Network Security
security advisory networking
security advisory networking For years, IPv4 was the only proxy type that really mattered for anyone running automation off a Linux box. IPv6 was the protocol everyone said they’d migrate to, but almost nobody actually did. In 2026, that’s finally starting to shift. . The problem is that most admins stick with IPv4 out of habit. They know it; it’s what their tooling defaults to, and they don’t see a reason to change. Some are overpaying for addresses they don’t need. Others would quietly break their scrapers, scripts, or...
Jun 09, 2026
Network Securityopen-source python
open-source python Researchers recently identified another wave of malicious packages on PyPI linked to the broader Mini Shai-Hulud campaign, a worm-like supply chain attack that spread through trusted software packages. On the surface, the packages looked no different from thousands of others published to the repository each week. . Instead of trying to break into a target network directly, the attackers hid malicious code inside software that developers were already using. A few downloads are all it takes....
Jun 09, 2026
Security Vulnerabilities malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
79
vulnerability reportingsecurity collaborationsecurity processesNew Bug Disclosure Standard Aims For Improved Security Collaboration
A group of 11 of the largest software companies and computer security firms released the first public draft of a proposed bug disclosure standard on Wednesday, and asked the security community for comments. The 37-page document sets out a detailed . . . . A group of 11 of the largest software companies and computer security firms released the first public draft of a proposed bug disclosure standard on Wednesday, and asked the security community for comments. The 37-page document sets out a detailed timeline for security vulnerability reporting, and standardizes the interactions between security researchers who find bugs and the software companies who write them. The group hopes to see the final version of the plan gain widespread industry acceptance. "The meat of it is all about the process -- how people come around to handling everything where they can talk to each other," says Scott Blake, a VP at security software firm BindView, an OIS member. The OIS officially formed in September of last year, but has its roots in a private Microsoft-hosted security conference held in Silicon Valley almost a year earlier. Member companies are Microsoft, @stake, BindView, SCO, Foundstone, Guardent, Internet Security Systems, Network Associates, Oracle, SGI and Symantec. (Symantec publishes SecurityFocus.) The link for this article located at SecurityFocus is no longer available. . A coalition of leading tech companies advocates for a fresh vulnerability reporting framework aimed at enhancing teamwork on security flaws.. Bug Disclosure Standard, Software Firms, Security Collaboration, Vulnerability Reporting. . LinuxSecurity.com Team
Jun 05, 2003
•
Security Projects
74
access controluser managementconfiguration managementUnderstanding Access Control Life Cycle in User Management
Security management will evolve into three functional areas: user, event, and configuration management. User management aggregation (identity management and provisioning) will mature rapidly (2004). Security event management consoles (collecting intrusion detection system, firewall, and host events) will remain out of the . . . . Security management will evolve into three functional areas: user, event, and configuration management. User management aggregation (identity management and provisioning) will mature rapidly (2004). Security event management consoles (collecting intrusion detection system, firewall, and host events) will remain out of the mainstream until 2005. Security configuration consoles (central distribution points for firewall, personal firewall, and eventually server configurations/policies) are least mature, with viable integrated products appearing in 2006/07. Traditionally, user management is chaotic in most G2000 organizations, with requests coming from various channels (paper forms, phone calls, e-mails, help desk requests, etc.), and moving through various de facto fulfillment procedures. Often, a security or security administration group is involved in performance of the user management process (for internal users, while external users are often managed through a more coherent process--owing either to their larger scale, or to their status as "outsiders"). As organizations adopt a more holistic, process-centric view (2003/04) and move toward automation (2002-05), we expect security groups to involve themselves only in policy management, process design, and compliance monitoring, while the help desk or operations group owns the execution of the process (2006). Human resources, sales, or other business areas will have increasing input (2005/06) in policy development and, in some decentralized or federated organizations, may even own the process execution. Taking the process view, we find that users should have a "life cycle" of access to systems, applications, and databases (with adefined beginning and end, as well as changes in between). Unfortunately, in many organizations, users accumulate access over time, and when the user separates from the organization, that access continues (about 30 percent of users do not have access removed, according to recent Meta Group surveys, resulting in a perceived 23 percent increase in risk). Looking at this user life cycle, we find three distinct phases: provisioning, maintenance, and termination. The link for this article located at ZDNet is no longer available. . The evolution of security management has advanced across user, event, and configuration domains, enhancing access control mechanisms for better security.. User Access Management, Identity Lifecycle, Access Governance. . Anthony Pell
Sep 18, 2002
•
Network Security
83
risk managementinformation securitysecurity testingInterview With Bill Pepper: Ethical Hacking And Its Importance
Here is an interview with Bill Pepper of CSC who uses ethical hackers for testing and security processes. "Bill Pepper is head of security risk management at consulting firm CSC, a role which involves advising clients on security issues . . . . Here is an interview with Bill Pepper of CSC who uses ethical hackers for testing and security processes. "Bill Pepper is head of security risk management at consulting firm CSC, a role which involves advising clients on security issues and managing the company's so-called ethical hackers. He has worked in information security for over 35 years, including time with the Royal Air Force, and is currently deputy chairman of the British Computer Society's Certificate in Information Security Management Board." The link for this article located at vnunet is no longer available. . Here is an interview with Bill Pepper of CSC who uses ethical hackers for testing and security proce. interview, pepper, ethical, hackers, testing, security, proce. . LinuxSecurity.com Team
Apr 12, 2002
•
Hacks/Cracks
82
national securityfederal commissiongovernment overhaulFederal Commission Calls for Comprehensive National Security Overhaul
Recognizing that national security is no longer the sole concern of the Defense Department, a new report by a federal commission pushes for a vast reorganization of the federal government and an overhaul of the appropriations process. The report by the . . . . Recognizing that national security is no longer the sole concern of the Defense Department, a new report by a federal commission pushes for a vast reorganization of the federal government and an overhaul of the appropriations process. The report by the U.S. Commission on National Security/21st Century, "Road Map for National Security: Imperative for Change," is the third in a series on the changing landscape the United States faces. The link for this article located at FCW is no longer available. . A national advisory panel has proposed a thorough overhaul of security management systems and funding allocations.. National Security Reform, Federal Commission Report, Government Overhaul. . Anthony Pell
Feb 05, 2001
•
Government
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More