LinuxSecurity.com

Multiple high-impact security issues have been discovered in Thunderbird, which could result in denial of service (DoS) attacks leading to server crashes and loss of access, the execution of arbitrary code, or spoofing attacks. These findings include a vulnerability involving the incorrect code generation during JIT compilation (CVE-2023-25751), and high-severity memory safety bugs present in Thunderbird 102.8 (CVE-2023-28176).

The Thunderbird team has released a new stable version of the open source email client. Thunderbird 102.9.0 is a security and bug fix update.

The developers of specialized security-testing distro Kali Linux have released the first version of 2023, which marks the project's tenth anniversary'¦ but only in this incarnation.

NordVPN's Meshnet private tunnel feature for Windows, macOS, and Linux is now free for everyone, even users who do not have a subscription to NordVPN.

Learn about the selection of excellent - and free! - server distros available to Linux users in 2021.

Linux has never suffered from the infamous BSoD, short for blue screen of death , the name given to the dreaded ''something went terribly wrong'' message associated with a Windows system crash.

''Offensive Security has released ''Kali Linux 2023.1, the first version of 2023 and the project's 10th anniversary, with a new distro called 'Kali Purple,' aimed at Blue and Purple teamers for defensive security.

More critical flaws similar to Log4Shell found in open source are almost inevitable, but Open Source Security Foundation 's (OpenSSF's) goal is to make those incidents rare and continually make the attackers' job harder, a Linux Foundation executive noted.

Businesses have increasingly been integrating technology within their workflows. In America, 94% of businesses use technology to increase efficiency.

Previously known to target Windows systems only, a new Linux version of the IceFire ransomware that exploits an IBM Aspera Faspex file-sharing vulnerability ( CVE-2022-47986 ) has recently been discovered. While the Windows version is known to target technology companies, the IceFire Linux ransomware variant has been observed targeting media and entertainment companies.

A novel Linux version of the IceFire ransomware that exploits a vulnerability in IBM's Aspera Faspex file-sharing software has been identified by SentinelLabs, a research division of cybersecurity company Sentinel One. The exploit is for CVE-2022-47986 , a recently patched Aspera Faspex vulnerability.

IceFire has changed up its OS target in recent cyberattacks, emblematic of ransomware actors increasingly targeting Linux enterprise networks, despite the extra work involved.

Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. SentinelLabs security researchers found that the gang has breached the networks of several media and entertainment organizations around the world in recent weeks, starting mid-February, according to a report shared in advance with BleepingComputer.

The new Secure Compute Module (SCM) Pro is an embedded platform built around the Raspberry Pi CM4 for IoT and edge applications requiring security features such as Verified Boot, Hardware Root of Trust, File System Encryption, Physical Tamper Sensors, etc.

"Open source security is arguably getting better, thanks to vendors like Chainguard and industry consortia like the Open Source Security Foundation . But we have a ways to go, and in the meantime, security, as well as other factors, mean that ''free as in beer'' is never truly free."

Kali Linux is a powerful and versatile operating system designed for hackers and security professionals. It is a Debian-based distribution that comes loaded with a variety of security and hacking tools that are essential for penetration testing, vulnerability analysis, and digital forensics.

Linus Torvalds merged to Linux 6.3 Git the TPM CRB support for Microsoft's controversial Pluton security co-processor that is initially found in the latest AMD Ryzen processors.

Linux distro openSUSE has begun enforcing Kernel Lockdown when Secure Boot is enabled, creating issues for many users.

Written by Linux security expert and LinuxSecurity.com Founder Dave Wreski.Attacks targeting Linux have surged in recent years due to the mass migration of workloads to the cloud and the increase in IoT and other connected devices on the network. Traditional endpoint security solutions for Linux, which typically rely on the same algorithms and techniques developed to secure Windows desktops and don't address the attack patterns unique to Linux, are no longer sufficient to secure modern Linux workloads against today's dynamic and evasive threats.

The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system.