LinuxSecurity.com

Syndikovat obsah
The central voice for Linux and Open Source security news.
Aktualizace: 6 min 35 sek zpět

Azure CLI Password Spraying: Why Cloud Identity Is Now Linux Security

1 Červenec, 2026 - 15:54
Over the span of just 14 days, threat actors unleashed more than 81 million login attempts against Microsoft’s Azure command-line interface (CLI). The campaign, which security researchers at Huntress identified as an ongoing, automated password-spraying effort, successfully compromised at least 78 Microsoft accounts across 64 organizations between June 12 and June 26, 2026.
Kategorie: Hacking & Security

How to Build Behavioral Detections with eBPF on Linux

1 Červenec, 2026 - 15:04
Building effective behavioral detections starts with understanding how processes behave at runtime, rather than simply collecting more logs. eBPF gives Linux security teams the visibility needed to correlate those behaviors into meaningful detections, moving away from static signatures and toward real-time analysis.
Kategorie: Hacking & Security

Network Security Monitoring: Common Linux Monitoring Gaps That Hide Threats

30 Červen, 2026 - 18:22
If you’re relying on standard network logs to protect your Linux infrastructure, you’re flying blind. Most organizations believe they have network security monitoring because they’re capturing traffic, but they’re actually just collecting noise. Real security—the kind that stops an attacker—happens in the gaps between the network, the process, and the host. When an attacker breaches a Linux server, they rarely reach for a custom zero-day. They use what’s already there: curl, bash, python, or ...
Kategorie: Hacking & Security

What Kali Linux 2026.2 Says About Today's Linux Security Priorities

30 Červen, 2026 - 18:18
Offensive Security just dropped Kali Linux 2026.2, and at first glance, it looks like a standard quarterly refresh. You’ve got the usual kernel bumps, desktop environment updates, and a handful of new utilities. But don't write this off as just another routine version update.  If you look past the changelog, this release highlights several capabilities that continue to be important in offensive security. From AI-assisted workflows to credential testing and mobile assessments, Kali Linux 2026....
Kategorie: Hacking & Security

Linux Foundation Launches Akrites to Strengthen Software Supply Chain Security

29 Červen, 2026 - 16:10
The Linux Foundation has officially launched Akrites, a coordinated industry initiative designed to improve how critical open source vulnerabilities are validated, coordinated, and disclosed before patches reach downstream users.   Backed by a diverse coalition—including AWS, Google, Microsoft/GitHub, Red Hat, NVIDIA, and OpenAI—Akrites establishes a shared Security Incident Response Team (SIRT) to streamline the validation, remediation, and disclosure of vulnerabilities in the foundational c...
Kategorie: Hacking & Security

How to Read Linux Audit Logs During an Intrusion

29 Červen, 2026 - 14:42
When a security alert fires, the panic often sets in before the analysis. Many administrators instinctively reach for /var/log/auth.log or journalctl, but those logs tell only a partial story. They document successful logins and authentication attempts, but they rarely capture the granular "how" of a post-compromise environment. To truly reconstruct an attack, you need to master audit logs. Unlike standard authentication logs, Linux audit logs (managed by auditd) record system-level activity,...
Kategorie: Hacking & Security

How Memory Leaks Affect System Stability and Security

26 Červen, 2026 - 23:15
A process with a stable workload shouldn't keep growing its resident memory. When it does, the first question isn't how much RAM is available. It's where the allocations stopped being released. On Linux, that answer isn't always obvious because the kernel, allocator, and application all influence what memory usage looks like from the outside.
Kategorie: Hacking & Security

How AI Is Changing Open Source Penetration Testing

26 Červen, 2026 - 15:51
AI is beginning to reshape how penetration testing workflows are organized. For years, the penetration tester’s workflow has been a labor-intensive ritual: scan, enumerate, research, exploit, and report. But new frameworks are attempting to codify that intuition, turning the "human-in-the-loop" process into a machine-coordinated workflow. But is this a genuine evolution in how we secure Linux environments, or just a sophisticated wrapper around the same old tools?
Kategorie: Hacking & Security

How to Detect Unauthorized SSH Key Usage on Linux Systems

26 Červen, 2026 - 15:48
SSH persistence usually does not look malicious at first. The login succeeds normally, the session opens cleanly, and the account already exists on the server, which is exactly why attackers continue using SSH keys after gaining a foothold on Linux systems.
Kategorie: Hacking & Security

The New Rules for AI-Assisted Contributions: Ownership is Not Optional

25 Červen, 2026 - 16:11
AI-assisted patches are already showing up across open source. Small GitHub projects, package updates, kernel-adjacent tools, system libraries. It’s not a future problem anymore.
Kategorie: Hacking & Security

Linux Roundup: The Biggest Linux Releases This Week

25 Červen, 2026 - 15:51
Most weeks in Linux are about new features. This one is about avoiding problems before they happen. Several projects shipped updates that quietly change how systems behave behind the scenes. None of them are particularly flashy, but if you're responsible for containers, workstations, gaming systems, or recovery media, these releases are worth paying attention to. Here's what stood out this week.
Kategorie: Hacking & Security

SELinux Troubleshooting: What to Check Before You Disable SELinux

25 Červen, 2026 - 15:26
SELinux troubleshooting is a necessary skill for any system administrator. When a service fails despite correct file permissions and ownership, the immediate instinct is often to disable SELinux to confirm if the security policy is the bottleneck. While turning off enforcement frequently "fixes" the immediate symptom, it hides the underlying configuration flaw—such as an incorrect context or a policy violation—that could leave your system exposed. This guide outlines a systematic approach to ...
Kategorie: Hacking & Security

Monitoring East-West Traffic with Suricata: Finding Threats Inside Your Network

24 Červen, 2026 - 17:13
Most security teams are locked into a perimeter-first mindset. They obsess over north-south traffic—the data hitting the edge—while ignoring the reality of the modern data center. Once an attacker gets a foothold, they don't stay at the edge. They pivot. They move laterally. That's the east-west traffic problem: the internal chatter between servers, microservices, and databases that we treat as "trusted" simply because it’s inside the fence.
Kategorie: Hacking & Security

How to Investigate High System Load During a Security Incident

23 Červen, 2026 - 16:52
When a production server spikes at 99% CPU or the disk starts grinding, the knee-jerk reaction is usually to blame a bad code push or a runaway backup job. But if you’ve spent enough time in security incident response, you know that "performance issues" are often the first sign that you’re dealing with Linux malware.
Kategorie: Hacking & Security

FFmpeg PixelSmash Vulnerability Exposes Linux Media Servers to Remote Code Execution Risk

23 Červen, 2026 - 16:07
A newly disclosed FFmpeg vulnerability, known as PixelSmash (CVE-2026-8461), affects the MagicYUV decoder and can be triggered by specially crafted video files. 
Kategorie: Hacking & Security

Examining Security Weaknesses and Regulatory Shortcomings

23 Červen, 2026 - 13:37
Today, organizations rely heavily on technology for their operations, to secure important information and provide services in a digital world. Digital transformation opens up new opportunities, but also poses an increasing challenge for businesses and institutions in the field of cybersecurity. Data breaches, financial losses, reputational damage, and compliance issues are ongoing challenges for organizations in all industries due to security weaknesses and regulatory shortcomings.
Kategorie: Hacking & Security

AryStinger: Why Thousands of Unpatched Linux Routers Are Being Weaponized

22 Červen, 2026 - 20:08
More than 4,300 internet-facing devices have been pulled into a newly documented router malware campaign called AryStinger. The infected systems are mostly not enterprise servers. They are older routers, NAS appliances, and embedded Linux devices that stayed online long after anyone was likely checking them.
Kategorie: Hacking & Security

Europe’s Open Source Strategy Takes Aim at Software Security’s Maintenance Problem

19 Červen, 2026 - 19:59
Some of the software the world depends on most is maintained by people most users will never know by name. The project might be sitting inside Linux distributions, enterprise software, cloud platforms, and government systems without most users ever realizing it is there.
Kategorie: Hacking & Security

OpenStack Keystone Flaws Expose Multiple Paths to Cloud Privilege Escalation

19 Červen, 2026 - 18:58
The recent Keystone advisory is unusual because the vulnerabilities are scattered across several features but keep affecting the same class of security controls. Application credentials, trusts, RBAC enforcement, project ownership validation, token expiration. Different code paths. Similar failures.
Kategorie: Hacking & Security

Fortinet FortiSandbox Critical Command Execution Risk Exploit 2026-39813

18 Červen, 2026 - 16:49
Fortinet has confirmed active exploitation of three FortiSandbox vulnerabilities. One allows attackers to bypass login controls, while the other two enable command execution directly on the appliance. Combined, they create a path from unauthenticated access to direct interaction with a system many organizations trust to analyze suspicious content.
Kategorie: Hacking & Security