Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
A new report published by vpnMentor examines two critical vulnerabilities in cybersecurity provider Cyberoam’s firewall and VPN technology, which - both independently and combined - could be exploited by malicious actors to access the company’s email quarantine system without authentication and remotely execute arbitrary commands.
Just recently, LinuxSecurity published a feature article exploring the rise in attacks targeting Linux, their implications for Linux users and the conclusions that can be drawn about the security of the operating system based on this disheartening trend. Now, yet another frightening attack campaign exploiting Linux has come to light.
It seems like artificial intelligence (AI) has made its way into nearly every facet of modern life. Programs like the Amazon Alexa, Apple’s Siri and Microsoft’s Cortana are used by millions of people around the world. By the year 2022, over 50 percent of the online searches performed will be done with AI and the power of the human voice.
Linux is arguably software developers’ favorite OS. Over 14,000 contributors have invested countless hours in developing the Linux Kernel. With Linux becoming increasingly popular due to its security and flexibility, developers who are interested in artificial intelligence (AI) may want to explore the possibilities within the Linux environment.
LinuxSecurity would like to thank NameEstate.com for contributing this article.
The importance of an open-source security project name can’t be overstated. A name serves as a first impression. It’s your first chance to tell people who you are and what you do. An impactful name is the best way to convey your value and what you can offer to clients. So, when it comes to open source security projects, finding a name that shows you are capable, trustworthy, and secure can determine your reach and success.
If you’ve been keeping up with recent security news, you are most likely aware of the heated worldwide debate about encryption that is currently underway. Strong encryption is imperative to securing sensitive data and protecting individuals’ privacy online, yet governments around the world refuse to recognize this, and are continually aiming to break encryption in an effort to increase the power of their law enforcement agencies.
As Open Source has become increasingly mainstream and widely accepted for its numerous benefits, the use of Linux as a flexible, transparent and highly secure operating system has also increasingly become a prominent choice among corporations, educational institutions and government sectors alike. With national security concerns at an all time high heading into 2020, it appears that the implementation of Linux could effectively meet the United States government’s critical security needs for application development and installations.
The Linux kernel is the core component of the Linux operating system, maintaining complete control over everything in the system. It is the interface between applications and data processing at the hardware level, connecting the system hardware to the application software. The kernel manages input/output requests from software, memory, processes, peripherals and security, among other hefty responsibilities. Needless to say, the Linux kernel is pretty important.
The LinuxSecurity team thanks Horacio Zambrano for contributing this article.
Enterprises using Linux for their cloud or data center servers may be faced with a larger threat from advanced security attackers in the near future. Based on the Linux Foundation’s estimates back in 2014, 75% of enterprises reported using Linux for the cloud and 79% for application deployments.
A new and particularly troublesome ransomware variant has been identified in the wild. Dubbed NextCry, this nasty strain of ransomware encrypts data on NextCloud Linux servers and has managed to evade the detection of public scanning platforms and antivirus engines. To make matters worse, there is currently no free decryption tool available for victims.
As technology evolves and the use of Artificial Intelligence and Machine Learning becomes increasingly mainstream, consumers are more concerned than ever before about protecting their privacy. Awareness surrounding how activities are being tracked and how personal information is being accessed and used is growing. The world’s biggest companies are frequently being challenged on the ways that they collect and utilize people’s data.
Apache SpamAssassin celebrates its 18th birthday this year, a huge accomplishment for everyone who has contributed to the open-source project for nearly the past two decades. SpamAssassin, a renowned and respected open-source anti-spam platform, provides a secure, reliable framework upon which companies can build highly effective spam filtering and email security solutions.
Exim may be the Internet’s most popular email server, but the MTA’s recent history with security vulnerabilities is concerning to say the least. This past Friday, the Exim team warned about a critical flaw in its software, affecting all Exim servers running version 4.92.1 and before. When exploited, the bug enables attackers to run malicious code with root privileges. Exim released version 4.92.2 on Friday, September 6, to address the issue, and recommends that users running a prior version of Exim update immediately.
With over 200 distros to choose from, which one actually offers the most privacy-oriented experience?
About a week ago, the LinuxSecurity staff started tracking a security issue related to VLC, the popular open source media player. Security vulnerabilities are a regular part of the software development lifecycle. These vulnerabilities are identified, then a solution is created and distributed to its users. In this case, it wasn’t completely clear whether that’s what happened, though. We decided to find out.
LinuxSecurity.com, the open-source community’s go-to source for security news and information, has revealed a completely new site design and a renewed focus on providing timely, authoritative industry content. LinuxSecurity.com is a valuable resource for the open-source community, informing Linux users of the latest cyber security-related news, trends and advisories.
