LinuxSecurity.com

Syndikovat obsah LinuxSecurity - Security Articles
The central voice for Linux and Open Source security news.
Aktualizace: 1 min 55 sek zpět

Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security

5 hodin 39 min zpět
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of the Internet email infrastructure.
Kategorie: Hacking & Security

Navigating the Cybersecurity Maze: Advanced Linux Security Practices for Professionals

13 Červenec, 2024 - 13:00
As cyber threats rapidly advance, Linux administrators and InfoSec professionals are essential defenders against increasingly sophisticated threats. Protectors of critical infrastructure and sensitive data, these experts must implement a wide array of security practices designed specifically to their unique challenges.
Kategorie: Hacking & Security

Open Source Vulnerability Assessment Tools & Scanners

13 Červenec, 2024 - 13:00
Computer systems, software, applications, and other interfaces are vulnerable to network security threats. Failure to find these cybersecurity vulnerabilities can lead to the downfall of a company. Therefore, businesses must utilize vulnerability scanners regularly within their systems and servers to identify existing loopholes and weaknesses that can be resolved through security patching.
Kategorie: Hacking & Security

Introducing NethSecurity 8.1: Open-Source Firewall Spearheads Improved Linux Network Protection

11 Červenec, 2024 - 14:40
NethSecurity is a Linux firewall that has been gaining traction in the open-source Linux space. Its proactive approach to network management and security has set it apart.
Kategorie: Hacking & Security

CISA Adds New Chromium Zero-Day Bug to its Known Exploited Vulnerability Catalog

11 Červenec, 2024 - 13:00
Google has released fixes for a high-severity Chromium security flaw ( CVE-2024-5274 ) impacting its widely used Chrome browser and other Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi. CISA has added this Type Confusion bug, exploited in the wild, to its Known Exploited Vulnerability Catalog . CISA has stated, "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.", underscoring the significance of this flaw for impacted organizations.
Kategorie: Hacking & Security

Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems

11 Červenec, 2024 - 13:00
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its Known Exploited Vulnerabilities (KEV) catalog . This bug is being actively exploited in the wild, and federal organizations have been given a deadline of June 20th to patch it, suggesting that private organizations follow suit.
Kategorie: Hacking & Security

The Hidden Dangers in Your Dependencies: Responding to Trojanized jQuery Attacks

10 Červenec, 2024 - 17:25
Security professionals and system administrators face growing cyber threats in today's digital environment, making defending systems increasingly challenging. A recent discovery by Phylum revealed a sophisticated large-scale operation targeting Node Package Manager (npm) , GitHub repositories, and Content Delivery Networks (CDNs) via trojanized versions of the jQuery JavaSecript library .
Kategorie: Hacking & Security

Closing the Door on CVE-2024-29510: Understanding and Mitigating Ghostscript's Latest RCE Threat

9 Červenec, 2024 - 19:02
Recently, open-source security was rocked by the discovery of an alarming Remote Code Execution (RCE) vulnerability within the Ghostscript document conversion toolkit '' CVE-2024729510 . This security breach poses a severe threat and can compromise countless Linux systems worldwide. To help you understand and protect against this threat, I'll walk you through how this flaw works, its impact, and practical strategies for mitigating your risk.
Kategorie: Hacking & Security

The Rise of Eldorado: Addressing the New Wave of Ransomware-as-a-Service Threats Targeting Linux Systems

9 Červenec, 2024 - 14:00
Cybersecurity has always been dynamic, and threats are evolving rapidly. One of the latest entrants into this dangerous arena is Eldorado, a ransomware-as-a-service (RaaS) that targets Windows and Linux systems. As revealed by Group-IB's recent discovery , this new ransomware has been making waves since it was first discovered in March 2024.
Kategorie: Hacking & Security

A Deep Dive into the HTTP File Server Vulnerability: Strategies to Shield Your System

7 Červenec, 2024 - 02:11
An aggressive cyber threat targeting HTTP File Server (HFS) users has emerged recently. A Remote Code Execution (RCE) vulnerability known as CVE-2024-23692 , first disclosed in May 2024, has been exploited by hackers worldwide to install malware onto systems and gain unwarranted control over them.
Kategorie: Hacking & Security

Rethinking WiFi and Router Security: A Deep Dive into the Recent ASUS Flaw and Secure Alternatives

6 Červenec, 2024 - 13:00
At a time of rapid technological progress, the security of our digital tools - particularly WiFi routers - has become critical. Recent news from ASUS sent shockwaves through the cybersecurity community when multiple models of their routers were found with critical flaws that exposed an ongoing challenge of protecting networks against intrusions.
Kategorie: Hacking & Security

Comprehensive Security Validation and Breach and Attack Simulation for Linux

5 Červenec, 2024 - 20:21
Cybersecurity threats are becoming more imminent daily in today's fast-paced digital landscape. In 2023, there were 2365 cybersecurity attacks, an increase of 72% from 2021. These attacks are also becoming more sophisticated daily, making traditional security measures inadequate.
Kategorie: Hacking & Security

Mallox Ransomware: A Rising Threat to Linux Servers

4 Červenec, 2024 - 14:59
Security threats continue developing rapidly, with attackers finding new vulnerabilities daily. Recent findings from researchers at Uptycs indicate a shift in ransomware attacks targeting Linux servers, possibly due to their increasing prevalence in critical infrastructure and enterprise operations, making them attractive targets for ransomware groups.
Kategorie: Hacking & Security

Embracing Digital Independence: The Case for Switching to Linux from Windows

4 Červenec, 2024 - 01:00
On Independence Day, there is a deep recognition of digital autonomy amidst the colorful fireworks displays and patriotic revelry. At LinuxSecurity, we advocate switching from Windows to Linux as a symbolic act with deeper roots in terms of freedom, security, and privacy embodied by Linux.
Kategorie: Hacking & Security

Exploring Linux Mint 22 'Wilma': Key Updates and Security Improvements for Admins

2 Červenec, 2024 - 15:21
Linux Mint is a user-friendly GNU/Linux desktop distribution built upon Ubuntu and Debian for maximum reliability while offering an aesthetically pleasing user experience. It stands out from other Linux distributions due to its ease of use, full multimedia support, and impressive security, making it perfect for personal and professional computing use.
Kategorie: Hacking & Security

Recent OpenSSH RCE Bug Explained: Impact & Mitigations

1 Červenec, 2024 - 22:15
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys' Threat Research Unit (TRU) demands the open source community's immediate attention. Dubbed as "regreSSHion" and assigned the identifier CVE-2024-6387 , this vulnerability stands out not merely because of its potential to enable unauthenticated, remote attackers to execute arbitrary code as root, but also due to its broad impact, affecting millions of OpenSSH server instances globally.
Kategorie: Hacking & Security

Debian 12.6 Released: Understanding the Security & Stability Enhancements

1 Červenec, 2024 - 15:06
Debian recently unveiled a significant update to its stable distribution, Debian 12.6 (codename "bookworm"). While not an entirely new release, this upgrade brings important security fixes and fixes for severe problems to ensure an improved, secure operating environment for its users.
Kategorie: Hacking & Security

Everything You Need to Know About Linux Proxy Servers

29 Červen, 2024 - 15:14
Linux proxy servers are essential for individuals and organizations looking to enhance their online privacy, data, network security, and browsing experience. In this comprehensive article, we will explore the concept of proxy servers, discuss the advantages of using a Linux proxy server, dive into the risks associated with their usage, highlight Squid as an efficient and user-friendly Linux proxy server, and provide step-by-step instructions on how to set up the HTTP Linux proxy.
Kategorie: Hacking & Security

Practical Ways to Integrate Linux Security Automation With Ansible

29 Červen, 2024 - 13:00
The US government reported the OPM Breach, one of the country's greatest hacks, in 2015. Over 22 million past and present employees' personnel records were compromised by hackers believed to be based in China. According to experts, the consequences of such a large-scale breach may persist for almost 40 years.
Kategorie: Hacking & Security

Canonical's Game-Changing Move: 12-Year LTS for Distroless Docker Images

28 Červen, 2024 - 14:47
Canonical has made headlines with its groundbreaking long-term support (LTS) service offering to extend far beyond Ubuntu deb packages, promising 12 years of security maintenance for any open-source application or dependency. "Everything LTS means CVE maintenance for your entire open MacOSource dependency tree, including open source not yet packaged as a deb in Ubuntu," announced Mark Shuttleworth, CEO of Canonical, emphasizing its far-reaching benefits.
Kategorie: Hacking & Security