LinuxSecurity.com

Syndikovat obsah LinuxSecurity - Security Articles
The central voice for Linux and Open Source security news.
Aktualizace: 13 min 38 sek zpět

Kali Linux 2023.2 Released with 13 New Tools, Pre-Built HyperV Image

2 Červen, 2023 - 13:00
Kali Linux 2023.2, the second version of 2023, is now available with a pre-built Hyper-V image and thirteen new tools, including the Evilginx framework for stealing credentials and session cookies.
Kategorie: Hacking & Security

Nitrux 2.8.1 Linux Distribution Unleashes Supercharged Security and Privacy Powers

2 Červen, 2023 - 13:00
Nitrux 2.8.1, codenamed "sc" for "safer computing," has been released, offering enhanced privacy and security features. While the distribution does not claim to be impenetrable or unhackable, it aims to protect users' privacy and provide tools for online anonymization.
Kategorie: Hacking & Security

High-Severity ntfs-3g Buffer Overflow Vulns Fixed

1 Červen, 2023 - 13:00
Several buffer overflow vulnerabilities have been identified in ntfs-3g. With a low attack complexity and a high confidentiality, integrity and availability impact, these vulnerabilities have received a National Vulnerability Database (NVD) severity rating of ''High''.
Kategorie: Hacking & Security

Critical Remotely Exploitable Django Vuln Fixed

1 Červen, 2023 - 13:00
It was discovered that Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1 incorrectly handled uploading multiple files using one form field (CVE-2023-31047). With a low attack complexity, no privileges required to exploit, and a high confidentiality, integrity and availability impact, this vulnerability has been rated as ''Critical'' by the National Vulnerability Database (NVD).
Kategorie: Hacking & Security

Linux Container Security Primer

31 Květen, 2023 - 13:57
In today's rapidly evolving digital landscape, where agility and scalability are paramount, traditional software deployment methods often fall short. Container technology is a game-changing innovation that has revolutionized how software is deployed, managed, and scaled. It offers many benefits, ensuring that applications run consistently regardless of the hosting environment.
Kategorie: Hacking & Security

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

30 Květen, 2023 - 13:00
Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. "Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT," the JPCERT Coordination Center (JPCERT/CC) said in a report published today.
Kategorie: Hacking & Security

The Moment for AI

29 Květen, 2023 - 13:00
Red Hat President and Chief Executive Officer, Matt Hicks, shares insights and reflections from Red Hat Summit 2023.
Kategorie: Hacking & Security

Email Phishing Using Kali Linux

29 Květen, 2023 - 13:00
No matter how often you go online and how or why you primarily use the Internet, you've probably seen phishing attack attempts. They're now so common and problematic that cybersecurity professionals regularly provide information to help people spot and avoid phishing attacks.
Kategorie: Hacking & Security

New Ransomware Group Uses Repurposed LockBit, Babuk Variants

29 Květen, 2023 - 13:00
A new ransomware operation has been targeting Windows and Linux systems with a combination of payloads relying on leaked LockBit and Babuk code and custom-developed tools.
Kategorie: Hacking & Security

PyPI Open-Source Code Repository Deals with Manic Malware Maelstrom

26 Květen, 2023 - 13:00
Public source code repositories, from Sourceforge to GitHub , from the Linux Kernel Archives to ReactOS.org , from PHP Packagist to the Python Package Index , better known as PyPI , are a fantastic source (sorry!) of free operating systems, applications, programming libraries, and developers' toolkits that have done computer science and software engineering a world of good.
Kategorie: Hacking & Security

CISA Warns Several Old Linux Vulns Exploited in Attacks

26 Květen, 2023 - 13:00
The Cybersecurity & Infrastructure Security Agency (CISA) added seven new Linux vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on Friday based on evidence of active exploitation, some of which have been known for a decade:
Kategorie: Hacking & Security

Linux Kernel DoS, Info Disclosure Bugs Fixed

25 Květen, 2023 - 13:00
Several important security issues have been found in the Linux kernel, including a slab-out-of-bound read problem (CVE-2023-1380), a heap out-of-bounds read/write vulnerability in the traffic control (QoS) subsystem (CVE-2023-2248), and an out-of-bounds write issue in the kernel before 6.2.13 (CVE-2023-31436). The vulnerabilities have received a National Vulnerability Database (NVD) rating of ''high-severity'' due to their high confidentiality, integrity and availability impact.
Kategorie: Hacking & Security

Important Ruby ReDoS Vulns Discovered & Fixed

25 Květen, 2023 - 13:00
Two important ReDoS issues have been found in the Ruby programming language; one in the URI component (CVE-2023-28755) and one in the Time component (CVE-2023-28756). It was discovered that the URI parser and the Time parser mishandle invalid URLs that have specific characters, causing an increase in execution time for parsing strings to URI and Time objects.
Kategorie: Hacking & Security

Is Linux A More Secure Option Than Windows For Businesses?

25 Květen, 2023 - 13:00
There are many factors to consider when choosing an OS, security being among one of the most critical. The general consensus among experts is that Linux is the most secure OS by design - an impressive feat that can be attributed to a variety of characteristics including its transparent open-source code, strict user privilege model, diversity, built-in kernel security defenses and the security of the applications that run on it.
Kategorie: Hacking & Security

Budgie-flavored Fedora Onyx To Be a New Immutable Fedora Variant

24 Květen, 2023 - 13:00
Fedora Onyx is now approved to be an official Fedora variant. A Budgie desktop user? You will love this!
Kategorie: Hacking & Security

SQLite 3.42 Released With "Secure Delete" Command

23 Květen, 2023 - 13:00
SQLite 3.42 is now available as the newest update to this widely-used, embed-friendly SQL database option that is used by countless applications and other software for lightweight and speedy data storage purposes.
Kategorie: Hacking & Security

AWS Open Sources Security Tools

23 Květen, 2023 - 13:00
AWS is open sourcing its Cedar policy language and authorization engine and Snapchange, an open source snapshot-based fuzzing tool.
Kategorie: Hacking & Security

Important runC Privilege Escalation Flaws Fixed

22 Květen, 2023 - 13:00
Several important security issues were identified in the runC Open Container Project. It was discovered that runC incorrectly performed access control when mounting /proc to non-directories (CVE-2023-27561), and incorrectly handled /proc and /sys mounts inside a container (CVE-2023-28642).
Kategorie: Hacking & Security

How Secure Is Linux?

19 Květen, 2023 - 13:00
It is no secret that the OS you choose is a key determinant of your security online. After all, your OS is the most critical software running on your computer - it manages its memory and processes, as well as all of its software and hardware. The general consensus among experts is that Linux is a highly secure OS - arguably the most secure OS by design. This article will examine the key factors that contribute to the robust security of Linux, and evaluate the level of protection against vulnerabilities and attacks that Linux offers administrators and users.
Kategorie: Hacking & Security

Ubuntu 23.10 Improving PPA Management For Enhanced Security & Reliability

16 Květen, 2023 - 13:00
One of the great longtime features of Ubuntu Linux has been Launchpad's Personal Package Archives (PPAs) for easily augmenting the official Ubuntu repositories with additional packages either to supply updated versions of select software or for software not yet found in the official Ubuntu archives. With Ubuntu 23.10 a change is being made in how PPAs are managed to enhance the security and reliability.
Kategorie: Hacking & Security