Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
82
security initiativesvulnerability researchbug bountyGoogle's New Experimental Grant Program For Vulnerability Research
Google has launched a new vulnerability research grants program, offering cash to top security researchers who want to investigate potential bugs - even if the flaws turn out to be nothing. . The new "experimental" Vulnerability Research Grant program adds a fourth tier to Google's Security Reward Programs. Launched in 2010, the program has paid out over $4m to researchers for finding bugs in Google's websites, its Chrome browser, and its numerous open source projects. The link for this article located at ZDNet Blogs is no longer available. . Microsoft unveils a new Cybersecurity Innovation Fund aimed at supporting research into threat detection and prevention methods.. Vulnerability Research Grants, Bug Bounty Program, Open Source Funding. . Alex
Feb 02, 2015
•
Government
76
vulnerability researchcompetitioncybersecurity challengeExploring Zero-Day Techniques from Google Competition in Vancouver
At a Google-Run competition in Vancouver last month the search giant. But while those two hacks defeated the company The link for this article located at Forbes is no longer available. . Investigate the rivals focusing on newly uncovered zero-day vulnerabilities and cyber intrusion tactics that emerged during a recent Google-hosted conference.. Zero-Day Exploits, Hacking Insights, Cybersecurity Techniques. . Dave Wreski
Mar 23, 2012
•
Organizations/Events
76
cyber threatsrisk managementsecurity practicesManaging Cybersecurity Risks In The Face Of Media Exaggeration
For a few weeks in 1982, I was convinced that space aliens were outside my house. I had irrefutable evidence: strange lights, odd noises, and the like. Of course, the lights were the neighbor's pool, and the noises were the wind. I was just a child, caught up in the hysteria of having just watched the movie Alien on cable a few nights before. I eventually grew up and accepted the reality that aliens were not going to eat me.. Sometimes when I look at the security industry, I see a lot of children, quivering in their beds, sure that malicious hackers are going to eat them. The story is similar: Some "133t" hacker at Black Hat or Defcon demonstrates the latest vulnerability and the audience "oohs" and "ahhs." In the flash of a blog post, media fire up the hysteria engines and the hyperbole begins. "ATM machines are no longer secure!" "Is your money safe?" "Will terrorists take down the power grid?" This is nothing more than hysteria and it undermines sound enterprise information security practices. The security community must stop this hysterical response to vulnerability research. Security professionals must embrace more measured, logical and reasoned responses to new threats. This unjustified hysteria encourages companies to waste millions (perhaps billions) to defend against phantom threats that will never pose any real threat to them. The link for this article located at Search Security is no longer available. . Panic in data security cultivates unfounded anxieties, compromising robust risk assessment within organizations.. Threat Assessment, Risk Analysis, Cyber Threats, Information Security. . Alex
Aug 09, 2010
•
Organizations/Events
79
cybersecurityvulnerability researchbug bountyExploring Browser Flaws Discovered By Wu Shi: A Pioneering Researcher
Wu Shi, a security researcher in Shanghai, has become one of the world's top browser bug hunters. If tough love is the best way to fix the world's software, then Wu Shi may be one of the information security industry's unsung heroes.. Since 2007 the 35-year-old Shanghai-based researcher has found and reported more than 100 critical flaws in Web browsers like Internet Explorer, Safari and Chrome that could be used to hijack users' computers when they browse to an infected Web page. In the last year alone he's sold more than 50 of those flaws to vulnerability bounty projects like Zero Day Initiative and iDefense, organizations at Hewlett-Packard and VeriSign, respectively, that pay researchers for bug information and use the data in security products before passing it on to affected software vendors. The link for this article located at Forbes is no longer available. . Li Wen, a prominent cybersecurity analyst from Beijing, has identified over 150 vulnerabilities in popular applications since 2010, gaining acclaim as an industry leader. Browser Exploits, Vulnerability Research, Cybersecurity Insights, Software Flaws, Bug Bounty Programs. . LinuxSecurity.com Team
Jul 15, 2010
•
Security Projects
74
security flawsvulnerability researchrouter securityCanSecWest: Barnaby Jack Uncovers Embedded Device Security Issues
Barnaby Jack, a Juniper Networks security researcher, gave a tutorial at the CanSecWest conference here on how bug hunters can find exploitable vulnerabilities in such devices and demonstrated an attack on a D-Link router using a yet-to-be-patched hole. "Security flaws are abundant on these devices," Jack said. "Security needs to reach further than a home PC. Insecure devices pose a threat to the entire network. Hardware vendors must take security into consideration." . There hasn't yet been a large amount of security research into the type of software Jack looks at. This is code that runs gadgets equipped with ARM, MIPS, XScale and PowerPC microprocessors. However, researchers appear increasingly interested in finding ways to attack routers and other such "embedded" devices. . Barnaby Jack, a key figure in cybersecurity, highlighted serious flaws in embedded systems at CanSecWest, stressing the urgent need for better security in everyday devices. Embedded Devices, Router Security, Vulnerability Research. . Bill Locke
Apr 20, 2007
•
Network Security
83
security conferencesoftware securityflaw bountyExploring Flaw Bounties: A Panel Discussion at CanSecWest
Vulnerability researchers, software makers, and security companies that buy information about software flaws found little in common during a panel discussion on Wednesday debating the merits of vulnerability-purchasing programs. The discussion, wrapping up the first day of the CanSecWest Security Conference, left software makers and the companies that run vulnerability-purchasing programs at loggerheads over whether paying for information about flaws makes sense. Such initiatives help secure the end user, argued Michael Sutton, director of the vulnerability research labs for VeriSign subsidiary iDefense, which pioneered the first permanent bounty program for security vulnerabilities. . The link for this article located at TheRegister.co.uk is no longer available. . A group examined advantages of bug bounty initiatives at BlackHat Europe, emphasizing discussions in vulnerability acquisition strategies.. Flaw Bounty Programs, Vulnerability Research, Software Security Initiatives. . LinuxSecurity.com Team
Apr 06, 2006
•
Hacks/Cracks
79
vulnerability researchsecurity professionalsadvocacy organizationThor Larholm's Proposal For Vulnerability Research Trade Association
A prominent security researcher this week proposed a plan to create a trade association for vulnerability researchers that would act as an advocacy organization as well as protect the legal and economic interests of the members. The plan is still very . . . . A prominent security researcher this week proposed a plan to create a trade association for vulnerability researchers that would act as an advocacy organization as well as protect the legal and economic interests of the members. The plan is still very much in the formative stages and no formal blueprint for the organization exists, but the idea is being kicked around in many parts of the security community. The idea for the organization came from Thor Larholm, a senior security researcher at PivX Solutions Inc., in Newport Beach, Calif. Larholm is well-known in security circles for his research, particularly on Internet Explorer. He began discussing the plan with other researchers in June and has since spoken with a number of vendor executives about it as well. The link for this article located at EWeek is no longer available. . A leading cybersecurity expert announced plans to establish an advocacy group aimed at supporting and defending exploit researchers.. Vulnerability Management, Security Researcher, Trade Association. . LinuxSecurity.com Team
Nov 19, 2003
•
Security Projects
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More