LinuxSecurity.com

Syndikovat obsah LinuxSecurity - Security Articles
The central voice for Linux and Open Source security news.
Aktualizace: 53 min 14 sek zpět

OpenSSF Aimed to Stem Open Source Security Problems in 2022

28 Leden, 2023 - 13:00
In 2022, the Open Source Software Foundation (OpenSSF) set its sights on fixing security problems with the open software supply chain. including joining forces with companies including Apache, Google, Apple, and AWS, and meeting at the White House with the U.S. government's executive branch.
Kategorie: Hacking & Security

BlackBerry: Cyberattacks Are Being Launched Once Every Minute

26 Leden, 2023 - 13:00
Threat actors are evolving to target a wide variety of systems and infrastructure, BlackBerry says in a new report. "In addition, attacks against Linux systems and cloud infrastructure will increase as threat actors look to install backdoors on target systems and gain visibility into organizations for further activities."
Kategorie: Hacking & Security

The Unrelenting Menace of the LockBit Ransomware Gang

26 Leden, 2023 - 13:00
The notorious Russian-speaking cybercriminals grew successful by keeping a low profile. But now they have a target on their backs.
Kategorie: Hacking & Security

Linux Malware Rates Rise to Record Levels Amid Hacker Inconsistency

25 Leden, 2023 - 13:00
After rising and falling since 2021, new Linux malware hit record highs at year-end in 2022, growing by 117% over previous levels.
Kategorie: Hacking & Security

OpenSSF Aimed to Stem Open Source Security Problems in 2022

25 Leden, 2023 - 13:00
In 2022, the Open Source Software Foundation (OpenSSF) set its sights on fixing security problems with the open software supply chain. including joining forces with companies including Apache, Google, Apple, and AWS, and meeting at the White House with the U.S. government's executive branch.
Kategorie: Hacking & Security

An IBM Hacker Breaks Down High-Profile Attacks

24 Leden, 2023 - 13:00
For bad actors, the more intelligence they have on their target, the better. Attackers typically gather intelligence by scraping data readily available from public sources, called open source intelligence (OSINT).
Kategorie: Hacking & Security

New Boldmove Linux Malware Used to Backdoor Fortinet Devices

24 Leden, 2023 - 13:00
Suspected Chinese hackers exploited a recently disclosed FortiOS SSL-VPN vulnerability as a zero-day in December, targeting a European government and an African MSP with a new custom 'BOLDMOVE' Linux and Windows malware.
Kategorie: Hacking & Security

A DevSecOps Process for Node.js Projects

24 Leden, 2023 - 13:00
Node.js is an open source development platform for running JavaScript code on the server side. Node is useful for developing applications that require a persistent browser-server connection and is often used for real-time applications such as chat, social applications, or news feeds.
Kategorie: Hacking & Security

C++ Programming Language and Safety: Here's Where It Goes Next

23 Leden, 2023 - 13:00
There's been a shift towards 'memory safe' languages. So, can updates to C++ help it catch up in the eyes of developers?
Kategorie: Hacking & Security

Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware

23 Leden, 2023 - 13:00
A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa.
Kategorie: Hacking & Security

How to Check if Your Linux System is Infected with a Virus

23 Leden, 2023 - 13:00
Linux is undoubtedly the best open-source operating system, and is arguably the most secure OS by design . Most computers these days are Linux-based. Android OS, which is the most commonly used mobile operating system, is also Linux-based. The same goes for Chromebooks and a variety of tablets.
Kategorie: Hacking & Security

Linux FU: UEFI Booting

20 Leden, 2023 - 13:00
Unless your computer is pretty old, it probably uses UEFI (Unified Extensible Firmware Interface) to boot. The idea is that a bootloader picks up files from an EFI partition and uses them to start your operating system.
Kategorie: Hacking & Security

Exploited Control Web Panel Flaw Added to CISA 'Must-Patch' List

19 Leden, 2023 - 13:00
The US government's cybersecurity agency CISA is giving federal agencies an early February deadline to patch a critical -- and already exploited -- security vulnerability in the widely used CentOS Control Web Panel utility.
Kategorie: Hacking & Security

Critical Linux Kernel flaw affects SMB servers with ksmbd enabled

19 Leden, 2023 - 13:00
Experts warn of a critical Linux Kernel vulnerability (CVSS score of 10) impacting SMB servers that can lead to remote code execution.
Kategorie: Hacking & Security

Stealthy Malware Distribution Involves Polyglot Files

19 Leden, 2023 - 13:00
Threat actors have been leveraging polyglot and malicious Java archive files to distribute the StrRAT and Ratty remote access trojans to evade detection by security solutions, The Hacker News reports.
Kategorie: Hacking & Security

Linux Operating System Market Predicted to Grow at a CAGR of 19.8% by 2029

18 Leden, 2023 - 13:00
The global linux operating system market was valued at 5.33 Billion U.S. dollars in 2021 and is expected to grow to 22.15 Billion U.S. dollars in 2029, at a Compound Annual Growth Rate (CAGR) of 19.8% during the forecast period.
Kategorie: Hacking & Security

GhostSecs Claimed ICS Ransomware Attack Questioned

18 Leden, 2023 - 13:00
SecurityWeek reports that pro-Ukraine hacktivist group GhostSec is having its claims of launching the first-ever ransomware attack against an industrial control system device questioned by cybersecurity experts.
Kategorie: Hacking & Security

A New Privilege Escalation Vulnerability in the Linux Kernel, Enables a Local Attacker to Execute Malware on Vulnerable Systems

17 Leden, 2023 - 13:00
A new privilege escalation vulnerability has been identified in the Linux kernel by researcher Davide Ornaghi. This vulnerability might enable a local attacker to execute code on vulnerable computers with elevated rights if the kernel is installed on those systems.
Kategorie: Hacking & Security

Consider Open Source Software While Evaluating The Security Of Cloud Applications

17 Leden, 2023 - 13:00
The pace of software development is accelerating. Devops teams are under more pressure to launch products rapidly, and they are able to do so in part because of open-source software (OSS) tools.
Kategorie: Hacking & Security

OpenSSF Outlook Q1 2023: How To Avoid the Next Log4Shell and Other OSS Security Reflections

16 Leden, 2023 - 13:00
''Log4j has been around for 20 years; it's become embedded into nearly every meaningful Java application; and the Log4Shell event led to compromises in everything from iCloud to physical security systems. Moreover, malware groups are continuing to exploit unpatched Log4j instances. We will likely see additional Log4Shell-like events unless we address its root issues.''
Kategorie: Hacking & Security