Syndikovat obsah LinuxSecurity - Security Articles
The central voice for Linux and Open Source security news.
Aktualizace: 7 min 10 sek zpět

Tails 6.0 Released with Critical Security Updates, Big Improvements

1 Březen, 2024 - 14:36
The release of Tails 6.0 brings many improvements that cater to new and seasoned users, emphasizing security, usability, and privacy for those passionate about online security. The new features introduced in this version highlight the project's commitment to enhancing user experience while maintaining robust security protocols.
Kategorie: Hacking & Security

Linux Kernel Runtime Guard (LKRG) 0.9.8 Released with Major Improvements

28 Únor, 2024 - 14:46
Openwall has released Linux Kernel Runtime Guard (LKRG) 0.9.8 with significant updates and improvements. For those unfamiliar with Linux Kernel Runtime Guard (LKRG), it is a kernel module that performs runtime integrity checking of the Linux kernel and detects security vulnerability exploits against the kernel.
Kategorie: Hacking & Security

RunC Container Escape Flaws Grant Attackers Host Access

27 Únor, 2024 - 14:56
A series of severe security vulnerabilities have been discovered in the popular runC command line tool. These vulnerabilities, collectively known as Leaky Vessels, allow threat actors to break out of containers and gain unauthorized access to the host operating system.
Kategorie: Hacking & Security

8220 Hacker Group Targets Cloud Systems To Mine Crypto

27 Únor, 2024 - 14:33
A recent increase in attacks has been observed from the 8220 Gang, a cybercriminal group from China. The group has become notorious for infiltrating cloud-based infrastructure and exploiting vulnerabilities to mine cryptocurrency from Linux and Windows users.
Kategorie: Hacking & Security

New Thunderbird, Firefox Vulns Threaten Sensitive Data, System Availability

27 Únor, 2024 - 13:00
Several significant vulnerabilities have been found in the widely used Thunderbird email client and Firefox web browser. An attacker could exploit these issues to cause a denial of service, obtain sensitive data, bypass security restrictions, perform cross-site tracing, execute arbitrary code, or escalate privileges on impacted systems.
Kategorie: Hacking & Security

Unlock the Power of Cybersecurity Education for a Secure Future: A Comprehensive Guide for Linux Admins & Infosec Pros

25 Únor, 2024 - 23:27
Linux administrators and infosec professionals face rising cyber threats in today's interconnected digital world. As open-source platforms gain more importance, securing them becomes mission-critical for organizations worldwide.
Kategorie: Hacking & Security

How Seccomp Profiles Can Improve Kubernetes Security

22 Únor, 2024 - 18:52
Seccomp , which comes from "secure computing mode," is a built-in security feature in the Linux kernel that limits the system calls a process can make. Seccomp profiles in Kubernetes help minimize attack surfaces and prevent malicious code execution.
Kategorie: Hacking & Security

Joomla XSS Bug Puts Millions of Websites at Risk of RCE

22 Únor, 2024 - 18:48
A critical security vulnerability has been found in the popular Joomla open-source content management system that has left millions of websites open to the risk of remote code execution (RCE) due to multiple cross-site scripting (XSS) bugs. The vulnerability is linked to a fundamental flaw in Joomla's core filter component and is tracked as CVE-2024-21726 .
Kategorie: Hacking & Security

Cryptocurrency Mining Migo Malware Attacks Linux Redis Servers

21 Únor, 2024 - 14:58
A new malware dubbed ''Migo'' that is targeting Linux Redis servers to mine cryptocurrency via a cryptojacking attack has been discovered. This campaign employs many Redis system-weakening commands to potentially disable data store security features that could hinder their initial attempts at access.
Kategorie: Hacking & Security

Do I Need Antivirus as a Linux User?

20 Únor, 2024 - 14:51
It is a common belief among Linux users that antivirus software is unnecessary. Many long-time Linux users have never encountered viruses or malware on their Linux desktop.
Kategorie: Hacking & Security

Fedora vs. Ubuntu: Which More Secure, Faster & More User-Friendly?

18 Únor, 2024 - 14:44
Ubuntu and Fedora are two prominent Linux distributions, each offering its own set of strengths and features. Ubuntu, created by Canonical Ltd ., boasts a user-friendly interface, stable performance, and a vast repository of pre-installed and downloadable software. On the other hand, Fedora prides itself on being an innovative and secure platform, perfect for experienced Linux users who desire the latest technological advancements.
Kategorie: Hacking & Security

Bootloader Bug Threatens Linux Distros Supporting Secure Boot

17 Únor, 2024 - 14:27
A critical vulnerability in the Shim program , which is used in Linux distributions that support secure boot. The bug, CVE-2023-40547 , allows an attacker to execute remote code, potentially resulting in complete system compromise.
Kategorie: Hacking & Security

European Court of Human Rights Declares Backdoored Encryption Illegal

16 Únor, 2024 - 14:51
The European Court of Human Rights (ECHR) has made a major decision , ruling that laws requiring weakened encryption and extensive data retention violate the European Convention on Human Rights. In a recent case involving Russia's demand for Telegram to provide encryption assistance, the Court stated that such legislation cannot be considered necessary in a democratic society.
Kategorie: Hacking & Security

Huawei Proposes to Improve Linux Kernel Memory Security with New Sandbox Mode

15 Únor, 2024 - 14:50
Chinese tech giant Huawei has proposed introducing a "SandBox Mode" for the Linux kernel , aimed at bolstering memory security. This mode would create an environment where native kernel code can be executed but with access restricted only to predefined memory addresses.
Kategorie: Hacking & Security

Ubuntu Tool Could Trick Users Into Installing Rogue Packages

14 Únor, 2024 - 19:18
A potential security vulnerability exists in the command-not-found tool in Ubuntu, which threat actors could exploit to recommend and install malicious packages on systems running Ubuntu operating systems. The command-not-found tool is installed by default on Ubuntu systems and suggests packages to install when users attempt to run commands that are not available.
Kategorie: Hacking & Security

Introducing Canonicals New Desktop Security Center

14 Únor, 2024 - 14:50
Canonical is introducing a new Desktop Security Center , aiming to enhance accessibility to underlying security features for users of Ubuntu and other Linux distros. Although still a work in progress, this Flutter-based tool has generated considerable interest.
Kategorie: Hacking & Security

How eBPF Can Help IT Teams Improve Security & Observability

13 Únor, 2024 - 23:26
There are various advantages of using Extended Berkeley Packet Filter (eBPF) , a Linux kernel technology, to enhance observability and improve security in IT operations. Efficient data collection is critical, and traditional observability tools are limited in this regard.
Kategorie: Hacking & Security

LinuxONE 4 Express: Could IBM's Security-Centric Budget Mainframe Be Right for You?

12 Únor, 2024 - 23:29
IBM's LinuxONE 4 Express is a user-friendly, budget mainframe designed to offer cybersecurity solutions to small to medium-sized businesses (SMBs). IBM's GDPS software and DS8000 series storage with HyperSwap are used in LinuxONE 4 Express to deliver 99.999999% availability when running Red Hat's Kubernetes OpenShift Container Platform.
Kategorie: Hacking & Security

CSI Linux: A Digital Forensics Distro with an Intense Focus on User Education

12 Únor, 2024 - 14:49
CSI Linux is a Linux distribution focused on digital forensics and cybersecurity with an intense focus on user education. The platform offers robust capabilities for investigations, analysis, and response and the flexibility required to meet the demands of modern digital investigations.
Kategorie: Hacking & Security

New Linux Kernel Security Flaw Leads to Information Disclosure

11 Únor, 2024 - 14:59
Imagine your most sensitive and critical information being made accessible to threat actors without your permission or knowledge. This is exactly what a new information disclosure flaw discovered in the Linux kernel up to 5.17 could result in. As a Linux admin, staying up-to-date on vulnerabilities like this one is crucial to keeping your critical systems and confidential data secure. To help you understand and protect against this kernel bug, we'll explore its implications for security practitioners and the long-term consequences it may bring. We'll also explain how to secure your systems against this dangerous kernel flaw.
Kategorie: Hacking & Security