We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Disclosed back in August was the Inception vulnerability affecting all Zen processors. It took until today though for the mainline Linux kernel to mitigate Hygon processors for this vulnerability for those Zen 1 CPUs formed from the AMD-Chinese joint venture.
It turns out that Ubuntu Linux installations of Ubuntu 23.04, 22.04.3 LTS, and installs done since April 2023 that accepted the Snap version update haven't been following Ubuntu's own recommended security best practices for their security pocket configuration for packages. A new Subiquity release was issued today to fix this problem while those on affected Ubuntu installs are recommended to manually edit their /etc/apt/sources.list file.
The recent news regarding Red Hat’s decision to limit access to the source code of their Red Hat Enterprise Linux (RHEL) distribution has garnered considerable attention. "It is wise to make sure security and IT compliance aspects are addressed. Perhaps more open source Linux distributions will appear in the near future and offer another alternative to CentOS Linux."
One of the most-used Linux distros is Kali Linux, which is preferred by security professionals.
Downfall is the latest speculative execution vulnerability discovered in Intel’s x86 CPU architecture. As custom dictates, the chipmaker has released a microcode update and Linux kernel patches to mitigate the flaw. Like most security fixes, these updates degrade performance as they essentially block speculative execution in certain scenarios.
An unknown group of hackers is using a novel strain of malware to attack publicly accessible deployments of Redis — a popular data storage tool used by major companies like Amazon, Hulu and Tinder.
An additional three years are also added to RHEL 8 and 9's lifecycles, which are still both fully supported.
SQLite 3.42 is now available as the newest update to this widely-used, embed-friendly SQL database option that is used by countless applications and other software for lightweight and speedy data storage purposes.
One of the great longtime features of Ubuntu Linux has been Launchpad's Personal Package Archives (PPAs) for easily augmenting the official Ubuntu repositories with additional packages either to supply updated versions of select software or for software not yet found in the official Ubuntu archives. With Ubuntu 23.10 a change is being made in how PPAs are managed to enhance the security and reliability.
Well, this is a bit strange... Intel just published Friday afternoon CPU microcode updates for all supported processor families back to Coffee Lake "Gen 8" for undisclosed security updates.
In December last year, Microsoft's exFAT on Linux received some really hefty gains in terms of performance thanks to Sony. Internal tests showed close to 60% gains in some instances. Speaking of file systems, Microsoft has now added support for XFS as root file system type for CBL-Mariner, which is Microsoft's Linux OS for Azure 1P services and edge appliances.
Canonical, the company behind Ubuntu, has announced that Hardware Enablement (HWE) kernels will receive updates via the Livepatch service, just like Long-Term Release (LTS) kernels. The first kernel to gain support will be Linux 6.2 which will ship with Ubuntu 23.04 Lunar Lobster next week before being made available as an HWE kernel in Ubuntu 22.04 LTS in July.
On the 13th of March, 2023, the Kali Linux team announced the availability of a new version of their security-focused Linux distribution, named “Kali Linux Purple”. The new distribution is aimed at defensive security. “Defensive” not in the sense of simply protecting your personal computer for anonymity like Qubes OS and Tails, but in the sense of protecting other machines or resources that you might own, just like an enterprise-level defensive system.
Attractive as open source is, many organizations still have concerns. With these challenges in mind, Canonical, released Ubuntu Pro, a comprehensive subscription for open source security, compliance, and support.
Vali Cyber, Inc. announces the release of SecurityPerf™ 1.0, an open-source framework designed to benchmark the impact of security solutions on typical workloads run in Linux environments. As an open-source, always free-to-use solution, SecurityPerf enables anyone to run realistic benchmarks for common production workloads to measure cybersecurity overhead. The information provided by SecurityPerf is designed to inform cybersecurity purchase decisions with critical economic information.
A point-six release?! They’re a bit unusual. Long-term support releases typically only receive five point releases during their support cycle so what’s going on?
Operating system (OS) technology is constantly evolving. From laptops to mobile phones, the OS is like the heart of all computing technology.
The Thunderbird team has released a new stable version of the open source email client. Thunderbird 102.9.0 is a security and bug fix update.
Kali Linux is a powerful and versatile operating system designed for hackers and security professionals. It is a Debian-based distribution that comes loaded with a variety of security and hacking tools that are essential for penetration testing, vulnerability analysis, and digital forensics.
Microsoft is taking advantage of hardware-based security features in AMD's Epyc processors for its confidential containers running in Azure, as part of its push into confidential computing.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
