Tag: LinuxSecurity.com – Hybrid RSS

It’s no secret that the IT department has struggled with encryption for Linux devices many years due to a gap in the management and compliance capability available in their current Linux solution sets. This article has been indexed from LinuxSecurity.com…

Read more →

An update that fixes 6 vulnerabilities, contains two features is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3339-1 moderate: ardana-ansible, ardana-cobbler, ardana-tempest, grafana, opens

Read more →

An update that fixes 7 vulnerabilities, contains one feature is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3338-1 moderate: ardana-ansible, ardana-cobbler, grafana, openstack-heat-templa

Read more →

The system could be made to crash if it received specially crafted network traffic. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5634-1: Linux kernel (OEM) vulnerability

Read more →

Python could be made to redirect web traffic if its http.server received a specially crafted request. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5629-1: Python vulnerability

Read more →

Rhodri James discovered a heap use-after-free vulnerability in the doContent function in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed. This…

Read more →

Several security issues were fixed in the Linux kernel. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5633-1: Linux kernel vulnerabilities

Read more →

Several security issues were fixed in libjpeg-turbo. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5631-1: libjpeg-turbo vulnerabilities

Read more →

Sandipan Roy discovered two vulnerabilities in InfoZIP’s unzip program, a de-archiver for .zip files, which could result in denial of service or potentially the execution of arbitrary code. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the…

Read more →

Several security issues were fixed in the Linux kernel. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5630-1: Linux kernel (Raspberry Pi) vulnerabilities

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3334-1 important: cdi-apiserver-container, cdi-cloner-container, cdi-controller

Read more →

PCRE could be made to expose sensitive information. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5627-1: PCRE vulnerabilities

Read more →

An update that fixes three vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3252-2 moderate: freetype2

Read more →

Oh cool, a 5,500-day security hole This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Alert: 15-year-old Python tarfile Flaw Lurks in ‘Over 350,000’ Code Projects

Read more →

It’s been two weeks since the release of LLVM 15.0 and its sub-projects like Clang 15.0 so per their rapid release rhythm, LLVM 15.0.1 is out with the initial batch of fixes. This article has been indexed from LinuxSecurity.com –…

Read more →

Cybersecurity threats are on the rise. With the rapid shift of the business environment to digital work, and the growing trends of work-from-home and global workforces, hackers and cybercriminals can have a field day. This article has been indexed from…

Read more →

Red Hat OpenShift Virtualization release 4.9.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability…

Read more →

An update that solves three vulnerabilities and has two fixes is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3333-1 important: kubevirt, virt-api-container, virt-controller-container, virt

Read more →

The container bci/dotnet-sdk was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2322-1 bci/dotnet-sdk Security Update

Read more →

The container bci/golang was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2328-1 bci/golang Security Update

Read more →

The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2329-1 bci/rust Security Update

Read more →

Backport fix for CVE-2022-38784. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 35: mingw-poppler 2022-51b27699ce

Read more →

Backport fix for CVE-2022-38784. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: mingw-poppler 2022-f7b375eae8

Read more →

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. (CVE-2022-25647) References: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…

Read more →

Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30560) References: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the…

Read more →

A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine (CVE-2022-31676). References: – https://bugs.mageia.org/show_bug.cgi?id=30770 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article:…

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3331-1 important: libconfuse0

Read more →

An attacker can send a message with evil sdp to FreeSWITCH, which may a cause a crash due to an out-of-bounds access. (CVE-2022-31001) An attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. (CVE-2022-31002)…

Read more →

When injecting an HTML base element, some requests would ignore the CSP’s base-uri settings and accept the injected element’s base instead (CVE-2022-40956). By injecting a cookie with certain special characters, an attacker on a This article has been indexed from…

Read more →

An update that solves two vulnerabilities and has one errata is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3326-1 important: go1.19

Read more →

An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically ran `git` commands in order to display information about the current repository in the prompt.…

Read more →

Red Hat OpenShift Container Platform release 4.10.33 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. This article has been…

Read more →

Several security issues were fixed in the Linux kernel. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5623-1: Linux kernel (HWE) vulnerabilities

Read more →

As the open-source model continues to prove its sustainability in the enterprise, the software community is ramping up its security-mindedness. That concern was evident in recent weeks as leading Linux groups led the way for better code security. This article…

Read more →

Several security issues were fixed in Bind. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5626-1: Bind vulnerabilities

Read more →

It was discovered that the wordexp() function of tinygltf, a library to load/save glTF (GL Transmission Format) files was susceptible to command execution when processing untrusted files. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…

Read more →

At the Kernel Maintainers Summit, the question wasn’t, “Would Rust make it into Linux?” Instead, it was, “What to do about its compilers?” This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Linus Torvalds: Rust…

Read more →

With the rise of containers and virtual machines, some system administrators check their system logs less frequently. However, this is a mistake. Even if an application is containerized, it is still important to keep and analyze logs. This article has…

Read more →

Mako could be made to denial of service if it received a specially crafted regular expression. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5625-1: Mako vulnerability

Read more →

Linux is more secure than other operating systems. But that’s not the only reason why you might not need an antivirus or firewall while using Linux. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article:…

Read more →

Virtual private networks, or VPNs, have gained popularity, especially among enterprises, since they offer high security without sacrificing convenience. One of the most economical cybersecurity choices available today, they are simple to set up and utilize. This article has been…

Read more →

A checksum is a small-sized block of data that is used to identify faults in files introduced during transmission or storage. Checksums are frequently used to verify data integrity but are not used to validate data validity. In simple terms,…

Read more →

Due to its ability to act as the backend server for web applications, Node.js is becoming a trendy platform these days. However, it becomes crucial to take into account Node.js security policies when it comes to the world of microservices.…

Read more →

Learn about a File Descriptor vulnerability that was exposed at Blackhat USA 2022, and the lessons we can take away from this discovery. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: BlackHat USA 2022:…

Read more →

Let’s take a brief look at what Guillaume Fournier from Datadog presented at Blackhat USA 2022: ”One of the fastest growing subsystems in the Linux Kernel is, without any doubt, eBPF (extended Berkeley Packet Filter).” This article has been indexed…

Read more →

RavenDB , the veteran transactional NoSQL database, is used by hundreds of startups and many Fortune 500 companies around the world thanks to its reputation as an agile , safe , efficient , and stable database. RavenDB can integrate with…

Read more →

Last week, hackers, researchers, cybersecurity companies, and government officials descended on Las Vegas for Black Hat and DEFCON, lovingly referred to by many as ”hacker summer camp”. This year’s events marked the 25th and 30th anniversaries of Black Hat and…

Read more →

There are many reasons why one might choose a VPN whether it be for privacy or unlocking geo-restricted content however, no one really takes into account the VPN protocols that these VPN providers use. This article has been indexed from…

Read more →

What is Open Source Intelligence (OSINT)?Open Source Intelligence (OSINT) is the practice of collecting information from published or publicly available sources for intelligence purposes. The term ”Open Source’ within OSINT refers to the public nature of the analyzed data; publicly…

Read more →

A memoir written by Dave Wreski, Guardian Digital CEO, Founder of LinuxSecurity.com and author of the Linux Security Quick Reference Guide and Linux Security HOWTO . This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article:…

Read more →

If you use Linux, whether it is just to browse the web, use it as a VPN server, or even if you use it to hack people (Just kidding!), then it is pretty essential and worthwhile to understand the pros…

Read more →

The use of Web Applications is growing amongst businesses, however, that also makes these businesses a target for Cyber Criminals to attack. If there are vulnerabilities within your Web Application, then that means there is a flaw that attackers may…

Read more →

Virtual Private Networks (VPNs) were initially created to grant workers who are remote, workers who travel, or workers who do not tend to be in the office access to the local network over an insecure network connection when they are…

Read more →

Now more than ever, people, developers, and businesses alike consider PHP a dying language and that it might have no place in the IT/Dev World. However, PHP is one of the most popular programming languages still in use today. It…

Read more →

Thank you to Lerma for contributing this article. What is the impact of AI on cybersecurity today?AI is making a difference for companies feeling the pinch of strained resources. The resilience of tech-savvy cyber hackers is another reason cybersecurity strategists…

Read more →

Nowadays, Linux systems are considered fairly secure, as people think that Linux rarely gets infected with malware such as viruses, rootkits, worms, etc. You might also see that we hardly ever come across Antivirus software being sold for Linux, giving…

Read more →

End-to-end encryption is an increasingly popular method that online services are using to ensure their users’ security. End-to-end encryption, also known as E2EE, encodes messages sent from one user to another in a way that ensures that only the sender…

Read more →

The popularity of web applications is constantly growing as businesses and corporations host several services through them. However, companies and businesses that do have web applications still face the threat of vulnerabilities. A vulnerability is a flaw in your system…

Read more →

In the previous part of our Hacker’s Corner series, we covered anti-debugging using a trivial self-modifying code. Here, instead of blocking debugging completely, we will detect various debugger-induced activities. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read…

Read more →

In our previous Hacker’s Corner article, we covered some simple anti-debugging. Here, we will see some better techniques. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Hacker’s Corner: Complete Guide to Anti-Debugging in Linux…

Read more →

What good is a keylogger (or any such tool, for that matter), that is reversed using a debugger within minutes? Let’s level up just a little bit, and try to make malware analyst’s job slightly more involved. This article has…

Read more →

While the internet provides many benefits, it also brings new risks and challenges. One of the most common and notable of these is the threat to our privacy. Some users might think that they are protected by their browser, search…

Read more →

Believe it or not, you might be using a deprecated Linux command. It’s not really your fault. You are either habitual of using those commands or learned them through old, obsolete tutorials on the web. This article has been indexed…

Read more →

Globally, there are roughly 30,000 web-based cyberattacks daily, primarily targeting smaller businesses and smaller websites. To put it into perspective, that is an estimated 1 cyberattack every 3 seconds that targets websites specifically. Cyber-criminals will not hesitate to attack your…

Read more →

Today, one of the most popular ways for free websites and browsers to make a profit is tracking and selling user data to advertisers. While most tracking is behind the scenes and discreet, allowing oneself to be tracked can have…

Read more →

With web and API security becoming an increasingly important aspect of software development, ”shift left” is gaining wide acceptance as a best practice to ensure security integrates with development early. More and more cybersecurity companies are releasing relevant products and…

Read more →

Web applications are today an integral part of most business operations. They are commonly used for storing, processing, or transmitting data as a part of various business operations. However, these web applications are often exposed to huge cyber risks. They…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Thank You for Participating in Our Security Dashboard Redesign…

Read more →

Technology is developing and advancing tremendously. New inventions are delivered to the market every year and all of these improve the entire domain a lot. But because there are so many options and opportunities on the market, you might end…

Read more →

Canonical, the company behind top Linux distro Ubuntu, has announced a new variant of the open source operating system, optimized for IoT and edge devices. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu…

Read more →

With email-related attacks becoming increasingly prevalent and serious, securing your business email accounts is more important than ever before. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Email Security FAQs Answered by Guardian Digital

Read more →

In this interview Dave Wreski, Guardian Digital CEO and Founder, discusses Guardian Digital’s utilization of Open Source in the development of cutting-edge email security solutions and the advantages of investing in these solutions to secure your business email. This article…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS In Complete Guide to Keylogging in Linux: Part 1 and Complete Guide to Keylogging in Linux: Part 2 , we covered how a keylogger can be written for Linux in…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS In Complete Guide to Keylogging in Linux: Part 1 and Complete Guide to Keylogging in Linux: Part 2 , we covered how a keylogger can be written for Linux in…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS In Complete Guide to Keylogging in Linux: Part 1 and Complete Guide to Keylogging in Linux: Part 2 , we covered how a keylogger can be written for Linux in…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS Learn about the growing importance of scanning Linux systems for malware, and our favorite tools for doing so. Read the original article: The Three Best Tools You Need to Scan…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS As open-source software becomes increasingly common in the infrastructure of businesses, it is essential to ensure the security of the software being relied upon. An increasingly popular cyber security solution…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS This article will explore the key benefits and potential drawbacks of open source security in under a minute. Read the original article: Open Source Security: Key Benefits & Drawbacks You…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS Looking to secure the Joomla website? Here are some of the best practices to prevent the Joomla website from getting hacked by cyberattackers in 2022. Read the original article: Joomla…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS In Complete Guide to Keylogging in Linux: Part 1 , we covered how a keylogger can be written for Linux, by reading events directly from keyboard device. Today, we will…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS Being able to improve your career in cyber security is something that can be hugely fulfilling, and there are a lot of great ideas you can use that will help…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS While allowing public access to the sensitive behind-the-scenes operation of a program sounds risky, open-source software actually has the potential to be even more secure than a program with hidden…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS Peer-to-peer (P2P) torrenting users face a multitude of risks, ranging from downloading malware to inadvertently downloading unauthorized content. Your computer may get infected with viruses, your ISP may limit your…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS As we rapidly transition to an increasingly digital society, data protection is a greater concern than ever before. Encryption is one of the most effective and widely used methods of…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS Ethical hacking might sound contradictory, but leveraging the skills of the ”white hat’ hacker community has done a great deal for safety and security on the internet. Nowhere does this…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS In this first part of our Complete Guide to Keylogging in Linux, we will explore the basics of keylogging and its importance in the realm of Linux security, and dive…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS In this first part of our Complete Guide to Keylogging in Linux, we will explore the basics of keylogging and its importance in the realm of Linux security, and dive…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS Last Friday, Microsoft announced that they have discovered a new botnet that exposes both Windows and Linux computers and web servers to new threats. The botnet, known as Sysrv-K, takes…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS With the rise of cloud computing and mobility and the remote work environment brought on by the pandemic, securing Linux endpoint devices has never been more challenging for the organization…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS With the rise of cloud computing and mobility and the remote work environment brought on by the pandemic, securing Linux endpoint devices has never been more challenging for the organization…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS Greetings fellow Linux security enthusiasts,Interested in becoming a LinuxSecurity contributor, but need an article topic idea and some guidance to help you get started? Read the original article: Call for…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS The Art of Cyberwarfare: An Investigator’s Guide to Espionage, Ransomware, and Organized Cybercrime , by Jon DiMaggio comes at a time in American History when everyone ranging from business owners…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS Recent years have demonstrated that Windows users are not the only ones who should be concerned about malware. Linux is becoming an increasingly popular target among malware operators due to…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS System administrators make mistakes and that’s fine, as long as they learn from them. Learning from your mistakes will develop more skills, advance your career, and make you a better…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS The primary goal of firewall penetration testing is to prevent unauthorized internet access to your organization’s internal network, or check to make sure your security policy is doing what you…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS Nmap , short for ”Network Mapper”, is an open-sourced tool for network discovery and auditing. It is now one of the most widely used tools for network mapping by system…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS maddog, as he’s affectionately known throughout the Linux and open source community, has made a career of being in the trenches with the Linux developers, teaching them the way of…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS Real-time alerting is a feature of an IDS or any other monitoring application that notifies a person of an event in an acceptably short amount of time. The amount of…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS The Qualys Research Team reached out to LinuxSecurity after discovering a memory corruption vulnerability in polkit’s pkexec. Pkexec is a SUID-root program that is installed by default on every major…

Read more →

This article has been indexed from LinuxSecurity.com – Hybrid RSS Recent years have demonstrated that Windows users are not the only ones who should be concerned about malware. Linux is becoming an increasingly popular target among malware operators due to…

Read more →