Cloud Security
Primer to Container Security
Containers are considered to be a standard way of deplo...
Log4Shell a huge wake-up call for 95% of security leaders
Security leaders are still dealing with the impact of L...
Hardening Kubernetes Multi-Cluster Environments
Kubernetes has quickly become a de facto tool within en...
NSA on How to Harden Kubernetes
The NSA - the maker of the original secure Linux (...
Linux Malware on the Rise
Ransomware, cryptojacking, and a cracked version of the...
Linux Kernel Bug Allows Kubernetes Container Escape
Hackers could exploit a Linux kernel bug to escape Kube...
Securing Kubernetes at the Infrastructure Level
Infrastructure security is important to get right so th...
Kubernetes security will have a breakout year in 2022
While it’s come a long way over the past year, Kubernet...
The 9 Best Docker Alternatives for Container Management
Learn about nine great Docker alternatives for containe...
Hive ransomware group extends to cloud-based Linux variants
Linux and FreeBSD variants of the Hive ransomware ...
Cryptography
Google Makes Public Their Open-Source PSP Security Protocol
Hearing "open-source", "PSP", and "security" all togeth...
Serious Security: Linux full-disk encryption bug fixed – patch now!
Lots of people “run Linux” without really knowing or ca...
3 years, 17 alphas, 2 betas, and over 7,500 commits later, OpenSSL version 3 is here
The OpenSSL team has released version 3.0 of ...
Improve The CrowdSec Multi-Server Installation With HTTPS Between Agents
Learn how to improve the security of the CrowdSec multi...
The Linux Kernel Module Programming Guide: Crypto
To handle cryptography, the Linux kernel has its own AP...
Google Chrome for Linux is getting DNS-over-HTTPS, but there's a catch
Google Chrome for Linux is getting DNS-over-HTTPS, but ...
Serious Security: OpenSSL fixes two high-severity crypto bugs
OpenSSL has patched two high-severity crypto bugs. Upgr...
SSH Attack Vector: Dormant & Forgotten Keys
SSH keys play a critical role in server and network sec...
The What, Why & How of SSH Protocol
"Modern challenges require modern security approaches."...
The Case Against Full-Disk Encryption
Are you using full-disk encryption to protect your data...
Desktop Security
Ubuntu 22.04: The Linux desktop for work
Ubuntu has long been a serious desktop for the business...
Why the Linux desktop is the best desktop
Learn about the advantages of the Linux desktop - impro...
KDE Plasma 5.23.5 Released as the Last Update in the Series, Further Improves Plasma Wayland
KDE Plasma 5.23.5 has been released as the fifth and la...
KDE Frameworks 5.89 Further Improves the Plasma Wayland Session, Fixes Many Bugs
KDE Frameworks 5.89 has been released with may bug fixe...
Best desktop Linux for pros 2021: Our top 5 choices
Learn about five excellent, secure desktop distros for ...
Best Linux desktops for beginners 2021
Tired of Windows? Sick of paying big money for Macs? Wa...
KDE Plasma 5.23.2 Released with NVIDIA GBM Support, More Bug Fixes
KDE Plasma 5.23.2 is now available as the second point ...
KDE Plasma 5.24 Desktop Environment to Introduce Support for Fingerprint Readers
The upcoming KDE Plasma 5.24 desktop environment - slat...
KDE Plasma 5.22.4 Further Improves Plasma Wayland, Makes System Monitor Faster to Launch
KDE Plasma 5.22.4 is packed with many improvements to m...
GNOME 40.3 Released with Improvements to GNOME Software, Many Bug Fixes
GNOME 40.3 has been released as the third maintenance u...
Firewalls
Nasty Linux netfilter firewall security hole found
How embarrassing! It turns out there was a security hol...
4 Best Linux Open source Firewall for Cyber Security – 2022
Learn about some of the best-known open-source firewall...
IPFire Linux Firewall Now Supports exFAT, pe
IPFire 2.27 Core Update 161 has been released as a new ...
BPF-Based Linux Firewall "bpfilter" Shows Impressive Performance Potential
Generating much excitement back in 2018 was bpfilt...
IPFire Linux Firewall Distro Improves Its Intrusion Prevention System
Are you familiar with IPFire - the Linux firewall ...
Soldering spy chips inside firewalls is now a cheap hack, shows researcher
The tiny ATtiny85 chip doesn’t look like the next big c...
Raluca Ada Popa: Her computer security method could make firewalls a thing of the past
Raluca Ada Popa found a fix for one of cybersecurity’s ...
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
DNS protection could prevent approximately one-third of...
CUJO Smart Firewall vulnerabilities exposed home networks to critical attacks
Security researchers have uncovered a swathe of serious...
Government
Red Hat gets RHEL 8.2 certified for high level US government security
Linux slinger Red Hat has achieved Common Criteria cert...
Google: Here's how our $10bn investment will boost US cybersecurity
Google has outlined its efforts to shape the US governm...
Critical Update: Do You Know What’s In Your Software?
In the wake of several major cybersecurity incidents - ...
New Republican bill latest in long line to force encryption backdoors
Here we go again - Senate Republicans push a new bill t...
Ethical hackers swarm Pentagon websites
Hackers are crawling all over the US Department of Defe...
Lindsey Graham’s new bill would end the internet as we know it
If Sen. Lindsey Graham gets his way, the federal govern...
A new senate bill would create a US data protection agency
Europe’s data protection laws are some of the strictest...
South Korea's government explores move from Windows to Linux desktop
In what may prove to be the biggest migration from Wind...
How the Iowa caucus app went wrong and how open source could have helped
Opinion: It was incompetence, not politics, that led to...
Washington State Lawmakers Introduce Legislation Regulating Data Privacy, Facial Recognition
Following in the footsteps of their West Coast neighbor...
Hacks/Cracks
New ‘Cheers’ Linux ransomware targets VMware ESXi servers
A new ransomware named ‘Cheers’ has appeared in the cyb...
Malicious PyPI package opens backdoors on Windows, Linux, and Macs
Yet another malicious Python package has been spotted i...
Microsoft: This botnet is growing fast and hunting for servers with weak passwords
Protect your Linux servers from XorDdos, a botnet scann...
BPFdoor: Stealthy Linux malware bypasses firewalls for remote access
A recently discovered backdoor malware called BPFdoor h...
BPFDoor: Chinese tool almost undetected for FIVE years is second BPF-based attack uncovered this year
Researchers have uncovered a highly-evasive Chinese sur...
Hive ransomware ports its Linux VMware ESXi encryptor to Rust
The Hive ransomware operation has converted their VMwar...
Linux botnet abuses log4j to attack Arm, x86-based devices
A new Linux botnet, B1txor20, that targets Arm and...
New malware hides as legit nginx process on e-commerce servers
eCommerce servers are being targeted with remote access...
CronRat Magecart malware uses 31st February date to remain undetected
Security researchers have discovered a Linux-based...
Hackers deploy Linux malware, web skimmer on eCommerce servers
Attackers are deploying a Linux backdoor on compromised...
IoT Security
Establishing a Root of Trust in Embedded Linux and IoT
With IoT, 5G and embedded devices becoming a larger par...
BusyBox flaws highlight need for consistent IoT updates
Security researchers have found and reported 14 vulnera...
Unsupported IoT Devices Are Cyber-Trouble Waiting To Happen
Imagine reading a headline in tomorrow’s news stating t...
Linux Foundation creates standards for voice technology with major partners
The Linux Foundation is teaming up with companies like ...
Putting an Ultra-Tiny Linux Board in a Phone Charger…Eventually
A project that aims to put an ultra-tiny Linux board in...
Network Security
10 essential Linux tools for network and security pros
Learn about 10 must-have Linux security tools for ...
Log4j Flaw Needs Immediate Remediation
After nearly two years of adopting major network and se...
But why that VPN? How WireGuard made it into Linux
Even the best of ideas can take their own sweet time ma...
The 8 Best Wireless Penetration Testing Tools for Linux
Protecting your wireless networks from infiltrators is ...
Should You Block Connections to Your Network From Foreign Countries?
This LinuxSecurity.com article featured on the frontpag...
What Is Penetration Testing and How Does It Improve Network Security?
The best way to improve and guarantee your network’s se...
IPFire Linux Firewall Distro Now Supports WPA3 to Make Wi-Fi Safe Again
The IPFire 2.25 Core Update 153 release brings WPA...
Windows Subsystem for Linux 2 bypasses the Windows 10 Firewall
The Windows Subsystem for Linux 2 will bypass the Windo...
WireGuard VPN is a step closer to mainstream adoption
Linux network stack maintainerDavid Millerhascommittedt...
Organizations/Events
White House hosts open-source software security summit in light of expansive Log4j flaw
Tech giants and federal agencies meet at the White Hous...
Linux Foundation adds software supply chain security to LFX
To address the growing threat of software supply c...
Google just tripled its bounty for Linux kernel bugs. Here's why
Linux is everywhere and it needs extra protection, acco...
SPDX becomes internationally recognized standard
In use for a decade as the de facto standard for commun...
Happy birthday, Linux: From a bedroom project to billions of devices in 30 years
In celebration of Linux's 30th birthday, Greg Kroah-Har...
Happy 30th Birthday, Linux!
Marius Nestor celebrates Linux’s 30th birthday with a g...
How Linux has changed the business landscape: It's more than you think
On the year of Linux's 30th anniversary, Linux security...
My life with Linux: A retrospective
In honor of Linux's 30th birthday, Linux security exper...
Hands On: DEF CON 29 Badge Embraces the New Normal
DEF CON 29 will be an event to remember, with this...
Black Hat USA 2021 Cybersecurity Conference Live Updates
The Black Hat USA 2021 conference, under way ...
Privacy
Tails 5.0 Linux users warned against using it "for sensitive information"
Tails developers have warned users to stop using the po...
7 Privacy-Focused Alternatives to Common Linux Software
Maintain privacy and keep your desktop safe by installi...
12 Simple Tools to Protect Your Privacy
Learn about 12 simple tools to guard your online privac...
We kick the tires on Qubes 4.1.0 and indeed, it's still a 'reasonably secure' OS
UEFI support adds attractions for the security-minded, ...
Tails vs. Linux Kodachi: Which Privacy Protection Distro Should You Choose?
When it comes to maintaining privacy on Linux, you have...
Linux Kodachi: Extreme Privacy Protection Out of the Box
Want a system that leaves no trace of what you did onli...
Linux For The Paranoid Does The Work For You
We all know that our activity on the Internet is not th...
Kodachi is the operating system for those who value privacy but don't want to learn Linux
For anyone looking to gain an extra layer of privacy on...
Privacy-focused Linux Distributions to Secure Your Online Presence in 2021
Are you concerned by the rise in Linux malware? Worried...
13 Important Privacy and Security Settings in Ubuntu Linux
Learn 13 Linux security best practices you can follow t...
Security Projects
Google: Here comes our 'Open Source Maintenance Crew'
The Google Open Source Maintenance Crew will support un...
Citi Donates Software Supply Chain Security Kit to OpenSSF
The financial services company's prototype system based...
Open source security: Linux Foundation project presents 10-point plan
The Open Source Software Security Foundation (OpenSSF),...
Open-source security: It's too easy to upload 'devastating' malicious packages, warns Google
The Google and OpenSSF Package Analysis project aims to...
Linux Kernel 5.17 Released, With Major Security Fixes But Not Much Else
After a short delay, Linus Torvalds has announced the l...
Open Source Security Foundation Now Counts 60 Members
The Open Source Security Foundation (OpenSSF) on Tuesda...
Torvalds moves Linux to C11
Old one out-of-date, but this one goes to 11.
...
GitHub calls for contributions to new cybersecurity Advisory Database
GitHub has announced that their Advisory Database for s...
Alpha-Omega Project takes a human-centered approach to open-source software security
The Linux Foundation and OpenSSF Alpha-Omega Proje...
OpenSSF Announces The Alpha-Omega Project to Improve Software Supply Chain Security for 10,000 OSS Projects
Following a meeting with government and industry leader...
Security Trends
Open Source Burnout: An Opening to More Security Gaps?
"It’s important for the industry to understand that ope...
Linux Security Study Reveals When, How You Patch Matters
Computer security only happens when software is kept up...
Red Hat report: Enterprise open source new pandemic response
Red Hat recently released The State of Enterprise ...
Benchmarking Linux Security – Latest Research Findings
How well do your Linux security practices stack up in t...
Linux Systems Are Becoming Bigger Targets
To prevent Linux exploits, organizations should establi...
Some developers are fouling up open-source software
From ethical concerns, a desire for more money, and sim...
Linux and Raspberry Pi devices are proving a major security weak link
There are hundreds of thousands of Linux and&...
How an OSPO Can Help Secure Your Software Supply Chain
Learn how an open source program office (OSPO) - a...
Open source security fears are fading away
A big majority (89%) of IT chiefs believe open-source s...
Linux developers patch security holes faster than anyone else, says Google Project Zero
There's a lot of FUD about how Linux is being shown rec...
Security Vulnerabilities
VirtualBox On Linux Affected By Security Vulnerability Leaking Host Data To Guests
Security researcher Jason Donenfeld who is known for le...
Microsoft: Sysrv botnet targets Windows, Linux servers with new exploits
Microsoft says the Sysrv botnet is now exploiting ...
Debian GNU/Linux 11 Users Get a Massive Linux Kernel Security Update, Patch Now
The Debian Project has published a massive Linux kernel...
Microsoft warns: These flaws could give attackers root privileges on Linux desktops
Microsoft has discovered flaws that could be combined t...
Some Lenovo laptops may be carrying a serious security flaw
Hundreds of Lenovo models are vulnerable to three major...
Linux secure networking security bug found and fixed
An obnoxious security bug discovered in Linux's IPSec s...
QNAP warns severe OpenSSL bug affects most of its NAS devices
Network-attached storage (NAS) maker QNAP has warned th...
Linux 5.17 delayed after vulnerability discovered in AMD processors
The resurgence of Spectre-like malware has pushed the r...
This major Linux security vulnerability has been fixed, so patch now
If you're running a Linux distro on your comp...
Linux has been bitten by its most high-severity vulnerability in years
Linux has yet another high-severity vulnerability that ...
Server Security
381,000-plus Kubernetes API servers 'exposed to internet'
A large number of servers running the Kubernetes API ha...
Squid Vulnerability: Insecure forwarding of proxy_auth
Vendors have not issued updates yet for a vulnerability...
10 popular Open-Source Tools to Secure Your Linux Server in 2022
Learn about 10 great open-source tools to improve the s...
How to use this unique method of securing SSH
Learn about a unique and effective method of securing S...
The 10 Best Tools to Scan Your Linux Server for Malware and Security Flaws
Worried that your Linux server might be infected with m...
6 Must-Have Open-Source Tools to Secure Your Linux Server
Don't want to compromise on the security of your Linux ...
The Linux kernel may not be quite as secure as it should be
Kernel developers have gracefully accepted suggestions ...
UChecker tool scans Linux servers for outdated libraries
Security teams running Linux servers now have...
5 Best free to use Linux Server distributions for 2021
Learn about the selection of excellent - and free! - se...
Docker malware is now common, so devs need to take Docker security seriously
Three years after the first malware attacks targeting D...
Vendors/Products
Red Hat Enterprise Linux 9: Security baked in
The newest RHEL moves beyond servers and the datacenter...
Kali Unkaputtbar Brings File System Snapshots to Btrfs-Based Kali Linux Systems
Offensive Security has announced Kali Unkaputtbar, a ne...
Kali Linux 2022.1 released with 6 new tools, SSH wide compat, and more
Offensive Security has released Kali Linux 2022.1, the...
The oldest Linux distro just got a major update
Slackware 15.0 emerges with kernel version 5.15.19 and ...
Penetration Testing with Kali Linux: 15 of the Best Tools to Try First
If you’re looking for a penetration testing platf...
Linux Mint 20.3 released promising security updates until 2025
Linux Mint has released version 20.3, codenamed 'Una,' ...
CentOS Linux 8 Reached End of Life, It’s Time to Migrate to an Alternative OS
CentOS Linux 8 has reached end of life, meaning it’s ti...
Debian 11 ‘Bullseye' updated to 11.2 with 40+ security updates and 60+ bugfixes
The Debian project has released a second update for the...
Kali Linux 2021.4 released with 9 new tools, further Apple M1 support
Kali Linux 2021.4 has been released and includes furth...
This new Firefox browser feature could stop zero-day bugs in their tracks
Mozilla has released Firefox 95 for Linux, Windows and ...
