LinuxSecurity.com
Linux Foundation Launches Open Source Metaverse Group to Drive Interoperability
The Open Metaverse Foundation (OMF), launched last week by the Linux Foundation , was created to implement the protection and interoperability standards required to drive metaverse adoption at scale, according to Royal O'Brien, a Linux Foundation GM and the executive director of OMF.
Kategorie: Hacking & Security
Protecting Against Linux Malware
Linux is a popular and powerful operating system, but it is not immune to malware. In fact, malware that targets Linux systems is on the rise. In fact, findings from Atlas VPN based on data from threat intelligence platform AV-ATLAS, claims that in 2022 there were 1.9 million new Linux malware threats, bringing the figure up 50% year-on-year.
Kategorie: Hacking & Security
Intel's "DOITM" Security Feature Not Intended For Always-On Use, Linux Patches To Be Revised
Last week I wrote about Linux developers evaluating a new "DOITM" security mitigation for the latest Intel CPUs . While the cost for now of engaging the Data Operand Independent Timing Mode (DOITM) functionality is minimal, following internal Intel engineering discussions it looks like the Linux kernel patches will need to be re-worked with this functionality not intended to always be enabled.
Kategorie: Hacking & Security
Microsoft Upgrades Defender to Lock Down Linux Gear for its Own Good
Organizations using Microsoft's Defender for Endpoint will now be able to isolate Linux devices from their networks to contain intrusions and whatnot.
Kategorie: Hacking & Security
Red Hat Enterprise Linux arrives in Oracles cloud
Red Hat and Oracle announced jointly Tuesday that they have partnered to bring Red Hat Enterprise Linux (RHEL) to Oracle Cloud Infrastructure, broadening Oracle's available public cloud options and creating a measure of d©tente between two long-standing competitors.
Kategorie: Hacking & Security
A Complete Guide to Security Automation & Reporting Using Open Source Tools
Open source security automation is a critical aspect of modern cybersecurity. It involves the use of open source tools and technologies to automate various security tasks, such as vulnerability scanning , incident response, and compliance monitoring. The goal of open source security automation is to improve the efficiency and effectiveness of security operations while reducing costs.
Kategorie: Hacking & Security
Patches Updated For Hooking eBPF Programs Into The Linux Kernel Scheduler
Published back in November were a set of patches for allowing (e)BPF to extend the Linux kernel's scheduler . That interesting work is continuing with Friday having brought a second revision to the patches.
Kategorie: Hacking & Security
Linux Will Now Better Handle AMD SEV-SNP To Avoid Undefined Behavior For Old VMs
Merged on Sunday prior to tagging Linux 6.2-rc6 is a late "fix" for the AMD Secure Encrypted Virtualization Secure Nested Paging (SEV-SNP) code to avoid possible situations of undefined behavior with difficult to debug issues where a modern Linux host with SEV-SNP may try booting a Linux virtual machine with an outdated kernel.
Kategorie: Hacking & Security
OpenSSF Aimed to Stem Open Source Security Problems in 2022
In 2022, the Open Source Software Foundation (OpenSSF) set its sights on fixing security problems with the open software supply chain. including joining forces with companies including Apache, Google, Apple, and AWS, and meeting at the White House with the U.S. government's executive branch.
Kategorie: Hacking & Security
BlackBerry: Cyberattacks Are Being Launched Once Every Minute
Threat actors are evolving to target a wide variety of systems and infrastructure, BlackBerry says in a new report. "In addition, attacks against Linux systems and cloud infrastructure will increase as threat actors look to install backdoors on target systems and gain visibility into organizations for further activities."
Kategorie: Hacking & Security
The Unrelenting Menace of the LockBit Ransomware Gang
The notorious Russian-speaking cybercriminals grew successful by keeping a low profile. But now they have a target on their backs.
Kategorie: Hacking & Security
Linux Malware Rates Rise to Record Levels Amid Hacker Inconsistency
After rising and falling since 2021, new Linux malware hit record highs at year-end in 2022, growing by 117% over previous levels.
Kategorie: Hacking & Security
OpenSSF Aimed to Stem Open Source Security Problems in 2022
In 2022, the Open Source Software Foundation (OpenSSF) set its sights on fixing security problems with the open software supply chain. including joining forces with companies including Apache, Google, Apple, and AWS, and meeting at the White House with the U.S. government's executive branch.
Kategorie: Hacking & Security
An IBM Hacker Breaks Down High-Profile Attacks
For bad actors, the more intelligence they have on their target, the better. Attackers typically gather intelligence by scraping data readily available from public sources, called open source intelligence (OSINT).
Kategorie: Hacking & Security
New Boldmove Linux Malware Used to Backdoor Fortinet Devices
Suspected Chinese hackers exploited a recently disclosed FortiOS SSL-VPN vulnerability as a zero-day in December, targeting a European government and an African MSP with a new custom 'BOLDMOVE' Linux and Windows malware.
Kategorie: Hacking & Security
A DevSecOps Process for Node.js Projects
Node.js is an open source development platform for running JavaScript code on the server side. Node is useful for developing applications that require a persistent browser-server connection and is often used for real-time applications such as chat, social applications, or news feeds.
Kategorie: Hacking & Security
C++ Programming Language and Safety: Here's Where It Goes Next
There's been a shift towards 'memory safe' languages. So, can updates to C++ help it catch up in the eyes of developers?
Kategorie: Hacking & Security
Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware
A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa.
Kategorie: Hacking & Security
How to Check if Your Linux System is Infected with a Virus
Linux is undoubtedly the best open-source operating system, and is arguably the most secure OS by design . Most computers these days are Linux-based. Android OS, which is the most commonly used mobile operating system, is also Linux-based. The same goes for Chromebooks and a variety of tablets.
Kategorie: Hacking & Security
Linux FU: UEFI Booting
Unless your computer is pretty old, it probably uses UEFI (Unified Extensible Firmware Interface) to boot. The idea is that a bootloader picks up files from an EFI partition and uses them to start your operating system.
Kategorie: Hacking & Security