Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
79
software practicescybersecurity initiativesopen source securityLinux Foundation Allocates $10 Million for Open Source Security Initiatives
The Linux Foundation has raised $10 million in new investments to expand and support its Open Source Security Foundation project. “This industrywide commitment is answering the call from the White House to raise the baseline for our collective cybersecurity well-being, as well as ‘paying it forward’ to open source communities to help them create secure software from which we all benefit,” Jim Zemlin, executive director at the Linux Foundation, said in a statement. “With the tremendous growth and pervasiveness of open source software, building cybersecurity practices and programs that scale is our biggest task at hand.” . The funding came from members of the foundation. The long lineup: Dell Technologies Inc., Telefonaktiebolaget LM Ericsson, Facebook Inc., Fidelity Investments Inc., GitHub Inc., Google LLC, International Business Machines Corp., Intel Inc., JPMorgan Chase & Co., Microsoft Corp., Morgan Stanley, Oracle Corp., Red Hat Inc., Snyk Inc., VMware Inc., Anchore Inc., Apiiro LLC, AuriStar Technologies Inc., Deepfence Inc., Devgistics, GitLab Inc., Nutanix Inc., Tidelift Inc. and Wind River Systems Inc. The Open Source Security Foundation, launched as a project of the Linux Foundation earlier this year , is a cross-industry collaboration that brings together multiple open-source software initiatives to identify and fix cybersecurity vulnerabilities in open-source software. OpenSSF also develops improved tooling, training, research, best practices and vulnerability disclosure practices. . The Linux Collective has obtained $10M to strengthen the Open Source Security Initiative, promoting robust software methodologies.. Open Source Security,Cybersecurity Initiatives,Linux Foundation Funding. . LinuxSecurity.com Team
Oct 18, 2021
•
Security Projects
76
software practicesbest practicesopen source securityOpen Source Security Foundation Drives Initiatives For Better Practices
The newly formed Open Source Security Foundation includes technology giants such as Google, Intel, Microsoft, IBM, among others. The organization aims to improve the security of OSS through the creation of "targeted initiatives," streamlining recommended best practices, and more. . Open-source code has become integral for global organizations across. In 2019, Red Hat's initial State of Enterprise Open Source survey found that 69% of IT professionals surveyed believed open-source software to be very important or extremely important. In the 2020 Red Hat survey , more than three-quarters (77%) of IT leaders believed the use of open source solutions in the enterprise will continue to see growth. Today, the creation of the Open Source Security Foundation (OpenSSF). The newly formed organization is intended to unite leaders across industries to enhance open-source software (OSS) security. To do so, this multi-industry collaborative will focus on creating "targeted initiatives," streamlining recommended best practices, and more. Overall, the partnership involves efforts from major players in the tech industry including IBM, Google, GitHub, Microsoft, Okta, Intel, and others. . The recently established Collaborative Software Safety Alliance seeks to improve application security via cutting-edge solutions and proven methodologies.. Open Source Security, Software Foundation, Security Initiatives, Technology Collaboration, Best Practices. . Brittany Day
Aug 04, 2020
•
Organizations/Events
82
open sourcesoftware developmentsoftware practicesIowa Caucus App Failures: Enhancing Reliability With Open Source Solutions
Opinion: It was incompetence, not politics, that led to the Iowa caucus app misfiring. Above all, it was poor programming. Open-source software techniques could have prevented this blunder. . When the Iowa Democratic Caucus results were delayed by an application foul-up Bernie Sanders supporters were outraged at a stolen victory. Now, as the results trickle in, and Sanders' results turned out OK , they've quieted down. But the fact remains that the application not only fouled up caucus results reporting, but it also made people even less trusting of the election process. Most of the Iowa caucus post-mortem has focused onShadow, the company behind the app, and its parent organization, Acronym . The root problem wasn't with the groups behind the misfiring application, IowaReporterApp; it was with a fundamentally flawed software development process. The link for this article located at ZDNet is no longer available. . Discover the Iowa caucus app failure due to poor coding and how open source practices might have enhanced its reliability.. Iowa Caucus App, Open Source Solutions, Programming Practices, Software Accountability. . Brittany Day
Feb 07, 2020
•
Government
82
software practicestransparencygovernment collaborationExploring Open Source Policies for Enhanced Government Collaboration
The government is now a little more open. This week, the White House released its first official federal source code policy, detailing a pilot program that requires government agencies to release 20 percent of any new code they commission as open source software, meaning the code will be available for anyone to examine, modify, and reuse in their own projects.. The government agencies will also share more code with each other, essentially adopting open source practices within their own governmental universe.. Public institutions are urged to embrace and implement open-source methodologies, promoting clarity in coding.. Open Source Reform, Government Policy, Code Transparency, Software Collaboration, Source Code Sharing. . Brittany Day
Apr 06, 2018
•
Government
77
developer engagementsecurity trainingsecure code13 Strategies To Engage Developers In Software Security Training
It's easy to understand that software security starts with writing secure code. Keep the flaws out from the beginning and you've bought yourself several pounds of prevention. Baking security in up front is logical and makes good technical and business sense; however, getting your developers on board with security training is not necessarily going to be an easy task. At first glance, it might seem that selling software security to developers would require the same approach as getting buy-in from executive management and the average user. It's not quite that simple. . Developers are smart and independent thinkers that need better reasons to develop with software security in mind other than the worn out "because it's the right thing to do" spiel. Whether you're a Chief Information Security Officer, development manager, or compliance director, the following are 13 ways you can get your developers on board with software security and ongoing security training for the long haul. The link for this article located at www.securitypronews.com is no longer available. . Coders must find convincing motivations to make software security a focal point in their development habits, thereby strengthening overall security.. Developer Engagement, Security Training, Secure Coding, Software Practices. . LinuxSecurity.com Team
Jun 02, 2006
•
Server Security
77
software practicessecure codingeducationExploring Secure Coding Education Challenges in Programming
We've been trying to educate programmers about writing secure code for at least a decade and it flat-out hasn't worked. While I'm the first to agree that beating one's head against the wall shows dedication, I am starting to wonder if we've chosen the wrong wall. What's Plan B? . . .. It doesn't seem that a day goes by without someone announcing a critical flaw in some crucial piece of software or other. Is software that bad? Are programmers so inept? What the heck is going on, and why is the problem getting worse instead of better? One distressing aspect of software security is that we fundamentally don't seem to "get it." In the 15 years I've been working the security beat, I have lost track of the number of times I've seen (and taught) tutorials on "how to write secure code" or read books on that topic. It's clear to me that we're: * Trying to teach programmers how to write more secure code * Failing miserably at the task We're stuck in an endless loop on the education concept. We've been trying to educate programmers about writing secure code for at least a decade and it flat-out hasn't worked. While I'm the first to agree that beating one's head against the wall shows dedication, I am starting to wonder if we've chosen the wrong wall. What's Plan B? The link for this article located at acmqueue.com is no longer available. . Ongoing awareness is essential since programming vulnerabilities endure, prompting inquiries into the adequacy of cybersecurity training.. Secure Coding, Education Challenges, Software Protection. . LinuxSecurity.com Team
Jun 29, 2004
•
Server Security
79
open sourcesoftware practicesquality assuranceExploring Open Source Security Myths and Quality Practices
The author revisits a debate begun here recently on the nature of security in Open Source projects: do 'lots of eyeballs' insure secure code? It is a common misconception amongst users of Open Source software that it is a panacea when it comes to creating secure software.. . .. The author revisits a debate begun here recently on the nature of security in Open Source projects: do 'lots of eyeballs' insure secure code? It is a common misconception amongst users of Open Source software that it is a panacea when it comes to creating secure software. Although this belief is rarely grounded in fact, it has become a cliche that is used axiomatically by Open Source enthusiasts and pundits whenever they discuss security. The purpose of this article is to expose the fallacy of this kind of thinking and instead point to truer means of ensuring the quality of the security of a piece software is high. The link for this article located at Earthweb is no longer available. . In the world of open source, myths mislead users about security. Transparency can enhance security through community scrutiny, addressing vulnerabilities quickly.. Open Source Security, Secure Code Practices, Software Quality Assurance. . LinuxSecurity.com Team
Mar 04, 2002
•
Security Projects
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More