Cloud Security
EmojiDeploy Attack Chain Targets Misconfigured Azure Service
Multiple misconfigurations in a service that underpins ...
Don’t Forget Open Source Software (OSS) when Assessing Cloud App Security
The software development process is getting quicker. De...
Consider Open Source Software While Evaluating The Security Of Cloud Applications
The pace of software development is accelerating. Devop...
Kinsing Malware Targets Kubernetes
Kinsing is an old-school Linux/Unix Executable and Link...
Microsoft: Kubernetes Clusters Hacked in Malware Campaign via PostgreSQL
The Kinsing malware is now actively breaching Kubernete...
4 Ways to Use Kernel Security Features for Process Monitoring
The large attack surface of Kubernetes’ default pod pro...
Kubernetes as-a-Service, Security Issues and Skills Shortages -- Container Predictions for 2023
Containers have become increasingly popular in recent y...
What Sysadmins Want to Know about OpenShift and Kubernetes in 2022
The Enable Sysadmin community continues to answer key q...
AWS Plugs Holes in ECR APIs
AWS has patched a vulnerability in its Elastic Containe...
New Kubernetes 1.26 Release Boosts Security, Storage, Teases Dynamic Resource Allocation
In the cloud-native space, where applications are purpo...
Cryptography
Clop Ransomware Flaw Allowed Linux Victims to Recover Files for Months
The Clop ransomware gang is now also using a malware va...
Intel's "DOITM" Security Feature Not Intended For Always-On Use, Linux Patches To Be Revised
Last week I wrote about Linux developers evaluatin...
Linux Will Now Better Handle AMD SEV-SNP To Avoid Undefined Behavior For Old VMs
Merged on Sunday prior to tagging Linux 6.2-rc6&nb...
New Boldmove Linux Malware Used to Backdoor Fortinet Devices
Suspected Chinese hackers exploited a recently disclose...
What is WireGuard?
The primary goal of any VPN is to create a se...
Linux 6.3 To Support Pluton's CRB TPM2 On AMD Ryzen CPUs
If things go as planned, the TPM2 device found within M...
Sigstore Announces the First Stable Release of Code and Certificate Signing Tool for Python
Sigstore community today announced the first stable rel...
Latest IPFire Hardened Linux Firewall Distro Release Future-Proofs VPN Cryptography
IPFire developer Peter Müller announced t...
Introducing Shufflecake: Plausible Deniability For Multiple Hidden Filesystems on Linux
Thursday the Kudelski Group's cybersecurity divisi...
Version 252 of systemd, As Expected, Locks Down the Linux Boot Process
The fall version of systemd is here, with support for i...
Desktop Security
X.Org Server Hit By New Local Privilege Escalation Vulnerability
The X.Org Server, a commonly used component to the...
Vanilla OS Offers a New Take on Security for the Linux Desktop
If you're looking for a new operating system that takes...
Linux Mint 21.1 “Vera” Is Now Available for Download
The highly anticipated Linux Mint 21.1 “Vera” release h...
Vanilla OS Is a Brilliant Take on the Linux Desktop
Jack Wallen takes a look at a new Linux distribution wi...
First Look at Linux Mint 21.1 Beta with the Cinnamon 5.6 Desktop Environment
The beta version of the upcoming Linux Mint 21.1 “Vera”...
Microsoft Teams: Progressive Web App Arrives for Linux Users
Teams Linux users should switch over to the PWA to get ...
Why I Love My Chromebook: Reason 1, It's a Linux Desktop
We appreciate power but sometimes it's about getting up...
Red Hat Releases a Virtual Red Hat Enterprise Linux Desktop on AWS
The cloud Desktop-as-a-Service gains traction, as you c...
Want to Ditch Windows? Windowsfx May Be the Ideal Linux Distribution for You
Here's a Linux distribution that does a remarkable job ...
Laugh All You Want. There Will Be a Year of the Linux Desktop
It has become a running joke. "20xx will be the year of...
Firewalls
Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware
A suspected China-nexus threat actor exploited a recent...
Firewalld 1.3 Released With Easier Firewall Management For More Services
Firewalld 1.3 is out as the newest version of this open...
WAFs of Several Major Vendors Bypassed With Generic Attack Method
Researchers at industrial and IoT cybersecurity firm Cl...
OpenWrt 22.03 released with Firewall4, Now Supports Over 1,580 Embedded Devices
OpenWrt 22.03 open-source Linux operating system for ro...
The 10 Best Free Linux Firewall Tools
For those who are serious about their network security,...
IPFire Linux Firewall Distro Improves Its Intrusion Prevention System and Security
Peter Müller has announced the release and general...
Nasty Linux netfilter firewall security hole found
How embarrassing! It turns out there was a security hol...
4 Best Linux Open source Firewall for Cyber Security – 2022
Learn about some of the best-known open-source firewall...
IPFire Linux Firewall Now Supports exFAT, pe
IPFire 2.27 Core Update 161 has been released as a new ...
BPF-Based Linux Firewall "bpfilter" Shows Impressive Performance Potential
Generating much excitement back in 2018 was bpfilt...
Government
OpenSSF Aimed to Stem Open Source Security Problems in 2022
In 2022, the Open Source Software Foundation (OpenSSF) ...
Exploited Control Web Panel Flaw Added to CISA 'Must-Patch' List
The US government’s cybersecurity agency CISA is giving...
DISA Issues Security Technical Implementation Guide for TOSS 4 Operating System
The Defense Information Systems Agency has released a s...
Government Issues ‘High’ Severity Security Alert for THESE Google Users
As per the latest CERT-In security alert, multiple vuln...
The US Securing Open Source Software Act of 2022 Is a Step in the Right Direction
Cybersecurity continues to be a hot topic. More and mor...
NSA’s Plea: Stop Using C and C++ (Because You’re Idiots)
The C and C++ languages are unsafe. Instead, the U...
NSA’s and CISA’s Recent Security Guidance: The Good and the Bad
The NSA and CISA released the guide “Securing the Softw...
New Cyber Bill Aims To Fix Open-Source Security in Government
Federal legislators have begun the process of better se...
New Ransomware Hits Windows, Linux Servers of Chile Govt Agency
Chile's national computer security and incident respons...
The US Military Wants to Understand the Most Important Software on Earth
Open-source code runs on every computer on the planet—a...
Hacks/Cracks
The Unrelenting Menace of the LockBit Ransomware Gang
The notorious Russian-speaking cybercriminals grew succ...
Hackers Use Golang Source Code Interpreter to Evade Detection
A Chinese-speaking hacking group tracked as ‘DragonSpar...
Hackers Deploy Open-Source Tool Sliver C2, Replacing Cobalt Strike, Metasploit
An increasing number of threat actors have started rely...
Stealthy Malware Distribution Involves Polyglot Files
Threat actors have been leveraging polyglot and malicio...
GhostSec’s Claimed ICS Ransomware Attack Questioned
SecurityWeek reports that pro-Ukraine hacktivist group ...
Python Package Index Found Stuffed with AWS Keys and Malware
The Python Package Index, or PyPI, continues to surpris...
Security Researchers Report Linux Malware with Cryptocurrency Miner Payload
South Korean cybersecurity firm AhnLab Security Emergen...
PyTorch Poisoned in Software Supply Chain Attack
If you downloaded PyTorch-nightly on Linux via pip betw...
This New Linux Malware Floods Machines with Cryptominers and DDoS Bots
Cybersecurity researchers have spotted a new Linux ...
PyTorch Suffers Supply Chain Attack via Dependency Confusion
Users who deployed the nightly builds of PyTorch betwee...
IoT Security
Microsoft Applies Coat of Rust to Azure Sphere IoT Platform
The hope? To grease the security skids for internet-con...
Zerobot Malware Now Shooting for Apache Systems
The Zerobot botnet, first detected earlier this month, ...
New DDoS Botnet Malware Infecting Windows, Linux, and IoT Devices
A cross-platform botnet, ‘MCCrash’ that starts out from...
New Go-Based Botnet Zerobot Exploits Dozens of Flaws
Researchers discovered a new Go-based botnet called&nbs...
IoT/Edge Dev Survey Shows AI, Container and Linux Popularity
For the eighth year, the Eclipse Foundation has surveye...
Shikitega: New Malware Program Targeting Linux
AT&T Alien Labs has discovered Shikitega, a new Lin...
Experts Spotted a New Stealthy Linux Malware Dubbed Shikitega
A new Linux malware dubbed Shikitega leverage...
Ubuntu Core 22 Wants to Power the Next Generation of IoT Devices
Canonical, the company behind top Linux distro&nbs...
Establishing a Root of Trust in Embedded Linux and IoT
With IoT, 5G and embedded devices becoming a larger par...
Network Security
Attackers Deploy Sophisticated Linux Implant on Fortinet Network Security Devices
In December network security vendor Fortinet disclosed ...
Linux Dodges Serious Wi-Fi Security Exploits
What appeared to be one simple Linux Wi-Fi networking s...
10 Essential Linux Tools for Network and Security Pros
Picking just 10 Linux open source security tools isn’t ...
7 Key Benefits of Network Monitoring
Businesses rely on their networks to stay connected and...
Log4j Flaw Needs Immediate Remediation
After nearly two years of adopting major network and se...
But why that VPN? How WireGuard made it into Linux
Even the best of ideas can take their own sweet time ma...
The 8 Best Wireless Penetration Testing Tools for Linux
Protecting your wireless networks from infiltrators is ...
Should You Block Connections to Your Network From Foreign Countries?
This LinuxSecurity.com article featured on the frontpag...
What Is Penetration Testing and How Does It Improve Network Security?
The best way to improve and guarantee your network’s se...
IPFire Linux Firewall Distro Now Supports WPA3 to Make Wi-Fi Safe Again
The IPFire 2.25 Core Update 153 release brings WPA...
Organizations/Events
Linux Foundation Launches Open Source Metaverse Group to Drive Interoperability
The Open Metaverse Foundation (OMF), lau...
The Linux Foundation Wants to Set Up its Own Open Source Metaverse
The Linux Foundation has announced plans to b...
Open Source 2022 Wins and Losses
In the face of economic headwinds and a worsening probl...
OpenSSF Outlook Q1 2023: How To Avoid the Next Log4Shell and Other OSS Security Reflections
“Log4j has been around for 20 years; it’s become embedd...
OpenSSF Membership Exceeds 100, With Many New Members Dedicated to Securing Open Source Software
The Open Source Security Foundation (OpenSSF)...
Linux Foundation Adopts Microsoft Framework for Supply Chain Security
Microsoft announced that its Secure Supply Ch...
Unveiling of IBM LinuxONE 4 Emperor
IBM launched the next generation of its enterprise-grad...
Using Sysmon for Linux to Monitor Against MITRE ATT&CK Techniques
There was a lot covered at this year’s 2022 RhythmWorld...
Enterprise Encryption for Linux
It's no secret that the IT department has struggled wit...
Linux Luminaries Discuss Efforts to Bring Rust to the Kernel
Both Linus Torvalds' Open Source Summit keynote and Jon...
Privacy
Tails 5.9 Fixes Numerous Bugs and Enhances Security Measures
Tails 5.9 mainly focuses on bug fixes from the previous...
Privacy-Focused Tails 5.8 Enables Wayland by Default, Adds New Persistent Storage
This release also introduces QR code scanning of Tor br...
The 3 Best Terminal-Based Web Browsers for Linux
Avoid distractions on the web and regain control of you...
Best Privacy & Security Tools For Linux
There are many benefits provided by the internet, howev...
10 Essential Privacy and Security Apps for Linux Desktops
Linux-based operating systems have a reputation for bei...
Parrot OS 5.1 Brings a Host of Updates and New Docker Repo
Updated security tools, IoT performance improvements, a...
LibreWolf 105.0.1-1
LibreWolf is an independent “fork” of Firefox, with the...
8 Online Best Dark Web Search Engines for Tor Browser (2022)
When it comes to the best dark web search engines, firs...
The 6 Best Private Encrypted Chat Apps for Linux Users
For those who want more control over their privacy whil...
Brave vs. Tor: Which Browser Offers More Security and Privacy?
Brave and Tor are two of the most secure web browsers y...
Security Projects
Patches Updated For Hooking eBPF Programs Into The Linux Kernel Scheduler
Published back in November were a set of patches for&nb...
A DevSecOps Process for Node.js Projects
Node.js is an open source development platform for runn...
Linux FU: UEFI Booting
Unless your computer is pretty old, it probably uses UE...
More Rust - Chrome And Servo
Rust is the language we are all expecting to save us an...
AgStack: Linux Foundation Project Will Bring Farms Online
The Linux Foundation is undertaking the massive task of...
Linux Community Presses for RNDIS to be Marked as Broken
The next Linux kernel cycle we could see upstream dis...
Linux is All Set to Disable Microsoft's RNDIS Drivers
The Linux Kernel will no longer support RNDIS drivers. ...
Linux Kernel 6.0 Reaches End of Life, Users Urged to Upgrade to Linux 6.1
The time has come to say goodbye to the Linux 6.0 kerne...
Linux Preparing To Disable Drivers For Microsoft's RNDIS Protocol
With the next Linux kernel cycle we could see upstream ...
Linux Kernel 4.9 Reaches End of Life After 6 Years of Support
After being supported for a little more than six years,...
Security Trends
Protecting Against Linux Malware
Linux is a popular and powerful operating system, but i...
BlackBerry: Cyberattacks Are Being Launched Once Every Minute
Threat actors are evolving to target a wide variety of ...
Linux Malware Rates Rise to Record Levels Amid Hacker Inconsistency
After rising and falling since 2021, new Linux malware ...
An IBM Hacker Breaks Down High-Profile Attacks
For bad actors, the more intelligence they have on thei...
C++ Programming Language and Safety: Here's Where It Goes Next
There's been a shift towards 'memory safe' languages. S...
New Linux Malware Hits Record High, Rising by 50% in 2022
The first quarter of 2022 revealed an alarming surge in...
Linux Operating System Market Predicted to Grow at a CAGR of 19.8% by 2029
The global linux operating system market was valued at ...
New Data Shows Constant Rise of New Malware on Windows, Linux, MacOS and Android
2022 has been a year full of surprises and twists, but ...
7 Mistakes New Linux Users Make (and How to Avoid Them)
Learning Linux can be a frustrating experience where ev...
The ‘Viral’ Secure Programming Language That’s Taking Over Tech
Rust makes it impossible to introduce some of the most ...
Security Vulnerabilities
Sudo Has a High-Severity Vulnerability that Low-Privilege Attackers Might Exploit to Get Root Access
Sudo is one of the most essential, powerful, and often ...
Critical Linux Kernel flaw affects SMB servers with ksmbd enabled
Experts warn of a critical Linux Kernel vulnerability (...
A New Privilege Escalation Vulnerability in the Linux Kernel, Enables a Local Attacker to Execute Malware on Vulnerable Systems
A new privilege escalation vulnerability has been ident...
Patch Now: Serious Linux Kernel Security Hole Uncovered
The Zero Day Initiative (ZDI), a zero-day security rese...
Alert: Hackers Actively Exploiting Critical "Control Web Panel" RCE Vulnerability
Malicious actors are actively attempting to exploit a r...
Ubuntu Users Get Massive Kernel Security Updates, More Than 20 Vulnerabilities Patched
Canonical has published new kernel security updates for...
Many WordPress Plugin Flaws Leveraged by Novel Linux Malware
Thirty security vulnerabilities in numerous outdated Wo...
What Is the CVE-2021-4034 Polkit Privilege Escalation Vulnerability?
Here's everything you need to know about the CVE-2021-4...
Back to work, Linux Admins: You Have a CVSS 10 Kernel Bug to Address
Merry Christmas, Linux systems administrators: Here's a...
Why You Should Update File Sharing Platform, Samba, Right Now
Vulnerabilities have been found in Samba, software that...
Server Security
Linux Version of Royal Ransomware Targets VMware ESXi Servers
Royal Ransomware is the latest ransomware operation to ...
Critical zero day vulnerability in Linux Kernel Allows DoS Attack
This flaw, which has been identified that affects the k...
Microsoft Warns of New Minecraft DDoS Malware Infecting Windows, Linux
A new cross-platform malware botnet named 'MCCrash' is ...
Microsoft Defender for Business Adds Server Protections for SMBs
Microsoft launched a preview of new server pr...
Top 15 Tips To Secure Your Linux VPS UK
Opting for the best Linux VPS UK Hosting for your onlin...
The Best Open Source Tools to Secure Your Linux Server
While Linux does have a variety of security features to...
381,000-plus Kubernetes API servers 'exposed to internet'
A large number of servers running the Kubernetes API ha...
10 popular Open-Source Tools to Secure Your Linux Server in 2022
Learn about 10 great open-source tools to improve the s...
How to use this unique method of securing SSH
Learn about a unique and effective method of securing S...
The 10 Best Tools to Scan Your Linux Server for Malware and Security Flaws
Worried that your Linux server might be infected with m...
Vendors/Products
Microsoft Upgrades Defender to Lock Down Linux Gear for its Own Good
Organizations using Microsoft's Defender for Endpoint w...
Red Hat Enterprise Linux arrives in Oracle’s cloud
Red Hat and Oracle announced jointly Tuesday that they ...
Azure Stack HCI Gets Extra Protection with 'Long-Requested Feature'
Microsoft upgraded its Windows Admin Center, with a foc...
Microsoft's Security Update Guide To Report on CBL-Mariner Linux Vulnerabilities
Microsoft's Security Update Guide, which chronicles Mic...
The 8 Best Free Cybersecurity Tools to Keep You Safe as a Remote Worker
More of us are working from home. What can you do to ma...
AMD Continued Its Great Linux Embrace In 2022 With Better Launch-Day Support + Optimizations
AMD in 2022 continued its open-source/Linux support emb...
Debian GNU/Linux 11.6 “Bullseye” Released with 78 Security Updates and 69 Bug Fixes
The Debian Project has announced the general availabili...
Debian vs. Arch Linux: Which is Better for You?
Debian and Arch Linux are two of the most popular open ...
Kali Linux 2022.4 Ethical Hacking Distro Arrives with Linux 6.0, Official PinePhone Support
Offensive Security has announced the release and g...
Kali Linux's Last Update for the Year Brings a Lot of Early Christmas Gifts
Kali Linux is an open-source, Debian-based distro focus...
