Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
210
risk managementsoftware updatesoftware patchUnderstanding The Impact Of Unpatched Servers On Security Risks
Humans make mistakes, software has bugs and some of these bugs are exploitable vulnerabilities. The existence of vulnerabilities in software is not a new problem, but as the volume of software in existence grows, so does the number of exploitable vulnerabilities. Learn more about this worrisome trend in an interesting Security Boulevard article. . In the last couple of years, over 22,000 new vulnerabilities have been discovered each year. This does not include all of the vulnerabilities that have been previously discovered and reported. Currently, over 139,000 CVEs exist, and not every publicly disclosed vulnerability is assigned a CVE. Keeping up with the flood of new vulnerabilities is a challenge for any organization. In 2019 alone, an average of 61 new vulnerabilities were reported daily. Even though an organization would likely be affected by a fraction of these, it is necessary to check if each vulnerability is applicable; if it is, the organization must test the patch, apply it and verify that it is applied successfully. This assumes that an organization is currently up-to-date on patching, and many are not. The link for this article located at Security Boulevard is no longer available. . Each year, more than 22,000 security flaws are identified, underscoring the critical importance of prompt software maintenance and effective patch management.. Software Security, Patch Management, Server Security Issues, Exploitable Bugs. . Brittany Day
Sep 24, 2020
•
Security Vulnerabilities
77
security issuedata protectionsecurity toolIdentifying and Mitigating Emerging Threats in VMware Security
Server virtualization is becoming all the rage in many data centers as enterprises seek greater efficiency and cost savings by consolidating their hardware. Unfortunately, some of these enterprises have overlooked the security implications of virtualizing their environments -- but hackers and security researchers haven't.. At ShmooConearlier this month, security pros had a chance to get an up-close-and-personal look at one of the newest, previously unreleased exploits for the virtualized server environment. While not quite a zero-day vulnerability (the researchers worked directly with VMware before releasing details), the directory traversal exploit against VMware Server and ESX/ESXi is still catching virtual server admins with their pants on the ground. Justin Morehouse and Tony Flick's presentation, "Stealing Guests...theVMware Way," detailed the attack and included an easy-to-use tool that would allow an unauthenticated attacker to download any guest virtual machine from an affected system. Even without the tool, the attack was simple enough to carry out with a Web browser -- throw in a quick search with Shodan, and well, you know what they say about "idle hands." Still feeling insecure about choosing to virtualize your servers? You're not alone. According to the CDW's "Server Virtualization Life Cycle Report: Medium and Large Businesses," 17 percent of IT executives said their most significant barrier to server virtualization was concern about security. Concerns such as these may be one reason why only 37 percent of data and application have been virtualized. But virtualization efforts are ramping up quickly, according to a Gartner study that predicts approximately 50 percent of x86 architecture server workloads will be virtualized by the end of 2012. The added complexity of virtualization could decrease visibility into network traffic and the data flowing in and out of sensitive servers; it could also create questions as to whether one virtual system compromise will affect other virtual guestsystems. Ultimately, the question is: How do you know your data is secure in your virtual environment? The link for this article located at Dark Reading is no longer available. . Explore the newest vulnerabilities in cloud infrastructures and the strategies to protect against evolving cyber risks.. Server Security, Virtualization Risks, Cybersecurity Tools. . LinuxSecurity.com Team
Feb 15, 2010
•
Server Security
77
security advisorydenial of servicecyber threatEmail Attack Advisory: Disrupting Servers Through Forged Messages
A crafty way of knocking out any email server using a few carefully constructed emails has been identified by a team of computer security experts. The trick involves sending forged emails that contain thousands of incorrect addresses in the "copy to" fields that are normally used to send duplicate messages. Researchers at UK-based NGSSoftware sent these emails to the largest email servers on the internet, and found they could force huge quantities of unwanted email to pour into another mail server of their choice. . . .. A crafty way of knocking out any email server using a few carefully constructed emails has been identified by a team of computer security experts. The trick involves sending forged emails that contain thousands of incorrect addresses in the "copy to" fields that are normally used to send duplicate messages. Researchers at UK-based NGSSoftware sent these emails to the largest email servers on the internet, and found they could force huge quantities of unwanted email to pour into another mail server of their choice. The exploit depends on finding a server configured to return an email plus its attachments to each incorrect address. But this can be tested by sending just a single message. The next step is to forge an email so it appears to come from the mail server that is to be the target of the attack. This is also relatively simple trick. Finally, the forged email, complete with the thousands of incorrect addresses is sent. The resulting avalanche of "bounced" messages sent to the target server would almost certainly cause it to crash, and leave its users without access to their mail. "With one 10 kilobyte email I could then send 100 megabytes back to a server of my choosing," says Gunter Ollman, one of the researchers who identified the potential attack. Fortune 500 The researchers tested the email servers of all Fortune 500 companies and found that 30 per cent could be used to launch this type of attack. The link for this article located at newscientist.com is no longer available. .Uncover a tactic to compromise messaging systems through counterfeit emails and a strategy that takes advantage of server setups.. Email Exploit, Server Attack, Email Security, Cybersecurity Threat, Denial of Service. . LinuxSecurity.com Team
Apr 08, 2004
•
Server Security
78
security advisoryapachechunk encodingApache Server: Chunk Encoding Worm Threat Investigation and Mitigation
In the wake of the Apache Chunk Encoding vulnerability, the fun just doesn't seem to end. There seems to be another worm on the loose. The details of it are still being investigated. Currently, there is a thread on . . . . In the wake of the Apache Chunk Encoding vulnerability, the fun just doesn't seem to end. There seems to be another worm on the loose. The details of it are still being investigated. Currently, there is a thread on Bugtraq dedicated to this discussion. Located at the website are what little details are known about this so called worm. It was recently captured by the honeypot running on Microlink.lt. It installs itself on whatever server it can find vulnerable to its exploit. The intermediate advice is to patch your server until more information can be found out. . Delve into the recent findings concerning the Apache worm tied to vulnerabilities in Chunked Encoding, along with preventive strategies. Take immediate action!. Apache Worm, Chunk Encoding, Server Exploit, Security Threats. . LinuxSecurity.com Team
Jun 28, 2002
•
Vendors/Products
74
security advisoryRed Hatsecurity flawsRed Hat: Ramen Internet Worm Exploiting Security Issues in 6.2 and 7.0
Ramen is an Internet worm, which propagates from a Linux based server to another. It works in a similar way as the Morris Worm that was widespread in 1989. Ramen affects systems running a default installations of Red Hat Linux . . . . Ramen is an Internet worm, which propagates from a Linux based server to another. It works in a similar way as the Morris Worm that was widespread in 1989. Ramen affects systems running a default installations of Red Hat Linux 6.2 and 7.0. It attempts to infect the system by exploiting two know security vulnerabilities. If the worm gets access to the vulnerable host, it will replace the default page of the web server to one that contains the following text: RameN Crew - Hackers looooooooooooove noodles. Here's a pretty good technical description of the worm and it's contents. The link for this article located at F-Secure is no longer available. . Ramen is an Internet worm, which propagates from a Linux based server to another. It works in a simi. ramen, internet, which, propagates, linux, based, server, another, works. . Anthony Pell
Jan 18, 2001
•
Network Security
74
security advisorytraffic managementdenial-of-serviceDenial-of-Service Threat: Server Flaw in Resource Management
Known as a resource-deprivation attack, Internet data sent in a certain way could cause servers to crash under an artificial avalanche of data. Security consultant BindView Corp. has announced that a widespread flaw in the way that servers handle Internet traffic . . . . Known as a resource-deprivation attack, Internet data sent in a certain way could cause servers to crash under an artificial avalanche of data. Security consultant BindView Corp. has announced that a widespread flaw in the way that servers handle Internet traffic could result in so-called denial-of-service attacks similar to the ones that plagued the Web last February. The idea is nothing new: Send data to a server in a certain way so that the computer reserves memory and processor time for the connection -- and repeat many, many times. When the server runs out of memory or slows down to a crawl, certain functions will stop responding. The link for this article located at ZDNet is no longer available. . Known as a resource-deprivation attack, Internet data sent in a certain way could cause servers to c. known, resource-deprivation, attack, internet, certain, cause, servers. . Anthony Pell
Dec 02, 2000
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More