The Southern California Linux Expo (SCALE) 21x is a massive community-run open-source and free software conference. This year's event showcased various workshops, presentations, and networking events.
...
“Log4j has been around for 20 years; it’s become embedded into nearly every meaningful Java application; and the Log4Shell event led to compromises in everything from iCloud to physical security systems. Moreover, malware groups are continuing to exploit unpatched Log4j instances. We will likely see additional Log4Shell-like events unless we address its root issues.”
The Open Source Security Foundation (OpenSSF), a cross-industry organization hosted at the Linux Foundation that brings together the world’s most important software supply chain security initiatives, today announced many new members from leading technology firms in sectors that span software development, cybersecurity, data science, platform-as-a-service, semiconductors, finance, think tanks, academics, and more, bringing the total number of OpenSSF members to over 100.
Microsoft announced that its Secure Supply Chain Consumption Framework (S2C2F) has been adopted by the Linux Foundation’s Open Source Security Foundation (OpenSSF) in a move to improve “supply chain security for everyone,” according to Microsoft Azure CTO Mark Russinovich.
IBM launched the next generation of its enterprise-grade Linux server family, IBM LinuxONE at the Government Data Center & Infrastructure Summit 2022, New Delhi on 11th November 2022.
There was a lot covered at this year’s 2022 RhythmWorld Security Conference! In one of our more technical sessions, we discussed Microsoft Sysinternals’ recent release of Sysmon for Linux, an open-source Linux system monitoring tool.
It's no secret that the IT department has struggled with encryption for Linux devices many years due to a gap in the management and compliance capability available in their current Linux solution sets.
OpenSSF is excited to announce the Alpha-Omega Project to improve the security posture of open source software (OSS) through direct engagement of software security experts and automated security testing. Microsoft and Google are supporting the Alpha-Omega Project with an initial investment of $5 million.
A trio of cybersecurity conferences — BSidesLV, Black Hat USA and DEF CON — kicks off this week in Las Vegas in what’s collectively known as Hacker Summer Camp, bringing together policymakers, executives, experts, hackers and enthusiasts against a backdrop of some of the most unsettled international events of recent years.
Global visionaries headline the premier open source event in Europe to share on OSS adoption in Europe, driving the circular economy, finding inspiration through the pandemic, supply chain security and more.
Offensive Security, the creators of Kali Linux, announced today that they would be offering free access to their live-streamed ‘Penetration Testing with Kali Linux (PEN-200/PWK)’ training course later this month.
Tech giants and federal agencies meet at the White House to discuss open-source software security, a response to the widespread Log4j vulnerability that’s worrying industry and cyber leaders.
To address the growing threat of software supply chain attacks, the Linux Foundation announced at the at the Linux Foundation Membership Summit that it is upgrading its LFX Security module to deal with these attacks.
Linux is everywhere and it needs extra protection, according to Google. "We are constantly investing in the security of the Linux Kernel because much of the internet, and Google – from the devices in our pockets, to the services running on Kubernetes in the cloud – depend on the security of it," said Eduardo Vela from the Google Bug Hunters Team.
In use for a decade as the de facto standard for communicating software bills of materials, The Linux Foundation has announced that the Software Package Data Exchange (SPDX) specification has been published as ISO/IEC 5962:2021 and recognized as the open standard for security, license compliance and other software supply chain artifacts.
In celebration of Linux's 30th birthday, Greg Kroah-Hartman, the Linux Foundation fellow who oversees stable Linux kernel releases, talks about world domination, what was, and what may be for the kernel.
Marius Nestor celebrates Linux’s 30th birthday with a good champagne, a delicious cake and a brief recount of 30 freaking awesome years of the inherently secure and increasingly popular Linux OS - and many more to come!
On the year of Linux's 30th anniversary, Linux security expert and TechRepublic writer Jack Wallen ponders how the open-source OS has profoundly affected the landscape of enterprise businesses.