Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently targeting the Linux xz data compression library, XZ Utils. Many believe the attempt to backdoor Linux’s...
There's a lot of FUD about how Linux is being shown recently to be less secure than proprietary systems. That's nonsense. But, now there are hard facts from Google's Project Zero, Google's security research team, showing Linux's developers do a faster job of fixing security bugs than anyone else, including Google.
The Linux Vendor Firmware Service (LVFS) that integrates with Fwupd for delivering firmware updates primarily to Linux users is surging with around three times the normal traffic volume. Unfortunately, this boost in traffic appears to be due to vendor(s) releasing new system firmware updates ahead of disclosing a presumptive security issue.
The new year has brought some bad news for Linux users and enthusiasts. Research reveals that Linux-specific malware saw a 35% increase in 2021 compared to a year before.
Security is a process, not a product. We're going to be cleaning up Apache Log4j security problems for months to come, but the real problem isn't that it was open-source software. It's how we track and use open-source code.
The tech industry is readying solutions to the security risks posed by the collaborative software that underpins modern-day computing — but aid from Washington could be essential to the project’s success.
Most Linux distros are currently coming up short from offering adequate security around full disk encryption and authenticated boot. Prominent Linux developer Lennart Poettering even argues that your data is "probably more secure if stored on current ChromeOS, Android, Windows or macOS devices."
In this interview with Help Net Security, Dave Wreski, CEO at Guardian Digital, the open source email security company, talks about modern email threats and offers protection advice for organizations. Wreski explains how the open-source development model can be applied to the development of email security technology to engineer highly effective phishing and zero-day protection.
Open Source is becoming increasingly popular among businesses worldwide, but could the big tech supporters its's earned undermine the open qualities and collaboration of the open-source model?
Detecting vulnerabilities and managing the associated patching is challenging even in a small-scale Linux environment. Scale things up and the challenge becomes almost unsurmountable. There are approaches that help, but these approaches are unevenly applied. Learn what a new survey reveals about how enterprises handle the security concerns of vulnerability detection and patch management.
Live patching can improve security and minimize downtime, but can also lead to potential problems if carried out incorrectly. Learn how reproducible builds can help developers to implement live patching consistently and safely - and how containers are coming to the rescue! - in this article.
A new report shows that stale open-source code is rampant in commercial software, and organizations in all industries are struggling to manage open source risk. "In 2020 the percentage of codebases containing high-risk vulnerabilities jumped from 49 to 60 percent. What was more disturbing is that several of the top 10 open source vulnerabilities found in 2019 codebases reappeared in the 2020 audits, all with significant percentage increases."
From robust security to high levels of flexibility, Linux offers businesses an array of attractive benefits. Here's what you need to know in a nutshell about the modern enterprise Linux landscape.
Edge locations are often unstaffed, or staffed by technicians, and edge processing requires low maintenance solutions as a result of this. The industry is shifting in favor of a new generation of edge and IoT devices which are now generally capable of running standard versions of Linux.
Those familiar with Open Source know that it comes with many benefits - security being among the most significant. Learn about the key factors powering the rise of Open Source adoption.
Experts including Dr. David Wheeler, Director of Open Source Software Supply Chain Security at the Linux Foundation, discuss the growing trend in software supply chain attacks which use “dependency or namespace confusion” techniques, and how to secure software supply chains against these attacks.
