Verizon 2022 DBIR: External attacks and ransomware reign

Verizon has been issuing its yearly DBIR report for the last 15 years, providing security practitioners and executives around the world a glimpse into the global trends and patterns related to cyber incidents and data breaches. This year’s key takeaway? “There has been an alarming rise (13%) in ransomware breaches – a jump greater than […]

The post Verizon 2022 DBIR: External attacks and ransomware reign appeared first on Linux Today.

How to Install and Configure Fail2ban on Ubuntu 22.04

Fail2ban is free and open-source intrusion prevention system software (IPS). Learn how to install and configure Fail2ban on Ubuntu 22.04 here.
The post How to Install and Configure Fail2ban on Ubuntu 22.04 appeared first on Linux Today.

Best Wi-Fi Security & Performance Testing Tools for 2022

Modern Wi-Fi networks are more secure than early versions, but they still require support. Learn about the best Wi-Fi security & performance testing tools here.
The post Best Wi-Fi Security & Performance Testing Tools for 2022 appeared first o…

Open Source Software Security: Turning Sand into Concrete

Last week I had the privilege of participating in the Open Source Software Security Summit II in Washington, DC. The Linux Foundation and OpenSSF gathered around 100 participants from enterprise, the U.S. government, and the open source community to agree on an action plan to help increase the security of open source software.  If you […]

The post Open Source Software Security: Turning Sand into Concrete appeared first on Linux.com.

Log4j Vulnerability Puts Enterprise Data Lakes and AI at Risk

The Apache Log4j vulnerability, Log4Shell bug, is one of the most critical in the history of cybersecurity. Learn how it puts data lakes and AI at risk.
The post Log4j Vulnerability Puts Enterprise Data Lakes and AI at Risk appeared first on Linux Today.

Is Linux Really the Most Secure OS? Facts and Myths About Linux Security

This article offers a quick look into security on Linux and covers popular facts and myths about Linux security.
The post Is Linux Really the Most Secure OS? Facts and Myths About Linux Security appeared first on Linux Today.

Software Supply Chain: A Risky Time for Dependencies

Software development heavily relies on open-source platforms and third-party vendors because it speeds up the process and gives developers standard libraries. A wide range of people or organizations maintain the code, so it’s pretty hard to prevent sec…

New Ubuntu Linux Kernel Security Updates Patch 17 Vulnerabilities

Canonical has released several Ubuntu Linux kernel security updates for Ubuntu 21.10 (Impish Indri), Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), and Ubuntu 16.04 and 14.04 ESM.
The post New Ubuntu Linux Kernel Security Updates Pat…

Debian GNU/Linux 11 Users Get Massive Linux Kernel Security Update

The Debian Project has announced a massive Linux kernel security update for its Debian GNU/Linux 11 “Bullseye” OS series. Learn more here.
The post Debian GNU/Linux 11 Users Get Massive Linux Kernel Security Update appeared first on Linux Today.

New DNS Spoofing Threat Puts Millions of Devices at Risk

Security researchers have uncovered a critical vulnerability that could lead to DNS spoofing attacks in two popular C standard libraries that provide functions for common DNS operations.
The post New DNS Spoofing Threat Puts Millions of Devices at Risk…

New DNS Spoofing Threat Puts Millions of Devices at Risk

Security researchers have uncovered a critical vulnerability that could lead to DNS spoofing attacks in two popular C standard libraries that provide functions for common DNS operations.
The post New DNS Spoofing Threat Puts Millions of Devices at Risk…

Security Researchers Find Nearly 400,000 Exposed Databases

Databases contain some of the most critical data in enterprises, so vulnerabilities in them are serious issues. Learn what researchers have recently found in exposed databases.
The post Security Researchers Find Nearly 400,000 Exposed Databases appeare…

Nimbuspwn: New Root Privilege Escalation Found in Linux

The Microsoft 365 Defender Research Team has revealed several new Linux vulnerabilities collectively dubbed “Nimbuspwn.” Learn more here.
The post Nimbuspwn: New Root Privilege Escalation Found in Linux appeared first on Linux Today.

OpenSSH Security Hardening Guide for Linux

SSH is one of the most widely used protocols for system administration on Linux platforms. This guide shows how to harden the SSHd setup of your server.
The post OpenSSH Security Hardening Guide for Linux appeared first on Linux Today.

Nimbuspwn Bugs Allow Root Privilege Access on Some Linux Machines

Microsoft has unearthed two security vulnerabilities (CVE-2022-29799, CVE-2022-29800) in the networkd-dispatcher daemon that may be exploited by attackers to gain root on many Linux endpoints, allowing them to deploy backdoors, malware, ransomware, or …

Enable Browsing with DNS Over TLS (DoT) on Ubuntu Made Easy

Today we increasingly saw the importance of privacy and security in computing. This includes our browsing activity, which now needs protection even more than before. This tutorial will help you enable  DNS over TLS (DoT) on Ubuntu using Quad9 serv…

The State of Open Source Security in 2022

In this video for Help Net Security, Kurt Seifried, Chief Blockchain Officer and Director of Special Projects at Cloud Security Alliance, talks about the state of open source security in 2022.
The post The State of Open Source Security in 2022 appeared…

How To Connect to SSH Without Typing a Password

In this tutorial, we’ll explore two methods to connect to SSH without typing a password. Learn more here.
The post How To Connect to SSH Without Typing a Password appeared first on Linux Today.

Latest MITRE Endpoint Security Results Show Familiar Names on Top

MITRE Engenuity has released the latest round of its ATT&CK endpoint security evaluations, and the results show some familiar names leading the pack with the most detections.
The post Latest MITRE Endpoint Security Results Show Familiar Names on To…

Protecting Against the Spring4Shell Vulnerability

Spring4Shell (CVE-2022-22965) is a remote code execution (RCE) vulnerability that affects Spring Core. Learn about protecting against Spring4Shell here.
The post Protecting Against the Spring4Shell Vulnerability appeared first on Linux Today.