“Log4j has been around for 20 years; it’s become embedded into nearly every meaningful Java application; and the Log4Shell event led to compromises in everything from iCloud to physical security systems. Moreover, malware groups are continuing to exploit unpatched Log4j instances. We will likely see additional Log4Shell-like events unless we address its root issues.”
The Open Source Security Foundation (OpenSSF), a cross-industry organization hosted at the Linux Foundation that brings together the world’s most important software supply chain security initiatives, today announced many new members from leading technology firms in sectors that span software development, cybersecurity, data science, platform-as-a-service, semiconductors, finance, think tanks, academics, and more, bringing the total number of OpenSSF members to over 100.
Microsoft announced that its Secure Supply Chain Consumption Framework (S2C2F) has been adopted by the Linux Foundation’s Open Source Security Foundation (OpenSSF) in a move to improve “supply chain security for everyone,” according to Microsoft Azure CTO Mark Russinovich.
IBM launched the next generation of its enterprise-grade Linux server family, IBM LinuxONE at the Government Data Center & Infrastructure Summit 2022, New Delhi on 11th November 2022.
There was a lot covered at this year’s 2022 RhythmWorld Security Conference! In one of our more technical sessions, we discussed Microsoft Sysinternals’ recent release of Sysmon for Linux, an open-source Linux system monitoring tool.
It's no secret that the IT department has struggled with encryption for Linux devices many years due to a gap in the management and compliance capability available in their current Linux solution sets.
