Linux is everywhere and it needs extra protection, according to Google. "We are constantly investing in the security of the Linux Kernel because much of the internet, and Google – from the devices in our pockets, to the services running on Kubernetes in the cloud – depend on the security of it," said Eduardo Vela from the Google Bug Hunters Team.
In use for a decade as the de facto standard for communicating software bills of materials, The Linux Foundation has announced that the Software Package Data Exchange (SPDX) specification has been published as ISO/IEC 5962:2021 and recognized as the open standard for security, license compliance and other software supply chain artifacts.
In celebration of Linux's 30th birthday, Greg Kroah-Hartman, the Linux Foundation fellow who oversees stable Linux kernel releases, talks about world domination, what was, and what may be for the kernel.
Marius Nestor celebrates Linux’s 30th birthday with a good champagne, a delicious cake and a brief recount of 30 freaking awesome years of the inherently secure and increasingly popular Linux OS - and many more to come!
On the year of Linux's 30th anniversary, Linux security expert and TechRepublic writer Jack Wallen ponders how the open-source OS has profoundly affected the landscape of enterprise businesses.
In honor of Linux's 30th birthday, Linux security expert and TechRepublic writer Jack Wallen describes how the OS changed his life.
DEF CON 29 will be an event to remember, with this year’s conference being presented in both physical and virtual forms simultaneously. Following the theme, the DC29 badge is not only a practical tool for virtual attendees, but an electronic puzzle for those who are able to bring a few of them together physically. Let’s take a closer look at this socially distanced badge and the tech that went into it.
The Black Hat USA 2021 conference, under way in Las Vegas, is generating plenty of cybersecurity news. Here are some of the highlights of Black Hat USA 2021 so far.
BlackHat USA 2021 is in full swing and DEF CON 29 is rapidly approaching! LinuxSecurity is covering both events on Twitter, and will summarize key takeaways in an upcoming feature article. Here's some topics you'll learn about at this year's events.
Red Hat has brought its Universal Base Image to Docker Hub as “Verified Publisher” images in an effort to help developers and operators build more secure and scalable containerized solutions.
The Linux Foundation Technical Advisory Board reports on what was found in its complete examination of University of Minnesota patches, putting out the fire between the Linux kernel community and the University of Minnesota (UMN).
The researchers who prompted the University of Minnesota's ban from Linux kernel development are attempting to bury the hatchet, and have issued an apology letter to the Linux community.
Some researchers from the University of Minnesota tried to slip bad patches into the Linux kernel as a "test." When they kept trying, Greg Kroah-Hartman, the Linux kernel maintainer for the stable branch, put an end to their efforts by banning their university from Linux development.
Microsoft is open-sourcing the CodeQL queries that it used to investigate the impact of Sunburst or Solarigate malware planted in the SolarWinds Orion software updates, enabling other organizations to use the queries to perform a similar analysis. Mike Hanley, CSO of GitHub, says CodeQL provides, "key guardrails that help developers avoid incidents and shipping vulnerabilities".
As part of an effort to advance Linux security, Sysdig has donated a sysdig kernel module, along with libraries for the Falco security platform for Kubernetes, to the Cloud Native Computing Foundation (CNCF).
With the popular Linux distro's acquisition of StackRox, Red Hat is taking a major step forward in securing not only its own Kubernetes distribution, OpenShift, but other Kubernetes distros as well.
Node.js is wildly popular - but the open-source JavaScript runtime is not easy to learn. Now is the perfect time to pick it up - the Linux Foundation is offering a free online Node.js class.
Linus Torvalds has released Linux kernel version 5.11 with plenty of support updates for Intel, AMD and Arm-based hardware - and he seems to be content. "In fact, it's a smaller-than-average set of commits from rc7 to final, which makes me happy. And I already have several pull requests lined up for tomorrow, so we're all set for the merge window to start," noted Torvalds announcing the release over the weekend.
SpamCop - Cisco's anti-spam service - failed to renew spamcop.net over the weekend, causing it to lapse and resulting in countless messages being falsely labeled and rejected as spam around the world.
OpenSSF was launched in August of 2020 as “a cross-industry collaboration that brings together leaders to improve the security of open source software (OSS)”. This article provides an overview of OpenSSF's mission, what it’s accomplished in its first six months and its plans for the future.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
