Featured Linux Articles - Page 11
Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
Predator-OS is a free and open-source secure Linux distro that is ideal for penetration testing, ethical hacking and digital forensics, but is also a great option for any user looking to improve his or her privacy and anonymity online with a security-centric, hardened OS.
Tails, or "The Amnesic Incognito Live System", has released the latest version of its privacy-focused secure Linux distro, Tails 4.21, with various changes, bug fixes and improvements including: An update to Tor Browser 10.5.4 An update to Thunderbird 78.12 A fix for a bug in Tails Installer that enabled the deletion of Persistent Storage when doing a manual upgrade
Black Hat USA 2021 and DEF CON 29 have come to an end, and this year’s events did not disappoint, generating plenty of cybersecurity news, highlighting key industry trends and introducing some exciting new products. LinuxSecurity has been following both conferences, speaking with expert trainers and presenters and keeping our followers up-to-date on Twitter. Here are the highlights, key takeaways and notable trends we identified as Black Hat USA 2021 and DEF CON 29 unfolded that you should be aware of.
On July 8, 2021, the CrowdSec team released CrowdSec v1.1.x - the latest version of their free and open-source cybersecurity solution designed to protect Linux servers, services, containers, or virtual machines exposed on the Internet with a server-side agent - with new packages and repositories, as well as improvements to to the CrowdSec agent itself. LinuxSecurity spoke with the CrowdSec team to provide readers with insight into what they can expect from this exciting release, and how they can get started with CrowdSec v1.1.x.
Technology is an integral part of our everyday lives. Widespread reliance on devices that connect us to the Internet and cloud platforms that facilitate digital communications has markedly increased since the beginning of this pandemic. As technology companies are scrambling to meet businesses’ and consumers’ evolving needs, one trend has become clearly apparent - open-source is at the forefront of modern technological innovation, revolutionizing careers available in the field of cybersecurity in the process.
To say that it’s an exciting time in the cybersecurity community is an understatement! Two of the most prestigious cybersecurity conferences - Black Hat USA 2021 and DEF CON - are rapidly approaching, featuring an impressive list of trainings and presentations.
It is no secret that email is the preferred method of communication for businesses - a trend that has only been magnified with the increase in remote workers brought on by the pandemic. That being said, email is effectively a plaintext communication sent from email clients to receiving email servers or from one server to another, leaving the content of messages in transit vulnerable to compromise without additional protection via encryption technology such as the Transport Layer Security (TLS) standard.
The Linux vulnerability landscape is becoming increasingly complex, in part due to a seemingly never-ending number of new vulnerabilities that are constantly surfacing.
Whether you are a DevSecOps engineer responsible for managing your organization’s application infrastructure or you have your own personal Linux server that you use at home, the importance of keeping your systems safe and secure against malicious attacks by bad actors cannot be over emphasized.
Many of the kernel bugs present in the Linux system are potential security flaws. Hackers use the vulnerabilities inherent in the Linux kernel to gain privilege escalation or to create denial-of-service attack vectors.
Open Source is currently being recognized by more organizations than ever before for its ability to give rise to flexible, cost-effective and exceptionally secure software and technologies. Over 75% of organizations worldwide are now contributing to and consuming open-source software and products.
Linux prevails as the most popular OS among hosting providers - and for good reason. Linux is secure by design, cost-efficient, compatible with the majority of key programming languages used worldwide and offers high levels of customization.
Thank you to Oyelakin Timilehin Valentina and Duane Dunston for contributing this article. Threat intelligence (or threat intell) is information used to understand past, present, and future threats targeting an organization. It is evidence-based knowledge about a previous, existing or emerging threat to organizational assets. Threat intelligence also includes settings, implications, mechanisms, context, and even action-oriented advice on the threat. Context mentioned here includes who the attackers are, what their motivation is, what their capabilities are, and what indicators of compromise are in your system. An Indicator of compromise (IOC) is forensic data in a system log file, for example, which identifies malicious activities on a system or network.
CloudLinux, the sponsor of the forever-free AlmaLinux OS enterprise Linux distribution, is now automating, simplifying and securing Linux operations with its TuxCare unified enterprise support services.
Since 1996, LinuxSecurity.com has served as the open-source community’s go-to resource for Linux news & Linux-related information, updates and engagement with community members who share a passion for Linux and security.
On Wednesday, May 12th, in the wake of the recent Colonial Pipeline ransomware attack that shut down one of the largest US pipelines for nearly a week, President Biden signed an executive order placing strict new standards on the cybersecurity of all software sold to the federal government. This order is part of a broad, multi-layered initiative to improve national security by incentivizing private companies to practice better cybersecurity or risk being locked out of federal contracts.
Soon we will launch a brand new LinuxSecurity with a completely new experience. As part of a select group of LinuxSecurity users, we'd like to offer you early access to take the site for a spin and let us know what you think. How does it work for you?
The Qualys Research Team has discovered multiple critical vulnerabilities in the popular Exim mail server, which they have named 21Nails. Some of these flaws can be chained together to obtain full remote unauthenticated code execution and gain root privileges. With 60 percent of the world’s public email servers worldwide running on Exim, this set of flaws represents a serious threat to many organizations.
The CrowdSec team is expanding the capabilities of their open-source and free security solution by finalizing the release of its brand new application bouncer on the WordPress marketplace. This new bouncer is compatible for versions 1.0.x and beyond. Given that the vast majority of websites in the world are hosted on WordPress, this addition will improve CrowdSec's defense arsenal in its mission to defend the greatest number.
On Saturday, April 24th, 2021, the computer security world was shaken by the news of the sudden death of Dan Kaminsky, a renowned hacker best known for his contributions in the realm of DNS security. Kaminsky was 42 years old.