LinuxSecurity.com

Syndikovat obsah LinuxSecurity - Security Articles
The central voice for Linux and Open Source security news.
Aktualizace: 37 min 6 sek zpět

CISA Adds New Chromium Zero-Day Bug to its Known Exploited Vulnerability Catalog

29 Květen, 2024 - 13:00
Google has released fixes for a high-severity Chromium security flaw ( CVE-2024-5274 ) impacting its widely used Chrome browser and other Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi. CISA has added this Type Confusion bug, exploited in the wild, to its Known Exploited Vulnerability Catalog . CISA has stated, "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.", underscoring the significance of this flaw for impacted organizations.
Kategorie: Hacking & Security

What Can Linux Admins Learn from Microsoft's Zero-Trust DNS Initiative?

28 Květen, 2024 - 14:38
As a Linux administrator or security practitioner, you understand DNS's essential role in network security. Attacks and unauthorized access pose threats against DNS connections, so robust security protocols must be implemented to safeguard them. Zero-Trust DNS provides greater security, control, and flexibility over DNS traffic.
Kategorie: Hacking & Security

Multiple Apache HTTP Server Flaws Fixed in Ubuntu

28 Květen, 2024 - 13:00
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server (apache2). These vulnerabilities could potentially disrupt the server and inject malicious code.
Kategorie: Hacking & Security

The CIA Triad in Open Source Security for Linux Environments: A Primer for Professionals

27 Květen, 2024 - 22:03
The CIA triad '' no relation to the Central Intelligence Agency '' is an information security framework for protecting information. It examines the confidentiality, integrity, and availability of an organization's data, giving users a valuable tool for assessing and implementing systems or finding weaknesses.
Kategorie: Hacking & Security

New Research Reveals Linux Vulnerability Exploitation Has Doubled

27 Květen, 2024 - 16:44
Recently conducted research by Kaspersky indicates an alarming rise in cyberattacks using exploits against Linux systems. Data from Kaspersky Security Network indicates a nearly 130 percent spike in attacks targeting Linux users over the same timeframe last year compared with this quarter's timeframe. Furthermore, 65 percent more CVEs (Common Vulnerabilities and Exposures) were registered over four years, which indicates an increasing trend in Linux vulnerabilities.
Kategorie: Hacking & Security

Exploring the Central Role of Linux in Quantum Computing

26 Květen, 2024 - 13:00
The intersection of Linux and quantum computing has become increasingly apparent, emphasizing the importance of Linux-based operating systems in developing and deploying quantum computing technologies. As quantum computing technology advances, there is a growing need for operating systems that can support quantum computing frameworks.
Kategorie: Hacking & Security

Empowering Linux and Open-Source Security with AI: Strategies, Tools and Best Practices

25 Květen, 2024 - 16:22
It's hard to think of a technology more impactful than Artificial Intelligence (AI) . While it's been around for a while, it's only recently broken into the mainstream. Now that it has, it's rewriting the playbook for much of the tech industry, especially open-source software (OSS).
Kategorie: Hacking & Security

Research Indicates All Linux Vendor Kernels Are Insecure - But There's a Fix!

25 Květen, 2024 - 15:55
Recent research sheds light on the security vulnerabilities prevalent in Linux vendor kernels due to flawed engineering processes that backport fixes. It emphasizes the importance of using the most up-to-date kernel releases for enhanced security, challenging the traditional vendor-bound kernel model.
Kategorie: Hacking & Security

Guide To Linux Network Protocols for Better Packet Processing

25 Květen, 2024 - 13:00
Modern computing depends heavily on networking to enable communication among systems and devices, with Linux as one OS that stands out for its versatility and robustness regarding network operations and security. Network protocols are formal policies and standards that define how data exchanged on networks occurs, including rules, procedures, formats, etc. They help ensure efficient device communications regardless of architecture design, making the Internet an invaluable source of data exchange across an endlessly variable landscape.
Kategorie: Hacking & Security

How To Secure the Linux Kernel

25 Květen, 2024 - 13:00
With the support of the open-source community and a strict privilege system embedded in its architecture, Linux has security built into its design. That being said, gone are the days when Linux system administrators could get away with subpar security practices. Cybercriminals have come to view Linux as a viable attack target due to its growing popularity, the valuable devices it powers worldwide, and an array of dangerous new Linux malware variants that have emerged in recent years.
Kategorie: Hacking & Security

Critical Security Update for Google Chrome: Implications & Recommendations

23 Květen, 2024 - 13:00
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary code. Over the next few days or weeks, the Google Stable channel will be updated to 124.0.6367.78 for Linux. As security practitioners, Linux admins, infosec professionals, and sysadmins must be aware of the implications of such vulnerabilities and take appropriate action.
Kategorie: Hacking & Security

PostgreSQL Security Vulns Allow for XSS, MFA Bypass

23 Květen, 2024 - 13:00
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned CVE-2024-4216 and CVE-2024-4215 affect the tool's cross-site scripting and multi-factor authentication features. As Linux admins, InfoSec professionals, and security enthusiasts, it is crucial to understand the implications of these vulnerabilities and discuss their long-term consequences for our security practices.
Kategorie: Hacking & Security

Kinsing Hacker Group Exploits More Flaws, Expands Cryptojacking Botnet

19 Květen, 2024 - 13:00
The Kinsing hacker group, or H2Miner, has been orchestrating illicit cryptocurrency mining campaigns since 2019 and poses a persistent security threat. The group continuously evolves its toolkit by integrating newly disclosed vulnerabilities to expand its botnet.
Kategorie: Hacking & Security

Gomir Linux Backdoor Deployed by Kimsuky APT in South Korean Cyberattacks

19 Květen, 2024 - 13:00
The Kimsuky APT group, reportedly linked to North Korea's Reconnaissance General Bureau (RGB), has been identified deploying a Linux version of its GoBear backdoor called Gomir. The Gomir backdoor is structurally similar to GoBear, leading to concerns within the cybersecurity community. The overlapping code between malware variants raises questions regarding the extent of the threat and the potential implications for targeted organizations.
Kategorie: Hacking & Security

Protect Your Linux Web Apps and Meet Compliance Standards

18 Květen, 2024 - 13:00
Security is vital for your Linux web apps, but keeping up with the latest exploits and meeting compliance standards can quickly become overwhelming.
Kategorie: Hacking & Security

Strategies for Improving Linux Security Through Cross-Browser Compatibility Testing

18 Květen, 2024 - 13:00
In the dynamic landscape of web development , ensuring that applications perform uniformly across various web browsers is a vital aspect of user experience. This becomes increasingly important for Linux systems, where the default browsers and configurations range presents unique challenges. Cross-browser compatibility testing on Linux helps to identify and resolve these discrepancies, thereby enhancing the accessibility and functionality of web applications for all users.
Kategorie: Hacking & Security

How to Keep Your Linux System Safe from Kernel Bugs

18 Květen, 2024 - 13:00
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs. Understanding and mitigating the vulnerabilities in the Linux kernel is essential in safeguarding your systems against exploits leading to compromise. Let's examine why kernel vulnerabilities are such a severe threat and mitigation strategies for protecting against them.
Kategorie: Hacking & Security

Thunderbird DoS, Info Disclosure Vulns Fixed in Ubuntu and Debian

16 Květen, 2024 - 21:51
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and newsgroup client. The identified vulnerabilities could result in denial of service attacks, unauthorized access to sensitive information, and the execution of arbitrary code. As Linux admins, infosec professionals, and security enthusiasts, it is crucial to understand the implications of these vulnerabilities and take necessary action to protect systems and data.
Kategorie: Hacking & Security

Spectre V2: A New Threat to Linux Systems

16 Květen, 2024 - 13:00
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's delve into the details of the Spectre v2 exploit, its implications, and the measures being taken to mitigate its impact.
Kategorie: Hacking & Security

400k Linux Servers Hacked in Massive Cryptocurrency-Mining Botnet

15 Květen, 2024 - 14:57
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect our systems. Security researchers have identified a massive botnet comprising over 400,000 compromised Linux servers, reinforcing the need to stay alert and implement robust security measures.
Kategorie: Hacking & Security