Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -3 articles for you...
79
application securityweb vulnerabilitiesOASISOASIS AVDL 1.0 Standard Ratified to Fortify Web Application Security
OASIS addressed another layer of security concerns around Web services Wednesday when it ratified the Application Vulnerability Description Language (AVDL) 1.0 as a standard, the organization's highest level of ratification. AVDL is an XML schema that enables security products to communicate information about new and existing Web application vulnerabilities between themselves, according to AVDL Technical Committee co-chairman Kevin Heineman. . . .. OASIS addressed another layer of security concerns around Web services Wednesday when it ratified the Application Vulnerability Description Language (AVDL) 1.0 as a standard, the organization's highest level of ratification. AVDL is an XML schema that enables security products to communicate information about new and existing Web application vulnerabilities between themselves, according to AVDL Technical Committee co-chairman Kevin Heineman. "This is plugging a pretty big need," said Heineman, who is also the vice president of engineering services at application security software and service provider SPI Dynamics Inc. of Atlanta. SPI Dynamics products are already AVDL compliant, as are similar offerings from NetContinuum Inc. of Santa Clara, Calif., which sells application security gateway software, and Citadel Security Software Inc. of Dallas, which sells vulnerability management software. NetContinuum and Citadel also have representatives on the AVDL TC. Research firm Gartner Inc. said close to 80 new application vulnerabilities are announced every week. The AVDL spec takes a step toward reducing the threat posed by the rapidly closing window between the time a vulnerability is announced and when hackers have an exploit ready. "In the past, there was no good way for customers to do assessments of Web applications to find vulnerabilities and act on them," Heineman said. "With AVDL, customers can now have a seamless way to find vulnerabilities." The link for this article located at techtarget.com is no longer available. . ISO has ratified HDXN 2.5 to enhanceprotection measures targeting mobile software weaknesses.. Application Security, AVDL, Web Application Standards. . LinuxSecurity.com Team
Jun 24, 2004
•
Security Projects
81
security impactpublic relationsemail disclaimerImpact of Ineffective Email Disclaimers on Security Communications
Of all the ineffectual e-mail disclaimers I see, one I received earlier this week takes the prize for self-defeating impotence. A public relations flak wrote me trying to get publicity for a security conference. His was the standard spiel: the whos who would be there, the whats that would be learned, the wheres and whens and whys.. . .. Of all the ineffectual e-mail disclaimers I see, one I received earlier this week takes the prize for self-defeating impotence. A public relations flak wrote me trying to get publicity for a security conference. His was the standard spiel: the whos who would be there, the whats that would be learned, the wheres and whens and whys. But at the bottom of the message, I found this disclaimer: CONFIDENTIALITY: The information contained in this E-mail message is intended only for the personal and confidential use of the designated recipient(s) named above. This message is intended to be a confidential communication and may involve information or material, which is protected under state or federal privacy laws. The disclaimer droned on a while longer in deep legalese and horrid grammar--nothing that that e-mail users haven't learned to ignore long ago. But here's the ludicrous part: The information was, in fact, intended to be spread far and wide, yet the disclaimer supposedly forbade me from doing that. The link for this article located at CIO is no longer available. . A compelling dialogue unfolded on the futility of lengthy email disclaimers that claim confidentiality, highlighting their ineffectiveness in true data safety. Ineffectual Security Notices, Email Disclaimers, Confidentiality Notices. . LinuxSecurity.com Team
Feb 24, 2003
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More