Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 62 articles for you...
209
security practicessocial engineeringopen sourceOpenSSF & OpenJS Warning: Social Engineering Risks Affecting OSS Security
As the backbone of much of the world's technological infrastructure, the open-source community prides itself on transparency, collaboration, and innovation . However, these strengths can also present vulnerabilities, as seen with the notorious XZ Utils backdoor. . Recently, social engineering attacks targeting open-source projects have emerged as a significant threat. The Open Source Security Foundation (OpenSSF) and OpenJS Foundation have issued alerts highlighting attempts to manipulate project maintainers into granting unauthorized access or introducing malicious code. These incidents underscore the need for heightened awareness and robust defenses among Linux admins, developers, and open-source project maintainers. Let's examine these recent warnings and actionable strategies you can implement to combat this concerning trend. Understanding The Nature of Social Engineering Attacks Social engineering attacks exploit the human element of security, relying on deceit and manipulation rather than technical exploits. Attackers typically pose as legitimate contributors or community members, using friendly and persuasive tactics to build trust over time. The ultimate goal is often to gain maintainer status or convince existing maintainers to accept harmful changes. This method can be particularly effective in open-source environments where collaboration and trust are foundational. Recognizing Suspicious Activity To combat these threats, we must be able to recognize the patterns of social engineering attacks. Persistent, friendly engagement from relatively unknown contributors aiming for high-level access should raise red flags. Additionally, endorsements from unfamiliar accounts or networks can signal coordinated deception efforts. Pay close attention to pull requests (PRs) containing obfuscated code or binaries that lack transparency. Such changes can be vehicles for introducing malicious payloads. Security admins must remain vigilant for deviations from standard build and deploymentpractices that could compromise security. If a contributor creates a false sense of urgency, pushing for expedited reviews or immediate changes, take a step back and scrutinize their motives. Strengthening Authentication and Access Controls Strong authentication methods are one of the best ways to safeguard against attacks. Two-factor or multifactor authentication (MFA) can add another layer of protection, making it much harder for attackers to gain unauthorized access. Password managers provide additional security and ensure passwords are strong, unique, and not reused across services. Administrators should store recovery codes safely offsite to regain control if their accounts become compromised. Ensuring Code Integrity The review and merging of code can be critical points of vulnerability. Enabling branch protections and insisting on signed commits can help maintain the integrity of a codebase. Code reviews are required from a second developer before merging, even for changes proposed by maintainers. This additional step can catch potentially harmful alterations before they’re integrated into the project. It’s also essential to enforce readability requirements for new code. Obfuscated code or binaries hidden within a pull request can introduce significant security risks. By ensuring all changes are human-readable, maintainers can better understand the logic and purpose behind each modification, making it easier to spot malicious intent. Periodic Reviews and Minimal Permissions Administrative practices also play a crucial role in defending against social engineering attacks. Regularly review the list of committers and maintainers to verify their ongoing involvement and legitimate status within a project. Removing inactive or unnecessary accounts can reduce the risk of hijacking dormant accounts. Limiting npm publish rights and other critical permissions to trusted individuals can further minimize risk. Ensuring that only a small, trusted group can make significant changesreduces the number of potential entry points for attackers. This principle of least privilege is a fundamental aspect of a security posture. Establishing and Following Security Policies A clear and comprehensive security policy is a cornerstone of protecting open-source projects. This policy should include protocols for coordinated disclosure, providing a transparent process for reporting and addressing vulnerabilities. By establishing these guidelines, maintainers can ensure that any discovered issues are handled systematically and securely. It's also imperative to align with industry standards for security best practices. Resources like the OpenSSF Guides provide valuable insights and frameworks to help maintainers enhance their security posture. Regularly updating and reviewing these policies ensures they remain relevant and effective in the face of evolving threats. Leveraging External Support No project is an island; the broader open-source community offers resources and support. Foundations like The Linux Foundation and OpenJS Foundation can provide valuable assistance and technical resources. These organizations can offer guidance and security reviews and help coordinate responses to security incidents. Alpha-Omega and Sovereign Tech Fund provide financial and technical support tailored explicitly toward strengthening the security of open-source projects. Participating projects gain access to funding and expertise by joining these programs, significantly boosting their defensive capacities. Fostering Vigilance To guard against social engineering attacks, open-source communities should create an atmosphere of vigilance. Communication channels must remain open between maintainers and contributors while encouraging transparency among contributors. Creating an atmosphere where maintainers and contributors feel comfortable reporting suspicious activities can help detect and mitigate threats early. Training and awareness programs also play a vital role in keepingprojects secure. Informing maintainers and contributors about social engineering attacks, their signature tactics, and how to recognize them can significantly bolster project defenses. Regular security training sessions consider these risks and prepare everyone involved if suspicious activities emerge. Our Final Thoughts on These Warnings Open-source communities' collaborative nature is their greatest strength and weakness, creating opportunities and risks. As social engineering attacks become more sophisticated, Linux security admins must take proactive measures to safeguard their projects against takeover attempts by recognizing suspicious activity, strengthening authentication and access controls , assuring code integrity, and enlisting external support to decrease takeover risk. Through vigilance, transparency, and community collaboration, the integrity and security of open-source projects can be maintained to ensure they continue to flourish and innovate over time. The joint alert from OpenSSF and OpenJS Foundation is an essential reminder that while the collaborative spirit of open-source projects is invaluable, their security must also be protected with robust measures and proactive approaches. By adopting these best practices, Linux security admins can ensure their projects remain safe from current and emerging digital threats. What measures are you taking to secure your open-source projects? Reach out to us @lnxsec and let us know! . Manipulation tactics target community-driven software; implement effective measures to strengthen defenses and resilience.. Open Source Security, Social Engineering Threats, Security Practices, Code Integrity, Community Collaboration. . Brittany Day
Jan 15, 2025
•
Security Trends
209
social engineeringbackdoor attackcybersecurity awarenessTargeted Attacks on Open Source Maintainers Highlight Security Risks
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently targeting the Linux xz data compression library, XZ Utils . Many believe the attempt to backdoor Linux’s xz data compression library might not be an isolated incident. According to the OpenJS Foundation and Open Source Security Foundation (OpenSSF) , there has been a series of suspicious emails that appear targeted at a popular unnamed JavaScript project that the OpenJS Foundation hosts. . What Targeted Threats Have Been Identified Targeting Open-Source Maintainers? The emails were sent from different names, all with GitHub-associated email addresses, and were constructed around the same theme. The suspected attackers were trying to get themselves added as project maintainers to “address any critical vulnerabilities” but didn’t provide details on these vulnerabilities, which raises suspicion. This approach is similar to how the backdoor was introduced into XZ/liblzma, and as a result, it has been flagged as a potential security danger. Two other popular JS projects also received similar messages, raising more concern that certain groups of attackers are looking to introduce backdoors into open-source projects. Moreover, OpenJS immediately flagged the potential security concerns to cybersecurity and infrastructure security agencies within the United States Department of Homeland Security (DHS). This kind of attack is not new, yet it seems an effective way for attackers to infiltrate an open-source project. Therefore, it is critical to note that project maintainers must be extra vigilant and perform rigorous checks when adding contributors as maintainers. According to the article, this attack method utilizes social engineering techniques and exploits a sense of duty that maintainers feel toward their projects to infiltrate them. What Can Be Done to Combat This Threat? The attack method exploits the maintainers’ sense of socialresponsibility to deceive them. As such, promoting technical expertise and sharing knowledge about emerging threats and attack methods is imperative. Additionally, it is necessary to ensure that open-source projects are well-funded and their maintainers are adequately supported. This would serve as a significant deterrent against potential social engineering attacks. As such, governments and other organizations must allocate resources to help secure the broader open-source ecosystem. Funding for security developers has already had a tremendous effect, for example, the security-focused Alpha-Omega project , which Microsoft, Amazon, and Google support. Germany’s Sovereign Tech Fund aims to support foundations like OpenJS to strengthen infrastructure and security. Our Final Thoughts on This Attack This attack is a clear example of how attackers can infiltrate open-source projects by exploiting users’ trust to introduce backdoors. Consequently, we recommend coordinating efforts from different organizations and collaborating globally within the open-source ecosystem. In essence, this will help ensure that open-source developers are better equipped to identify such threats and mitigate them promptly. Therefore, more resources, a coordinated approach, knowledge sharing, and adequate funding are imperative in raising open-source security levels to protect our interconnected open-source projects and shared digital economies. . Open-source software is vital to tech, yet it's increasingly under attack. Discover insights on motives behind these assaults and ways to secure projects. Open Source Security, Backdoor Attacks, Developer Vigilance, Cyber Threats, Trust Exploitation. . Brittany Day
Apr 16, 2024
•
Security Trends
74
social engineeringsecurity threatattack methodsExploring Social Engineering: Key Threats and Manipulation Tactics
This small article is a brief overview on social engineering. It talks a bit about the psychology of social engineering, the security threat it imposes and about the methods used for it. Basically, this article is a summary that covers the . . . . This small article is a brief overview on social engineering. It talks a bit about the psychology of social engineering, the security threat it imposes and about the methods used for it. Basically, this article is a summary that covers the important facts (from my point of view) about social engineering. One of the basic laws of information security is that 'Client-Side Security Doesn't Work', or more precisely, as Scott Culp says: "The basic problem with client-side security is that the person sitting physically in front of the client has absolute control over it", and "If a bad guy has unrestricted physical access to your computer, it's not your computer anymore". Social engineering attack uses the fact that the human part of the security is the most essential. Moreover, there is not a single computer system in the world that does not rely on humans. This is why this security weakness is independent of platform, software, network, firewalls, VPNs etc. . Exploring social engineering unveils psychological tactics used to manipulate individuals into security breaches, focusing on trust, emotions, and cognitive biases.. Social Engineering, Security Threat, Psychology Methods. . Anthony Pell
Jan 13, 2024
•
Network Security
210
security advisoryupdatemalwareWireshark Security Alert: Malware Risk From Packet Capture Files
Maliciously constructed Wireshark packet capture files might be used to distribute malware , providing recipients can be tricked into double clicking file URL fields. A CVE has been assigned to the security issue (now resolved through a recent update) due its potential for harm, despite the fact that some social engineering trickery is required. . Variants of the same attack could potentially be thrown against users of the popular network security tool, widely used by security analysts and penetration testers, whether they use Windows or Xubuntu Linux-based systems. The attack, discovered by security researcher Lukas Euler of Positive Security , is explained in a recent post on GitLab that features proof-of-concept videos. Even though developers of Wireshark normally avoid asking for a CVE to be created for potential security issues that require user interaction, an exception was made in this case because of the “low barrier to entry and level of control” an attacker might gain. The issue, tracked as CVE-2021-22191 , was resolved through a recent update. . Alterations of a breach could target individuals employing popular cybersecurity solutions, increasing the dangers of malware propagation.. Network Attack Vectors, Wireshark Security Risks, Malware Distribution. . Brittany Day
Mar 16, 2021
•
Security Vulnerabilities
209
social engineeringsecurity awarenessdata accessUnderstanding Social Engineering: Psychological Tactics to Gain Access
Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems or data. Learn how to spot the signs in a great CSO article: . Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems or data. For example, instead of trying to find a software vulnerability, a social engineer might call an employee and pose as an IT support person, trying to trick the employee into divulging his password. Famous hacker Kevin Mitnick helped popularize the term 'social engineering' in the '90s, although the idea and many of the techniques have been around as long as there have been scam artists. . Social engineering manipulates human behavior to bypass security and gain unauthorized access. Learn how to defend against these cunning tactics to stay safe. Social Engineering, Human Exploitation, Security Awareness, Cybersecurity Tactics. . Brittany Day
Sep 25, 2019
•
Security Trends
76
data protectioncybersecurity threatssocial engineeringGDPR Exploitation Risks: Identity Theft at Black Hat USA Conference
The GDPR (General Data Protection Regulation) is supposed to help individuals keep their information private, but as it turns out, it could also potentially serve to help attackers as well. . In a session at the Black Hat USA conference in Las Vegas, titled, "GDPArrrrr: Using Privacy Laws to Steal Identities", James Pavur, DPhil student and Rhodes Scholar at Oxford University , outlined how he was able to abuse a key component of the GDPR to get access to personally identifiable information for his fiance. Pavur said that there are multiple exploitable properties of GDPR, that a social engineering attacker could seek to exploit. The first is fear of non-compliance, since GDPR prescribes large fines if there is a violation. The link for this article located at Infosecurity is no longer available. . The GDPR was created to protect personal data in the EU, but studies show that malicious actors exploit it using social engineering for identity theft. GDPR exploitation, identity theft awareness, privacy regulations, social engineering tactics, cybersecurity threats. . Brittany Day
Aug 09, 2019
•
Organizations/Events
83
incident responsesocial engineeringcybersecurityIncreasing Cybersecurity Needs More Hackers for Effective Defense
Cybersecurity incidents are gaining an increasingly high profile. In the past, these incidents may have been perceived primarily as a somewhat distant issue for organizations such as banks to deal with. But recent attacks such as the 2017 Wannacry incident, in which a cyber attack disabled the IT systems of many organizations including the NHS, demonstrates the real-life consequences that cyber attacks can have. . These attacks are becoming increasingly sophisticated, using psychological manipulation as well as technology. Examples of this include phishing emails, some of which can be extremely convincing and credible. Such phishing emails have led to cybersecurity breaches at even the largest of technology companies, including Facebook and Google. The link for this article located at TheNextWeb is no longer available. . The frequency of cybersecurity breaches is escalating, revealing tangible impacts from assaults fueled by manipulation techniques and deceptive email schemes.. Cybersecurity Attacks, Incident Response Strategies, Cyber Threat Actors. . LinuxSecurity.com Team
Apr 25, 2019
•
Hacks/Cracks
83
social engineeringhackingsecurity trendsExploring 2018's Most Intriguing Hacks And Hacker Psychologies
Each year a few hackers do something new that begs further examination. The general public and Hollywood paints most hackers as these uber-smart people who can take control of entire city’s infrastructure and crack any password in seconds.. The reality is that most hackers are fairly average people with average intelligence. Most don’t do anything new. They just repeat the same things that have worked for years, if not decades, using someone else’s tool based on someone else’s hack from many years ago. The link for this article located at CSO Online is no longer available. . The high-profile cyber hacks of 2018 exposed vulnerabilities in organizations, revealing techniques like social engineering and outdated security measures.. Hacker Insights, Cyber Attacks 2018, Security Trends, Hacking Behaviors. . LinuxSecurity.com Team
Dec 27, 2018
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More