Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
Regardless of the Linux distribution you’re using, staying on top of the latest security advisories is essential in maintaining an updated, secure Linux system.
Running PHP on a Linux web server is a prerequisite for the use of many popular applications such as Wordpress, Joomla and Drupal. Linux administrators and web developers must approach PHP with caution, as new vulnerabilities in poorly written and implemented PHP code are abundant and dangerous.
Most of us are familiar with Microsoft Windows or macOS - these OSes dominate the personal computing space. But the OS that is taking over the world isn’t owned by Microsoft, Apple, or any tech company for that matter.
Predator-OS is a free and open-source secure Linux distro that is ideal for penetration testing, ethical hacking and digital forensics, but is also a great option for any user looking to improve his or her privacy and anonymity online with a security-centric, hardened OS.
Tails, or "The Amnesic Incognito Live System", has released the latest version of its privacy-focused secure Linux distro, Tails 4.21, with various changes, bug fixes and improvements including:
Black Hat USA 2021 and DEF CON 29 have come to an end, and this year’s events did not disappoint, generating plenty of cybersecurity news, highlighting key industry trends and introducing some exciting new products. LinuxSecurity has been following both conferences, speaking with expert trainers and presenters and keeping our followers up-to-date on Twitter. Here are the highlights, key takeaways and notable trends we identified as Black Hat USA 2021 and DEF CON 29 unfolded that you should be aware of.
On July 8, 2021, the CrowdSec team released CrowdSec v1.1.x - the latest version of their free and open-source cybersecurity solution designed to protect Linux servers, services, containers, or virtual machines exposed on the Internet with a server-side agent - with new packages and repositories, as well as improvements to to the CrowdSec agent itself. LinuxSecurity spoke with the CrowdSec team to provide readers with insight into what they can expect from this exciting release, and how they can get started with CrowdSec v1.1.x.
Technology is an integral part of our everyday lives. Widespread reliance on devices that connect us to the Internet and cloud platforms that facilitate digital communications has markedly increased since the beginning of this pandemic. As technology companies are scrambling to meet businesses’ and consumers’ evolving needs, one trend has become clearly apparent - open-source is at the forefront of modern technological innovation, revolutionizing careers available in the field of cybersecurity in the process.
To say that it’s an exciting time in the cybersecurity community is an understatement! Two of the most prestigious cybersecurity conferences - Black Hat USA 2021 and DEF CON - are rapidly approaching, featuring an impressive list of trainings and presentations.
It is no secret that email is the preferred method of communication for businesses - a trend that has only been magnified with the increase in remote workers brought on by the pandemic. That being said, email is effectively a plaintext communication sent from email clients to receiving email servers or from one server to another, leaving the content of messages in transit vulnerable to compromise without additional protection via encryption technology such as the Transport Layer Security (TLS) standard.
The Linux vulnerability landscape is becoming increasingly complex, in part due to a seemingly never-ending number of new vulnerabilities that are constantly surfacing.
Whether you are a DevSecOps engineer responsible for managing your organization’s application infrastructure or you have your own personal Linux server that you use at home, the importance of keeping your systems safe and secure against malicious attacks by bad actors cannot be over emphasized.
Many of the kernel bugs present in the Linux system are potential security flaws. Hackers use the vulnerabilities inherent in the Linux kernel to gain privilege escalation or to create denial-of-service attack vectors.
Open Source is currently being recognized by more organizations than ever before for its ability to give rise to flexible, cost-effective and exceptionally secure software and technologies. Over 75% of organizations worldwide are now contributing to and consuming open-source software and products.
Linux prevails as the most popular OS among hosting providers - and for good reason. Linux is secure by design, cost-efficient, compatible with the majority of key programming languages used worldwide and offers high levels of customization.
Thank you to Oyelakin Timilehin Valentina and Duane Dunston for contributing this article.
Threat intelligence (or threat intell) is information used to understand past, present, and future threats targeting an organization. It is evidence-based knowledge about a previous, existing or emerging threat to organizational assets. Threat intelligence also includes settings, implications, mechanisms, context, and even action-oriented advice on the threat. Context mentioned here includes who the attackers are, what their motivation is, what their capabilities are, and what indicators of compromise are in your system. An Indicator of compromise (IOC) is forensic data in a system log file, for example, which identifies malicious activities on a system or network.
