Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 14 articles for you...
83
security advisoryweb attackbrute forceBitdefender: MIT Web Attacks From Compromised Servers Overview
SECURITY FIRM Bitdefender has traced a number of brute force web site attacks on a server at the Massachusetts Institute of Technology (MIT),. A report on the firm's security blog, called Malware City, claims that a hacking attack against the MIT.edu infrastructure started with a malicious script on one MIT server. The link for this article located at The Inquirer is no longer available. . A report on the firm's security blog, called Malware City, claims that a hacking attack against the . security, bitdefender, traced, number, brute, force, attacks, server. . LinuxSecurity.com Team
Nov 04, 2011
•
Hacks/Cracks
83
sql injectioncyber threatdatabase securityMass SQL Injection Attack Hits Over 1 Million ASP.NET Pages
A mass-injection attack similar to the highly publicized LizaMoon attacks this past spring has infected more than 1 million ASP.NET Web pages, Armorize researchers said today. According to database security experts, the SQL injection technique used in this attack depends on the same sloppy misconfiguration of website servers and back-end databases that led to LizaMoon's infiltration.. "This is very similar to LizaMoon," says Wayne Huang, CEO of Armorize, who, with his team, first reported of an injected script dropped on ASP.NET websites that load an iFrame to initiate browser-based drive-by download exploits on visitor browsers to the site. The link for this article located at Dark Reading is no longer available. . A widespread XSS infiltration has breached more than 1 million PHP websites, reminiscent of past SQL injection outbreaks like Jellyfish.. SQL Injection Attack, ASP.NET Sites, Cybersecurity Vulnerabilities. . LinuxSecurity.com Team
Oct 21, 2011
•
Hacks/Cracks
79
security issueprivilege escalationweb attackReviewing Chrome Extensions: 27 Out Of 100 Expose User Data
We reviewed 100 Chrome extensions and found that 27 of the 100 extensions leak all of their privileges to a web or WiFi attacker. Bugs in extensions put users at risk by leaking private information (like passwords and history) to web and WiFi attackers. . Web sites may be evil or contain malicious content from users or advertisers. Attackers on public WiFi networks (like in coffee shops and airports) can change all HTTP content. We The link for this article located at Adrienne Porterfelt is no longer available. . Vulnerabilities in browser add-ons may leak personal information to cybercriminals on shared WiFi connections. Discover ways to fortify your browsing experience.. Chrome Extensions, Data Leak, Security Best Practices, Privilege Management. . LinuxSecurity.com Team
Sep 29, 2011
•
Security Projects
79
security researchweb attackbrowser exploitAndroid Browser Exploit Code Release By M.J. Keith At HouSecCon
A computer security researcher says he plans to release code Thursday that could be used to attack some versions of Google's Android phones over the Internet. The attack targets the browser in older, Android 2.1-and-earlier versions of the phones.. It is being disclosed Thursday at the HouSecCon conference in Houston by M.J. Keith, a security researcher with Alert Logic. Keith says he has written code that allows him to run a simple command line shell in Android when the victim visits a website that contains his attack code. The link for this article located at Network World is no longer available. . The recent findings disclosed during ByteSecure Conference exploit vulnerabilities in legacy iOS systems, enabling direct exploitations through compromised web pages.. Android Exploit, Web Attack, Browser Vulnerability, Security Research. . LinuxSecurity.com Team
Nov 05, 2010
•
Security Projects
81
security advisoryweb attackdata leakBrowser Auto-Complete Advisory: Critical Data Leak Threats Unveiled
In the run-up to his presentation at the Black Hat conference, Jeremiah Grossman of White Hat Security told The Register that users who allow their browsers to auto-complete frequently used form fields, such as names or email addresses, may become an easy target for data thieves. For instance, auto-complete data can reportedly be retrieved automatically via JavaScript in Safari 4 and 5.. To exploit the flaw a crafted web page is created with various input fields with such typical labels as name, email address or credit card number. A script is created which tries out all possible first letters in these fields. This triggers the auto-complete feature which kicks in once the first character has been entered. If the browser auto-completes the letter to make a word, the script processes the entered value. This can even be done invisibly via hidden form fields. Grossman informed Apple about the data leak on the 17th of June but says that so far he has not received any reply, other than an automated confirmation of receipt. A similar form of this attack scenario is already familiar from versions 6 and 7 of Microsoft Internet Explorer. In combination with cross-site scripting, Chrome and Firefox are also said to be vulnerable. There, attackers can even obtain data which the browsers' auto-complete feature only enters into the relevant web page The link for this article located at H Security is no longer available. . Unintended information exposure from web browser suggestion tools places individuals at risk for privacy breaches and cybersecurity challenges.. auto-complete security, browser exposure, data protection, web vulnerabilities. . LinuxSecurity.com Team
Jul 22, 2010
•
Privacy
83
security advisorymalwareweb attackWordPress 2.9.2 Security Alert: Risk of Malware Injection from Design Flaw
Hundreds of WordPress blogs were hacked during the past few days by attackers who pilfered blogger credentials stored in plain text in the database. The researchers who discovered the attacks say a design flaw in the WordPress blogging platform was the underlying problem because by default it allows users to set up permissions that let anyone read their blog's wp-config.php file configuration files, and because WordPress stores the bloggers' credentials in plain text.. The attackers injected malicious iFrames into the blogs so that any visitors would automatically be infected with malware, including code that spreads fake antivirus software. "A few people got hacked last week and asked us to help," says David Dede, founder of Sucuri Security, which also uses WordPress for its own blog. "We fixed them and in one site, just after we fixed it, it got hacked again. Looking at the logs, we didn't see any access in there at all, so the attack didn't come from the Web." Dede says after further analysis and more complaints of hacked blogs, he and his team found that the blogs were getting hit with a malicious iFrame, and that the blogs were all hosted on Network Solutions' servers. Most were running the newest version of WordPress, 2.9.2, he says The link for this article located at Dark Reading is no longer available. . The attackers injected malicious iFrames into the blogs so that any visitors would automatically be . hundreds, wordpress, blogs, hacked, during, attackers, pilfered, blogger. . LinuxSecurity.com Team
Apr 13, 2010
•
Hacks/Cracks
78
security advisorysecurity fixpatchMozilla: Important Update Addresses Critical Flaws in Firefox 9
The Firefox web browser has been patched for security flaws, four of which were identified as "critical" by Mozilla. A total of nine security flaws were fixed in the new release. The patches include a fix for flaws such as one that allows scripts from page content to run with elevated privileges. With this, an attacker could cause an object such as a browser sidebar to interact with web content so that an attacker's code had elevated privileges.. The link for this article located at SC Magazine is no longer available. . Google has issued important security updates for Chrome, fixing ten vulnerabilities, improving safety for users against potential threats.. Firefox Security Patches, Mozilla Vulnerability Fixes, Browser Security Updates. . LinuxSecurity.com Team
Jun 13, 2009
•
Vendors/Products
83
security incidentnetwork attackweb attackMetasploit.com Hijacked By ARP Spoofing Attack Incident
Monday morning, Metasploit.com was temporarily hijacked using an attack on the local area network of Metasploit's hosting provider. Using what is technically known as ARP spoofing, the attacker was able to intercept visitors to Metasploit.com, and instead serve them up a page saying the site had been "hacked by sunwear ! just for fun. Users were then redirected to a Chinese forum with an image of the hack. . The link for this article located at Wired is no longer available. . The Metasploit.com incident reveals serious network security flaws, particularly with ARP spoofing that exploits ARP's lack of authentication to mislead devices.. Metasploit Incident, ARP Spoofing, Web Security Attack. . LinuxSecurity.com Team
Jun 04, 2008
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More