Cloud Security
Kubernetes security will have a breakout year in 2022
While it’s come a long way over the past year, Kubernet...
The 9 Best Docker Alternatives for Container Management
Learn about nine great Docker alternatives for containe...
Hive ransomware group extends to cloud-based Linux variants
Linux and FreeBSD variants of the Hive ransomware ...
KubeCon + CloudNativeCon Highlights Security for Open Source
Vulnerabilities in the life cycle of open-source softwa...
As Linux grows in popularity, cloud security threats are also growing
Linux is growing in popularity due to the impressive se...
Kubernetes hardening: Drilling down on the NSA/CISA guidance
NSA/CISA Kubernetes hardening guidance offers a solid f...
Are Your Containers Secure?
Container technology adoption has experienced a ra...
NSA, CISA release Kubernetes hardening guidance following Fancy Bear attacks
Hardening guidance from the NSA and CISA seeks to educa...
Predictions for open source and cloud over the months ahead
Both public cloud and Open Source adoption has grown ex...
Aqua Security: 50% of new Docker instances attacked within 56 minutes
Aqua Security's Cloud Native Threats report reveals tha...
Cryptography
Serious Security: Linux full-disk encryption bug fixed – patch now!
Lots of people “run Linux” without really knowing or ca...
3 years, 17 alphas, 2 betas, and over 7,500 commits later, OpenSSL version 3 is here
The OpenSSL team has released version 3.0 of ...
Improve The CrowdSec Multi-Server Installation With HTTPS Between Agents
Learn how to improve the security of the CrowdSec multi...
The Linux Kernel Module Programming Guide: Crypto
To handle cryptography, the Linux kernel has its own AP...
Google Chrome for Linux is getting DNS-over-HTTPS, but there's a catch
Google Chrome for Linux is getting DNS-over-HTTPS, but ...
Serious Security: OpenSSL fixes two high-severity crypto bugs
OpenSSL has patched two high-severity crypto bugs. Upgr...
SSH Attack Vector: Dormant & Forgotten Keys
SSH keys play a critical role in server and network sec...
The What, Why & How of SSH Protocol
"Modern challenges require modern security approaches."...
The Case Against Full-Disk Encryption
Are you using full-disk encryption to protect your data...
Desktop Security
KDE Plasma 5.23.5 Released as the Last Update in the Series, Further Improves Plasma Wayland
KDE Plasma 5.23.5 has been released as the fifth and la...
KDE Frameworks 5.89 Further Improves the Plasma Wayland Session, Fixes Many Bugs
KDE Frameworks 5.89 has been released with may bug fixe...
Best desktop Linux for pros 2021: Our top 5 choices
Learn about five excellent, secure desktop distros for ...
Best Linux desktops for beginners 2021
Tired of Windows? Sick of paying big money for Macs? Wa...
KDE Plasma 5.23.2 Released with NVIDIA GBM Support, More Bug Fixes
KDE Plasma 5.23.2 is now available as the second point ...
KDE Plasma 5.24 Desktop Environment to Introduce Support for Fingerprint Readers
The upcoming KDE Plasma 5.24 desktop environment - slat...
KDE Plasma 5.22.4 Further Improves Plasma Wayland, Makes System Monitor Faster to Launch
KDE Plasma 5.22.4 is packed with many improvements to m...
GNOME 40.3 Released with Improvements to GNOME Software, Many Bug Fixes
GNOME 40.3 has been released as the third maintenance u...
Linux Mint will no longer let you procrastinate on important updates
The latest release of Linux Mint includes cha...
Linux Mint 20.2 beta ISOs undergo testing and are due soon
Linux Mint 20.2 "Uma" beta ISOs are undergo testing and...
Firewalls
IPFire Linux Firewall Now Supports exFAT, pe
IPFire 2.27 Core Update 161 has been released as a new ...
BPF-Based Linux Firewall "bpfilter" Shows Impressive Performance Potential
Generating much excitement back in 2018 was bpfilt...
Call for Contributors with Knowledge of Linux Firewalls!
Greetings fellow Linux security enthusiasts,
Intereste...
IPFire Linux Firewall Distro Improves Its Intrusion Prevention System
Are you familiar with IPFire - the Linux firewall distr...
Soldering spy chips inside firewalls is now a cheap hack, shows researcher
The tiny ATtiny85 chip doesn’t look like the next big c...
Raluca Ada Popa: Her computer security method could make firewalls a thing of the past
Raluca Ada Popa found a fix for one of cybersecurity’s ...
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
DNS protection could prevent approximately one-third of...
CUJO Smart Firewall vulnerabilities exposed home networks to critical attacks
Security researchers have uncovered a swathe of serious...
Government
Google: Here's how our $10bn investment will boost US cybersecurity
Google has outlined its efforts to shape the US governm...
Critical Update: Do You Know What’s In Your Software?
In the wake of several major cybersecurity incidents - ...
New Republican bill latest in long line to force encryption backdoors
Here we go again - Senate Republicans push a new bill t...
Ethical hackers swarm Pentagon websites
Hackers are crawling all over the US Department of Defe...
Lindsey Graham’s new bill would end the internet as we know it
If Sen. Lindsey Graham gets his way, the federal govern...
A new senate bill would create a US data protection agency
Europe’s data protection laws are some of the strictest...
South Korea's government explores move from Windows to Linux desktop
In what may prove to be the biggest migration from Wind...
How the Iowa caucus app went wrong and how open source could have helped
Opinion: It was incompetence, not politics, that led to...
Washington State Lawmakers Introduce Legislation Regulating Data Privacy, Facial Recognition
Following in the footsteps of their West Coast neighbor...
US military loves Linux
The US government is increasingly using open-source sof...
Hacks/Cracks
New malware hides as legit nginx process on e-commerce servers
eCommerce servers are being targeted with remote access...
CronRat Magecart malware uses 31st February date to remain undetected
Security researchers have discovered a Linux-based...
Hackers deploy Linux malware, web skimmer on eCommerce servers
Attackers are deploying a Linux backdoor on compromised...
These stealthy hackers avoid Windows but target Linux as they look to steal phone data
The stealthy LightBasin hacking group (also known ...
Newly Found npm Malware Mines Cryptocurrency on Windows, Linux, macOS Devices
Multiple malicious packages have been identified on the...
FontOnLake malware infects Linux systems via trojanized utilities
The newly discovered FontOnLake malware family del...
RansomEXX ransomware Linux encryptor may damage victims' files
It has been discovered that the RansomExx ransomware ga...
New Go malware Capoae targets WordPress installs, Linux systems
The new Capoae Go malware, which targets WordPress inst...
Hackers develop Linux port of Cobalt Strike for new attacks
Hackers have developed a Linux port of the Co...
HolesWarm Malware Exploits Unpatched Windows, Linux Servers
The HolesWarm botnet cryptominer has already compr...
IoT Security
BusyBox flaws highlight need for consistent IoT updates
Security researchers have found and reported 14 vulnera...
Unsupported IoT Devices Are Cyber-Trouble Waiting To Happen
Imagine reading a headline in tomorrow’s news stating t...
Linux Foundation creates standards for voice technology with major partners
The Linux Foundation is teaming up with companies like ...
Putting an Ultra-Tiny Linux Board in a Phone Charger…Eventually
A project that aims to put an ultra-tiny Linux board in...
Network Security
Log4j Flaw Needs Immediate Remediation
After nearly two years of adopting major network and se...
But why that VPN? How WireGuard made it into Linux
Even the best of ideas can take their own sweet time ma...
The 8 Best Wireless Penetration Testing Tools for Linux
Protecting your wireless networks from infiltrators is ...
Should You Block Connections to Your Network From Foreign Countries?
This LinuxSecurity.com article featured on the frontpag...
What Is Penetration Testing and How Does It Improve Network Security?
The best way to improve and guarantee your network’s se...
IPFire Linux Firewall Distro Now Supports WPA3 to Make Wi-Fi Safe Again
The IPFire 2.25 Core Update 153 release brings WPA...
Windows Subsystem for Linux 2 bypasses the Windows 10 Firewall
The Windows Subsystem for Linux 2 will bypass the Windo...
WireGuard VPN is a step closer to mainstream adoption
Linux network stack maintainerDavid Millerhascommittedt...
The VPN is dying, long live zero trust
The traditional VPN is being replaced by a smarter, saf...
Organizations/Events
White House hosts open-source software security summit in light of expansive Log4j flaw
Tech giants and federal agencies meet at the White Hous...
Linux Foundation adds software supply chain security to LFX
To address the growing threat of software supply c...
Google just tripled its bounty for Linux kernel bugs. Here's why
Linux is everywhere and it needs extra protection, acco...
SPDX becomes internationally recognized standard
In use for a decade as the de facto standard for commun...
Happy birthday, Linux: From a bedroom project to billions of devices in 30 years
In celebration of Linux's 30th birthday, Greg Kroah-Har...
Happy 30th Birthday, Linux!
Marius Nestor celebrates Linux’s 30th birthday with a g...
How Linux has changed the business landscape: It's more than you think
On the year of Linux's 30th anniversary, Linux security...
My life with Linux: A retrospective
In honor of Linux's 30th birthday, Linux security exper...
Hands On: DEF CON 29 Badge Embraces the New Normal
DEF CON 29 will be an event to remember, with this...
Black Hat USA 2021 Cybersecurity Conference Live Updates
The Black Hat USA 2021 conference, under way ...
Privacy
Linux Kodachi: Extreme Privacy Protection Out of the Box
Want a system that leaves no trace of what you did onli...
Linux For The Paranoid Does The Work For You
We all know that our activity on the Internet is not th...
Kodachi is the operating system for those who value privacy but don't want to learn Linux
For anyone looking to gain an extra layer of privacy on...
Privacy-focused Linux Distributions to Secure Your Online Presence in 2021
Are you concerned by the rise in Linux malware? Worried...
13 Important Privacy and Security Settings in Ubuntu Linux
Learn 13 Linux security best practices you can follow t...
Ring Changed How Police Request Door Camera Footage: What it Means and Doesn’t Mean
Amazon Ring has announced that it will change...
Everything You Need to Know About Using Tor Browser on Linux
Want to protect your privacy online? Here's how to get ...
Amazon devices will soon automatically share your Internet with neighbors
Amazon's experiment wireless mesh networking has turned...
Most loved programming language Rust sparks privacy concerns
Rust developers have repeatedly raised concerned about ...
Cheap baby monitors and security cameras – widespread flaw allows remote viewing
New research highlights that cheap baby monitor and sec...
Security Projects
Cleaning up the Linux kernel's 'Dependency Hell': This developer is proposing 2,200 commit changes
Cleaning off decades of code mess isn't for the faint o...
Intel Is Bringing A Feature Upgrade To Linux That Will Make Windows Users Jealous
Intel is bringing a feature upgrade to Linux that will ...
FGKASLR Is An Exciting Linux Kernel Improvement To Look Forward To In 2022
It's been nearly two years in the making since Int...
Guide: How To Detect and Mitigate the Log4Shell Vulnerability (CVE-2021-44228 & CVE-2021-45046)
A few days ago, a serious new vulnerability was identif...
Linux Security Simplified: How To Make Linux More Secure (With Less Work)
Linux is a versatile operating system. Its use cases va...
Rust takes a major step forward as Linux's second official language
Linux is getting more Rust in it by the day! Why? ...
Linux Kernel 5.14 Reached End of Life, Users Urged to Upgrade to Linux 5.15 LTS
The time has come to say goodbye to another Linux ker...
Rust-proofing the internet with ISRG's Prossimo
The Internet Security Research Group (ISRG)'s ...
Microsoft just expanded its malware protection for Linux servers
Microsoft has announced it's adding even more security ...
Open Source Community Shifts Left With OpenSSF, Google SLSA
Security is becoming an increasingly key piece of ...
Security Trends
Open source isn't the security problem – misusing it is
Security is a process, not a product. We're going ...
Lesson from Log4j: Open-source software improvements need help from feds
The tech industry is readying solutions to the security...
In 2022, security will be Linux and open-source developers job number one
Linux and open-source software will be hotter than ever...
Keep calm and learn Rust: We'll be seeing a lot more of the language in Linux very soon
To become a Linux developer, you used to need C as your...
Lennart: Linux Comes Up Short Around Disk Encryption, Authenticated Boot Security
Most Linux distros are currently coming up short from o...
How To Make Email Safe for Business
In this interview with Help Net Security, Dave Wreski, ...
Linux-based Malware Requires Linux Focused Cybersecurity Strategy
The rise in Linux malware highlights the importance of ...
IT Heads Wary Big Tech Will Taint Trust in Open Source: Report
Open Source is becoming increasingly popular among busi...
Vulnerability Detection and Patching: A Survey Of The Enterprise Environment
Detecting vulnerabilities and managing the associated p...
Live Patching Requires Reproducible Builds – and Containers Are the Answer
Live patching can improve security and minimize downtim...
Security Vulnerabilities
Microsoft fixes NotLegit: exposed the source code of apps written in PHP and Python in Azure App Service for Linux
The Wiz research team has discovered a security issue i...
Log4j vulnerability now used to install Dridex banking malware
Threat actors now exploit the critical Apache Log4j vul...
Security firm Blumira discovers major new Log4j attack vector
A basic Javascript WebSocket connection can trigger a l...
Log4j could be the most serious security threat ever seen, CISA head warns
Jen Easterly, the director of the U.S. Cybersecurity an...
Attackers can get root by crashing Ubuntu’s AccountsService
A local privilege escalation security vulnerability (CV...
New Side-Channel Vulnerability in the Linux Kernel Enabling DNS Cache Poisoning
A recent research paper by a team at University o...
Imunify360 Bug Leaves Linux Web Servers Open to Code Execution, Takeover
CloudLinux’s security platform for Linux-based websites...
Critical Linux Kernel Bug Allows Remote Takeover
A critical Linux kernel bug (CVE-2021-43267) exists i...
CISA warns of remote code execution vulnerability with Discourse
The CISA recently urged developers to update ...
LibreOffice, OpenOffice bug allows hackers to spoof signed docs
LibreOffice and OpenOffice have pushed updates to addre...
Server Security
10 popular Open-Source Tools to Secure Your Linux Server in 2022
Learn about 10 great open-source tools to improve the s...
How to use this unique method of securing SSH
Learn about a unique and effective method of securing S...
The 10 Best Tools to Scan Your Linux Server for Malware and Security Flaws
Worried that your Linux server might be infected with m...
6 Must-Have Open-Source Tools to Secure Your Linux Server
Don't want to compromise on the security of your Linux ...
The Linux kernel may not be quite as secure as it should be
Kernel developers have gracefully accepted suggestions ...
UChecker tool scans Linux servers for outdated libraries
Security teams running Linux servers now have...
5 Best free to use Linux Server distributions for 2021
Learn about the selection of excellent - and free! - se...
Docker malware is now common, so devs need to take Docker security seriously
Three years after the first malware attacks targeting D...
SELinux changes for KVM-separated (Kata) containers
Learn about SELinux types that improve container securi...
New Kaiji malware targets IoT devices via SSH brute-force attacks
Another dangerous strain of malware targeting Linux ser...
Vendors/Products
Linux Mint 20.3 released promising security updates until 2025
Linux Mint has released version 20.3, codenamed 'Una,' ...
CentOS Linux 8 Reached End of Life, It’s Time to Migrate to an Alternative OS
CentOS Linux 8 has reached end of life, meaning it’s ti...
Debian 11 ‘Bullseye' updated to 11.2 with 40+ security updates and 60+ bugfixes
The Debian project has released a second update for the...
Kali Linux 2021.4 released with 9 new tools, further Apple M1 support
Kali Linux 2021.4 has been released and includes furth...
This new Firefox browser feature could stop zero-day bugs in their tracks
Mozilla has released Firefox 95 for Linux, Windows and ...
LibreOffice 7.2.4 and 7.1.8 Released with an Important Security Fix, Update Now
LibreOffice 7.2.4 and LibreOffice 7.1.8 updates have be...
AWS commits to update its own Linux every other year
Amazon Web Services has announced that it will release ...
Alma and Rocky Linux release 8.5 builds, Rocky catches up with secure boot
CentOS 8.5 is available - but with only 6 weeks before ...
Microsoft gives Windows Subsystem for Linux a new icon, fixes issues and updates kernel
Microsoft has released the latest preview version of Wi...
CentOS Alternative Rocky Linux 8.5 Is Out Now with Secure Boot Support, Updated Components
Rocky Linux 8.5 is now out with Secure Boot support and...
