Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 11 articles for you...
83
security advisorymalwareserver compromiseAdobe Security Advisory: Malware Threat from Compromised Certificates
The ongoing security saga involving digital certificates got a new and disturbing wrinkle on Thursday when software giant Adobe announced that attackers breached its code-signing system and used it to sign their malware with a valid digital certificate from Adobe.. Adobe said the attackers signed at least two malicious utility programs with the valid Adobe certificate. The company traced the problem to a compromised build server that had the ability get code approved from the company The link for this article located at Wired is no longer available. . Cybercriminals infiltrated Microsoft’s software certification framework, allowing them to digitally endorse harmful applications, prompting alarm in the cybersecurity community.. Adobe Security Breach, Malware Signing, Digital Certificate Issues. . LinuxSecurity.com Team
Sep 28, 2012
•
Hacks/Cracks
83
security advisorydebiansecurity measuresDebian: Security Advisory on Internal Server Compromise and Lockdown
The Debian GNU/Linux project today admitted a hacker had compromised one of its internal servers. "Early this morning we discovered that someone had managed to compromise gluck.debian.org," Debian developer James Troup wrote in an e-mail to the Debian community shortly before 4am AEST. "We've taken the machine offline and are preparing to reinstall it," Troup continued, noting a number of key services were currently offline as a result. The developer said Debian had initiated a security lock-down on most of its other servers, enforcing limited access to the resources. . The link for this article located at ZDNet.com is no longer available. . The link for this article located at ZDNet.com is no longer available. . debian, gnu/linux, project, today, admitted, hacker, compromised, internal, servers. . LinuxSecurity.com Team
Jul 12, 2006
•
Hacks/Cracks
77
web securityserver compromisephp securityShared Hosting Risks: Business Consequences from Server Compromise
A reader alerted us today about yet another web server compromise, affecting a large number of domains. In this particular case, the server was hosted with iPowerWeb, a provider of low cost web space on shared servers. Space on a shared server is ok for personal use. But you should think twice before using it for commercial, in particular business critical use. Your web sites security will depend on a few hundred other users on the same system doing the right thing. A bad php script on one virtual server could lead to a compromisse of all web sites hosted on the same system. . The link for this article located at SANS is no longer available. . Recognize the dangers associated with utilizing shared hosting for business purposes. Learn how one poorly designed application can jeopardize the security of your entire website.. Shared Hosting Risks, Business Security, Web Server Compromise. . LinuxSecurity.com Team
Jun 20, 2006
•
Server Security
83
security breachserver compromisemalicious codePostNuke Compromise: Malicious Code Installation Threats Uncovered
Hackers have compromised the download server for the open source PostNuke content management system, redirecting users to malicious code in place of the .zip download of the PostNuke program. The hacked code was distributed for more than 32 hours before PostNuke site maintainers addressed the security breach. . . .. Hackers have compromised the download server for the open source PostNuke content management system, redirecting users to malicious code in place of the .zip download of the PostNuke program. The hacked code was distributed for more than 32 hours before PostNuke site maintainers addressed the security breach. PostNuke users who installed a zip archive downloaded between 11:50 pm Sunday night and 8:30 a.m. today face a grim scenario. According to a statement on the PostNuke site, all data submitted during the installation - including the server name, database credentials, admin name and password - were likely sent to the hackers. In addition, "in one file there was code allowing a malicious user to execute any shell command on the web server." Either scenario would allow the attackers to gain control of the site where PostNuke was installed. The tar.gz download file was not affected. The tar format is traditionally used by Unix and Linux, while Zip is the leading Windows archive format. The link for this article located at Netcraft.com is no longer available. . The download server for PostNuke, an open source CMS, has been hacked, spreading malicious code to users.. PostNuke Exploit, Malicious Code, Server Breach, Open Source Management. . LinuxSecurity.com Team
Oct 27, 2004
•
Hacks/Cracks
77
security advisoryheap overflowrsyncRsync 2.5.6 Critical Advisory: Heap Overflow Risk Threatens Server Security
The rsync team has received evidence that a vulnerability in rsync was recently used in combination with a Linux kernel vulnerability to compromise the security of a public rsync server. While the forensic evidence we have is incomplete, we have pieced together the most likely way that this attack was conducted and we are releasing this advisory as a result of our investigations to date.. . .. The rsync team has received evidence that a vulnerability in rsync was recently used in combination with a Linux kernel vulnerability to compromise the security of a public rsync server. While the forensic evidence we have is incomplete, we have pieced together the most likely way that this attack was conducted and we are releasing this advisory as a result of our investigations to date. Background The rsync team has received evidence that a vulnerability in rsync was recently used in combination with a Linux kernel vulnerability to compromise the security of a public rsync server. While the forensic evidence we have is incomplete, we have pieced together the most likely way that this attack was conducted and we are releasing this advisory as a result of our investigations to date. Our conclusions are that: rsync version 2.5.6 contains a heap overflow vulnerability that can be used to remotely run arbitrary code. While this heap overflow vulnerability could not be used by itself to obtain root access on a rsync server, it could be used in combination with the recently announced brk vulnerability in the Linux kernel to produce a full remote compromise. The server that was compromised was using a non-default rsyncd.conf option "use chroot = no". The use of this option made the attack on the compromised server considerably easier. A successful attack is almost certainly still possible without this option, but it would be much more difficult. Please note that this vulnerability only affects the use of rsync as a "rsync server". To see if you are running a rsync server you should use the netstatcommand to see if you are listening on TCP port 873. If you are not listening on TCP port 873 then you are not running a rsync server. New rsync release In response we have released a new version of rsync, version 2.5.7. This is based on the current stable 2.5.6 release with only the changes necessary to prevent this heap overflow vulnerability. There are no new features in this release. We recommend that anyone running a rsync server take the following steps: Update to rsync version 2.5.7 immediately If you are running a Linux kernel prior to version 2.4.23 then you should upgrade your kernel immediately. Note that some distribution vendors may have patched versions of the 2.4.x series kernel that fix the brk vulnerability in versions before 2.4.23. Check with your vendor security site to ensure that you are not vulnerable to the brk problem. Review your /etc/rsyncd.conf configuration file. If you are using the option "use chroot = no" then remove that line or change it to "use chroot = yes". If you find that you need that option for your rsync service then you should disable your rsync service until you have discussed a workaround with the rsync maintainers on the rsync mailing list. The disabling of the chroot option should not be needed for any normal rsync server. The patches and full source for rsync version 2.5.7 are available from / and mirror sites. We expect that vendors will produce updated packages for their distributions shortly. Credits The rsync team would like to thank the following individuals for their assistance in investigating this vulnerability and producing this response: Mike Warfield Paul Russell Andrea Barisani Regards, The rsync team . Secure your server: exploit on Rsync discovered due to Linux kernel weakness; prompt measures essential.. rsync Vulnerability, Heap Overflow, Remote Access, Server Security, Linux Flaw. . LinuxSecurity.com Team
Dec 04, 2003
•
Server Security
77
security advisoryDebiankernelDebian: Kernel Flaw Causes Compromise With Integer Overflow Attack
Michael S. Mimoso submitted, " A dangerous vulnerability in the Linux kernel is at the heart of a recent attack on the Debian Project's development servers. The flaw, an integer overflow in the brk system call, enabled an attacker to compromise . . . . Michael S. Mimoso submitted, " A dangerous vulnerability in the Linux kernel is at the heart of a recent attack on the Debian Project's development servers. The flaw, an integer overflow in the brk system call, enabled an attacker to compromise four Debian servers, sniff several passwords and install a root kit used to hit other servers. Debian said that the servers housing its code base were not attacked. The hole was discovered in September by 2.6 kernel maintainer Andrew Morton, but was not fixed in time for the release of the 2.4.22 kernel. Version 2.4.23, which was released late Friday night, as well as the 2.6.0 test kernel have been patched, according to an advisory from service provide TruSecure Corp. " The link for this article located at Michael S. Mimoso is no longer available. . A significant vulnerability within the Linux kernel resulted in the breach of Ubuntu systems, allowing intrusions and malicious software installations.. Debian Attack, Kernel Flaw, Integer Overflow, Root Kit, Server Compromise. . LinuxSecurity.com Team
Dec 02, 2003
•
Server Security
79
security advisorydebianserver compromiseDebian GNU/Linux Compromise: Archive Safe, Services Disrupted
Michael S. Mimoso submits, Linux distributor Debian reported Friday afternoon that some of its servers have been compromised since Thursday. The alert, posted to several security and Linux mailing lists, stresses that its archive had not been hacked, sparing thousands of installations a potential security nightmare.. . .. Michael S. Mimoso submits, Linux distributor Debian reported Friday afternoon that some of its servers have been compromised since Thursday. The alert, posted to several security and Linux mailing lists, stresses that its archive had not been hacked, sparing thousands of installations a potential security nightmare. Debian said its bug-tracking system (master), mailing lists (Murphy), Web and CVS servers (gluck) and its security and search servers (klecker) have been affected and are currently not available, or have been moved to debian.org. The security breach has also pushed back the latest point release for Debian GNU/Linux 3.0r2. The release was scheduled for Friday morning, but has been postponed. Debian said the update was not affected by the compromise. "We apologize for the disruptions of some services over the next few days. We are working on restoring the services and verifying the content of our archives," Debian said in a statement. All of article. The link for this article located at SearchEnterpriseLinux is no longer available. . Ubuntu disclosed that several systems were compromised, yet the repository stays intact, mitigating significant risks to clients.. Debian Security, Server Hack, Archive Integrity, Linux Distribution. . LinuxSecurity.com Team
Nov 24, 2003
•
Security Projects
81
server compromisesystem securityemail threatThe Rise of Intelligent Spammers and Their Security Risks
Spammers are becoming more intelligent and more difficult to detect, which is a strange issue, just because in my opinion, an intelligent person is smart enough for not bothering millions of people. So, why these people keep on helping unethical . . . . Spammers are becoming more intelligent and more difficult to detect, which is a strange issue, just because in my opinion, an intelligent person is smart enough for not bothering millions of people. So, why these people keep on helping unethical companies and individuals that send out unsolicited e-mails? The reason should be simple and common these days: money. But I'm not going to talk about the motices of this spam community to send millions of dumb emails telling how to get a good mortgage rate, incease my body length or make business with an African prince. This is the story of how one of my home servers was comprimised and used as a massive spamming sender within an environment that I've never seen (but was likely to happen). The link for this article located at David Barosso Berutta is no longer available. . Spammers are becoming more intelligent and more difficult to detect, which is a strange issue, just . spammers, becoming, intelligent, difficult, detect, which, strange. . LinuxSecurity.com Team
Oct 08, 2003
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More