Advisories

What Are You Looking For?

Popular Tags

Cryptography

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Serious Security: Linux full-disk encryption bug fixed – patch now!

Lots of people “run Linux” without really knowing or caring – many home routers, navigational aids, webcams and other IoT devices are based on it; the majority of the world’s mobile phones run a Linux-derived variant called Android; and many, if not ...

Jan 17, 2022

3 years, 17 alphas, 2 betas, and over 7,500 commits later, OpenSSL version 3 is here

The OpenSSL team has released version 3.0 of ...

Sep 09, 2021

3 years, 17 alphas, 2 betas, and over 7,500 commits later, OpenSSL version 3 is here

Improve The CrowdSec Multi-Server Installation With HTTPS Between Agents

Learn how to improve the security of the CrowdSec multi...

Sep 01, 2021

Improve The CrowdSec Multi-Server Installation With HTTPS Between Agents

Discover Cryptography News

The Linux Kernel Module Programming Guide: Crypto

The Linux Kernel Module Programming Guide: Crypto

To handle cryptography, the Linux kernel has its own API enabling common methods of encryption, decryption and your favourite hash functions! Learn about the use of hash functions and symmetric key encryption in the Linux kernel in the Linux Kernel Module Programming Guide.

Brittany Day
08/16/2021
1838 Views

Serious Security: OpenSSL fixes two high-severity crypto bugs

Serious Security: OpenSSL fixes two high-severity crypto bugs

OpenSSL has patched two high-severity crypto bugs. Upgrade now!

Brittany Day
03/29/2021
1746 Views

SSH Attack Vector: Dormant & Forgotten Keys

SSH Attack Vector: Dormant & Forgotten Keys

SSH keys play a critical role in server and network security, yet are too often overlooked by admins, IT professionals and security teams.

Brittany Day
09/16/2020
2578 Views

1
2
3
4
5
6
7
8
9
10
Next

Related Stories

New Kernel Crash-Exploit discovered

A bug lets a simple C program crash the kernel, effectively locking the whole system. It affects both 2.4.2x and 2.6.x kernels on the x86 architecture...

Signup / Login

...

Open-source security: It's too easy to upload 'devastating' malicious packages, warns Google

The Google and OpenSSF Package Analysis project aims to reduce security risks created by developers' crazy package-updating schedules. ...

Open-source security: It's too easy to upload 'devastating' malicious packages, warns Google

Log4Shell a huge wake-up call for 95% of security leaders

Security leaders are still dealing with the impact of Log4Shell, and cloud security leaders are changing the way they secure cloud workloads in the af...

Log4Shell a huge wake-up call for 95% of security leaders

Microsoft warns: These flaws could give attackers root privileges on Linux desktops

Microsoft has discovered flaws that could be combined to gain root privileges on Linux systems. ...

Microsoft warns: These flaws could give attackers root privileges on Linux desktops

Red Hat report: Enterprise open source new pandemic response

Red Hat recently released The State of Enterprise Open Source 2022 report, which highlights the changing perceptions about the use of the op...

Red Hat report: Enterprise open source new pandemic response

Ubuntu 22.04: The Linux desktop for work

Ubuntu has long been a serious desktop for the business, and this new long-term support version is better than ever for people who want a work Linux d...

Ubuntu 22.04: The Linux desktop for work

Benchmarking Linux Security – Latest Research Findings

How well do your Linux security practices stack up in today's challenging operating environment? Are you following the correct processes to keep syste...

Benchmarking Linux Security – Latest Research Findings

Some Lenovo laptops may be carrying a serious security flaw

Hundreds of Lenovo models are vulnerable to three major flaws. ...

Some Lenovo laptops may be carrying a serious security flaw

Hardening Kubernetes Multi-Cluster Environments

Kubernetes has quickly become a de facto tool within enterprise software development environments, enabling DevOps engineers to scale large numbers of...

Hardening Kubernetes Multi-Cluster Environments

Why the Linux desktop is the best desktop

Learn about the advantages of the Linux desktop - improved security being one of the most notable benefits. ...

Why the Linux desktop is the best desktop

Linux Systems Are Becoming Bigger Targets

To prevent Linux exploits, organizations should establish an integrated security approach that extends to the network edge. ...

Linux Systems Are Becoming Bigger Targets

10 essential Linux tools for network and security pros

Learn about 10 must-have Linux security tools for any enterprise program of vulnerability assessment and penetration testing. ...

10 essential Linux tools for network and security pros

Red Hat gets RHEL 8.2 certified for high level US government security

Linux slinger Red Hat has achieved Common Criteria certification for Red Hat Enterprise Linux 8.2, making it suitable for high level US government sec...

Red Hat gets RHEL 8.2 certified for high level US government security

7 Privacy-Focused Alternatives to Common Linux Software

Maintain privacy and keep your desktop safe by installing privacy-oriented alternatives to popular applications on Linux. ...

7 Privacy-Focused Alternatives to Common Linux Software

Linux secure networking security bug found and fixed

An obnoxious security bug discovered in Linux's IPSec secure networking program has now been fixed. ...

Linux secure networking security bug found and fixed

QNAP warns severe OpenSSL bug affects most of its NAS devices

Network-attached storage (NAS) maker QNAP has warned that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks...

QNAP warns severe OpenSSL bug affects most of its NAS devices

Hive ransomware ports its Linux VMware ESXi encryptor to Rust

The Hive ransomware operation has converted their VMware ESXi Linux encryptor to the Rust programming language and added new features to make it harde...

Hive ransomware ports its Linux VMware ESXi encryptor to Rust

Some developers are fouling up open-source software

From ethical concerns, a desire for more money, and simple obnoxiousness, a handful of developers are ruining open-source for everyone. ...

Some developers are fouling up open-source software

NSA on How to Harden Kubernetes

The NSA - the maker of the original secure Linux (SELinux) - has written guidelines on how to secure video conferencing, text chatting,...

NSA on How to Harden Kubernetes

Linux Kernel 5.17 Released, With Major Security Fixes But Not Much Else

After a short delay, Linus Torvalds has announced the latest version of the Linux kernel, version 5.17, which adds major security enhancements. ...

Linux Kernel 5.17 Released, With Major Security Fixes But Not Much Else

Linux and Raspberry Pi devices are proving a major security weak link

There are hundreds of thousands of Linux and Raspberry Pi devices connected to the internet right now, protected by nothing more t...

Linux and Raspberry Pi devices are proving a major security weak link

Linux botnet abuses log4j to attack Arm, x86-based devices

A new Linux botnet, B1txor20, that targets Arm and 64-bit x86 systems shows log4j isn't going away any time soon. ...

Linux botnet abuses log4j to attack Arm, x86-based devices

Nasty Linux netfilter firewall security hole found

How embarrassing! It turns out there was a security hole lurking in Linux's netfilter firewall program. ...

Nasty Linux netfilter firewall security hole found

Linux 5.17 delayed after vulnerability discovered in AMD processors

The resurgence of Spectre-like malware has pushed the release date for the next iteration of Linux for at least a week, its creator has conf...

Linux 5.17 delayed after vulnerability discovered in AMD processors

Kali Unkaputtbar Brings File System Snapshots to Btrfs-Based Kali Linux Systems

Offensive Security has announced Kali Unkaputtbar, a new feature for their Kali Linux ethical hacking and penetration testing GNU/Linux distribution t...

Kali Unkaputtbar Brings File System Snapshots to Btrfs-Based Kali Linux Systems

How an OSPO Can Help Secure Your Software Supply Chain

Learn how an open source program office (OSPO) - a bureau of open source experts within your organization dedicated to overseeing how your compan...

How an OSPO Can Help Secure Your Software Supply Chain

This major Linux security vulnerability has been fixed, so patch now

If you're running a Linux distro on your computer or use an Android smartphone, you should install the latest updates immediately as a ...

This major Linux security vulnerability has been fixed, so patch now

4 Best Linux Open source Firewall for Cyber Security – 2022

Learn about some of the best-known open-source firewalls based on Linux to protect networks and computers from cyber security threats. ...

4 Best Linux Open source Firewall for Cyber Security – 2022

Linux has been bitten by its most high-severity vulnerability in years

Linux has yet another high-severity vulnerability that makes it easy for untrusted users to execute code capable of carrying out a host of malicious a...

Linux has been bitten by its most high-severity vulnerability in years

New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container

Details have emerged about a now-patched high-severity vulnerability in the Linux kernel that could potentially be abused to escape a container in ord...

New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container

Open source security fears are fading away

A big majority (89%) of IT chiefs believe open-source software is as secure as proprietary software, according to a survey by IBM-owned Red Hat, the m...

Open source security fears are fading away

Open Source Security Foundation Now Counts 60 Members

The Open Source Security Foundation (OpenSSF) on Tuesday announced that 19 more organizations have joined the initiative, showing commitment towards i...

Open Source Security Foundation Now Counts 60 Members

Torvalds moves Linux to C11

Old one out-of-date, but this one goes to 11. ...

Torvalds moves Linux to C11

12 Simple Tools to Protect Your Privacy

Learn about 12 simple tools to guard your online privacy easily. ...

12 Simple Tools to Protect Your Privacy

NSA-linked Bvp47 Linux backdoor widely undetected for 10 years

A new report dives deep into technical aspects of a Linux backdoor now tracked as Bvp47 that is linked to the Equation Group, the advanced persistent ...

NSA-linked Bvp47 Linux backdoor widely undetected for 10 years

GitHub calls for contributions to new cybersecurity Advisory Database

GitHub has announced that their Advisory Database for security data is now open to contributions from experts. The full contents of the Advisory ...

GitHub calls for contributions to new cybersecurity Advisory Database

Nasty Linux Kernel Stack Overflow Flaw Found and Patched

Here we go again. Another obnoxious security bug, CVE-2022-0435: A Remote Stack Overflow in The Linux Kernel was found by Appgate ...

Nasty Linux Kernel Stack Overflow Flaw Found and Patched

Linux developers patch security holes faster than anyone else, says Google Project Zero

There's a lot of FUD about how Linux is being shown recently to be less secure than proprietary systems. That's nonsense. But, now there are hard fact...

Linux developers patch security holes faster than anyone else, says Google Project Zero

New Linux Privilege Escalation Flaw Uncovered in Snap Package Manager

Multiple security vulnerabilities have been disclosed in Canonical's Snap software packaging and deployment system, the most critical of whi...

New Linux Privilege Escalation Flaw Uncovered in Snap Package Manager

Linux devs fix nasty vulnerability dating back half a decade

An exploitable bug sitting in a popular Linux kernel module has been found after five years. A patch is finally available, experts say....

Linux devs fix nasty vulnerability dating back half a decade

Security: Google to pay up to $91,337 for exploits of new Linux and Kubernetes bugs

Google raises rewards for its kCTF exploit-focussed vulnerability bounty focussing on Linux kernel zero-day flaws. And changes some rules. ...

Security: Google to pay up to $91,337 for exploits of new Linux and Kubernetes bugs

Kali Linux 2022.1 released with 6 new tools, SSH wide compat, and more

Offensive Security has released Kali Linux 2022.1, the first version of 2022, with improved accessibility features, a visual refresh, SSH wide compat...

Kali Linux 2022.1 released with 6 new tools, SSH wide compat, and more

Securing open-source code isn't going to be cheap

Devs and maintainers are getting paid ... though not to concentrate on security. ...

Securing open-source code isn't going to be cheap

Linux Malware on the Rise

Ransomware, cryptojacking, and a cracked version of the penetration-testing tool Cobalt Strike have increasingly targeted Linux in multicloud infrastr...

Linux Malware on the Rise

We kick the tires on Qubes 4.1.0 and indeed, it's still a 'reasonably secure' OS

UEFI support adds attractions for the security-minded, GUI goes fully virtual ...

We kick the tires on Qubes 4.1.0 and indeed, it's still a 'reasonably secure' OS

The oldest Linux distro just got a major update

Slackware 15.0 emerges with kernel version 5.15.19 and a new KDE Plasma 5 desktop experience. ...

The oldest Linux distro just got a major update

Penetration Testing with Kali Linux: 15 of the Best Tools to Try First

If you’re looking for a penetration testing platform that has everything you need, Kali Linux is your best option. With over 600 tools included,...

Penetration Testing with Kali Linux: 15 of the Best Tools to Try First

Tails vs. Linux Kodachi: Which Privacy Protection Distro Should You Choose?

When it comes to maintaining privacy on Linux, you have two great options: Tails and Linux Kodachi. But which one should you choose? Let's find out. ...

Tails vs. Linux Kodachi: Which Privacy Protection Distro Should You Choose?

Alpha-Omega Project takes a human-centered approach to open-source software security

The Linux Foundation and OpenSSF Alpha-Omega Project, backed by Microsoft and Google, aims to improve the security of 10,000 open-source projects...

Alpha-Omega Project takes a human-centered approach to open-source software security

Squid Vulnerability: Insecure forwarding of proxy_auth

Vendors have not issued updates yet for a vulnerability just reported by the Squid Project. "Under some conditions Squid may forward the proxy authent...

Squid Vulnerability: Insecure forwarding of proxy_auth

Linux Kernel Bug Allows Kubernetes Container Escape

Hackers could exploit a Linux kernel bug to escape Kubernetes containers and access critical resources; however, the threat is minimized as any attack...

Linux Kernel Bug Allows Kubernetes Container Escape

OpenSSF Announces The Alpha-Omega Project to Improve Software Supply Chain Security for 10,000 OSS Projects

Following a meeting with government and industry leaders at the White House, OpenSSF is excited to announce the Alpha-Omega Project to impro...

OpenSSF Announces The Alpha-Omega Project to Improve Software Supply Chain Security for 10,000 OSS Projects

New SureMDM Vulnerabilities Could Expose Companies to Supply Chain Attacks

A number of security vulnerabilities have been disclosed in 42 Gears' SureMDM device management solution that could be weaponized by attackers to perf...

New SureMDM Vulnerabilities Could Expose Companies to Supply Chain Attacks

Rust-Written Replacement To GNU Coreutils Progressing, Some Binaries Now Faster

Along with the broader industry trend of transitioning security-sensitive code to memory-safe languages like Rust, there has been an effort to wr...

Rust-Written Replacement To GNU Coreutils Progressing, Some Binaries Now Faster

Patching the CentOS 8 Encryption Bug is Urgent – What Are Your Plans?

There are three things you can be sure of in life: death, taxes – and new CVEs. For organizations that rely on CentOS 8, the inevitable has now happen...

Patching the CentOS 8 Encryption Bug is Urgent – What Are Your Plans?

Securing Kubernetes at the Infrastructure Level

Infrastructure security is important to get right so that attacks can be prevented—or, in the case of a successful attack, damage can be minimized. It...

Securing Kubernetes at the Infrastructure Level

LVFS Exploring Alternate, Open-Source Firmware For Capable End-Of-Life Devices

The Linux Vendor Firmware Service (LVFS) with Fwupd for firmware updating on Linux could soon be making it easier to transition older, end-of-life dev...

LVFS Exploring Alternate, Open-Source Firmware For Capable End-Of-Life Devices

Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks

Researchers have disclosed details of two critical security vulnerabilities (CVE-2021-45467) in Control Web Panel, an open-source Linux...

Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks

Nasty Linux kernel bug found and fixed

A heap overflow bug was recently discovered in the Linux kernel. The patch is available now in most major Linux distributions. ...

Nasty Linux kernel bug found and fixed

Intel's Unaccepted Memory Support Updated For Substantially Faster Booting Of TDX VMs

Way back in August Intel posted a set of Linux kernel patches for supporting "unaccepted memory" by the Linux kernel in preparation for next...

Intel's Unaccepted Memory Support Updated For Substantially Faster Booting Of TDX VMs

LVFS Activity Going Wild Ahead Of New Security Disclosure Requiring Firmware Update

The Linux Vendor Firmware Service (LVFS) that integrates with Fwupd for delivering firmware updates primarily to Linux users is surging with around th...

LVFS Activity Going Wild Ahead Of New Security Disclosure Requiring Firmware Update

New year brings bad news for Linux as 2021 saw up to 10 times more malware samples

The new year has brought some bad news for Linux users and enthusiasts. Research reveals that Linux-specific malware saw a 35% increase in 2021 compar...

New year brings bad news for Linux as 2021 saw up to 10 times more malware samples

Serious Security: Linux full-disk encryption bug fixed – patch now!

Lots of people “run Linux” without really knowing or caring – many home routers, navigational aids, webcams and other IoT devices are based on it; the...

Serious Security: Linux full-disk encryption bug fixed – patch now!

White House hosts open-source software security summit in light of expansive Log4j flaw

Tech giants and federal agencies meet at the White House to discuss open-source software security, a response to the widespread Log4j vulnerability th...

White House hosts open-source software security summit in light of expansive Log4j flaw

Open source isn't the security problem – misusing it is

Security is a process, not a product. We're going to be cleaning up Apache Log4j security problems for months to come, but the real problem isn't...

Open source isn't the security problem – misusing it is

Linux Mint 20.3 released promising security updates until 2025

Linux Mint has released version 20.3, codenamed 'Una,' as a long-term support version that will receive security updates until 2025. Learn what's new ...

Linux Mint 20.3 released promising security updates until 2025

Lesson from Log4j: Open-source software improvements need help from feds

The tech industry is readying solutions to the security risks posed by the collaborative software that underpins modern-day computing — but aid from W...

Lesson from Log4j: Open-source software improvements need help from feds

Linux Kodachi: Extreme Privacy Protection Out of the Box

Want a system that leaves no trace of what you did online? Check out Linux Kodachi, a privacy-focused distro with built-in online security features. ...

Linux Kodachi: Extreme Privacy Protection Out of the Box

KDE Plasma 5.23.5 Released as the Last Update in the Series, Further Improves Plasma Wayland

KDE Plasma 5.23.5 has been released as the fifth and last maintenance update in the KDE Plasma 5.23 desktop environment series with more bug fixes and...

KDE Plasma 5.23.5 Released as the Last Update in the Series, Further Improves Plasma Wayland

Cleaning up the Linux kernel's 'Dependency Hell': This developer is proposing 2,200 commit changes

Cleaning off decades of code mess isn't for the faint of heart, but leading Linux kernel developer Ingo Molnar is giving it the old college try in the...

Cleaning up the Linux kernel's 'Dependency Hell': This developer is proposing 2,200 commit changes

CentOS Linux 8 Reached End of Life, It’s Time to Migrate to an Alternative OS

CentOS Linux 8 has reached end of life, meaning it’s time to migrate your installations to an alternative distro like Rocky Linux or AlmaLinux OS. ...

CentOS Linux 8 Reached End of Life, It’s Time to Migrate to an Alternative OS

Intel Is Bringing A Feature Upgrade To Linux That Will Make Windows Users Jealous

Intel is bringing a feature upgrade to Linux that will make Windows users jealous. "The upcoming “pfr_update” driver is set to be introduced in L...

Intel Is Bringing A Feature Upgrade To Linux That Will Make Windows Users Jealous

Kubernetes security will have a breakout year in 2022

While it’s come a long way over the past year, Kubernetes security has not yet reached maturity. But judging from the level of investment in 2021 into...

Kubernetes security will have a breakout year in 2022

FGKASLR Is An Exciting Linux Kernel Improvement To Look Forward To In 2022

It's been nearly two years in the making since Intel posted FGKASLR patches for improving Linux kernel security. While that work on Finer Gr...

FGKASLR Is An Exciting Linux Kernel Improvement To Look Forward To In 2022

In 2022, security will be Linux and open-source developers job number one

Linux and open-source software will be hotter than ever, but the real changes will be in how they're secured. ...

In 2022, security will be Linux and open-source developers job number one

Microsoft fixes NotLegit: exposed the source code of apps written in PHP and Python in Azure App Service for Linux

The Wiz research team has discovered a security issue in Azure App Service on Linux. This exposed the source code of client applications written ...

Microsoft fixes NotLegit: exposed the source code of apps written in PHP and Python in Azure App Service for Linux

Log4j vulnerability now used to install Dridex banking malware

Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking troja...

Log4j vulnerability now used to install Dridex banking malware

Linux For The Paranoid Does The Work For You

We all know that our activity on the Internet is not that hard to track. It just annoys some people more than others. If you are really hardcore, you’...

Linux For The Paranoid Does The Work For You

10 popular Open-Source Tools to Secure Your Linux Server in 2022

Learn about 10 great open-source tools to improve the security of your Linux servers heading into 2022. ...

10 popular Open-Source Tools to Secure Your Linux Server in 2022

Debian 11 ‘Bullseye' updated to 11.2 with 40+ security updates and 60+ bugfixes

The Debian project has released a second update for the stable distribution Debian 11, codenamed “Bullseye”. Although the latest update is not a ...

Debian 11 ‘Bullseye' updated to 11.2 with 40+ security updates and 60+ bugfixes

Guide: How To Detect and Mitigate the Log4Shell Vulnerability (CVE-2021-44228 & CVE-2021-45046)

A few days ago, a serious new vulnerability was identified in Apache log4j v2 and published as CVE-2021-44228. We were one of the first security ...

Log4j Flaw Needs Immediate Remediation

After nearly two years of adopting major network and security changes wrought by COVID-19 and hybrid work, weary IT network and security teams didn’t ...

Log4j Flaw Needs Immediate Remediation

Linux Security Simplified: How To Make Linux More Secure (With Less Work)

Linux is a versatile operating system. Its use cases vary greatly, from hosting hundreds of containers across a complex network, to running a single d...

Linux Security Simplified: How To Make Linux More Secure (With Less Work)

Security firm Blumira discovers major new Log4j attack vector

A basic Javascript WebSocket connection can trigger a local Log4j remote code attack via a drive-by compromise. Wonderful. Truly wonderful. ...

Security firm Blumira discovers major new Log4j attack vector

Kodachi is the operating system for those who value privacy but don't want to learn Linux

For anyone looking to gain an extra layer of privacy on a desktop or laptop, Kodachi Linux might be the perfect option. Here's what you need to know a...

Kodachi is the operating system for those who value privacy but don't want to learn Linux

KDE Frameworks 5.89 Further Improves the Plasma Wayland Session, Fixes Many Bugs

KDE Frameworks 5.89 has been released with may bug fixes and improvements to the Plasma Wayland Session. ...

KDE Frameworks 5.89 Further Improves the Plasma Wayland Session, Fixes Many Bugs

Log4j could be the most serious security threat ever seen, CISA head warns

Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned the recently-revealed Log4j vulner...

Log4j could be the most serious security threat ever seen, CISA head warns

Attackers can get root by crashing Ubuntu’s AccountsService

A local privilege escalation security vulnerability (CVE-2021-3939) could allow attackers to gain root access on Ubuntu systems by exploiting a double...

Attackers can get root by crashing Ubuntu’s AccountsService

Kali Linux 2021.4 released with 9 new tools, further Apple M1 support

Kali Linux 2021.4 has been released and includes further Apple M1 support, increased Samba compatibility, nine new tools, and an update for all three...

Kali Linux 2021.4 released with 9 new tools, further Apple M1 support

Rust takes a major step forward as Linux's second official language

Linux is getting more Rust in it by the day! Why? Because it's more stable and much safer than C - especially at handling memory errors. ...

Rust takes a major step forward as Linux's second official language

But why that VPN? How WireGuard made it into Linux

Even the best of ideas can take their own sweet time making it into the Linux kernel. Learn how WireGuard - rather than OpenVPN or IKEv2 - made it int...

But why that VPN? How WireGuard made it into Linux

This new Firefox browser feature could stop zero-day bugs in their tracks

Mozilla has released Firefox 95 for Linux, Windows and MacOS, which features a new security sandboxing technology called RLBox that uses WebAssem...

This new Firefox browser feature could stop zero-day bugs in their tracks

LibreOffice 7.2.4 and 7.1.8 Released with an Important Security Fix, Update Now

LibreOffice 7.2.4 and LibreOffice 7.1.8 updates have been released, addressing an important buffer heap overflow security vulnerability. Update now! ...

LibreOffice 7.2.4 and 7.1.8 Released with an Important Security Fix, Update Now

Best desktop Linux for pros 2021: Our top 5 choices

Learn about five excellent, secure desktop distros for Linux pros. ...

Best desktop Linux for pros 2021: Our top 5 choices

New malware hides as legit nginx process on e-commerce servers

eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security sol...

New malware hides as legit nginx process on e-commerce servers

IPFire Linux Firewall Now Supports exFAT, pe

IPFire 2.27 Core Update 161 has been released as a new maintenance update to the hardened open-source GNU/Linux distro that primarily performs as a ro...

IPFire Linux Firewall Now Supports exFAT, pe

New Side-Channel Vulnerability in the Linux Kernel Enabling DNS Cache Poisoning

A recent research paper by a team at University of California, Riverside, shows the existence of previously overlooked side channels in the Linu...

New Side-Channel Vulnerability in the Linux Kernel Enabling DNS Cache Poisoning

CronRat Magecart malware uses 31st February date to remain undetected

Security researchers have discovered a Linux-based remote access trojan (RAT) that uses an unusual stealth technique to remain out of s...

CronRat Magecart malware uses 31st February date to remain undetected

Imunify360 Bug Leaves Linux Web Servers Open to Code Execution, Takeover

CloudLinux’s security platform for Linux-based websites and web servers contains a high-severity PHP deserialization bug, leaving web servers vulnerab...

Imunify360 Bug Leaves Linux Web Servers Open to Code Execution, Takeover

Author’s Posts

News

Advisories

HOWTOs

Features

Essential Guide to Securing Node.JS Applications

Open Source OSINT Tools and Techniques

Nmap Basics: What Is Nmap & How Is It Used?

Hacker's Corner: Complete Guide to Anti-Debugging in Linux - Part 3

Hacker's Corner: Complete Guide to Anti-Debugging in Linux - Part 3 (2)

About Us

Powered By

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.

Learn More About Our Cookie Policy