Patch management can be a complex and time-consuming process, and because of this, patches to fix vulnerabilities may not be applied before a hacker is able to breach an organization's security. The majority of organizations are not aware of these vulnerabilities until they have experienced a breach, at which point it is frustrating to learn that deploying a simple patch could have prevented the breach altogether.
Over the next couple of weeks and months, LinuxSecurity editors and contributors will be writing a series on Linux Web Server Security. This week, we’re summarizing the risks Linux administrators face when trying to secure their systems, as well as outlining the first steps that should be taken toward ensuring that your systems are secure. This series will dive deeper into topics including preventing information leakage, firewall considerations, protecting file and directory permissions, securely running PHP applications, monitoring logs and how to verify the security of a Linux server.
Are your Linux servers secure? No machine connected to the internet is 100% secure, of course. In the words of security guru Bruce Schneier: “Security is a process, not a product.” However, this doesn't mean that you are helpless. Although cyber attacks, hacks and breaches are sometimes unavoidable, all system administrators and users can take definitive measures to mitigate their risk online.
The Internet of Things (IoT) is rapidly growing, connecting more devices each day. It is projected that by 2025, the world will have an astounding 64 billion IoT devices.
With hundreds of thousands of open-source projects underway, it’s easy to say that open source has become a standard in software development. And when talking about open source, the first development environment that comes to mind is, of course, Linux. Halfway through 2020, around 50% of software developers say they use the Linux operating system (OS) for their projects.
Is your home router leaving your network vulnerable to attack? New research suggests that this worrisome scenario is more likely than you may have thought.
Apache SpamAssassin Leads A Growing List of Open-Source Projects Taking Steps to Correct Instances of Racism and White Privilege
Over the past few weeks, a heated debate has arisen on the Apache SpamAssassin users list regarding the replacement of racially charged terms like “whitelist” and “blacklist” used in the Apache Spamassassin Project’s code with more inclusive language. Certain community members have been very supportive of Apache SpamAssassin’s efforts to remove racially insensitive language from the project, while others have loudly voiced their disapproval.
LinuxSecurity.com, the open-source community’s go-to source for security news and information, celebrates providing the Linux community with timely, authoritative industry content for nearly two and a half decades.
Welcome to the LinuxSecurity.com instruction page on how to turn off your adblocker. We sincerely appreciate the support you are providing by choosing to disable your adblocker on our website. We depend on ad revenue to continue creating free, quality content for you to enjoy. Below are steps you can take in order to white list LinuxSecurity.com on your browser or device.
Honeynets are an invaluable offensive security tool for learning the tactics and motives of the blackhat community and sharing the information and insights gathered. This article will explore what a Honeynet is, its value, how it works and the risks involved with deploying a Honeynet. It will also examine some great open-source honeynet options your organization may wish to consider.
New Report: Severe Flaws in Cyberoam’s Firewall and VPN Technology Left At Least 86,000 Networks Vulnerable to Exploit
A new report published by vpnMentor examines two critical vulnerabilities in cybersecurity provider Cyberoam’s firewall and VPN technology, which - both independently and combined - could be exploited by malicious actors to access the company’s email quarantine system without authentication and remotely execute arbitrary commands.
Open Source Intelligence (OSINT), is a tactic used to learn about information relevant to protecting an organization from external and internal threats using publically accessible data. Being able to identify information that could potentially be used against an organization provides actionable insight that could reduce the risk that organization may face. It’s an early warning system used to forecast and signal a potential threat.
Just recently, LinuxSecurity published a feature article exploring the rise in attacks targeting Linux, their implications for Linux users and the conclusions that can be drawn about the security of the operating system based on this disheartening trend. Now, yet another frightening attack campaign exploiting Linux has come to light.
If you’ve been keeping up with security news, you may have noticed that it seems as if there have been an increasing number of attacks on Linux recently - Cloud Snooper, EvilGnome, HiddenWasp, QNAPCrypt, and GonnaCry serving as prime high-profile examples. Find out more about these threats and how to protect yourself from them.
It seems like artificial intelligence (AI) has made its way into nearly every facet of modern life. Programs like the Amazon Alexa, Apple’s Siri and Microsoft’s Cortana are used by millions of people around the world. By the year 2022, over 50 percent of the online searches performed will be done with AI and the power of the human voice.