Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
83
malwaresecurity technologiesspamSpammers and Botnets Adapt With Disposable Domains for Evasion
Spammers and the botnet operators they're allied with are continuing to adapt their techniques to evade security technologies, and now are using what amount to disposable domains for their activities. A new report shows that the spammers are buying dozens of domains at a time and moving from one to another as often as several times a day to prevent shutdowns.. Spammers for years have been buying domains in bulk and using them for both redirections to other, often malicious, sites and for locations to set up quick e-commerce sites for sales of pills, pirated software, fake watches or whatever goods they're pushing that day. Anti-spam services and email filters typically use static lists of known malicious domains or ones known to be used by spammers. That approach worked well early on in the fight against spam, but as the spammers have analyzed the defenses deployed against them, their tactics have become much more devious and effective of late. New research by security firm M86 Security Labs shows that the amount of time that a spammer uses a given domain is basically a day or less. The company looked at 60 days worth of data from their customers and found that more than 70 percent of the domains used by spammers are active for a day or less. The link for this article located at ThreatPost is no longer available. . Spammers for years have been buying domains in bulk and using them for both redirections to other, o. spammers, botnet, operators, they're, allied, continuing, adapt, their, techniques. . LinuxSecurity.com Team
Jul 15, 2010
•
Hacks/Cracks
78
Red Hatopen sourceidentity managementRed Hat's LinuxWorld Initiative: Improving Security and Support
Companies that sell software and hardware around the Linux open-source operating system have known for some time that they've tapped into a gold mine, an area of the IT market with plenty of customer interest and enormous growth potential. The growth will continue as long as Linux and other open-source software are considered secure and are sold and serviced as bundles rather than as individual products. . At LinuxWorld in San Francisco on Tuesday, Red Hat Inc. enhanced its profile as a provider of Linux-based security with its "Security in a Networked World" initiative, which is designed to deliver security technologies and policies, identity management, systems monitoring, and security software upgrades. The newly available Red Hat Certificate System is a major part of the initiative, as is the company's work with the Mozilla Foundation and the availability of systems monitoring as part of the Red Hat Network. The link for this article located at InformationWeek is no longer available. . At LinuxWorld in San Francisco on Tuesday, Red Hat Inc. enhanced its profile as a provider of Linux-. companies, software, hardware, around, linux, open-source, operating, system, known. . LinuxSecurity.com Team
Aug 10, 2005
•
Vendors/Products
78
ISP solutionsmalware defensesecurity technologiesStreamShield Networks: Combat Malware and Phishing for ISPs
The Guildford, UK-based company has created StreamShield Networks Ltd, a subsidiary focused on internet content security such as preventing worms, viruses, malware, spam, phishing and abusive content, and targeted at internet service providers. . . .. The Guildford, UK-based company has created StreamShield Networks Ltd, a subsidiary focused on internet content security such as preventing worms, viruses, malware, spam, phishing and abusive content, and targeted at internet service providers. StreamShield's approach is based on a silicon-based content security engine called StreamScan, which is built on Field Programmable Gate Array technology - an emerging technology in which gate arrays are configured to perform specific tasks and reprogrammed as new content threats appear. The link for this article located at Computer Business Review Online is no longer available. . Explore how StreamShield Networks Ltd intends to bolster online safety in the face of diverse vulnerabilities impacting internet service providers.. StreamShield, Internet Security Solutions, Malware Defense, Phishing Protection. . LinuxSecurity.com Team
Sep 17, 2004
•
Vendors/Products
74
security strategiesIT managementnetwork managementAdapting to Modern Security Risks in Network Management
Computer and network security risks continue to plague IT managers and network administrators as both the sheriffs and the outlaws of security are finding new ways to penetrate and defend IT assets. It is clear that security technologies, like other IT . . . . Computer and network security risks continue to plague IT managers and network administrators as both the sheriffs and the outlaws of security are finding new ways to penetrate and defend IT assets. It is clear that security technologies, like other IT methodologies, are ever-evolving. They require ongoing research into "best of class" solutions, continuous salesmanship to upper management, and annual budgetary and staff time commitments for implementation and training. The link for this article located at Enterprise Networks is no longer available. . Ongoing oversight and innovative approaches are critical to tackling persistent issues in digital and network protection.. Network Security, IT Management, Security Strategies, Risk Assessment, Penetration Testing. . Anthony Pell
Oct 16, 2003
•
Network Security
82
security advisoryacquisitionsecurity technologiesNIST Guidelines for Secure Technology Acquisition and Procurement
The National Institute of Standards and Technology's Computer Security Division has released three new draft guides for agencies on buying security technologies and services. . .. The National Institute of Standards and Technology's Computer Security Division has released three new draft guides for agencies on buying security technologies and services . The three draft guides, released Oct. 9, approach security acquisition from different directions. All of them are necessary to ensure security when implementing an information technology network or solution. The guides are available on NIST's Computer Security Resource Center site (https://csrc.nist.gov/). Comments are due back by Nov. 11. The first, "Special Publication 800-36: Guide to Selecting IT Security Products," looks at hardware and software specifically for security needs, such as identification and authentication, intrusion detection, virus and malicious code protection, and forensics. The link for this article located at FCW is no longer available. . NIST's Cybersecurity Division has released three vital draft guidelines aimed at enhancing secure technology acquisition.. NIST Draft Guides, IT Security Products, Security Technologies, Cyber Protection. . Anthony Pell
Oct 14, 2002
•
Government
79
security technologiesidentity verificationauthentication methodsExploring Biometric Systems For Secure User Authentication
The word 'Biometry' basically comprises of two words : bio + metry. The word 'bio' refers to life or a living being and the word 'metry' refers to 'measurement'. So 'Biometric' can be summed up as: the science of measurement of physical attributes(unique) to a living being (for authentication /authorization.). . .. The word 'Biometry' basically comprises of two words : bio + metry. The word 'bio' refers to life or a living being and the word 'metry' refers to 'measurement'. So 'Biometric' can be summed up as: the science of measurement of physical attributes(unique) to a living being (for authentication /authorization.) These systems are one level up from traditional methods of authentication like passwords or security access cards because they ensure that the person trying to log on is actually the valid user and not just someone who is trying to impersonate an identity after he/she found an access card lying below your office desk or password written on a piece of paper as a reminder in case of a memory lapse. The link for this article located at linux.com is no longer available. . Explore the importance of biometric technology in modern security systems. Discover how biometric ID systems enhance verification methods in today's landscape. Biometric Systems, User Access Control, Enhanced Security, Authentication Technologies. . LinuxSecurity.com Team
Sep 12, 2001
•
Security Projects
67
access controlbiometric authenticationsecurity technologiesEnhancing User Identity Verification with Biometric Authentication
In the race to improve security infrastructures faster than hackers can invent methods to penetrate firewalls, it is important to ascertain a user's identity before permitting access to protected data. Given the pervasive use of passwords and personal identification number codes . . . . In the race to improve security infrastructures faster than hackers can invent methods to penetrate firewalls, it is important to ascertain a user's identity before permitting access to protected data. Given the pervasive use of passwords and personal identification number codes for user authentication across all aspects of our daily life, attackers have developed powerful password-cracking tools. New technologies that aim to directly strengthen user authentication include the use of tokens and smart cards combined with digital certificates. The most compelling and intriguing authentication technologies involve biometrics matching - the measurement of physical and behavioral characteristics such as facial structures, voice patterns and fingerprints. The link for this article located at NWFusion is no longer available. . In the race to improve security infrastructures faster than hackers can invent methods to penetrate . improve, security, infrastructures, faster, hackers, invent, methods, penetrate. . LinuxSecurity.com Team
Feb 19, 2001
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More