LinuxSecurity.com

Syndikovat obsah LinuxSecurity - Security Articles
The central voice for Linux and Open Source security news.
Aktualizace: 25 min 7 sek zpět

Top NAS Devices Are Being Targeted by This Dangerous Malware

5 Červen, 2023 - 13:00
IoT cybersecurity company Sternum has identified a security vulnerability affecting Zyxel Networks' Linux-operated NAS drives, including NAS326, NAS540, and NAS542 models, running on firmware version 5.21.
Kategorie: Hacking & Security

Ubuntu Core as an Immutable Linux Desktop Base

5 Červen, 2023 - 13:00
Canonical began the development of Ubuntu Core in 2014, to create a fully-containerised platform for IoT. In Ubuntu Core, we use the same kernel container technology that Docker and LXC are built on, to put every component of the system into a secure sandbox, with well-defined upgrade and rollback.
Kategorie: Hacking & Security

Kali Linux 2023.2 Released with 13 New Tools, Pre-Built HyperV Image

4 Červen, 2023 - 13:00
Kali Linux 2023.2, the second version of 2023, is now available with a pre-built Hyper-V image and thirteen new tools, including the Evilginx framework for stealing credentials and session cookies.
Kategorie: Hacking & Security

New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal

4 Červen, 2023 - 13:00
An analysis of the Linux variant of a new ransomware strain called BlackSuit has covered significant similarities with another ransomware family called Royal .
Kategorie: Hacking & Security

Critical LibreOffice Code Execution Vuln Fixed

3 Červen, 2023 - 13:00
An Improper Validation of Array Index vulnerability (CVE-2023-0950) was discovered in the spreadsheet component of The Document Foundation LibreOffice 7.4 versions prior to 7.4.6 and 7.5 versions prior to 7.5.1. With a low attack complexity, no privileges or user interaction required to exploit, and a high confidentiality, integrity and availability impact, this bug has received a National Vulnerability Database (NVD) severity rating of ''Critical''.
Kategorie: Hacking & Security

Multiple Easily Exploitable OpenSSL DoS Bugs Fixed

3 Červen, 2023 - 13:00
Multiple important denial of service (DoS) vulnerabilities (CVE-2023-0464 and CVE-2023-2650) have been discovered in the OpenSSL Secure Sockets Layer toolkit. These bugs are easy to exploit and have a high availability impact.
Kategorie: Hacking & Security

Nitrux 2.8.1 Linux Distribution Unleashes Supercharged Security and Privacy Powers

2 Červen, 2023 - 13:00
Nitrux 2.8.1, codenamed "sc" for "safer computing," has been released, offering enhanced privacy and security features. While the distribution does not claim to be impenetrable or unhackable, it aims to protect users' privacy and provide tools for online anonymization.
Kategorie: Hacking & Security

High-Severity ntfs-3g Buffer Overflow Vulns Fixed

1 Červen, 2023 - 13:00
Several buffer overflow vulnerabilities have been identified in ntfs-3g. With a low attack complexity and a high confidentiality, integrity and availability impact, these vulnerabilities have received a National Vulnerability Database (NVD) severity rating of ''High''.
Kategorie: Hacking & Security

Critical Remotely Exploitable Django Vuln Fixed

1 Červen, 2023 - 13:00
It was discovered that Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1 incorrectly handled uploading multiple files using one form field (CVE-2023-31047). With a low attack complexity, no privileges required to exploit, and a high confidentiality, integrity and availability impact, this vulnerability has been rated as ''Critical'' by the National Vulnerability Database (NVD).
Kategorie: Hacking & Security

Linux Container Security Primer

31 Květen, 2023 - 13:57
In today's rapidly evolving digital landscape, where agility and scalability are paramount, traditional software deployment methods often fall short. Container technology is a game-changing innovation that has revolutionized how software is deployed, managed, and scaled. It offers many benefits, ensuring that applications run consistently regardless of the hosting environment.
Kategorie: Hacking & Security

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

30 Květen, 2023 - 13:00
Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. "Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT," the JPCERT Coordination Center (JPCERT/CC) said in a report published today.
Kategorie: Hacking & Security

The Moment for AI

29 Květen, 2023 - 13:00
Red Hat President and Chief Executive Officer, Matt Hicks, shares insights and reflections from Red Hat Summit 2023.
Kategorie: Hacking & Security

Email Phishing Using Kali Linux

29 Květen, 2023 - 13:00
No matter how often you go online and how or why you primarily use the Internet, you've probably seen phishing attack attempts. They're now so common and problematic that cybersecurity professionals regularly provide information to help people spot and avoid phishing attacks.
Kategorie: Hacking & Security

New Ransomware Group Uses Repurposed LockBit, Babuk Variants

29 Květen, 2023 - 13:00
A new ransomware operation has been targeting Windows and Linux systems with a combination of payloads relying on leaked LockBit and Babuk code and custom-developed tools.
Kategorie: Hacking & Security

PyPI Open-Source Code Repository Deals with Manic Malware Maelstrom

26 Květen, 2023 - 13:00
Public source code repositories, from Sourceforge to GitHub , from the Linux Kernel Archives to ReactOS.org , from PHP Packagist to the Python Package Index , better known as PyPI , are a fantastic source (sorry!) of free operating systems, applications, programming libraries, and developers' toolkits that have done computer science and software engineering a world of good.
Kategorie: Hacking & Security

CISA Warns Several Old Linux Vulns Exploited in Attacks

26 Květen, 2023 - 13:00
The Cybersecurity & Infrastructure Security Agency (CISA) added seven new Linux vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on Friday based on evidence of active exploitation, some of which have been known for a decade:
Kategorie: Hacking & Security

Linux Kernel DoS, Info Disclosure Bugs Fixed

25 Květen, 2023 - 13:00
Several important security issues have been found in the Linux kernel, including a slab-out-of-bound read problem (CVE-2023-1380), a heap out-of-bounds read/write vulnerability in the traffic control (QoS) subsystem (CVE-2023-2248), and an out-of-bounds write issue in the kernel before 6.2.13 (CVE-2023-31436). The vulnerabilities have received a National Vulnerability Database (NVD) rating of ''high-severity'' due to their high confidentiality, integrity and availability impact.
Kategorie: Hacking & Security

Important Ruby ReDoS Vulns Discovered & Fixed

25 Květen, 2023 - 13:00
Two important ReDoS issues have been found in the Ruby programming language; one in the URI component (CVE-2023-28755) and one in the Time component (CVE-2023-28756). It was discovered that the URI parser and the Time parser mishandle invalid URLs that have specific characters, causing an increase in execution time for parsing strings to URI and Time objects.
Kategorie: Hacking & Security

Is Linux A More Secure Option Than Windows For Businesses?

25 Květen, 2023 - 13:00
There are many factors to consider when choosing an OS, security being among one of the most critical. The general consensus among experts is that Linux is the most secure OS by design - an impressive feat that can be attributed to a variety of characteristics including its transparent open-source code, strict user privilege model, diversity, built-in kernel security defenses and the security of the applications that run on it.
Kategorie: Hacking & Security

Budgie-flavored Fedora Onyx To Be a New Immutable Fedora Variant

24 Květen, 2023 - 13:00
Fedora Onyx is now approved to be an official Fedora variant. A Budgie desktop user? You will love this!
Kategorie: Hacking & Security