Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 14 articles for you...
79
risk managementsecurity evaluationsoftware assessmentAssessing Open-Source Software Risks With OpenSSF Scorecards
Everyone knows the phrase “software is eating the world” by Marc Andreessen from over a decade ago. Software powers and touches nearly every aspect of modern society, both personally and professionally, and is critical to the modern economy and national security. . It can also be said that open-source software (OSS) has eaten the software industry. The Linux Foundation and other groups have estimated that free and open-source software (FOSS) constitutes 70% to 90% of any modern software product. Not only is modern software largely composed of OSS components, but IT leaders are more likely to work with vendors who also contribute to the OSS community. OSS use is rampant because of its flexibility, cost savings, innovation through community enabled projects, and arguably better security through more eyeballs on the code, especially for large OSS projects. That said, OSS comes with its own concerns, including Common Vulnerabilities and Exposures (CVEs) for affected code. . OpenSSF Scorecards are essential for identifying risks in open-source projects. They provide an objective framework to assess security posture using various metrics.. OpenSSF Scorecards, Software Evaluation, Open-Source Risks, Security Assessment, OSS Components. . LinuxSecurity.com Team
Aug 02, 2022
•
Security Projects
79
open sourcesecurity evaluationIoT securityZephyr Project: Real-Time OS Evaluation and Security Insights
Have you heard about the growing Zephyr Project, hosted by the Linux Foundation, that aims to build an open-source real-time operating system (RTOS) for the IoT? The project was recently evaluated by the NCC Group, and was deemed "a mature and highly active project with increasing market share". . The Zephyr Project is a small, scalable real-time operating system for use on resource-constrained systems supporting multiple architectures. The NCC Group issues a report in May 2020 outlining the issues discovered in detail and acknowledged the proactive work of the Zephyr Project Security Committee to fix these issues. . The Nimbus Framework is a reliable software platform for low-resource devices, incorporating robust protective features.. Zephyr, RTOS, IoT, open source security, Linux Foundation. . LinuxSecurity.com Team
Jul 17, 2020
•
Security Projects
78
mobile securitysecurity evaluationandroid protectionAndroid Antivirus Tests Show Limited Reliability of Google Play Protect
A new set of antivirus tests conducted by AV-TEST show that Android users should not rely on Google Play Protect as their exclusive mobile security product. . The research included a total of 19 security packages for Android that were evaluated for protection, usability, and features. Each application could score a maximum of 6 points for protection, another 6 points for usability, and 1 point for features. The link for this article located at Softpedia is no longer available. . AV-TEST assesses 19 Android security solutions, emphasizing the inadequate efficacy of Google Play Protect for consumers.. Android Security, Antivirus Evaluation, Mobile Protection. . LinuxSecurity.com Team
Apr 22, 2019
•
Vendors/Products
78
operating systemgovernmentsecurity evaluationUK CESG Evaluates Linux As Secure Operating System Option
According to the UK's Communications-Electronics Security Group (CESG), Linux is the clear choice when it comes to security. . Recently, the United Kingdom's Communications-Electronics Security Group (CESG) ran a series of tests to find out which operating system would be the most secure platform for the UK government. The link for this article located at Tech Republic is no longer available. . UK's CESG identified Linux as the leading choice for safe governmental activities following evaluations.. Linux Security, CESG Evaluation, Secure Operating Systems. . LinuxSecurity.com Team
Jan 17, 2014
•
Vendors/Products
79
system integritysecurity evaluationsecurity concernsExamining Claims Made by the Media Regarding Linux Mint Security Concerns
Today in Open Source: Does Linux Mint have a security problem? Or has the media made a mountain out of a molehill? . There have been disturbing reports in the media about Linux Mint having security problems. Is this something to worry about or has it been wildly overblown by the press? Muktware takes a look at this issue and refutes the claims made by a Canonical developer. The link for this article located at IT World is no longer available. . Recent articles highlight worries regarding the security of Linux Mint. Investigating whether this is a genuine concern or simply an overreaction from the press.. Linux Mint Security Issues, Open Source Integrity, Media Claims Analysis. . LinuxSecurity.com Team
Nov 21, 2013
•
Security Projects
74
network managementsecurity evaluationnetwork testingBest Practices For Using Network Stress Testing Tools Effectively
Network stress testing tools are not for the underfunded, the underskilled or the faint of heart. Consider them carefully before deciding whether to purchase them or how to use them. See the companion article "Stress-testing your network" for details on software from BreakingPoint, Mu Dynamix, Spirent and Ixia. Here are dos and don'ts to help you get the most from these tools.. Do consider how often the tools will be used and in what ways. They are expensive to buy and support. Make sure the use justifies the expense. Do get full and accurate information on the application and protocol mix to be sure you create a representative test environment. Don't assume you know what your performance requirements are for the new application, security device or network. Do engage security, network and business managers to determine current and projected requirements so you understand what needs to be tested. The link for this article located at CSO Online is no longer available. . Assess stress testing instruments with diligence to enhance their utility and prevent superfluous expenditures.. Network Performance, Stress Testing, Security Assessment. . Alex
Jul 21, 2010
•
Network Security
78
security advisoryencryptionRed Hat Enterprise LinuxRHEL 5.3 EAL4 Certification Success: Red Hat's Strong Security Measures
Thanks to Andreas Fabis for sending this in to us. atsec information security is pleased to announce the successful Common Criteria Certification of Red Hat Enterprise Linux Version 5.3 at EAL 4 (augmented for flaw remediation) with the Controlled Access Protection Profile (CAPP). Under Common Criteria, products are evaluated against strict standards for various features, including security functionality, development environment, security vulnerability handling, documentation of security-related topics, and product testing. . The evaluation covers a potentially distributed, but closed, network of Dell 11th Generation PowerEdge servers running the evaluated version of Red Hat Enterprise Linux and also includes the evaluated version of Red Hat Enterprise Linux running under Xen on the Dell 11th Generation PowerEdge servers. The cryptography provided by OpenSSL, which is used by security-enforcing components, was tested using the Cryptographic Algorithm Validation Program (CAVP) established by NIST. This validation demonstrates the compliance of the OpenSSL cryptographic algorithms with a reference implementation. The certification of Red Hat Enterprise Linux Version 5.3 through NIAP’s Common Criteria Evaluation and Validation Scheme (CCEVS) adds another open-source operating system to atsec's portfolio of more than 60 OS evaluations during the course of the last decade. Staff members at atsec have extensive experience with ITSEC and Common Criteria — some dating back to the 1980's. The evaluation technical report and the certificate will be available on the NIAP web site and also on the Common Criteria portal: niap-ccevs commoncriteriaportal About atsec information security atsec information security is an independent, standards-based IT (information technology) security consulting and evaluation services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich (Germany) in January 2000and has extensive international operations with offices in the US, Sweden, the UK, and China. atsec leverages its deep security, process, and standards expertise to consult on a wide range of IT security needs, enabling clients to establish integrated security management procedures in order to manage security risk and improve data, product, and business process reliability. atsec works with leading global companies such as IBM, HP, Oracle, Cray, BMW, SGI, Vodafone, RWE, and Wincor-Nixdorf. . The evaluation covers a potentially distributed, but closed, network of Dell 11th Generation PowerEd. thanks, andreas, fabis, sending, atsec, information, security, pleased, announce. . LinuxSecurity.com Team
Feb 03, 2010
•
Vendors/Products
74
denial of servicerisk managemententerprise securityAssessing Network Disruption Risks And DoS Threats For Enterprises
Organisations today invest millions of dollars and thousands of man-hours in building out their IP based infrastructure. However, the question one is often left with is: "Is Denial of Service or Network Disruption something that my enterprise should be concerned with?" Help Net Security has an article that contains a brief self-test that should help you to consider the reality of the threat and how seriously it ought to be pursued. . The link for this article located at Net-Security.org - LogError is no longer available. . In today's digital environment, businesses are vulnerable to network disruptions and DoS attacks, which can cause severe financial losses and trust issues.. Network Disruption, Denial of Service, Threat Analysis, Risk Management. . Benjamin D. Thomas
Apr 04, 2006
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More