales purposes and claims that at no time were real accounts ever compromised. The link for this article located at ZDNet is no longer available. . Software company Fiserv has refuted allegations regarding unauthorized entry to actual bank accounts, emphasizing that the data in question was fabricated.. Banking Software, Data Security, Fiserv Claims. . LinuxSecurity.com Team
Sep 25, 2000
•
Hacks/Cracks
74
security assessmentopen sourceclosed sourceAnalyzing Open Source Security Against Closed Source Software
One of the great rallying cries from the Open Source community is the assertion that Open Source Software (OSS) is, by its very nature, less likely to contain security vulnerabilities, including back doors, than closed source software. The reality is . . .. One of the great rallying cries from the Open Source community is the assertion that Open Source Software (OSS) is, by its very nature, less likely to contain security vulnerabilities, including back doors, than closed source software. The reality is far more complex and nuanced. Advocates derive their dogmatic faith in the implicit security of Open Source code from the concept of "peer review," a cornerstone of the scientific process in which published papers and theories are scrutinized by experts other than the authors. The more peers that review the work, the less likely it is that it will contains errors, and the more likely it is to become accepted. The link for this article located at SecurityFocus -- Â Â is no longer available. . The ongoing debate of Open Source versus Closed Source software centers on security, transparency, and community involvement in enhancing software quality and protection. Open Source Benefits, Security Practices, Closed Source Risks. . Anthony Pell
Apr 17, 2000
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More