Life with the Penguin

Recent news

Tracing a memory leak bug in PID 1 and contributing an upstream fix: a Linux support story
  

Tracing a memory leak bug in PID 1 and contributing an upstream fix: a Linux support story

How Canonical Support helped a global retail organization trace the cause for an unusual memory leak originating in PID 1.

Linux UEFI Shim Vulnerability Severe Exploitation of Obsolete Bootloaders
  

Linux UEFI Shim Vulnerability Severe Exploitation of Obsolete Bootloaders

ESET researchers identified 11 old and forgotten Linux UEFI shim bootloaders at versions 0.9 and below that can be used

Running Proxies Safely on Linux: A Hardening Guide for System Administrators
  

Running Proxies Safely on Linux: A Hardening Guide for System Administrators

Proxies are a standard component of a Linux administrator’s toolbox. You can use them to see how services respond in

How to Configure Centralized Logging with Journald and Rsyslog
  

How to Configure Centralized Logging with Journald and Rsyslog

Linux systems generate a steady stream of authentication, service, kernel, and application logs. On most systems, those logs never leave

Mak’s Weekly Security Roundup: Linux Updates You Shouldn’t Ignore This Week
  

Mak’s Weekly Security Roundup: Linux Updates You Shouldn’t Ignore This Week

Before the week gets away from you, take a look at what’s landed across the Linux ecosystem.  The volume of

How Linux Security Teams Spot Vulnerabilities Before CVEs Are Published
  

How Linux Security Teams Spot Vulnerabilities Before CVEs Are Published

Most of us don’t hear about a kernel vulnerability until a CVE lands in our inbox or the vulnerability scanner

MAAS installation: bare metal provisioning is easier than ever
  

MAAS installation: bare metal provisioning is easier than ever

MAAS brings cloud-like automation to physical servers. It helps teams discover, commission, deploy, and repurpose machines from a central control

GhostLock Exposes an Uncomfortable Truth About Open Source Security
  

GhostLock Exposes an Uncomfortable Truth About Open Source Security

When researchers announced GhostLock, many people focused on the exploit. What stood out to me wasn’t just what the vulnerability

Critical Gitea Docker Authentication Bypass: An Open Door to Your Infrastructure
  

Critical Gitea Docker Authentication Bypass: An Open Door to Your Infrastructure

If you’re running Gitea in a container, stop what you’re doing and check your versioning right now. We’re looking at

Threat Detection and Response: Why Linux Monitoring Requires Both Signatures and Behavior
  

Threat Detection and Response: Why Linux Monitoring Requires Both Signatures and Behavior

Every Linux server in your fleet produces thousands of events every minute. From journald logs and auditd records to kernel-level

Securing SSH in Production: Keys, Hardening, and Real Attack Patterns
  

Securing SSH in Production: Keys, Hardening, and Real Attack Patterns

Spin up a fresh Linux VPS with default settings and check /var/log/auth.log ninety seconds later. There will already be failed

Defending the Open Source Desktop: Advanced Cybersecurity Strategies for Linux
  

Defending the Open Source Desktop: Advanced Cybersecurity Strategies for Linux

There was a time when Linux meant server rooms and hobbyist forums. These days it’s on regular laptops, and a

Detecting Linux System Compromise Early: Behavioral Indicators and Log-Based Detection
  

Detecting Linux System Compromise Early: Behavioral Indicators and Log-Based Detection

There’s a gap between what Linux systems log by default and what you actually need to detect a compromise. Most

Linux Privilege Escalation from a Defensive Perspective: Sudoers and SUID Misconfigurations
  

Linux Privilege Escalation from a Defensive Perspective: Sudoers and SUID Misconfigurations

Root access on a Linux system rarely arrives through a zero-day.LinuxSecurity – Security ArticlesRead More

API Key Leakage in Public Repositories: What Linux Teams Miss
  

API Key Leakage in Public Repositories: What Linux Teams Miss

Security scanners flag exposed API keys in public repositories every day. The initial response is usually predictable: delete the commit,

  

How to Build a Tamper-Resistant Logging Infrastructure for Linux

When you’re digging through an incident, your logs are the only thing you can actually trust. The problem is, attackers

Januscape vulnerability CVE-2026-53359 mitigations available
  

Januscape vulnerability CVE-2026-53359 mitigations available

Introduction A local privilege escalation (LPE) vulnerability affecting the Linux kernel was publicly disclosed on July 6, 2026. The vulnerability

Malicious Go Modules: Securing Your Linux Build Pipeline
  

Malicious Go Modules: Securing Your Linux Build Pipeline

Every Linux developer who works with Go has run the same workflow a thousand times. You find a library that

Linux Log Analysis: How to Investigate Suspected Log Manipulation During Incident Response
  

Linux Log Analysis: How to Investigate Suspected Log Manipulation During Incident Response

When an attacker breaks into a Linux system, their work is rarely done. Usually, the real work starts after the

GhostApproval: Why Linux Developers Should Audit AI Coding Assistant Permissions
  

GhostApproval: Why Linux Developers Should Audit AI Coding Assistant Permissions

AI coding assistants have become a staple in many Linux developers’ daily workflows. Whether you’re generating boilerplate, refactoring code, or

Managing Ubuntu on bare metal at scale
  

Managing Ubuntu on bare metal at scale

Modern infrastructure teams are expected to deliver cloud-like speed, consistency, and reliability, even when their workloads run on physical servers.

Linux Rootkits Explained: How They Hide and How Defenders Can Respond
  

Linux Rootkits Explained: How They Hide and How Defenders Can Respond

Most of us think of Linux rootkits as ancient history—the stuff of 90s hacking forums and clunky malware that would

  

Test by Jacob

TestLinuxSecurity – Security ArticlesRead More

  

Test By

TestLinuxSecurity – Security ArticlesRead More