LinuxSecurity.com

LinuxSecurity.com has been using the open-source Joomla content management system (CMS) and PHP scripting language for nearly three decades and recently completed a migration to the latest versions, Joomla 4 and PHP 8, to take advantage of new features and optimizations to provide visitors with an enhanced user experience. We've decided to pull back the curtain on our experience with the migration to Joomla 4 and PHP 8 to provide users who are planning to migrate their websites with insight into the lessons we learned.

Researchers have discovered a never-before-seen backdoor for Linux that's being used by a threat actor linked to the Chinese government.

A critical buffer overflow vulnerability has been found in c-ares before 1_16_1 thru 1_17_0 via the function ares_parse_soa_reply in ares_parse_soa_reply.c ( CVE-2020-22217 ). Due to how simple this bug is to exploit and its significant threat to the confidentiality, integrity, and availability of impacted systems, it has received a National Vulnerability Database base score of 9.8 out of 10 (''Critical'' severity).

You'll be surprised at how easy it is to harden the Ubuntu Server and ensure your deployments' foundation is as secure as possible.

It turns out that Ubuntu Linux installations of Ubuntu 23.04, 22.04.3 LTS, and installs done since April 2023 that accepted the Snap version update haven't been following Ubuntu's own recommended security best practices for their security pocket configuration for packages. A new Subiquity release was issued today to fix this problem while those on affected Ubuntu installs are recommended to manually edit their /etc/apt/sources.list file.

APT36 is a highly sophisticated APT (Advanced Persistent Threat) group known for conducting targeted espionage in South Asia and is strongly linked to Pakistan.

Multiple severe, remotely exploitable security vulnerabilities have been found in Chromium, including out-of-bounds memory access in V8, CSS, and Fonts ( CVE-2023-4427 , CVE-2023-4428 , and CVE-2023-4431 ), and use after frees in Loader and Vulkan ( CVE-2023-4429 and CVE-2023-4430 ). Because of the serious threat these bugs pose to the confidentiality, integrity, and availability of impacted systems and their ease of exploitation, they have all received a National Vulnerability Database severity rating of ''High''.

A critical memory safety bug has been discovered in Thunderbird 115.0 and Thunderbird 102.13 ( CVE-2023-4056 ). Due to the severity of this vulnerability's threat to the confidentiality, integrity, and availability of impacted systems, it has received a National Vulnerability Database base score of 9.8 out of 10. Other severe vulnerabilities have also been found in Thunderbird, including improper validation of the Text Direction Override Unicode Character in filenames ( CVE-2023-3417 ) and copying of an untrusted input stream to a stack buffer without checking its size ( CVE-2023-4050 ).

A critical vulnerability was found in the OpenDMARC open-source implementation of the DMARC specification. It was discovered that OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 incorrectly handled certain inputs, resulting in remote memory corruption in certain situations ( CVE-2020-12460 ). This vulnerability has received a National Vulnerability Database base score of 9.8 out of 10 (''Critical'' severity).

We do not often talk about Linux malware because it is often quickly patched up and not exploited much in the wild compared to Windows/macOS. However, there has been a concern regarding the Free Download Manager (a decently popular cross-platform download manager).

One of the new Linux networking features we've been looking forward to seeing in the kernel is TCP Authentication Option (TCP-AO / RFC5925) as a means of improving TCP security and authenticity. The eleventh iteration of the TCP-AO patches were posted today for the Linux kernel with it looking like work on this network addition potentially wrapping up soon.

More RISC-V architecture updates were merged this weekend for the ongoing Linux 6.6 merge window.

Since early this year AMD has been working on Linux enablement patches for Dynamic Boost Control (DBC). This is a new feature of some AMD SoCs that allow an "authenticated entity" to have greater control over certain SoC characteristics to improve the power/performance. AMD DBC was merged for Linux 6.6 just days ago while already new patches have been posted that extend the supported platforms for this Dynamic Boost Control functionality.

The recent news regarding Red Hat's decision to limit access to the source code of their Red Hat Enterprise Linux (RHEL) distribution has garnered considerable attention. "It is wise to make sure security and IT compliance aspects are addressed. Perhaps more open source Linux distributions will appear in the near future and offer another alternative to CentOS Linux."

In the world of web development, terms like MEAN, MERN, LEMP, and PERN are frequently encountered. These terms refer to web stacks, which are bundles of software, frameworks, and libraries used for building full-stack web applications. One such popular web stack is LEMP. In this comprehensive guide, we will explore what the LEMP stack is, its components, how it works, and why it is popular in web development.

The usage of Blueshell malware spikes up by various threat actors to target Windows, Linux, and other operating systems across Korea and Thailand.

Two major security vulnerabilities were recently discovered in PHP. It was discovered that PHP incorrectly handled certain XML files ( CVE-2023-3823 ) and certain PHAR files ( CVE-2023-3824 ). Due to their ease of exploitation and the severe threat that these issues pose to impacted systems, these vulnerabilities have been rated by the National Vulnerability Database as High-Severity and Critcial, respectively.