Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 3 articles for you...
210
security advisoryremote code executioncritical flawUS-CERT Advisory: Critical RCE Flaw in PPP Daemon Affects Linux
The US-CERT has issued a security advisory warning users of a 17-year-old critical Remote Code Execution (RCE) vulnerability that affects PPP (Point to Point Protocol Daemon) daemon software implemented in almost all Linux based operating systems. . The flaw, dubbed as CVE-2020-8597 with a 9.3 CVE score, was discovered by an IOActive security researcher, Ilja Van Sprundel. The pppd (Point to Point Protocol Daemon) software is an implementation of Point-to-Point Protocol, which allows the communication and transfer of data between nodes, and is mainly used in the establishment of internet links over dial-up modems, DSL connections, and many other types of point-to-point links including Virtual Private Networks (VPN) such as Point to Point Tunneling Protocol (PPTP). The link for this article located at Techworm is no longer available. . A significant RCE vulnerability in the PPP daemon impacts numerous Linux distributions, earning a CVE-2020-8597 severity rating of 9.3 according to US-CERT.. Remote Code Execution, Critical Flaw, Linux Systems, Software Vulnerability, PPP Daemon. . Brittany Day
Mar 09, 2020
•
Security Vulnerabilities
78
Linux securitythreat detectionmalware detectionMicrosoft's Azure Security Center Enhances Linux Fileless Attack Detection
A fileless attack tends to hit via a software vulnerability, inject a stinky payload into an otherwise fragrant system process and then lurk in memory. The malware also attempts to remove any trace of itself on disk, which makes disk-based detection tricky. . Hey, Linux fans! Microsoft has got your back over fileless threats. Assuming you've bought into the whole Azure Security Center thing. Hot on the heels of a similar release for Windows (if by "hot" you mean "nearly 18 months after")comes a previewaimed at detecting that breed of malware that inserts itself into memory before attempting to hide its tracks. A fileless attack tends to hit via a software vulnerability, inject a stinky payload into an otherwise fragrant system process and then lurk in memory. The malware also attempts to remove any trace of itself on disk, which makes disk-based detection tricky. The link for this article located at The Register UK is no longer available. . Linux administrators can utilize Azure services to identify fileless intrusions that utilize stealthy memory-based methods.. Fileless Attack Detection, Malware Threats, Linux Security, Azure Security Center, Software Vulnerability. . LinuxSecurity.com Team
Feb 26, 2020
•
Vendors/Products
210
security advisorycriticalremote code executionVLC Media Player 3.0.7.1: Critical Remote Code Execution Advisory
Have you heard that a serious vulnerability has been discovered in the latest release of the VLC media player and no patch is available? Non-profit VideoLAN's VLC player is popular software used to both play and convert a variety of audio and visual files. Available for Windows, Linux, Mac OS X, Unix, iOS, and Android systems, the open-source media player has now become the focus of a recent security advisory released by the German Computer Emergency Response Team (CERT-Bund). In the advisory, CERT-Bund warns that VLC media player version 3.0.7.1, the latest build available, contains a vulnerability which has been awarded a CVSS score of 9.8 out of 10. . The link for this article located at ZDNet is no longer available. . An urgent vulnerability related to remote code execution has been identified in VLC media player version 3.0.7.1, and currently, VideoLAN has not released any fixes, according to CERT-Bund.. VLC Media Player Vulnerabilities, Remote Code Execution, Security Advisory, CERT-Bund. . Brittany Day
Jul 23, 2019
•
Security Vulnerabilities
78
security patchthreat managementsoftware vulnerabilityInsights Into Microsoft’s Silent Security Patch Practices
Microsoft doesn't usually like to talk about how they sometimes silently patch vulnerabilities, so it's a pleasant surprise to see them blog about it on their Security Research & Defense blog.. I've written about this subject before, when I came to realize that Microsoft never in their security bulletins identified patched vulnerabilities as internally discovered. I pressed them on it and they were somewhat elliptical in their response, but offline others pointed out that obviously Microsoft was patching other vulnerabilities silently. The link for this article located at PC Magazine Blogs is no longer available. . Microsoft faces criticism for its approach to undocumented security patches, raising concerns about balancing proactive measures with user transparency. Microsoft Security, Undocumented Fixes, Software Vulnerabilities. . LinuxSecurity.com Team
Feb 16, 2011
•
Vendors/Products
83
cybercrimesecurity threatsidentity theftExploring Software Weaknesses and The Rise in Cybercrime Attacks
Hackers continue to develop new ways to infiltrate computer systems, staying one step ahead of software providers by targeting an array of applications, according to a recent report from the SANS Institute Latest News about SANS Institute. Some 600 new Internet security Latest News about Security vulnerabilities were found by SANS during the first quarter of 2005, a 20 percent increase over the same period last year. The surge indicates a continuous assault by individuals aiming to cash in on software vulnerabilities. . "This is a multibillion-dollar industry, with well-funded hackers searching everywhere to discover vulnerabilities and exploit them for identity theft," said Alan Paller, head of SANS. The most notable change in recent months, he said, is that the attacks have moved beyond the operating system to the programs that run on those platforms.. 'This is a multibillion-dollar industry, with well-funded hackers searching everywhere to discover v. hackers, continue, develop, infiltrate, computer, systems, staying, ahead, softw. . LinuxSecurity.com Team
May 04, 2005
•
Hacks/Cracks
82
network securitycyber attackfederal agencyFederal Agencies Mitigate MSBlaster Impact With Preparedness Tactics
By sharing information about software vulnerabilities through the group, agencies have been prepared for most attacks, McDonald said. This was especially true for MSBlaster. Although it infected more than 700,000 computers worldwide, according to industry security analysts, the federal government suffered . . . . By sharing information about software vulnerabilities through the group, agencies have been prepared for most attacks, McDonald said. This was especially true for MSBlaster. Although it infected more than 700,000 computers worldwide, according to industry security analysts, the federal government suffered few disruptions, McDonald said. At the Postal Service, for instance, the worm infected only 300 PCs out of 158,000, a USPS spokesman said. Other agencies also suffered some problems, but it did not shut down networks or systems across an agency. The virus exploits a Microsoft Windows vulnerability in a Distributed Component Object Model interface that handles messages sent using Remote Procedure Call Port 135. It affected PCs running Windows 2000, XP, NT and Server 2003. MSBlaster caused computers to reboot frequently or interrupt users while browsing the Internet. After learning about the problem, Microsoft in July released a patch. The link for this article located at Government Computer News is no longer available. . By sharing information about software vulnerabilities through the group, agencies have been prepared. sharing, information, about, software, vulnerabilities, through, group, agencies, prepared. . Anthony Pell
Sep 02, 2003
•
Government
78
security issueIT managementpatch managementWindows Update Mismanagement: IT Security Vulnerabilities Explored
Problems with Microsoft Corp.'s Windows Update are causing the automated scanning service to mismanage patches, leaving IT managers to wonder whether the systems they thought were safely patched are actually vulnerable. WU, which was originally meant for consumers but is used . . . . Problems with Microsoft Corp.'s Windows Update are causing the automated scanning service to mismanage patches, leaving IT managers to wonder whether the systems they thought were safely patched are actually vulnerable. WU, which was originally meant for consumers but is used widely in the enterprise as well, checks a customer's PC for needed product updates and critical security patches. Customers can then download and install whichever components they need. But confusion has risen with patch management in WU because Microsoft has at least four mechanisms for installing patches, each with its own vagaries and nuances. The complexity has led to technical glitches and patch mismanagement. In one extreme case, a Microsoft customer said a patch he installed via WU removed without warning several previous hot fixes he had installed. As a result, one of his systems was successfully attacked by the Nimda virus, for which he once had a patch. "It got Nimda again because the roll-up uninstalled the previous patches," said John McGuire, a staff engineer and security expert at Strictly Business Computer Systems Inc., a consulting and engineering company in Huntington, W.Va. The link for this article located at eWeek is no longer available. . Problems with Microsoft Corp.'s Windows Update are causing the automated scanning service to mismana. problems, microsoft, windows, update, causing, automated, scanning, service, mismana. . LinuxSecurity.com Team
Apr 23, 2002
•
Vendors/Products
83
cyber threathacker attackWindows exploitPimpshiz Exploits Windows NT Bug: NASA and Library Defaced
Ben Charny writes "Hacker "Pimpshiz" said Wednesday he has exploited a bug in Windows NT to deface five dozen Web sites in the past two weeks, including NASA and the French national library." . Ben Charny writes "Hacker "Pimpshiz" said Wednesday he has exploited a bug in Windows NT to deface five dozen Web sites in the past two weeks, including NASA and the French national library." The link for this article located at ZDNet UK is no longer available. . Cybercriminal Codex hacked into an outdated Linux flaw, vandalizing various platforms such as the Pentagon and a prominent British museum.. site defacement, Windows exploit, cyber threat, hacker attack, software issue. . LinuxSecurity.com Team
Aug 17, 2000
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More