Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 7 articles for you...
81
fraud preventiontransaction securitydigital identityThreatMetrix Cloud Device Fingerprinting for Transaction Fraud Protection
On Tuesday ThreatMetrix unveiled its new cloud-based transactional fraud network. Using its global database of device fingerprints. ThreatMetrix, a Los Altos, California-based company, has been working on its fraud network for four or five years, says Alisdair Faulkner, chief product officer at the company. What The link for this article located at Forbes is no longer available. . ThreatMetrix uses advanced device fingerprinting and cloud infrastructure to combat transaction fraud by identifying genuine users and flagging threats effectively. Transaction Fraud, Device Fingerprinting, Cloud Security, Fraud Detection, Digital Identity. . LinuxSecurity.com Team
Mar 17, 2010
•
Privacy
81
security advisorycyber threatonline bankingHSBC: Key Logger Risks Impacting Online Banking Transactions
Where does your bank's responsibility to protect you and your online transactions end? Apparently the HSBC bank of Great Britain knew for 2 years that they had a vulnerability and did nothing about it. There are very few details about the vulnerability, but one thing is known -- an attacker would already have to have a key logger on the customer's system to take advantage of the vulnerability. Maybe I'm being naive, but if an attacker has a key logger on the system, I figure your online banking credentials being stolen is just the start of your worries. . The vulnerability HSBC has is apparently extremely difficult to actually take advantage of, a factor HSBC took into account when they decided to live with it because other concerns were more pressing. As security professionals, we should understand this balancing act, even if we don't always agree with the decisions that are reached. The cost to fix the issue was considered to by management to exceed the probability of an exploit multiplied by the possible cost of paying for any such breaches. Pretty standard business reasoning. . The exposure of Barclays raises significant threats to digital payments due to rising spyware allegations.. Banking Security, Key Logger Risks, Online Transaction Safety, Cyber Threat Protection. . LinuxSecurity.com Team
Aug 11, 2006
•
Privacy
81
identity theftbanking securitysecurity mechanismsCombatting Identity Theft In Banking Security Mechanisms
Identity theft is the major security concern facing organisations today. Indeed, for the banking industry, it is the number one security priority for 2006. In a recent survey of security budget holders and influencers of UK banks, 73% of respondents cited identity management as the top transaction security concern. . The link for this article located at Net-Security.org - Log Error is no longer available. . The link for this article located at Net-Security.org - Log Error is no longer available.. identity, theft, major, security, concern, facing, organisations, today, indeed, banking. . LinuxSecurity.com Team
Mar 07, 2006
•
Privacy
77
data protectionsecurity standardstransaction securityEnhancing Data Protection Through Trusted Servers Standards
The Trusted Computing Group has announced an open specification for trusted servers to allow manufacturers to offer better data and transaction security. The specification launched by the industry standards body defines the architecture of a trusted server including its management, maintenance and communication between servers and clients. . It follows the announcement in May of a Trusted Network Connect (TNC) standard for authenticating and enforcing security polices on client devices that connect to corporate networks. The link for this article located at ComputerWeekly.co.uk is no longer available. . It follows the announcement in May of a Trusted Network Connect (TNC) standard for authenticating an. trusted, computing, group, announced, specification, servers, allow, manufac. . LinuxSecurity.com Team
Jul 27, 2005
•
Server Security
74
risk managementinsider threatfraud preventionIntegrating ERP Security To Mitigate Insider Threats and Fraud
Every good hacker story ends with the line: "and then he's got root access to your network and can do whatever he wants." But the story really doesn't end there. This is just the beginning of the real damage that the hacker can inflict. . . .. Every good hacker story ends with the line: "and then he's got root access to your network and can do whatever he wants." But the story really doesn't end there. This is just the beginning of the real damage that the hacker can inflict. While most information security initiatives focus on perimeter security to keep outsiders from gaining access to the internal network, the potential for real financial loss comes from the risk of outsiders acting as authorized users to generate damaging transactions within business systems. The continued integration of enterprise resource planning software only increases the risk of both hackers who break through perimeter security and insiders who abuse system privileges to misappropriate assets - namely cash - through acts of fraud. Security in the e-business, integrated enterprise resource planning (ERP) world requires a new way of thinking about security - not just about the bits and bytes of network traffic, but about business transactions that inflict financial losses from systems-based fraud, abuse and errors. The link for this article located at net-security.org is no longer available. . In today's business world, robust security in ERP systems is crucial. Enhanced protocols ensure data integrity, safeguard sensitive info, and trust among employees. Fraud Prevention, Insider Threat, ERP Security, Transaction Security, Financial Risks. . Anthony Pell
May 25, 2004
•
Network Security
74
encryptionauthenticatione-commerceE-Commerce Security: Protecting Transactions With SSL and Certificates
People who buy things online may be familiar with the closed-lock padlock in the bottom right hand corner of their screens. While this is meant to provide a sense of security, how many Internet shoppers actually know what it refers to? In fact the padlock is there to show that at that particular time i.e. on the current web page communications with that site will be secured using encryption based on a protocol called SSL - or Secure Socket Layer (see explanation). In an ecommerce transaction, SSL achieves two things. It authenticates to the user the identity of the organisation responsible for the site in question and ensures that any information transmitted between the purchaser's web browser and the merchant's web site is protected from potential eavesdroppers or hackers listening in from anywhere on the Internet. . . .. Despite the rapid increase in online commerce, it is estimated that some 85% of transactions are still cancelled at the final 'confirm and buy' page. While some of these aborted purchases are simply down to people changing their minds, many are due to concerns about security and a reluctance to dispatch credit card details and other personal information across the unknown Internet. Maybe this is not surprising given the amount of publicity generated by new cases of Internet hacking and fraud. People who buy things online may be familiar with the closed-lock padlock in the bottom right hand corner of their screens. While this is meant to provide a sense of security, how many Internet shoppers actually know what it refers to? In fact the padlock is there to show that at that particular time i.e. on the current web page communications with that site will be secured using encryption based on a protocol called SSL - or Secure Socket Layer (see explanation). In an ecommerce transaction, SSL achieves two things. It authenticates to the user the identity of the organisation responsible for the site in question and ensures that any information transmitted between the purchaser's web browser and themerchant's web site is protected from potential eavesdroppers or hackers listening in from anywhere on the Internet. But sometimes all is not what it appears to be. 'Spoofing' or 'phishing' is the latest type of Internet fraud, where fake websites are set up that mimic well-established companies and persuade those who visit them to part with credit card details and other valuable financial information. Many of the biggest names in the .com world have been victims, including Amazon, AOL, Ebay and PayPal as well as a number of high-street banks. In one recent case a gang of Nigerian fraudsters set up a fake version of NatWest's online service and used it to con two Canadians out of more than £100,000. The website was identical to that of the real bank but had an additional 'the' at the beginning of the web address. In another recent case, The US Federal Trade Commission charged an unidentified 17-year-old boy with producing a look-alike web page for AOL and conning hundreds of people out of their credit card information. The teenager produced emails that told the recipients they needed to update their AOL billing information by clicking on a link marked 'AOL Billing Centre'. They were then diverted to a phony website that looked identical to the real thing and instructed to enter credit card numbers, billing addresses and other details including AOL screen names and passwords. Establishing Trust The proof of a website's authenticity is in its digital certificate and the security foundations of digital certificates are the 'private' SSL encryption keys used by the web server. If an attacker has the private key, then they can spoof a website not only with look-alike pages but also with outward proof - the digital certificate - that the impostor site is the real site. Furthermore, they will also be able to decrypt all the traffic that is going to and from that site. The link for this article located at net-security.org is no longer available. . Even with the swift growth of digital shopping, numerous consumersremain apprehensive about providing their payment information because of safety worries.. SSL Security,E-Commerce Safety,Digital Verification,Online Payment Protection. . Anthony Pell
Apr 01, 2004
•
Network Security
77
transaction securityapplication developmentweb servicesAnalyst Insights on Proprietary Security for Web Services Transactions
Companies should take the proprietary route to provide security for web services-based transactions over the next three years, according to analysts. In a research paper, Security Pattern Standards Face a Long Road to Maturity, analyst Gartner advises firms to rely on vendor-provided technology to provide security for web services-based transactions until 2006. . .. Companies should take the proprietary route to provide security for web services-based transactions over the next three years, according to analysts. In a research paper, Security Pattern Standards Face a Long Road to Maturity, analyst Gartner advises firms to rely on vendor-provided technology to provide security for web services-based transactions until 2006 , even though it may not comply with standards. Although there are no products as such, major vendors sell application development packages, such as Microsoft's Visual Studio .Net, which have the facility to build security into web services. The Gartner report argues that web services security is immature and that complex, multi-party web services will require newer, more versatile security patterns for electronic transactions. By using XML, Simple Object Access Protocol and Web Services Description Language, WS-Security related specifications are designed to be used together to provide a rich, secure web services environment. The link for this article located at vnunet is no longer available. . Businesses must focus on exclusive technologies for safeguarding online transactions, as suggested by market experts.. Proprietary Solutions, Security Patterns, Web Services Security. . LinuxSecurity.com Team
Nov 10, 2003
•
Server Security
83
transaction securityemail phishingconsumer safetyAlert: Fraudulent Amazon Emails Aiming to Mislead Consumers Detected
Always question an order you can't remember making. And never, ever give out your credit-card number for an online transaction you didn't initiate. That's the sage advice being given to hundreds of Amazon.com customers who recently received bogus e-mails that referred to phantom orders. . .. Always question an order you can't remember making. And never, ever give out your credit-card number for an online transaction you didn't initiate. That's the sage advice being given to hundreds of Amazon.com customers who recently received bogus e-mails that referred to phantom orders . The bogus e-mails, designed to appear as though they were acknowledgments for orders from Amazon.com, apparently were aimed at getting unsuspecting consumers to reveal their credit card information. Recipients who selected the link early last week reportedly were taken to a non-company page that asked for the credit-card information to aid in canceling the order. The site was removed by an Internet service provider when it was discovered it was being used to perpetrate the fraud, said Smith. The link for this article located at NewsObserver is no longer available. . Consistently scrutinize any instruction you cannot recollect issuing and refrain from sharing bank details.. Email Phishing,Fraud Detection,Online Transactions. . LinuxSecurity.com Team
Aug 30, 2002
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More