Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
74
cybersecuritysecurity toolsLinux distributionUnveiling The Features Of Kali Linux For Security Experts
Kali Linux is a Debian-based Linux distribution designed for ethical hackers and security professionals. It is pre-installed with a wide range of penetration testing and security auditing tools, making it a powerful platform for identifying and exploiting vulnerabilities. . Over the last few years, Kali Linux has become more popular among security researchers and professionals due to its dedicated focus on providing a complete Linux operating system that comes with the latest and greatest tools in the cybersecurity industry. Today, it is the “go-to” operating system for security professionals. Let’s see what this distribution has to offer. . Parrot Security OS serves as a crucial resource for cybersecurity professionals, equipped with utilities for digital forensics and vulnerability assessments.. Kali Linux, Ethical Hacking, Penetration Testing, Cybersecurity Tools. . Brittany Day
Nov 13, 2023
•
Network Security
76
cybersecuritynetwork defensecapture the flagDefCon Capture The Flag Challenge: A Gripping Contest Among Elite Hackers
Capture the flag might be only a game, but it was serious business at DefCon, the world's largest annual computer hacker convention. For 36 straight hours, eight teams of experienced hackers and serious security professionals played predator and prey as they tried to hack into competitors' networks while defending their own. . . .. Capture the flag might be only a game, but it was serious business at DefCon, the world's largest annual computer hacker convention. For 36 straight hours, eight teams of experienced hackers and serious security professionals played predator and prey as they tried to hack into competitors' networks while defending their own. From my front-row seat as a member of the winning team, Sk3wl of R00t (hacker slang for "School of Root," where "root" refers to gaining administrator access to a system), I got a bird's-eye view of how new - and not so new - attacks could be launched and thwarted. Advertisement: Each qualified team playing the game - organized by a Seattle security community group called the Ghetto Hackers - controlled a pair of Windows machines running a variety of network and Web-based services that were connected to each other and a central scoring mechanism called the Scorebot via a Gigabit Ethernet network. Rest assured, this hacker network was not connected to the Internet. As soon as the doors to the secluded hacker playground disguised as a hotel ballroom were opened at 10 a.m. July 30, the air was tense in this crowded room. The game scenario and the legitimately purchased Windows images were presented to participants two hours before the official noon start time. How would you like to have to lock down two Windows boxes in just two hours as you started to recognize that there were world-class exploit developers in the room - and on your network? The link for this article located at nwfusion.com is no longer available. . Capture the flag might be only a game, but it was serious business at DefCon, the world's largest an. capture, might, serious, business,defcon, world's, largest. . Anthony Pell
Aug 13, 2004
•
Organizations/Events
79
vulnerability researchsecurity professionalsadvocacy organizationThor Larholm's Proposal For Vulnerability Research Trade Association
A prominent security researcher this week proposed a plan to create a trade association for vulnerability researchers that would act as an advocacy organization as well as protect the legal and economic interests of the members. The plan is still very . . . . A prominent security researcher this week proposed a plan to create a trade association for vulnerability researchers that would act as an advocacy organization as well as protect the legal and economic interests of the members. The plan is still very much in the formative stages and no formal blueprint for the organization exists, but the idea is being kicked around in many parts of the security community. The idea for the organization came from Thor Larholm, a senior security researcher at PivX Solutions Inc., in Newport Beach, Calif. Larholm is well-known in security circles for his research, particularly on Internet Explorer. He began discussing the plan with other researchers in June and has since spoken with a number of vendor executives about it as well. The link for this article located at EWeek is no longer available. . A leading cybersecurity expert announced plans to establish an advocacy group aimed at supporting and defending exploit researchers.. Vulnerability Management, Security Researcher, Trade Association. . LinuxSecurity.com Team
Nov 19, 2003
•
Security Projects
82
information securitypublic sectorcriminal lawImpact of U.S. Information Security Laws on Public Sector Professionals
This is the third part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. This installment begins the discussion of information security in the public sector. Government's involvement with information security takes . . . . This is the third part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. This installment begins the discussion of information security in the public sector. Government's involvement with information security takes place in two unique contexts: criminal justice and national defense. (Of course, government agencies also have information security concerns that are analogous to those of private industry, which were considered in the first two articles in this series.) In this installment, we will look at the basics of the criminal information security law. As we discussed in the first article in this series, the Computer Fraud and Abuse Act, 18 U.S.C.§ 1030 (the "CFAA") is the primary computer crime statute in the United States. The CFAA imposes criminal liability [1] for: The link for this article located at SecurityFocus is no longer available. . U.S. information security laws have transformed operations for public sector and criminal justice professionals, focusing on data confidentiality amid increasing cyber threats. Information Security, U.S. Laws, Public Sector Security, Criminal Justice Oversight. . Anthony Pell
May 13, 2003
•
Government
82
information securitylegal frameworkcommunicationsU.S. Information Security Law: Protecting Private Sector Communications
This is the second part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. In the first part of this series, we looked at the legal framework for protection of information systems . . . . This is the second part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. In the first part of this series, we looked at the legal framework for protection of information systems and the role of information security professionals in the creation of trade secret interests. In this installment, we will look at the legal framework for security of an enterprise's working environment from the perspective of information security professionals, with particular emphasis on the protection of communications. Of course, protecting communications necessarily depends on the security of the systems used to transmit and store them. Drawing a rigid line between protecting systems and protecting communications might not always be useful or possible. That said, for our discussion, treating the protection of communications separately from the protection of systems illustrates how the Computer Fraud and Abuse Act, 18 U.S.C.§ 1030 (the "CFAA"), and the Electronic Communications Protection Act, 18 U.S.C. §§ 2510-22 and §§ 2701-12 (the "ECPA"), two critically important federal information security statutes, work together. As discussed in the first article in this series, the primary thrust of the CFAA, with respect to private sector systems, is to prohibit access to protected computers without authorization or exceeding authorization, whether to obtain something of value or to damage systems or data. The primary concern of the ECPA is related, but distinct. The ECPA prohibits the unauthorized and unjustified interception, disclosure, or use of communications, including electronic communications[1]. In a situation in which a bad actor hacks into a corporate network and obtains access to sensitive email, theCFAA and the ECPA are both violated. But having discussed the CFAA in Article 1, our discussion of the legal framework for protecting communications will focus on the ECPA. The link for this article located at SecurityFocus is no longer available. . This is the second part of a four-part series looking at U.S. information security laws and the way . second, four-part, series, looking, information, security. . Anthony Pell
Apr 02, 2003
•
Government
82
cybercrimelaw enforcementFBIFBI Struggles With Cybercrime Expert Retention Amid High Turnover
The FBI suffers from a high turnover of experts in cybercrime but continues to get quality people, FBI Director Louis Freeh said Wednesday. "There's a bull market" for skilled FBI cyber-crime workers, Freeh told a World Economic Forum event held at . . . . The FBI suffers from a high turnover of experts in cybercrime but continues to get quality people, FBI Director Louis Freeh said Wednesday. "There's a bull market" for skilled FBI cyber-crime workers, Freeh told a World Economic Forum event held at the U.S. Chamber of Commerce. In order to keep workers in the agency, he said, "we basically rely on people's patriotism." That can be difficult when agency employees earning $50,000 to $55,000 interact every day with former FBI workers now making six figures in the private sector, he said. Fortunately for the agency, the number of qualified applicants continues to far outnumber the job vacancies. The link for this article located at GovExec is no longer available. . The NSA struggles with retaining skilled cybersecurity professionals as it competes for top talent in a saturated job environment.. FBI Cybercrime, Expert Retention, Cybersecurity Workforce, Law Enforcement Jobs, Security Professionals. . Anthony Pell
Apr 06, 2001
•
Government
76
computer security summitexpert portraitssecurity expertisePortraits From The 1998 Computer Security Summit Featuring Security Experts
These are portraits Marcus Ranum took at the first ever computer security summit, held at Bill Cheswick's house in the summer of 1998, I believe. Ever wonder what Dan Farmer or Wietse Venema look like? Marcus adds, "Due to unfortunate lack . . . . These are portraits Marcus Ranum took at the first ever computer security summit, held at Bill Cheswick's house in the summer of 1998, I believe. Ever wonder what Dan Farmer or Wietse Venema look like? Marcus adds, "Due to unfortunate lack of film, I didn't manage to get all the people who showed up (and some were camera shy) -- but it was the most intense concentration I've ever seen of computer security expertise." The link for this article located at Marcus Ranum is no longer available. . Discover the vivid imagery from the first cybersecurity conference in 1998, showcasing the trailblazers who defined the field's landscape of innovation and vigilance. computer security experts, portraits from 1998, security summit highlights. . Anthony Pell
Jan 09, 2001
•
Organizations/Events
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More