Cloud Security
Kubernetes vs. Docker: Exploring the Synergy in Containerization
Learn about the advantages of using Kubernetes and Dock...
Kubernetes Architecture and its Security
Kubernetes is an open-source container orchestrati...
Amazon Linux 2023, a Cloud-Optimized Linux Distro, Is Now Available
Earlier this week, Amazon announced the availabili...
IBM's mainframe operating system upgrade will embrace AI
IBM said this week it will soon roll out an AI-infused,...
How to Build The Right Platform for Kubernetes
Whether you go with a cloud provider or go it alone, yo...
Microsoft Makes Azure Kubernetes Service Secure To Run Multi-Tenant Workloads
Last week Microsoft launched a new feature th...
Top Takeaways from First CloudNativeSecurityCon
The Cloud Native Computing Foundation (CNCF) early this...
EmojiDeploy Attack Chain Targets Misconfigured Azure Service
Multiple misconfigurations in a service that underpins ...
Don’t Forget Open Source Software (OSS) when Assessing Cloud App Security
The software development process is getting quicker. De...
Consider Open Source Software While Evaluating The Security Of Cloud Applications
The pace of software development is accelerating. Devop...
Cryptography
New Money Message Ransomware Attacks Both Windows & Linux Users
Cyble Research and Intelligence Labs (CRIL) discovered ...
New Cylance Ransomware Targets Linux and Windows, Warn Researchers
A new strain of Cylance Ransomware has been discovered,...
GitHub Publishes RSA SSH Host Keys by Mistake, Issues Update
GitHub has updated its SSH keys after accidentally publ...
NordVPN Makes its Meshnet Private Tunnel Free for Everyone
NordVPN's Meshnet private tunnel feature for Windows, m...
New TPM 2.0 Flaws Could Let Hackers Steal Cryptographic Keys
The Trusted Platform Module (TPM) 2.0 specification is ...
SUPERCON 2022: Kuba Tyszko Cracks Encrypted Software
[Kuba Tyszko] like many of us, has been hacking things ...
What Is OpenSSL?
Secure Sockets Layer (SSL) is an internet security prot...
Serious Security: GnuTLS Follows OpenSSL, Fixes Timing Attack Bug
Last week, we wrote about a bunch of memory manage...
Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm
The first-ever Linux variant of the Clop ransomware has...
Clop Ransomware Flaw Allowed Linux Victims to Recover Files for Months
The Clop ransomware gang is now also using a malware va...
Desktop Security
MidnightBSD 3.0.1 Released With Security Fixes, rc.d Scripts Cleanup
Building off last month's release of MidnightBSD 3...
Latest Release of EuroLinux Desktop – What Will We Find in Version 9.1?
EuroLinux Desktop is a modern operating system that com...
Linux Mint 21.2 Promises Better Support for Flatpak Apps, Faster File Management
The Linux Mint team is also working on strengthening th...
Fedora 10: The GNU/Linux Desktop Steps Forward
Any release of a GNU/Linux distribution marks a milesto...
X.Org Server Hit By New Local Privilege Escalation Vulnerability
The X.Org Server, a commonly used component to the...
Vanilla OS Offers a New Take on Security for the Linux Desktop
If you're looking for a new operating system that takes...
Linux Mint 21.1 “Vera” Is Now Available for Download
The highly anticipated Linux Mint 21.1 “Vera” release h...
Vanilla OS Is a Brilliant Take on the Linux Desktop
Jack Wallen takes a look at a new Linux distribution wi...
First Look at Linux Mint 21.1 Beta with the Cinnamon 5.6 Desktop Environment
The beta version of the upcoming Linux Mint 21.1 “Vera”...
Why I Love My Chromebook: Reason 1, It's a Linux Desktop
We appreciate power but sometimes it's about getting up...
Firewalls
The Open Source Firewall – IPFire 2.27 – Core Update 173 Released: What’s New?
Get ready to experience the best of IPFire 2.27 – Core ...
IPFire Hardened Linux Firewall Distro Is Now Powered by Linux Kernel 6.1 LTS
IPFire 2.27 Core Update 173 is out to introduce support...
Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware
A suspected China-nexus threat actor exploited a recent...
Firewalld 1.3 Released With Easier Firewall Management For More Services
Firewalld 1.3 is out as the newest version of this open...
WAFs of Several Major Vendors Bypassed With Generic Attack Method
Researchers at industrial and IoT cybersecurity firm Cl...
The 10 Best Free Linux Firewall Tools
For those who are serious about their network security,...
OpenWrt 22.03 released with Firewall4, Now Supports Over 1,580 Embedded Devices
OpenWrt 22.03 open-source Linux operating system for ro...
IPFire Linux Firewall Distro Improves Its Intrusion Prevention System and Security
Peter Müller has announced the release and general...
Nasty Linux netfilter firewall security hole found
How embarrassing! It turns out there was a security hol...
4 Best Linux Open source Firewall for Cyber Security – 2022
Learn about some of the best-known open-source firewall...
Government
Linux Foundation Janssen Project Earns Digital Public Good Status
The Linux Foundation Janssen Project, a low-code d...
OpenSSF Aimed to Stem Open Source Security Problems in 2022
In 2022, the Open Source Software Foundation (OpenSSF) ...
Exploited Control Web Panel Flaw Added to CISA 'Must-Patch' List
The US government’s cybersecurity agency CISA is giving...
DISA Issues Security Technical Implementation Guide for TOSS 4 Operating System
The Defense Information Systems Agency has released a s...
Government Issues ‘High’ Severity Security Alert for THESE Google Users
As per the latest CERT-In security alert, multiple vuln...
The US Securing Open Source Software Act of 2022 Is a Step in the Right Direction
Cybersecurity continues to be a hot topic. More and mor...
NSA’s Plea: Stop Using C and C++ (Because You’re Idiots)
The C and C++ languages are unsafe. Instead, the U...
NSA’s and CISA’s Recent Security Guidance: The Good and the Bad
The NSA and CISA released the guide “Securing the Softw...
New Cyber Bill Aims To Fix Open-Source Security in Government
Federal legislators have begun the process of better se...
New Ransomware Hits Windows, Linux Servers of Chile Govt Agency
Chile's national computer security and incident respons...
Hacks/Cracks
Chinese Hackers Using KEYPLUG Backdoor to Attack Windows & Linux Systems
It has been reported by the Recorded Future’s Insikt Gr...
Researcher Creates Polymorphic Blackmamba Malware with ChatGPT
The ChatGPT-powered Blackmamba malware, which can opera...
New Variant of the IceFire Ransomware Targets Linux Enterprise Systems
A novel Linux version of the IceFire ransomware&nb...
IceFire Ransomware Now Encrypts Both Linux and Windows Systems
Threat actors linked to the IceFire ransomware operatio...
SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics
The threat actor known as Lucky Mouse has dev...
Iron Tiger Hackers Create Linux Version of Their Custom Malware
The APT27 hacking group, aka "Iron Tiger," has prepared...
Linux Support Expands Cyber Spy Group's Arsenal
An infamous Chinese cyber-hacking team has extended its...
691 Malicious npm Packages and 49 PyPI Components Containing Crypto-Miners, Remote Access Trojans Discovered
Security researchers have discovered yet another sizabl...
Hackers Are Mass Infecting Servers Worldwide by Exploiting a Patched Hole
An explosion of cyberattacks is infecting servers aroun...
Researchers Uncover 700+ Malicious Open Source Packages
Security researchers have discovered another sizeable h...
IoT Security
Zymbit Secure Module Features Raspberry Pi CM4
The new Secure Compute Module (SCM) Pro is an...
New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices
A new variant of the notorious Mirai botnet has been fo...
New Mirai Malware Variant Infects Linux Devices to Build DDoS Botnet
A new Mirai botnet variant tracked as ‘V3G4’ targets 13...
Microsoft Applies Coat of Rust to Azure Sphere IoT Platform
The hope? To grease the security skids for internet-con...
Zerobot Malware Now Shooting for Apache Systems
The Zerobot botnet, first detected earlier this month, ...
New DDoS Botnet Malware Infecting Windows, Linux, and IoT Devices
A cross-platform botnet, ‘MCCrash’ that starts out from...
IoT/Edge Dev Survey Shows AI, Container and Linux Popularity
For the eighth year, the Eclipse Foundation has surveye...
New Go-Based Botnet Zerobot Exploits Dozens of Flaws
Researchers discovered a new Go-based botnet called&nbs...
Shikitega: New Malware Program Targeting Linux
AT&T Alien Labs has discovered Shikitega, a new Lin...
Experts Spotted a New Stealthy Linux Malware Dubbed Shikitega
A new Linux malware dubbed Shikitega leverage...
Network Security
Best Forensic and Pentesting Linux Distros of 2023
The best forensic and pentesting Linux distros make it ...
Ethical Hacking Distro BlackArch Linux Gets New ISO Release with over 2800 Tools
Arch Linux-based penetration testing and ethical hackin...
Researchers Warn of Wi-Fi Security Flaw Affecting iOS, Android, Linux
Apple’s decision to support MAC Address Randomization a...
New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices
A group of academics from Northeastern University and K...
QNAP Warns Customers to Patch Linux Sudo Flaw in NAS Devices
Taiwanese hardware vendor QNAP warns customers to secur...
Kali Linux 2023.1 Introduces 'Purple' Distro for Defensive Security
Offensive Security has released Kali Linux 2023.1, th...
Top 10 Kali Linux Tools for Ethical Hackers
Kali Linux is a popular and powerful penetration testin...
Top 10 Programming Languages for Ethical Hacking in 2023
Ethical hacking is a proactive approach using the ...
Attackers Deploy Sophisticated Linux Implant on Fortinet Network Security Devices
In December network security vendor Fortinet disclosed ...
10 Essential Linux Tools for Network and Security Pros
Picking just 10 Linux open source security tools isn’t ...
Organizations/Events
Embedded Open Source Summit 2023 Schedule – Zephyr OS, Security, IoT, Embedded Linux, and More
The Linux Foundation has just announced the full schedu...
Judge Rules Online Archive's Book Service Violated Copyright
A federal judge has sided with four publishers who sued...
How OpenSSF Aims to Make Log4j-Like Incidents Rare
More critical flaws similar to Log4Shell found in open ...
Linux Foundation Creates OpenWallet Foundation
Linux Foundation Europe, an independent trusted support...
Linux’s OpenWallet Foundation Readies Launch of Open-Source Engine for Digital Wallets
In just six months, the OpenWallet Foundation ...
Linux Foundation Launches Open Source Metaverse Group to Drive Interoperability
The Open Metaverse Foundation (OMF), lau...
The Linux Foundation Wants to Set Up its Own Open Source Metaverse
The Linux Foundation has announced plans to b...
Open Source 2022 Wins and Losses
In the face of economic headwinds and a worsening probl...
OpenSSF Outlook Q1 2023: How To Avoid the Next Log4Shell and Other OSS Security Reflections
“Log4j has been around for 20 years; it’s become embedd...
Linux Foundation Adopts Microsoft Framework for Supply Chain Security
Microsoft announced that its Secure Supply Ch...
Privacy
The Tor Project’s New Privacy-Focused Browser Doesn’t Use the Tor Network
The Tor Project, the organization behind the ano...
New Privacy-Focused Browser Aims to Protect Your Data Online
The Tor Project and Mullvad VPN, two org...
Tails 5.11 Amnesic Incognito Live System Switches to ZRam and Linux Kernel 6.1 LTS
Tails 5.11 amnesic incognito live system has been relea...
Parrot OS 5.2 Tightens Security, Better TOR Bridges Support
Parrot OS 5.2 brings Linux kernel 6.0, fixes important ...
Parrot Security OS 5.2 Released with Linux Kernel 6.0, Better Raspberry Pi Support
Parrot Security announced today the general a...
Tails 5.9 Fixes Numerous Bugs and Enhances Security Measures
Tails 5.9 mainly focuses on bug fixes from the previous...
Best Privacy & Security Tools For Linux
There are many benefits provided by the internet, howev...
Privacy-Focused Tails 5.8 Enables Wayland by Default, Adds New Persistent Storage
This release also introduces QR code scanning of Tor br...
The 3 Best Terminal-Based Web Browsers for Linux
Avoid distractions on the web and regain control of you...
10 Essential Privacy and Security Apps for Linux Desktops
Linux-based operating systems have a reputation for bei...
Security Projects
OpenBSD 7.3 Released With AMD RDNA3 Graphics, Guided Disk Encryption
Theo de Raadt has released OpenBSD 7.3 as the 54th rele...
Linux 6.3-rc3 Adding Protection From Malicious Guests Hammering AMD's Secure Processor
A change sent in this Sunday ahead of the Linux 6.3-rc3...
Intel CET Shadow Stack Support Set To Be Introduced With Linux 6.4
After being in development for years, Intel's shad...
Pentesters' Fave Kali Linux Turns 10 with Version 23.1
The developers of specialized security-testing distro K...
Microsoft Pluton TPM CRB Functionality Merged Into Linux 6.3
Linus Torvalds merged to Linux 6.3 Git the TPM CRB supp...
openSUSE Begins Enforcing Secure Boot Kernel Lockdown
Linux distro openSUSE has begun enforcing Kernel Lockdo...
LoongArch With Linux 6.3 Enhances Security With KASLR
Loongson engineers continue working to improve their MI...
Microsoft Increasing Linux Security On Hyper-V With VTL/VSM Support
Microsoft engineers continue to work heavily on enhanci...
Open Source Security Foundation's Criticality Score 2.0 Debuts To Rank Important OSS Projects
Back in 2020 Google and the Open-Source Security Founda...
systemd 253: You're Looking at the Future of Enterprise Linux Boot Processes
The first systemd release of 2023 is here, and it intro...
Security Trends
It’s Not Just Windows that Gets Malware
Seemingly immune for so long, here's a reminder that Ma...
Surveying Software Supply Chain Security
Chainguard, the co-creator of Sigstore, has conducted a...
Business Conditions Prime for More Open-Source Contributors
Companies that established open-source program offices ...
IceFire Ransomware Portends a Broader Shift From Windows to Linux
IceFire has changed up its OS target in recent cyberatt...
Companies Can’t Stop Using Open Source
"Open source security is arguably getting better, ...
We Now Work in an Open Source World; Here's the Data
More than 40% of technology managers say security and c...
Making The Switch: Exploring The Pros And Cons Of Migrating From Windows To A Linux-Based OS
"Linux-based operating systems are also known for their...
Why Open-Source Projects Need to Address Dependency-related Security Risks
Open-source software and hardware projects are becoming...
Protecting Against Linux Malware
Linux is a popular and powerful operating system, but i...
BlackBerry: Cyberattacks Are Being Launched Once Every Minute
Threat actors are evolving to target a wide variety of ...
Security Vulnerabilities
Linux Kernel Logic Allowed Spectre Attack on 'Major Cloud Provider'
The Spectre vulnerability that has haunted hardware and...
Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation
Critical security flaws in Cacti, Realtek, and IBM Aspe...
NVIDIA Release Details of Security Issues and Release New Drivers
NVIDIA issued a new Security Bulletin, to advise you to...
Trend Micro Uncovers Yet Another X.Org Server Vulnerability: CVE-2023-1393
For over a decade now the X.Org Server has been seeing ...
Linux Kernel Vulnerabilities in Ubuntu Let Hackers Launch DOS Attack & Execute Arbitrary Code
Several security vulnerabilities were recently addresse...
Google Discloses CentOS Linux Kernel Vulnerabilities Following Failure to Issue Timely Fixes
Google Project Zero is a security team responsible for ...
Linux Gets Double-Quick Double-Update to Fix Kernel Oops!
Linux has never suffered from the infamous BSoD, short ...
Linux Inadvertently Has Been Leaving IBRS-Mitigated Systems Without STIBP
The Linux kernel since last year has mistakenly left sy...
Cisco ClamAV Anti-Malware Scanner Vulnerable to Serious Security Flaw
A security flaw in a bundle anti-malware scanner produc...
Readline Crime: Exploiting a SUID Logic Bug
I discovered a logic bug in the readline ...
Server Security
Winnti APT Hackers Attack Linux Servers With New Malware ‘Mélofée’
The discovery of a novel malware piece targeting Linux ...
Mélofée: The Latest Malware Targeting Linux Servers
ExaTrack, a France-based cybersecurity firm, has discov...
What Is the Difference between vsftpd and ProFTPd?
FTP is a standard protocol that is used to transfer fil...
New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers
Poorly managed Linux SSH servers are being targeted as ...
5 Best free to use Linux Server distributions for 2023
Learn about the selection of excellent - and free! - se...
Use Cockpit for Linux Remote Server Administration
Linux admins can use Cockpit to view Linux logs, monito...
New Mirai Botnet Variant V3G4 Targets Linux Servers, IoT Devices
A new variant of Mirai — the botnet malware u...
Thousands of VMware Servers Impacted by Ransomware Attack in Largest Incident Not Involving Windows
Warnings of a major globe-spanning ransomware attack be...
Warning Issued Over Ransomware Attacks Targeting VMware ESXi Servers Globally
Businesses have been urged to patch the two-year-old vu...
Linux Version of Royal Ransomware Targets VMware ESXi Servers
Royal Ransomware is the latest ransomware operation to ...
Vendors/Products
Ubuntu Livepatch for HWE Linux kernels coming soon
Canonical, the company behind Ubuntu, has announce...
Meet Kali Purple: The Defensive Security Linux Distribution
On the 13th of March, 2023, the Kali Linux team an...
Ubuntu Pro Tackles the Challenge of Enterprise Open Source Adoption
Attractive as open source is, many organizations still ...
Vali Cyber Introduces SecurityPerf, Revolutionizing Linux Security
Vali Cyber, Inc. announces the release of SecurityPerf™...
Ubuntu 20.04.6 LTS Released with Major Secure Boot Fix
A point-six release?! They’re a bit unusual. Long-...
Worried About Security Patching? Here's Why You Need to Switch to Ubuntu Pro
Operating system (OS) technology is constantly evolving...
Thunderbird 102.9.0 is a security update for the open source email client
The Thunderbird team has released a new stable version ...
8 Reasons Why Kali Linux is the Ultimate Operating System for Hackers
Kali Linux is a powerful and versatile operating syst...
Microsoft Opens Azure Confidential Containers to Public Preview
Microsoft is taking advantage of hardware-based securit...
IBM Contributes Supply Chain Security Tools to OWASP
License Scanner and SBOM Utility will boost the capabil...
