The recent discovery of a backdoor in XZ Utils, a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While the open-source community successfully reacted to remove the malware, this event highlights the presence ...
Red Hat recently released The State of Enterprise Open Source 2022 report, which highlights the changing perceptions about the use of the open source development model in the enterprise technology space. Now in its fourth year, the survey of nearly 1,300 IT decision makers reveals how organisations are increasingly shifting to open source software solutions to address COVID-19 related challenges and tackle new market demands for quality, speed and an evolving cybersecurity landscape.
How well do your Linux security practices stack up in today's challenging operating environment? Are you following the correct processes to keep systems up-to-date and protected against the latest threats? Now you can find out thanks to research independently conducted by the Ponemon Institute.
There are hundreds of thousands of Linux and Raspberry Pi devices connected to the internet right now, protected by nothing more than the default password, that are proving a major security weak link.
Learn how an open source program office (OSPO) - a bureau of open source experts within your organization dedicated to overseeing how your company uses, creates and contributes to free software - could helps secure your software supply chain.
A big majority (89%) of IT chiefs believe open-source software is as secure as proprietary software, according to a survey by IBM-owned Red Hat, the maintainer of Red Hat Enterprise Linux (RHEL).
There's a lot of FUD about how Linux is being shown recently to be less secure than proprietary systems. That's nonsense. But, now there are hard facts from Google's Project Zero, Google's security research team, showing Linux's developers do a faster job of fixing security bugs than anyone else, including Google.
The Linux Vendor Firmware Service (LVFS) that integrates with Fwupd for delivering firmware updates primarily to Linux users is surging with around three times the normal traffic volume. Unfortunately, this boost in traffic appears to be due to vendor(s) releasing new system firmware updates ahead of disclosing a presumptive security issue.
The new year has brought some bad news for Linux users and enthusiasts. Research reveals that Linux-specific malware saw a 35% increase in 2021 compared to a year before.
Security is a process, not a product. We're going to be cleaning up Apache Log4j security problems for months to come, but the real problem isn't that it was open-source software. It's how we track and use open-source code.
The tech industry is readying solutions to the security risks posed by the collaborative software that underpins modern-day computing — but aid from Washington could be essential to the project’s success.
Most Linux distros are currently coming up short from offering adequate security around full disk encryption and authenticated boot. Prominent Linux developer Lennart Poettering even argues that your data is "probably more secure if stored on current ChromeOS, Android, Windows or macOS devices."
In this interview with Help Net Security, Dave Wreski, CEO at Guardian Digital, the open source email security company, talks about modern email threats and offers protection advice for organizations. Wreski explains how the open-source development model can be applied to the development of email security technology to engineer highly effective phishing and zero-day protection.
Open Source is becoming increasingly popular among businesses worldwide, but could the big tech supporters its's earned undermine the open qualities and collaboration of the open-source model?
Detecting vulnerabilities and managing the associated patching is challenging even in a small-scale Linux environment. Scale things up and the challenge becomes almost unsurmountable. There are approaches that help, but these approaches are unevenly applied. Learn what a new survey reveals about how enterprises handle the security concerns of vulnerability detection and patch management.