A critical vulnerability discovered in the open-source load balancer and proxy server HAProxy could enable bad actors to launch an HTTP Request Smuggling attack, which would let them bypass security controls and gain unauthorized access to sensitive da…
The Whonix 16 distribution—aimed at providing guaranteed anonymity, security, and protection of private information—has dropped. Whonix boot images are built to run under the control of the KVM hypervisor. Builds for VirtualBox and for use on the Qubes operating system are delayed, while Whonix 16 test builds continue to ship. The developments of the project […]
The post Whonix 16, an Anonymous Communications Distribution, is Available Now appeared first on Linux Today.
Version 4.22 of The Amnesic Incognito Live System, better known as Tails, rolled out recently. The new version is entirely focused on solving the most important issues in the Tor Connection assistant, making it more robust and easier to use. Learn more…
The OpenSSL Software Foundation released a completely refreshed version of the OpenSSL software, that handles much of the encrypted communications on the Internet. After over 7,500 commits and contributions from over 350 different authors, OpenSSL 3.0 …
Most Linux users have this question on their minds. “Linux does not need antivirus or firewall. Myth or truth?” Currently, the greatest dangers to which we expose ourselves when connecting to the Internet are viruses and malware. To avoid problems, especially when using a Windows PC, installation of an antivirus and firewall can prevent infection […]
The post “Linux Does Not Need Antivirus or Firewall” : Myth or Truth? appeared first on Linux Today.
Password managers help users to improve their online security not only by securing their passwords, but also by helping them generate strong and randomized passwords and encrypting them in a digital vault. Learn about 8 of the best password managers fo…
Software vulnerabilities are a grave threat to the security of computer systems. They often go undetected for years until it is too late and the consequences are irreversible. In order to find these weaknesses, software security testers and developers often have to manually test the entire codebase and determine if any vulnerabilities exist. However, this can take […]
The post Neural Fuzzing: A Faster Way to Test Software Security appeared first on Linux Today.
Over the years, I have come across many blogs that claim Linux is impenetrable by security attackers. While it is true that GNU/Linux operating systems for desktops and servers come with a lot of security checks in place to mitigate attacks, protection is not “enabled by default”. Check out these six must-have open source tools […]
The post 6 Must-Have Open Source Tools to Secure Your Linux Server appeared first on Linux Today.
All supported versions of FreeBSD are affected by various security bugs that need to be applied ASAP. For example, a memory corruption bug exists in the bhyve hypervisor. Another overwrite the stack of ggatec and potentially execute arbitrary code. The…
The Linux Foundation and allies will pay developers to help secure Linux and open-source software programs.
The post Get Paid to Improve Linux and Open-Source Security appeared first on Linux Today.
The biggest change in the IPFire 2.27 Core Update 159 release is a new major kernel update as the firewall/router distribution is now powered by the long-term supported Linux 5.10 LTS series, which will receive updates for five years, until December 2026. As expected, the new kernel version brings better hardware support with its many […]
The post IPFire Linux Firewall Distro Is Now Powered by the Long-Term Supported Linux 5.10 Kernel appeared first on Linux Today.
The new Ubuntu Linux security patches are available for the Ubuntu 21.04 (Hirsute Hippo), Ubuntu 20.04 LTS (Focal Fossa), and Ubuntu 18.04 LTS (Bionic Beaver) operating system series, and addresses three security issues related to the Bluetooth subsystem and NFC implementation affecting all three releases. These are CVE-2021-3564 and CVE-2021-3573, two flaws discovered in the […]
The post New Ubuntu Linux Security Patches Fix Up to Seven Vulnerabilities, Update Now appeared first on Linux Today.
Tribler is a free and open-source file-sharing app for Linux, macOS, and Windows. It adds something unique to the BitTorrent peer-to-peer protocol: onion routing. Onion routing, best known from the Tor Browser project, is a network routing scheme that relays connections via multiple proxies. Tribler encrypts your connections in layers so that each relay proxy […]
The post A Privacy Review of Tribler, the Onion-Routed BitTorrent App appeared first on Linux Today.
SIEM solutions can be expensive and difficult to manage, so one company built its own – and is pleased with the results. At last week’s Black Hat USA, NYC-based financial technology firm Two Sigma Investments took the virtual stage to outline why their existing solution didn’t cut it, the work needed to create an in-house security […]
The post An Investment Firm Built Its Own SIEM. Here’s How. appeared first on Linux Today.
SUSE Linux Enterprise Server 15 SP2 is now EAL 4+ level certified for IBM Z, Arm and x86-64 architectures, signifying compliance with the most demanding security requirements for mission-critical infrastructure.
SUSE’s Common Criteria EAL 4+ software s…
Managing network traffic is one of the toughest jobs system administrators have to deal with. They must configure the firewall in such a way that it will meet the system’s and users’ requirements for both incoming and outgoing connections, …
A vulnerability (CVE-2021-28372) in the SDK that allows IoT devices to use ThroughTek’s Kalay P2P cloud platform could be exploited to remotely compromise and control them, Mandiant researchers have discovered. Further attacks are possible depending on the functionality exposed by a device. Due to how the Kalay protocol is integrated by original equipment manufacturers (OEMs) […]
The post CVE-2021-28372: Critical Bug Allows Remote Compromise, Control of Millions of IoT Devices appeared first on Linux Today.
For everything from minor network infractions to devastating cyberattacks and data privacy troubles, digital forensics software can help clean up the mess and get to the root of what happened. Since the inception of data forensics almost forty years ago, methods for investigating security events have given way to a market of vendors and tools offering […]
The post Best Digital Forensics Tools & Software for 2021 appeared first on Linux Today.
In the following tutorial, you will learn how to install ModSecurity with Nginx on Ubuntu 20.04. ModSecurity, often referred to as Modsec, is a free, open-source web application firewall (WAF). ModSecurity was created as a module for the Apache HTTP Server. However, since its early days, the WAF has grown and now covers an array of HyperText Transfer Protocol request and response […]
The post How to Install ModSecurity with Nginx on Ubuntu 20.04 appeared first on Linux Today.
Rkhunter stands for “Rootkit Hunter” is a free and open-source vulnerability scanner for Linux operating systems. In this tutorial, we will explain, how to install and use Rkhunter on Debian 10 server.
The post Scan a Debian Server for Rootkits with Rk…