Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 8 articles for you...
76
open sourcesoftware developmentrisk mitigationOpenSSF Scorecards: Improving Open Source Security Best Practices
There is no shortage of challenges when it comes to securing open source software and no shortage of ideas for how to mitigate risks. . It is the stated mission of the OpenSSF (Open Source Security Foundation ) to help improve the state of open source security, and that is precisely what it is doing. The OpenSSF is part of the Linux Foundation and has multiple ongoing efforts across different aspects of the software development lifecycle. On September 7, 2022 the organization announced the latest iteration of its Scorecards effort, an initiative designed to help open source projects and their users identify the state of security within a project. The updated scorecards come a week after the OpenSSF issued new guidance and best practices on how to secure npm , which is a widely used, and often abused, open source package management system for JavaScript. . The Open Software Security Foundation focuses on bolstering the safety of open source by revising evaluation metrics and guidelines for development initiatives.. Open Source Security, Security Practices, OpenSSF Scorecards. . Brittany Day
Sep 14, 2022
•
Organizations/Events
79
security guidelinessystem risksunicode securityKey Security Practices For Unicode In Software Development
ecause Unicode contains such a large number of characters and incorporates the varied writing systems of the world, incorrect usage can expose programs or systems to possible security attacks. This is especially important as more and more products are internationalized. This document describes some of the security considerations that programmers, system analysts, standards developers, and users should take into account, and provides specific recommendations to reduce the risk of problems.. Status This is a draft document which may be updated, replaced, or superseded by other documents at any time. Publication does not imply endorsement by the Unicode Consortium. This is not a stable document; it is inappropriate to cite this document as other than a work in progress. A Unicode Technical Report (UTR) contains informative material. Conformance to the Unicode Standard does not imply conformance to any UTR. Other specifications, however, are free to make normative references to a UTR. The link for this article located at Unicode.org is no longer available. . When using Unicode in global software, heed security measures such as input validation, encoding consistency, and normalization to mitigate risks. Unicode Security, Internationalization Risks, Programmer Guidance. . LinuxSecurity.com Team
Mar 01, 2010
•
Security Projects
74
incident responsecyber defenseattack analysisSecurity Insights From 700,000 Attacks on Irish Honeynet
Over the 5 year lifetime of the IrishHoneynet, we have witnessed hundreds of thousands of scans, probes and attacks against the servers that comprise the network. Our estimation is that given an average of 3,000 attack attempts a week, each server has seen more than 700,000 compromise attempts over the 5 years. Taken at face value, this is a remarkable figure. . The attacks have been thick and steady, and the relentless hackers appear hell bent on taking control of as many vulnerable systems as possible. This article will focus on providing some basic guidelines that will serve to assist you in conducting your own vulnerability management and performing scans against your own systems and networks, in the hope that you will identify and remedy any serious vulnerabilities and bugs in advance of the unyielding hackers, ultimately resulting in computer systems that are secure and protected. The link for this article located at Help Net Security is no longer available. . Uncover vital insights from the Irish Honeynet's extensive five-year experience facing over 700,000 cyber threats and enhance your cybersecurity measures.. Honeynet Lessons, Cyber Attack Prevention, Security Management, Vulnerability Scanning. . Bill Locke
May 25, 2007
•
Network Security
82
security guidelinesinteroperabilitytechnology standardsNew Consortium Enhances Defense Network Interoperability
A group of 28 IT, defense and integration companies formed a new consortium to develop technology standards and guidelines that will aid collaboration among military, intelligence, homeland security and law enforcement agencies. . . .. A group of 28 IT, defense and integration companies formed a new consortium to develop technology standards and guidelines that will aid collaboration among military, intelligence, homeland security and law enforcement agencies. Members of the Network Centric Operations Industry Consortium, launched Tuesday in Washington, said they want to improve the interoperability of their products so that previously disparate systems can share information. Companies such as Boeing, Cisco Systems, EMC, Ericsson, Hewlett-Packard, IBM, Microsoft, Oracle, Raytheon, SAIC and Sun Microsystems are paying as much as $150,000 per year to participate in the consortium. The link for this article located at Jennifer Hagendorf Follett is no longer available. . 42 technology and aerospace corporations formed a coalition aimed at improving synergy within defense and public safety domains.. Interoperability, Defense Technology, Military Collaboration. . Anthony Pell
Sep 29, 2004
•
Government
82
data protectionnetwork protectioninformation assuranceDOD: New Information Assurance Guidelines for Network Protection
The Pentagon recently issued the second part of its information assurance (IA) policy that sets guidelines on using Defense Department networks. DOD Instruction 8500.2 sets forth implementation of the rules and policies in Directive 8500.1, which was issued in late . . . . The Pentagon recently issued the second part of its information assurance (IA) policy that sets guidelines on using Defense Department networks. DOD Instruction 8500.2 sets forth implementation of the rules and policies in Directive 8500.1, which was issued in late October 2002. The directive calls for the different agencies within DOD to protect its data as it is shared across the Global Information Grid (GIG). Instruction 8500.2, dated Feb. 6, "implements policy, assigns responsibilities, and prescribes procedures for applying integrated, layered protection of the DOD information systems and networks." The link for this article located at FCW is no longer available. . The Pentagon has unveiled the continuation of its cybersecurity framework, enhancing protective measures for digital infrastructures.. Pentagon, Cybersecurity Policy, DOD Networks, Network Protection, Information Assurance. . Anthony Pell
Feb 28, 2003
•
Government
82
wireless securitydevice managementsecurity guidelinesAddressing Wireless Security With Handheld Devices in Federal Agencies
Wireless security is a major concern for agencies that deal with ever-more tech-savvy employees bringing to work handheld devices that don't mesh with federal security guidelines, said CDW Government Inc. president James R. Shanks. As agencies are working to bolster . . . . Wireless security is a major concern for agencies that deal with ever-more tech-savvy employees bringing to work handheld devices that don't mesh with federal security guidelines, said CDW Government Inc. president James R. Shanks. As agencies are working to bolster network security, the proliferation of wireless devices is raising new security challenges, said Shanks, whose company is a subsidiary of IT reseller CDW Computer Centers Inc. of Vernon Hills, Ill. "It's really hard to manage," added Larry S. Kirsch, senior vice president of CDWG. Wireless security "is the biggest nut to crack for the federal government." The link for this article located at GCN is no longer available. . Wireless security is a major concern for agencies that deal with ever-more tech-savvy employees brin. wireless, security, major, concern, agencies, ever-more, tech-savvy, employees. . Anthony Pell
Jan 14, 2003
•
Government
78
threat analysissecurity guidelinesvulnerability disclosureISS Vulnerability Disclosure Guidelines: Security Vendor Best Practices
Internet Security Systems Inc. on Monday released to the public the vulnerability disclosure guidelines that its internal X-Force research team uses in identifying flaws and notifying vendors and the public. The guidelines are fairly standard and include a provision that is becoming more and more common among security vendors that also do vulnerability research.. . .. Internet Security Systems Inc. on Monday released to the public the vulnerability disclosure guidelines that its internal X-Force research team uses in identifying flaws and notifying vendors and the public. The guidelines are fairly standard and include a provision that is becoming more and more common among security vendors that also do vulnerability research. The clause informs vendors that ISS customers who subscribe to the company's X-Force Threat Analysis Service will be told about any new vulnerabilities one business day after ISS notifies the affected vendor. Customers will also get information on any countermeasures that may be available. Other security vendors have similar policies, under which their paying customers receive early warning of newly discovered flaws. Many vendors also add a check for the vulnerability to their commercial products before the vulnerability's existence is public knowledge. The link for this article located at eWeek is no longer available. . The ISS has unveiled its protocols for disclosing vulnerabilities, outlining processes for detection and timely vendor alerts.. Vulnerability Disclosure, ISS Guidelines, Threat Analysis, Security Research, Internet Security. . LinuxSecurity.com Team
Dec 03, 2002
•
Vendors/Products
81
network protectionconsumer protectioncorporate securityCyber Risk Management Guidelines Presented by Dr. Ponemon at FTC Workshop
Today at an FTC (Federal Trade Commission) public workshop on consumer information security, Dr. Larry Ponemon, CEO of Privacy Council, outlined a series of cyber security challenges facing corporate America. In his remarks, Dr. Ponemon focused on cyber-risk management and corporate . . . . Today at an FTC (Federal Trade Commission) public workshop on consumer information security, Dr. Larry Ponemon, CEO of Privacy Council, outlined a series of cyber security challenges facing corporate America. In his remarks, Dr. Ponemon focused on cyber-risk management and corporate network security while presenting Ten Guidelines for Managing Cyber Risk. "Managers are finding that weaknesses in information security can threaten an organization's very existence," said Dr. Ponemon. "Hackers, software viruses and lawsuits from privacy lapses can as easily disrupt an organization as a fire or a burglary. Privacy and Security management have become the pillars of core business and consumer protection practices with sound privacy principles being the lynchpin to an airtight security plan." During the FTC Security Workshop, Dr. Ponemon presented NetDiligence's Ten Guidelines for Managing Cyber Risk. "The guidelines are a ten-point action plan for information officers and security managers trying to understand and manage these complex and evolving issues," said Dr. Ponemon. . The FTC seminar showcases Dr. Ponemon addressing the importance of cyber threats and outlining ten security protocols that businesses should follow.. Cyber Risk Management, Security Guidelines, Corporate Security, Privacy Management. . LinuxSecurity.com Team
May 22, 2002
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More