LinuxSecurity.com

While the internet provides many benefits, it also brings new risks and challenges. One of the most common and notable of these is the threat to our privacy. Some users might think that they are protected by their browser, search engine and antivirus programs. However, the truth is that most of us aren't doing nearly enough to keep websites from tracking us.

Today, one of the most popular ways for free websites and browsers to make a profit is tracking and selling user data to advertisers. While most tracking is behind the scenes and discreet, allowing oneself to be tracked can have negative consequences''attackers often attempt to track users the same way legitimate companies do in order to steal data; not to mention the growing concern of companies using data purchased from legitimate sources to manipulate users. While it may seem futile to even try to stay private on an internet dominated by companies who have a motivation to make sure their users aren't private, there are many popular and simple ways to maintain privacy online.

Globally, there are roughly 30,000 web-based cyberattacks daily, primarily targeting smaller businesses and smaller websites. To put it into perspective, that is an estimated 1 cyberattack every 3 seconds that targets websites specifically. Cyber-criminals will not hesitate to attack your website so how can you possibly find any security issues and entry points? The answer is simple: Website Vulnerability Scanners. Follow along with us as we take a look at what a Vulnerability Scanner is and how we use WAPITI Web Scanner to test some websites.

Believe it or not, you might be using a deprecated Linux command. It's not really your fault. You are either habitual of using those commands or learned them through old, obsolete tutorials on the web.

The Black Basta ransomware-as-a-service (RaaS) syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window.

Microsoft has fixed a container escape bug dubbed FabricScape in the Service Fabric (SF) application hosting platform that let threat actors escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster.

Microsoft warns over recent work by the '8220' malware gang to compromise Linux systems and install cryptomining malware.

With web and API security becoming an increasingly important aspect of software development, ''shift left'' is gaining wide acceptance as a best practice to ensure security integrates with development early. More and more cybersecurity companies are releasing relevant products and capabilities, and the practice is becoming almost de facto for engineering teams.

A high-severity Linux vulnerability capable of granting abusers root access to target endpoints is being exploited in the wild, researchers have warned.

A "sched/fair" change for Linux 5.20 aims to enhance the efficiency when searching for an idle CPU under heavy system load. The change led by Intel should improve the kernel's efficiency when the system is overloaded but as with most low-level tuning does run the risk of regressions.

Stack Overflow released the results of its annual developer survey this week, with responses from over 70,000 developers across 180 countries. The survey highlights attitudes, tools, and environments that are shaping software today.

Web applications are today an integral part of most business operations. They are commonly used for storing, processing, or transmitting data as a part of various business operations. However, these web applications are often exposed to huge cyber risks. They attract malicious hackers who exploit the application vulnerabilities for their personal gain and thereby raising major web application security concerns. To address this growing concern a thorough Penetration testing should be performed to proactively assess the applications and identify vulnerabilities in them. The security testing technique is an effective way of identifying security gaps and addressing them immediately. Covering more on this and elaborating on the technique in detail we have explained the importance of web application penetration test and the testing process. But before that let us understand what a web application penetration test is, a bit in brief.

Last month Microsoft issued the first production release of CBL-Mariner 2.0 , its in-house Linux distribution used for powering services from Microsoft Azure to WSL use-cases and more. CBL-Mariner 2.0 this weekend saw a rather large monthly update with a number of fixes, package updates, and new additions to this "Common Base Linux" platform.

ShiftLeft has released some rare positive news on the AppSec front by reporting that based on millions of scans on its customers, they found a 97% reduction in open source software (OSS) vulnerabilities.

KaOS, a modern open-source, well-designed KDE-focused Linux distro, has been updated to KaOS Linux 2022.06 and incorporates several bug fixes and security enhancements.

Rust , the fast-growing systems programming language, may be merged into the Linux kernel next year, or ''maybe the next release,'' according to Linux creator Linus Torvalds .

Technology is developing and advancing tremendously. New inventions are delivered to the market every year and all of these improve the entire domain a lot. But because there are so many options and opportunities on the market, you might end up feeling more confused than at the beginning.

Only about half of firms have an open source software security policy in place to guide developers in the use of components and frameworks, but those that do exhibit better security.

Understand the security benefits and risks associated with Linux containers.