LinuxSecurity.com

Open-source projects can become victims of their own success. What can developers do to secure their open-source software?

Today we learned of the passing of a long-time contributor to the Linux and SpamAssassin communities. Jari Fredriksson ran a mirror for sa-update for a long time, contributed to our masscheck system, tested numerous releases, and has given us tons of great feedback over the years. He'll be missed. May his memory be a blessing.

Over the next couple of weeks and months, LinuxSecurity editors and contributors will be writing a series on Linux Web Server Security. This week, we're summarizing the risks Linux administrators face when trying to secure their systems, as well as outlining the first steps that should be taken toward ensuring that your systems are secure. This series will dive deeper into topics including preventing information leakage, firewall considerations, protecting file and directory permissions, securely running PHP applications, monitoring logs and how to verify the security of a Linux server.

Billions of smartphones, tablets, laptops, and Linux-based IoT devices are now using Bluetooth software stacks that are potentially susceptible a new security flaw. Titled as BLESA (Bluetooth Low Energy Spoofing Attack), the vulnerability impacts devices running the Bluetooth Low Energy (BLE) protocol.

After all these years, Linux kernel core developers keep innovating. New kernel versions will be faster and more stable.

Most of us are familiar with Microsoft Windows or macOS - these OSes dominate the personal computing space. But the OS that is taking over the world isn't owned by Microsoft, Apple, or any tech company for that matter. In fact, the most popular OS in the world today isn't owned by anyone. It's the completely open-source Linux operating system.

Learn about 10 great rolling release Linux distros in this helpful guide.

Malicious hackers and are developing more tools to target Linux-based systems used by government and big business.

Zorin OS 15.3 - an "enhanced version of the most advanced and popular release ever" - has officially launched with important refinements and security updates.

As tensions between the U.S. and China heighten over data security issues, the Chinese government has taken a proactive step to protect users' privacy with a data security initiative that it believes can serve as ''a global standard for data security''.

Security researchers have found that they can detect Linux kernel security fixes before they are released - information that could be used by malicious hackers to develop and deploy exploit code before patches are widely available.

Radenta Technologies Inc., a Filipino-owned computing technology company, explains the benefits of usng Linux: "Companies and individuals select Linux for their servers for its security, flexibility and robustness, complemented by excellent support".

Ubuntu users - have you implemented the latest kernel updates released by Canonical to address 17 recently-discovered security vulnerabilities?

The use of Linux is becoming increasingly common in the development of modern embedded medical devices for various reasons - including the high level of security it offers. Discover how embedded developers can ease development of advanced Linux-based medical devices for reliability and safety.

Bottlerocket - Amazon's long anticipated open-source container Linux distro - is now available! Bottlerocket lets you host and run containers like Kubernetes on VMs or bare metal hosts.

Lucifer malware emerged a few months ago as a typical Windows malware. However, it has now returned with greater power and new capabilities - enabling it to target Linux systems.

Are you using Docker for container management? If so, you may want to reconsider. Docker and Podman offer similar capabilities when it comes to managing containers, but Docker's security vulnerabilities could make Podman more appealing for certain system administrators.

You're probably aware of the privacy concerns associated with Ring doorbells, but have you considered the risks that this popular IoT device poses to police officers?

For obvious reasons, Microsoft is pushing for the migration to TLS 1.2, and the software giant has announced a change concerning its Linux app repository. To download packages, TLS 1.2 will now be mandatory.

Open-source software offers a selection of benefits including improvements in security, flexibility and agility, but admins must first determine whether each tool's use cases align with their workload needs.