Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 5 articles for you...
210
security advisorysecurity updatesoftware fixFirefox: Latest Update Resolves Critical Data Leakage Issue
Have you heard about the cryptographic data leakage in Firefox's latest security update? It has now been fixed. Learn how to check if you have the update - and be sure to install it immediately if you do not. . We don’t know whether lockdown has anything to do with it, but how time flies! We couldn’t believe it either – it’s four weeks since Firefox’s last regular security update. If you want to check your version numbers, Firefox 76.0 is now replaced by 77.0; Firefox 68.8.0ESR is now 68.9.0ESR, and the Tor Browser, based on Firefox ESR, is now at version 9.5 and based on 68.9.0ESR. . Mozilla has rolled out a security patch to rectify a vulnerability linked to sensitive data exposure in Firefox. Be sure to apply this update without delay!. Firefox Update, Security Fix, Data Leakage, Version Check. . Brittany Day
Jun 04, 2020
•
Security Vulnerabilities
81
security advisorysoftware fixcustomer protectionFiserv: Critical Data Exposure in Web Platform for Banks
Fiserv, Inc., a major provider of technology services to financial institutions, just fixed a glaring weakness in its Web platform that exposed personal and financial details of countless customers across hundreds of bank Web sites, KrebsOnSecurity has learned. . Brookfield, Wisc.-based Fiserv [NASDAQ:FISV] is a Fortune 500 company with 24,000 employees and $5.7 billion in earnings last year. Its account and transaction processing systems power the Web sites for hundreds of financial institutions — mostly small community banks and credit unions. The link for this article located at Krebs on Security is no longer available. . Fiserv has taken steps to rectify a crucial vulnerability in its online system that jeopardized sensitive client information for various financial institutions.. Fiserv, Financial Technology, Data Exposure, Web Security, Customer Data Protection. . LinuxSecurity.com Team
Aug 28, 2018
•
Privacy
83
security advisoryremote code executionpatchNetBSD tnftp Remote Code Execution Patch Overview: Severity and Fixes
The maintainer of the tnftp FTP client has patched a remote code execution vulnerability which affected operating systems including NetBSD, FreeBSD and Mac OS X. The flaw (CVE-2014-8517), which did not affect OpenBSD due to modifications, was patched over the weekend. . Maintainer Luke Mewburn notified NetBSD (which ships tnftp) of the patch in a mailing list post after warning subscribers about the hole last week. The link for this article located at The Register UK is no longer available. . Maintainer Luke Mewburn notified NetBSD (which ships tnftp) of the patch in a mailing list post afte. maintainer, tnftp, client, patched, remote, execution, vulnerability, which, affec. . LinuxSecurity.com Team
Nov 03, 2014
•
Hacks/Cracks
78
security advisoryDoSsoftware fixClamAV 0.96.1 Security Advisory: Addressing DoS and Null Pointer Issues
Version 0.96.1 of ClamAV, the free and open source toolkit, fixes bugs which cause it to crash when faced with crafted PDF and PE files. Attackers had been able to exploit these vulnerabilities to disrupt network operation, allowing them to disable web proxies or mail gateways, for example. . The developers have also dealt with a possible null pointer dereference when processing 7zip archives. The bugs are located in libclamav/pdf.c, libclamav/pe_icons.c and libclamav/7z/Archive/7z/7zIn.c and are fixed in the Git repository and in the source code. A tarball of the source code is available to download. 32 and 64-bit (direct download) binaries are available to download for Windows users, though the 64 bit version is still in beta. ClamAV is licensed under the GPL and is also available for various Linux and Unix distributions. The link for this article located at H Security is no longer available. . ClamAV version 0.96.1 enhances security by tackling denial-of-service vulnerabilities and correcting null reference problems within the framework.. ClamAV Updates, DoS Security Fixes, Open Source Toolkit Enhancements. . LinuxSecurity.com Team
May 25, 2010
•
Vendors/Products
78
security advisorycriticalmemory corruptionMozilla Firefox 3.5.6 Critical Security Update: Memory Corruption Risks
The Mozilla developers have released version 3.5.6 of their open source Firefox web browser to address a total of seven vulnerabilities, three of them critical. According to Mozilla, the release "is a short-cycle security and sustained engineering release to fix several top crashing bugs". . The update fixes a critical vulnerability in the browser engine used in Firefox that could cause a crash, possibly leading to memory corruption and the execution of arbitrary code. The other two critical bugs in liboggplay and the Theora video library could also lead to a crash and potentially execute arbitrary code on a victim's computer. Additionally, one high risk vulnerability in which "NTLM credentials from one application could be forwarded to another arbitary application via the browser", two moderate risk issues related to the location bar and the chrome window.opener, and one low risk vulnerability, have been closed. Mozilla has also released an update for the 3.0.x branch of Firefox, which will receive security and stability updates until January of 2010. Firefox 3.0.16 is available to download and addresses all of the above vulnerabilities except the bug relating to the Theora video library, since video capabilities were not added until Firefox 3.5 so prior releases are not affected. The link for this article located at H Security is no longer available. . The update fixes a critical vulnerability in the browser engine used in Firefox that could cause a c. mozilla, developers, released, version, their, source, firefox, browser, addre. . LinuxSecurity.com Team
Dec 16, 2009
•
Vendors/Products
78
security advisoryupdatedebianDebian 3.1 Advisory: 172 Software Fixes for Critical Security Updated
The Debian Project has released an update to its popular GNU/Linux distribution, with security-related bugfixes a key feature. "This is the first update of Debian GNU/Linux 3.1 (codename 'Sarge') which mainly adds security updates to the stable release, along with some corrections to serious problems," said Debian security team member Martin Schulze in an e-mail announcing the update. . Schulze said systems administrators who regularly updated their Debian-based systems with security patches would not have to update much software. The update contains fixes for 172 pieces of software, including high-profile entries like spam-buster SpamAssassin, Web browser Mozilla Firefox and its sister project the Thunderbird e-mail client, the PHP and Python scripting languages, Web server Apache and anti-virus software ClamAV, in addition to the Linux kernel. The link for this article located at ZDNet is no longer available. . Ubuntu's new release bolsters safety by addressing vulnerabilities, affecting 150 applications such as Chrome and Nginx.. Debian Linux, Software Fixes, Security Update, Administration, Bug Fixes. . LinuxSecurity.com Team
Dec 21, 2005
•
Vendors/Products
74
risk managementsoftware fixpatch managementEffective Patch Management: Securing IT Infrastructure in Banking
Imagine that you are the IT Director of a large retail bank with an active and highly visible Internet banking service. While driving into the office, half-listening to the radio news, you hear your bank's name being announced, immediately followed by the words "hacker", "massive system failure" and "identity theft". . . .. Imagine that you are the IT Director of a large retail bank with an active and highly visible Internet banking service. While driving into the office, half-listening to the radio news, you hear your bank's name being announced, immediately followed by the words "hacker", "massive system failure" and "identity theft". As you take the news in, you recall an earlier email concerning a patch that needed to be applied to your web servers. Two thoughts pass through your mind: "Surely those patches were deployed properly" and "Should I bother driving to the office?" According to Gartner, patches are defined as "a software fix made or distributed in a quick and expedient way - typically, via a separate piece of software that users can download and run to modify an application already installed on their computers." The link for this article located at David D’Agostino is no longer available. . Implementing robust update strategies is vital for technology leaders overseeing threats and maintaining system integrity.. Patch Management, IT Security, Banking Security, Software Update. . Anthony Pell
Sep 28, 2004
•
Network Security
78
security advisorybuffer overflowsendmailSendmail: Buffer Overflow Advisory: Collaborative Security Response
Several users welcomed the growing willingness of vendors and security researchers to work together to identify and fix software vulnerabilities in the wake of last week's disclosure of a major hole in a widely used e-mail protocol .. . .. Several users welcomed the growing willingness of vendors and security researchers to work together to identify and fix software vulnerabilities in the wake of last week's disclosure of a major hole in a widely used e-mail protocol . But they also expressed concern over the practice by some in the security community to release vulnerability information to certain users before making it available to the public. Atlanta-based security vendor Internet Security Systems Inc. (ISS) and Emeryville, Calif.-based Sendmail Inc. last week disclosed the existence of a major buffer-overflow vulnerability in the sendmail mail-transfer agent, which handles more than 50% of all Internet e-mail traffic. The link for this article located at Computerworld is no longer available. . Numerous individuals recognized the growing partnership among suppliers and security experts to address weaknesses.. Software Vulnerabilities,Bug Disclosure,Incident Response,Security Collaboration. . LinuxSecurity.com Team
Mar 12, 2003
•
Vendors/Products
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More