Why SpiralLinux is the Perfect Everyday Linux Distribution
SpiralLinux is the working person's Linux. Here's why you should give it a try.
Security Projects - Page 7
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Boost Linux Security Using These 10 Vital Testing Tools Now
Linux admins rarely deal with one fixed system anymore. A single environment may include public-facing web apps, internal services, containers, cloud workloads, code repositories, and third-party packages pulled into production. That mix creates more...
New Rust Tool Traur Analyzes Arch Linux AUR Packages for Hidden Risks
Most of us have pulled something from the AUR because i...
Fedora 44 vs. Linux Kernel Exploits: Inside the Move to Strengthen Linux Security Settings
If you’re running Linux systems, you know that Linux ke...
Discover Security Projects News
OpenBSD 7.4 Security Update: New Hardware Support And Fixes
Theo de Raadt released OpenBSD 7.4 today as the open-source BSD operating system project's 55th release.
Assessing Microsoft RNDIS Protocol Security Risks in Linux Systems
Microsoft's proprietary protocol, Remote Network Driver Interface Specification (RNDIS), started with a good idea. It would enable hardware vendors to add networking support to USB devices without having to build them from scratch. There was only one little problem. RNDIS has no security to speak of.
OpenPubkey Enhances Docker Signing With Zero-Trust Authentication
The newest open-source project hosted by the Linux Foundation is OpenPubkey, which is a collaboration with Docker and BastionZero and will be available for Docker container signing with zero-trust passwordless authentication.
RISC-V Support for KASLR: Enhanced Security in Linux 6.6
More RISC-V architecture updates were merged this weekend for the ongoing Linux 6.6 merge window.
AMD Dynamic Boost Control Enhancements For Ryzen SoCs on Linux
Since early this year AMD has been working on Linux enablement patches for Dynamic Boost Control (DBC). This is a new feature of some AMD SoCs that allow an "authenticated entity" to have greater control over certain SoC characteristics to improve the power/performance. AMD DBC was merged for Linux 6.6 just days ago while already new patches have been posted that extend the supported platforms for this Dynamic Boost Control functionality.
Understanding LEMP Stack: Linux, Nginx, MySQL, and PHP Explained
In the world of web development, terms like MEAN, MERN, LEMP, and PERN are frequently encountered. These terms refer to web stacks, which are bundles of software, frameworks, and libraries used for building full-stack web applications. One such popular web stack is LEMP. In this comprehensive guide, we will explore what the LEMP stack is, its components, how it works, and why it is popular in web development.
Open-Source AMD SEV Firmware Enhances Security For EPYC Virtual Machines
While I have been eagerly following the AMD openSIL project for open-source CPU initialization that will eventually replace AGESA, today AMD announced a new open-source firmware drop: the SEV firmware has been made open-source.
AMD Family 19h Microcode Update: Inception Vulnerability Mitigation
Following yesterday's disclosure of the AMD "Inception" security vulnerability and the Linux kernel patches merged for reporting the mitigation status as well as the kernel-based handling for earlier generation Zen CPUs, the Family 19h microcode mitigations have now been picked up by the linux-firmware.git repository.
Managing Your Software Supply Chain Security With Backstage
An internal developer portal can help you consolidate and evolve your security strategy.
CBL-Mariner 2.0 Release: Security Updates and New Tools
Microsoft has released an updated version of its CBL-Mariner 2.0 in-house Linux distribution that includes various security patches, new packages being added to the OS, and a variety of other updates.
Linus Torvalds on AMD fTPM Bugs Affecting Linux Kernel Performance
AMD's fTPM issues are well-known in the industry, often causing system crashes and freezing. Linux's creator Linus Torvalds has expressed his disappointment towards the feature, labeling it a "plague" for the kernel.
Linux 6.5-rc2: Assembly Rewrite Tackles Control Flow Integrity Flaws
Ahead of the Linux 6.5-rc2 release tomorrow there was a set of x86/x86_64 kernel changes merged overnight to deal with some weaknesses in the kernel's Control Flow Integrity (kCFI) / FineIBT (Indirect Branch Tracking) code.
Linux Kernel 6.3 End Of Life: Upgrade To 6.4 For Security Fixes
The Linux 6.3 kernel series is now marked as EOL on the kernel.org website and the last release is 6.3.13.
Nitrux Upgrade Tool System Enhances Immutable Linux Management
Nitrux Update Tool System (NUTS) command-line utility is now available for Nitrux users and it can also perform rollbacks.
PyPI Open-Source Repository Addresses Malware Challenges Effectively
Public source code repositories, from Sourceforge to GitHub, from the Linux Kernel Archives to ReactOS.org, from PHP Packagist to the Python Package Index, better known as PyPI, are a fantastic source (sorry!) of free operating systems, applications, programming libraries, and developers’ toolkits that have done computer science and software engineering a world of good.
OpenSSF Develops Dynamic SBOMs to Enhance Software Security
Since 41% of organizations are still not confident about their open-source software security, more innovations are needed to change this narrative. Even though software bill of materials offer more visibility, the Open Source Security Foundation seeks to alter SBOMs from just being a mechanism to be organism-based so that they address issues such as changes in metadata and compiler flags, according to Omkhar Arasaratnam, general manager of OpenSSF at The Linux Foundation.
Antgroup Updates Linux: x86_64 PIE Support for Enhanced Security
Going back years there has been patches for allowing the Linux x86_64 kernel to build as Position Independent Executable (PIE) code to further enhance the system security. Antgroup engineers most recently have been tackling the Linux x86_64 PIE support and last week sent out a new patch series.
Google Launches Cybersecurity Certificate For Skill Development
The Cybersecurity Certificate is a new addition to the Google Career Certificate program designed to help job seekers upskill and transition to tech. "Learners will get hands-on experience with industry-standard tools, such as Python, Linux and an array of security tools like security information and event management (SIEM) platforms.
Sudo And Su Utilities Enhanced Memory Safety With Rust Rewrites
Two of the most important Linux utilities are being rewritten in Rust to provide greater memory safety for the critical functionality they provide.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!