Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 443
Alerts This Week
Warning Icon 1 443

Stay Ahead With Linux Security News

Filter%20icon Refine news
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security news

We found 3 articles for you...
209

Open Source Burnout's Impact on Security and Community Engagement

"It’s important for the industry to understand that open source development burnout is real and can have a significant impact upon those who depend on the projects they maintain. Incentivize and recognize efforts. Don’t just take, but give back to the community." . Whether a software architect makes the decision as part of an app’s planning phase, or it’s simply dragged in by a developer trying to complete a task, the accessibility and availability of open source makes it easy to just download and build into an application without thinking more about where it comes from. But why even care about where it comes from? Any organization that pays the smallest attention to open source management has methods and tools in place to identify and mitigate the risks that come along with it – risks relating to security vulnerabilities, license obligations, and operational concerns. So, if dev teams can keep at bay the risks related to not knowing where the open source software comes from, why does it matter to know more than that? The link for this article located at SC Media is no longer available. . Recognize how open source fatigue affects security and emphasize the vital role of community backing for projects.. Open Source Management, Development Challenges, Security Risks, Community Contributions. . Brittany Day

Calendar%202 May 17, 2022 User Avatar Brittany Day Security Trends
74

Recognizing Network Security Gaps In Business Operations

Areas of blind spots within the typical enterprise are many, including applications, network traffic, network devices and user activity.. Many enterprises possess an unrealistic confidence surrounding the security of their networks, with more than 65 percent of IT/security professionals contacted for a survey by network visibility and security intelligence specialist Landcope not thinking or being unsure that they had experienced any security incidents within the last 12 to18 months. - See more at: https://www.eweek.com/small-business/network-security-remains-a-blind-spot-for-businesses/ The link for this article located at eWeek is no longer available. . Many enterprises possess an unrealistic confidence surrounding the security of their networks, with . areas, blind, spots, within, typical, enterprise, applications, network, traffic. . Anthony Pell

Calendar%202 Aug 07, 2013 User Avatar Anthony Pell Network Security
74

Exploring Security Gaps In Virtual Environments And IT Workloads

Less than 20 percent of organizations using virtualization technology are adopting security tools to work in tandem with the software in order to decrease the risks that are inherent in a virtualized environment. This according to John Burke, Principal Research Analyst with Nemertes Research, who spoke Tuesday at the IT Roadmap Conference and Expo in Boston about the emerging threats posed to mobile and virtual environments.. Burke pointed to a woefully unprepared landscape of IT managers who have not yet confronted the serious risks that exist today. While 68 percent of workloads are virtualized, according to Burke's presentation, only a fraction of those using virtualization are adopting those environments in a secure way. Why? The common answer, according to Burke, is "We haven't seen any compromise yet." "That isn't a statement any audit team is going to take too seriously," he cautioned. Burke said IT departments are increasingly sacrificing the kind of security once seen in physical data centers in order to reap the benefits of virtualization. The link for this article located at CSO Online is no longer available. . IT administrators still lack readiness for threats in virtualized settings, with just a small percentage implementing essential protective measures.. Virtualization Security, IT Risk Management, Workload Security. . Dave Wreski

Calendar%202 Jun 10, 2011 User Avatar Dave Wreski Network Security
67

DNS Security Study: 0.02% Domains Signed With DNSSEC, Major Threats

Use of the Domain Name System Security Extensions (DNSSEC) specifications for securing domain names increased by 340% from 2009 to 2010. Even so, only 0.02% of Internet zones are now being signed with DNSSEC, and 23% of those are using expired signatures.. Those results come from a new study released by networking automation vendor InfoBlox and Internet testing and monitoring tool vendor the Measurement Factory. While all Internet traffic -- browsing, checking email or conducting e-commerce transactions -- gets routed through domain name servers, the study found that organizations are doing little to safeguard those servers against attacks or outages. "This year's survey results -- along with recent related outages like those experienced by Rollingstone.com and Comcast -- should represent a huge wakeup call for any organization with an Internet presence," said Cricket Liu, VP of architecture at Infoblox, in a statement. The link for this article located at Information Week is no longer available. . An intriguing analysis indicates that a mere 0.02% of registered domains utilize DNSSEC, highlighting substantial vulnerabilities despite increasing awareness.. DNSSEC, Domain Name Security, Network Protection, Internet Threats. . LinuxSecurity.com Team

Calendar%202 Dec 08, 2010 User Avatar LinuxSecurity.com Team Cryptography
74

Top 6 Security Challenges for Enterprises and Their Respective Solutions

In modern enterprises, there's a similar perception of invulnerability. Yet, for every large organization that glides through the year without any mishaps, there are many stories about perilous break-ins, Wi-Fi sniffing snafus and incidents where Bluetooth sniper rifles were used to steal company secrets.. Here's a look at six security holes that are often wide open, even in companies that take great pride in their security precautions. We checked with security consultants to find out what you can do about them, before your enterprise ship hits a wall of ice. The link for this article located at Computer World is no longer available. . Here's a look at six security holes that are often wide open, even in companies that take great prid. modern, enterprises, there's, similar, perception, invulnerability, every, large, organiz. . Anthony Pell

Calendar%202 Oct 12, 2010 User Avatar Anthony Pell Network Security
83

Defcon Survey Identifies Cloud As A Prime Target For Hackers

Is the cloud a hacker's paradise? A survey at last month's Defcon hacking conference paints that picture. Sponsored by security vendor Fortify Software, the survey asked 100 hackers who attended Defcon about security in the cloud.. A sizable 96 percent said they believe the cloud opens up more hacking opportunities, while 89 percent said cloud vendors aren't doing enough to address cybersecurity issues. Among the hackers surveyed, 45 percent said they had already tried to exploit vulnerabilities in the cloud. Although only 12 percent admitted to hacking into cloud systems for the money, that's still a significant percentage to ponder for companies moving to the cloud, according to Fortify. A Gartner study from earlier this year found that by 2012, 20 percent of businesses will own no back-end IT assets of their own, planning instead to store everything all in the cloud. The link for this article located at CNET is no longer available. . An impressive 94% think the cloud presents enhanced cyber attack risks, whereas 87% are concerned that providers do not ensure adequate protections.. Cloud Security Risks,Hacker Opportunities,Cybersecurity Vulnerabilities,Defcon Insights,Cloud Threats. . LinuxSecurity.com Team

Calendar%202 Aug 25, 2010 User Avatar LinuxSecurity.com Team Hacks/Cracks
74

Data Breach Report: Need for Enhanced Security Awareness and Education

Research carried out by the University of Bedfordshire in conjunction with 7Safe, the IT forensics specialist, has found that there are a number of areas where organisations are commonly neglecting internet security and being rewarded with a data loss incident.. According to the internet security report, a high percentage of insecure web applications and susceptibility to SQL injection plus malware demonstrates a widespread lack of understanding about these subjects. It also, says the study, highlights the need for educating software developers about preventative measures. Delving into the research reveals the need for companies to take further steps to protect their web server environments, conduct security testing and also ask questions of their web developers/ hosting companies, who often claim that their website software has been written securely. The data also suggests a strong link between security breaches and the absence of thorough security auditing . Studies indicate that inadequate security protocols can result in significant data losses, highlighting an urgent requirement for training.. Data Breach, Web Security, Security Awareness, Internet Safety. . Anthony Pell

Calendar%202 Jan 29, 2010 User Avatar Anthony Pell Network Security
83

Identifying the Gap Between Security Holes and Exploited Threats

Experts who discover and report security holes seem to be far more industrious than the malicious hackers willing or able to exploit those holes. Despite the thousands of hackable holes that lurk in e-mail, on websites, in files and operating . . . . Experts who discover and report security holes seem to be far more industrious than the malicious hackers willing or able to exploit those holes. Despite the thousands of hackable holes that lurk in e-mail, on websites, in files and operating systems, most users' computers are never afflicted with more than the virtual version of a sniffle. Few of the ominous potential traumas reported in 2002 turned out to have any real impact on most computer users. The Klez virus infected some machines and spawned spam that continues to clutter many e-mail inboxes. And the Linux Slapper worm made more work for some systems administrators for a while. "I'd love to see people in the industry turn their attention to developing broad-reaching security tools that make a real difference rather than focusing on finding each and every little possible exploit," security consultant Richard Smith said. The link for this article located at Wired.com is no longer available. . Cybersecurity analysts identify weaknesses more swiftly than cybercriminals can leverage them, highlighting an ongoing security divide.. System Vulnerabilities, Security Holes, Cyber Threats, Digital Exploits, Security Tools. . LinuxSecurity.com Team

Calendar%202 Dec 30, 2002 User Avatar LinuxSecurity.com Team Hacks/Cracks
News Add Esm H340

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200