Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 34 articles for you...
82
security initiativedeveloper collaborationopen source securityOpenSSF and Industry Leaders Unite to Address Open Source Security
In 2022, the Open Source Software Foundation (OpenSSF) set its sights on fixing security problems with the open software supply chain. including joining forces with companies including Apache, Google, Apple, and AWS, and meeting at the White House with the U.S. government's executive branch. . 2022 was a heck of a year for open source security troubles, but at the same time, the Open Source Security Foundation (OpenSSF) did its best to help secure vital programming infrastructure. In 2021, not 2022, things went awry in a big way for open source software security. I am, of course, referring to the Log4J vulnerability . It’s been over a year, and it’s still hanging around. This, in turn, woke people outside the developer and security worlds to the dangers to the software supply chain. I’d predicted that open source and Linux developers would take security much more seriously in 2022 . It looks like I was right. To meet these security needs, OpenSSF and numerous other developer players, including Apache, Google, Apple, and AWS, met at the White House with the US government’s executive branch. As White House National Security Advisor Jake Sullivan said when he called for the meeting, it was a “national security concern” that volunteers maintained foundational open source software. Well. Yes, we, the open source community, knew that. Of course, it’s not like the proprietary software development companies have covered themselves with glory. . The year 2023 highlighted major initiatives by OpenSSF aimed at tackling security issues in open source, especially in response to crises such as the vulnerability in Log4J.. OpenSSF, Open Source Security, Supply Chain Efforts. . Brittany Day
Jan 25, 2023
•
Government
79
security improvementsecurity initiativeopen source projectSOS.dev Initiative Aims to Improve Open Source Security and Resilience
SOS.dev initiative will combat software supply chain attacks by encouraging researchers to suggest security improvements to key projects. . A new program is aiming to reward developers and security researchers who make improvements to critical infrastructure based on open source technology. The Secure Open Source Rewards ( SOS.dev ) scheme will be broader than current bug bounty programs, according to its backers. The program will “harden critical open source projects” and help protect against application and software supply chain attacks by encouraging researchers and developers to suggest security improvements. Rewards range from $505 for small improvements up to $10,000 or more for “complicated, high-impact and lasting improvements that almost certainly prevent major vulnerabilities”. . A fresh initiative seeks to incentivize programmers and cybersecurity experts who enhance vital open-source endeavors.. Secure Open Source, Developer Rewards, Software Security, Supply Chain Protection. . LinuxSecurity.com Team
Aug 19, 2022
•
Security Projects
79
open sourcesecurity initiativememory safetyISRG Initiative Enhances Linux Kernel Memory Safety With Rust Support
The Internet Security Research Group - backed by Google's financial support - has provided prominent developer Miguel Ojeda with a one-year contract to work on Rust in Linux and other security efforts full-time. . As we covered in March, Rust is a low-level programming language offering most of the flexibility and performance of C—the language used for kernels in Unix and Unix-like operating systems since the 1970s—in a safer way. Efforts to make Rust a viable language for Linux kernel development began at the 2020 Linux Plumbers conference, with acceptance for the idea coming from Linus Torvalds himself. Torvalds specifically requested Rust compiler availability in the default kernel build environment, to support such efforts—not to replace the entire source code of the Linux kernel with Rust-developed equivalents, but to make it possible for new development to work properly. . The Internet Security Research Group (ISRG) leads efforts to integrate Rust into the Linux kernel for improved security and memory safety, addressing key vulnerabilities.. Linux Kernel Development, Rust Programming Language, Memory Safety, Open Source Security. . LinuxSecurity.com Team
Jun 22, 2021
•
Security Projects
79
security initiativememory safetyprogramming languageGoogle Expands Rust Integration for Improved Linux Kernel Security
Google's Android Team is backing an effort to introduce Rust as a second programming language in the Linux kernel in an effort to improve security. . After bringing support for the systems programming language Rust to Android, Google is now looking to bring it to the Linux kernel to reduce security flaws. As Google explained last month , Rust -- a language that emerged from Mozilla -- provides memory safety guarantees to the Android operating system, which has historically been written in C and C++. Google is targeting Rust at new Android code, rather than rewriting the millions of lines of existing code in Rust. . Following the integration of Rust into Android, Google is now aiming to bolster security in the Linux kernel using Rust.. Rust Language,Linux Kernel Development, Android Security Initiative. . LinuxSecurity.com Team
Apr 16, 2021
•
Security Projects
76
open sourcesecurity initiativesoftware securityOpenSSF's Progress And Future Vision For Open Source Security
OpenSSF was launched in August of 2020 as “a cross-industry collaboration that brings together leaders to improve the security of open source software (OSS)”. This article provides an overview of OpenSSF's mission, what it’s accomplished in its first six months and its plans for the future. . The Open Source Software Foundation (OpenSSF) officially launched on August 3, 2020 . In this article, we’ll look at why the OpenSSF was formed, what it’s accomplished in its first six months, and its plans for the future. The world depends on open source software (OSS), so OSS security is vital. Various efforts have been created to help improve OSS security. These efforts include the Core Infrastructure Initiative (CII) in the Linux Foundation, the Open Source Security Coalition (OSSC) founded by the GitHub Security Lab, and the Joint Open Source Software Initiative (JOSSI) founded by Google and others. It became apparent that progress would be easier if these efforts merged into a single effort. The OpenSSF was created in 2020 as a merging of these three groups into “a cross-industry collaboration that brings together leaders to improve the security of open source software (OSS).” . The Collaborative Development Initiative (CDI) was formally established on September 15, 2021. This write-up outlines its objectives.. OpenSSF, Open Source Security Foundation, OSS Collaboration, Software Security Initiative. . Brittany Day
Jan 29, 2021
•
Organizations/Events
79
security initiativebug bountydevice securityMicrosoft's $100K Bug Bounty For Securing Azure Sphere Technology
Researchers have three months to find problems in the software for net-connected devices like baby monitors and refrigerators. . Microsoft wants Azure Sphere to be a really secure foundation for internet of things devices like webcams and garage doors, so it's offering researchers up to $100,000 to find a way to break into the technology. Azure Sphere combines an approved processor with Microsoft's own customized version of Linux called Sphere OS and a security service to detect problems and issue updates. . Microsoft has introduced a substantial $100K initiative to attract bug hunters, enhancing Azure Sphere's security for smart home tech, showcasing its commitment to safeguarding IoT devices.. Azure Sphere Security,Bug Bounty Program,IoT Device Protection. . LinuxSecurity.com Team
May 08, 2020
•
Security Projects
79
security researchopen sourcesecurity initiativeGitHub Security Lab Launches Program to Fix Open Source Issues
In GitHub's new 'Security Lab', fourteen companies unite get together to search, find, and fix security flaws in GitHub-hosted open source projects. Learn more in an interesting ZDNet article: . Today, at the GitHub Universe developer conference, GitHub announced the launch of a new community program called Security Lab that brings together security researchers from different organizations to hunt and help fix bugs in popular open source projects. "GitHub Security Lab's mission is to inspire and enable the global security research community to secure the world's code," the company said in a press release. "Our team will lead by example, dedicating full-time resources to finding and reporting vulnerabilities in critical open source projects," it said. The link for this article located at ZDNet is no longer available. . GitHub's Safety Initiative, unveiled during the GitHub Universe conference, assists teams in spotting and remedying vulnerabilities in open-source software.. GitHub Security Lab, Open Source Vulnerabilities, Security Research Program, Bug Fixing Initiatives. . LinuxSecurity.com Team
Nov 15, 2019
•
Security Projects
79
data protectionencryptionsecurity initiativeConfidential Computing Consortium Promotes Security For Processed Data
A new Confidential Computing Consortium wasannounced on Wednesdayby the Linux Foundation to boost the security of processed data. Learn more in an awesome Redmond Magazine article: . The consortium is focused on the security of data used by service providers, as well as data processed in local datacenters or "edge computing." Typically that data gets encrypted at rest and in transit by service providers, but it typically does not get encrypted when it's in use. The Confidential Computing Consortium plans to focus on this latter security issue when data get processed in memory, which is considered the "most challenging" security step to address. The consortium's efforts will foster an open trusted solution for the problem, promised Jim Zemlin, the Linux Foundation's executive director. The link for this article located at Redmond Magazine is no longer available. . The alliance seeks to bolster information protection for handled data across service landscapes and peripheral computing.. Confidential Computing, Data Security, Linux Foundation, Processed Data, Security Consortium. . LinuxSecurity.com Team
Aug 27, 2019
•
Security Projects
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More