Discover LinuxSecurity Features

New Report: Severe Flaws in Cyberoam’s Firewall and VPN Technology Left At Least 86,000 Networks Vulnerable to Exploit

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A new report published by vpnMentor examines two critical vulnerabilities in cybersecurity provider Cyberoam’s firewall and VPN technology, which - both independently and combined - could be exploited by malicious actors to access the company’s email quarantine system without authentication and remotely execute arbitrary commands.

Contribute to LinuxSecurity

Don’t sit on the sidelines of history. Join the Linux Security community
and write real news & articles about Linux that matters the most.

Open-Source Security Projects: Choosing a Brandable .com Domain

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

LinuxSecurity would like to thank NameEstate.com for contributing this article.

The importance of an open-source security project name can’t be overstated. A name serves as a first impression. It’s your first chance to tell people who you are and what you do. An impactful name is the best way to convey your value and what you can offer to clients. So, when it comes to open source security projects, finding a name that shows you are capable, trustworthy, and secure can determine your reach and success.

Encryption: An Essential Yet Highly Controversial Component of Digital Security

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If you’ve been keeping up with recent security news, you are most likely aware of the heated worldwide debate about encryption that is currently underway. Strong encryption is imperative to securing sensitive data and protecting individuals’ privacy online, yet governments around the world refuse to recognize this, and are continually aiming to break encryption in an effort to increase the power of their law enforcement agencies. 

Linux: An OS Capable of Effectively Meeting the US Government’s Security Needs Heading into 2020

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As Open Source has become increasingly mainstream and widely accepted for its numerous benefits, the use of Linux as a flexible, transparent and highly secure operating system has also increasingly become a prominent choice among corporations, educational institutions and government sectors alike. With national security concerns at an all time high heading into 2020, it appears that the implementation of Linux could effectively meet the United States government’s critical security needs for application development and installations.

Linux Kernel Security in a Nutshell: How to Secure Your Linux System

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Linux kernel is the core component of the Linux operating system, maintaining complete control over everything in the system. It is the interface between applications and data processing at the hardware level, connecting the system hardware to the application software. The kernel manages input/output requests from software, memory, processes, peripherals and security, among other hefty responsibilities. Needless to say, the Linux kernel is pretty important. 

Servers Running Linux May Get Riskier for Enterprises Next Year

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The LinuxSecurity team thanks Horacio Zambrano for contributing this article.

Enterprises using Linux for their cloud or data center servers may be faced with a larger threat from advanced security attackers in the near future. Based on the Linux Foundation’s estimates back in 2014, 75% of enterprises reported using Linux for the cloud and 79% for application deployments.

Emerging Technology and Privacy: What You Need to Know

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As technology evolves and the use of Artificial Intelligence and Machine Learning becomes increasingly mainstream, consumers are more concerned than ever before about protecting their privacy. Awareness surrounding how activities are being tracked and how personal information is being accessed and used is growing. The world’s biggest companies are frequently being challenged on the ways that they collect and utilize people’s data.

An Open-Source Success Story: Apache SpamAssassin Celebrates 18 Years of Effectively Combating Spam Email

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Apache SpamAssassin celebrates its 18th birthday this year, a huge accomplishment for everyone who has contributed to the open-source project for nearly the past two decades. SpamAssassin, a renowned and respected open-source anti-spam platform, provides a secure, reliable framework upon which companies can build highly effective spam filtering and email security solutions.

A Critical Exim Vulnerability, Lilocked Ransomware on the Rise, but Linux Not to Blame

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Exim may be the Internet’s most popular email server, but the MTA’s recent history with security vulnerabilities is concerning to say the least. This past Friday, the Exim team warned about a critical flaw in its software, affecting all Exim servers running version 4.92.1 and before. When exploited, the bug enables attackers to run malicious code with root privileges. Exim released version 4.92.2 on Friday, September 6, to address the issue, and recommends that users running a prior version of Exim update immediately.

What we Can Learn from the Recent VLC Security Vulnerability Fiasco: A Conversation with VideoLAN President Jean-Baptiste Kempf

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

About a week ago, the LinuxSecurity staff started tracking a security issue related to VLC, the popular open source media player. Security vulnerabilities are a regular part of the software development lifecycle. These vulnerabilities are identified, then a solution is created and distributed to its users. In this case, it wasn’t completely clear whether that’s what happened, though. We decided to find out.

LinuxSecurity.com Launches New site, Celebrates 20 Years of Following Open Source Security News and Resources

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

LinuxSecurity.com, the open-source community’s go-to source for security news and information, has revealed a completely new site design and a renewed focus on providing timely, authoritative industry content. LinuxSecurity.com is a valuable resource for the open-source community, informing Linux users of the latest cyber security-related news, trends and advisories.