Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 5 articles for you...
83
security advisoryXSSweb applicationPHPNuke Security Advisory: XSS And Path Disclosure Issues Report
PHPNuke seems to have a horrible security track record, but continues to be quite popular. No statement from the PHPNuke folks yet, but if you're using a rapid site development tool, don't forget to consider the security implications. "Cross site . . . . PHPNuke seems to have a horrible security track record, but continues to be quite popular. No statement from the PHPNuke folks yet, but if you're using a rapid site development tool, don't forget to consider the security implications. "Cross site scripting is a serious problem, (even if some people doesn't believe it), On this second round i'll show 8 new XSS vulnerabilities in PHP Nuke (most of them are also path disclosure vulns):" Date: 23 Apr 2002 09:50:48 +0200 From: "Replugge [ROD]" To:
Jul 26, 2023
•
Hacks/Cracks
209
malwarecybercrimesecurity incidentRecord Highs In Linux Malware Reflect Growing Cybercrime Threats
After rising and falling since 2021, new Linux malware hit record highs at year-end in 2022, growing by 117% over previous levels. . While Linux malware reached never-before-seen numbers in 2022, the total number of new malware developments among other major computing platforms fell. Linux is regarded as one of the most secure operating systems. But its roller coaster ride of detected incidents since 2021 shows it is not immune to malware. Malware attacks targeting Linux are not new. What is changing, though, is the focus cybercriminals now place on Linux in business and industry. Linux malware has become increasingly prevalent in recent years as more devices and servers run on Linux operating systems. The link for this article located at Linux Insider is no longer available. . As Linux-based threats soar to all-time highs, uncover the evolving terrain of cyber dangers aimed at Linux environments.. Linux Malware Rates,Cyber Threats,Malware Prevalence,Security Incident Reports. . Brittany Day
Jan 25, 2023
•
Security Trends
212
malwarethreat reportLinux exploitKinsing Malware: Targeting Kubernetes Clusters Through Exploits
Kinsing is an old-school Linux/Unix Executable and Link format (ELF) malware program that runs a cryptominer and attempts to spread itself to other containers and hosts. . It’s always something! The Kinsing malware has long been known to Linux administrators, and, now — surprise! — it’s coming after Kubernetes as well. Kinsing is an old-school Linux/Unix Executable and Link format (ELF) malware program, written in Go. Given a chance, it runs a cryptominer and attempts to spread itself to other containers and hosts. Over the years, it’s been used in attacks against Docker, Redis , and SaltStack . And, now, now, Kinsing hackers are coming after Kubernetes . I’m shocked, shocked to discover that cryptomining is going on in Kubernetes! Not. Sunders Bruskin, Microsoft Defender for Cloud security researcher, is reporting on how it’s now often targeting Kubernetes clusters using two different initial access vector techniques . These are the exploitation of weakly configured PostgreSQL containers and vulnerable images. . Kinsing malicious software is aimed at Linux system administrators, proliferating into Kubernetes through poorly secured PostgreSQL setups and susceptible container images.. Kinsing Malware, Kubernetes Threats, Linux Exploitation. . Brittany Day
Jan 16, 2023
•
Cloud Security
83
security threatsthreat reportattack trendsUnderstanding Attack Trends Against Privileged Accounts in 2023
We all like to write and talk about flashy zero-day vulnerabilities. However, a new threat report cautions enterprises not to flatter themselves, because the majority of criminals are not using valuable zero-days exploits to penetrate corporate networks: they. . A recent analysis indicates that the majority of breaches take advantage of high-level permissions rather than undisclosed software flaws.. Privileged Accounts, Attack Vectors, Account Breach. . LinuxSecurity.com Team
Nov 21, 2014
•
Hacks/Cracks
74
security advisoryXSSphishingXING Security Advisory: Phishing Risks And XSS Threats Detected
A new web site, socialnetworksecurity.org, has been set up to publish details of security vulnerabilities in social networks such as Facebook, Lokalisten, Friendscout24.de, wer-kennt-wen.de and XING. Most of the vulnerabilities listed could be exploited for cross-site scripting (XSS) attacks. Jappy.de, for example, contains one such vulnerability which allows contacts' cookies to be stolen. . The team behind socialnetworksecurity.org also found several vulnerabilities on XING. On Facebook, phishing attacks can be carried out by using a forwarding script which, using a Facebook link, generates an HTTP login query with readily viewable content. Some web site operators have still to respond to vulnerability disclosures. Our colleagues at heise Security were still able to reproduce the XSS vulnerability on Kwik on Monday afternoon. The link for this article located at H Security is no longer available. . Uncover recent research on weaknesses in major social media platforms and their effects on user safety.. XING Vulnerabilities, Phishing Threats, Web Security, Social Networks, XSS Exploits. . Anthony Pell
Feb 21, 2011
•
Network Security
78
malwarewormsecurity analysisRecent Threats to Mac OS X Analyzed: Minimal Risks Confirmed
At first blush, the past two weeks have not been good for the image of Apple's Mac OS X: Public descriptions of two worms and a trivial exploit for a serious software issue in the operating system appeared on the Internet. . However, the three programs are hardly a threat to systems running Mac OS X, according to security professionals. One worm, known as OSX/Leap.A and assigned CME-4 by the Common Malware Enumeration Project, requires too much user interaction, hobbling its attempts to spread. A second worm, dubbed InqTana, and its two variants are actually proof-of-concept programs that were not discovered on the Internet but were instead sent to antivirus vendors and Apple by a researcher to prove that worms can spread through Bluetooth. And while the release of code for a vulnerability that could be exploited through Safari and Mail is a bit more serious, no incidents of Web sites exploiting the flaw have yet been reported. The link for this article located at is no longer available. . However, the three programs are hardly a threat to systems running Mac OS X, according to security p. first, blush, weeks, image, apple's, public. . LinuxSecurity.com Team
Feb 24, 2006
•
Vendors/Products
83
security trendssecurity threatinternet security2023 Symantec Threat Report: Increased Profit Driven Attacks Detected
There's good news and bad news on the security front. Internet security company Symantec Corp. on Monday released its Internet Security Threat Report, which provides a six-month snapshot of security events the vendor . . .. There's good news and bad news on the security front. Internet security company Symantec Corp. on Monday released its Internet Security Threat Report, which provides a six-month snapshot of security events the vendor monitored for the first six months of 2004. The report is derived from the monitoring of 20,000 security devices, such as intrusion-detection systems and firewalls, in 180 countries, from Symantec's managed-security-services and DeepSight Threat Management System clients. First the good news: The report shows an overall decline in the average daily volume of attacks. For the period of July through December 2003, Symantec calculated a daily attack rate of 12.6. From January through June 2004, the daily attack rate was 10.6. Symantec attributes the drop to a decline in Internet-based worm attacks during the first half of this year compared with other periods. That's the end of the good news. Now for the bad news. "We're seeing an increase in profit-motivated attacks," says Vincent Weafer, senior director of Symantec's virus research team. That could be why the security company is reporting that attacks aimed at E-commerce sites rose from 4% of overall attacks to 16%. Other trends that point to attacks for profit include the increase in phishing scams and spyware designed to pilfer user names, passwords, and financial information, The link for this article located at George V. Hulme is no longer available. . The new analysis from Symantec uncovers evolving patterns in cybersecurity hazards, emphasizing the rise of financially motivated assaults and their growing prevalence.. Internet Security, Threat Analysis, Profit Driven Attacks, E-commerce Threats. . LinuxSecurity.com Team
Sep 21, 2004
•
Hacks/Cracks
74
security advisorynetwork securityrisk assessmentTCP Threat Report Indicates Minimal Risk to Internet Stability
VANCOUVER, British Columbia--Widespread reports about a flawed communications protocol making the Internet vulnerable to collapse were overblown, according to the researcher credited with uncovering the security problem. A flaw in the most widely used protocol for sending data over the Net--TCP, or the Transmission Control Protocol--was addressed by most large Internet service providers during the last two weeks and presents little danger to major networks, said Paul Watson, a security specialist for industry automation company Rockwell Automation. If left unfixed, the weakness could have allowed a knowledgeable attacker to shut down connections between certain hardware devices that route data over the Net. . . .. VANCOUVER, British Columbia--Widespread reports about a flawed communications protocol making the Internet vulnerable to collapse were overblown, according to the researcher credited with uncovering the security problem. A flaw in the most widely used protocol for sending data over the Net--TCP, or the Transmission Control Protocol--was addressed by most large Internet service providers during the last two weeks and presents little danger to major networks, said Paul Watson, a security specialist for industry automation company Rockwell Automation. If left unfixed, the weakness could have allowed a knowledgeable attacker to shut down connections between certain hardware devices that route data over the Net. "The actual threat to the Internet is really small right now," Watson said on Wednesday. "You could have isolated attacks against small networks, but they would most likely be able to recover quickly." Watson was responding to news reports that ran Tuesday, after Britain's national emergency response team, the National Infrastructure Security Co-ordination Centre, released an advisory about the issue based on his research. Watson, who's scheduled to present that research here at the CanSecWest 2004 conference this week, referred to the media reaction as an "inordinate level of attention in respectto the amount of risk." At greatest risk, he said, may be e-commerce sites that manage their own routers--those sites may not believe they're vulnerable to attack and may not have implemented a fix. Sites that have routers that share information on the most efficient paths through the Internet--using the Border Gateway Protocol, or BGP--are most vulnerable to the attacks. . Claims regarding vulnerabilities in the TCP connection system are exaggerated, asserts expert; little risk to core infrastructures currently.. Tcp Threat Assessment, Communications Protocol Flaws, Security Risk Analysis. . Anthony Pell
Apr 22, 2004
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More