| by Arround The Web

VMware Finds Linux Malware on the Rise

It’s not that Linux is insecure; it’s that it’s so often deployed without enough thought given to security.
The post VMware Finds Linux Malware on the Rise appeared first on Linux Today.

Share Button
Read More
| by Arround The Web

The Bill Comes Due: Securing Open-Source Software Isn’t Going to Be Cheap

Devs and maintainers are getting paid. But not to concentrate on security.
The post The Bill Comes Due: Securing Open-Source Software Isn’t Going to Be Cheap appeared first on Linux Today.

Share Button
Read More
| by Arround The Web

How Cybercriminals Use Malware to Target Linux Operating Systems

As the most common cloud operating system, Linux is a core part of digital infrastructure and is quickly becoming an attacker’s ticket into a multi-cloud environment. Learn how cybercriminals are using malware to target Linux-based operating systems he…

Share Button
Read More
| by Arround The Web

Metasploit Tutorial for Beginners – Basics to Advanced

Metasploit, one of the most widely used penetration testing tools, is a very powerful all-in-one tool for performing different steps of a penetration test. If you ever tried to exploit some vulnerable systems, chances are you have used Metasploit, or at least, are familiar with the name. It allows you to find information about system […]

The post Metasploit Tutorial for Beginners – Basics to Advanced appeared first on Linux Today.

Share Button
Read More
| by Arround The Web

How Hackers Compromise the Software Supply Chain

If you consider all the components you need for your software, you have a pretty long chain, and those components have dependencies too. Any weak link can compromise the entire software supply chain, putting your business at risk. Learn more about how …

Share Button
Read More
| by Arround The Web

A Polkit Vulnerability Gives Root on All Major Linux Distros

A 12-year-old security vulnerability has been disclosed in the Linux’s system utility Polkit, which grants attackers root privileges. You should obtain and apply a patch ASAP. Learn more here.
The post A Polkit Vulnerability Gives Root on All Major Lin…

Share Button
Read More
| by Arround The Web

Easily Exploitable Linux Flaw Exposes All Distributions: Qualys

An easily exploited flaw in a program, found by Qualys in every major Linux distribution, is the latest serious security issue that has arisen in the open-source space in recent weeks. Learn more here.
The post Easily Exploitable Linux Flaw Exposes All…

Share Button
Read More
| by Arround The Web

12-Year-Old PolicyKit Local Privilege Escalation Flaw Now Patched in Major Linux Distros

According to the researchers, the vulnerability (CVE-2021-4034) was discovered in PolicyKit’s pkexec tool, which incorrectly handled command-line arguments. This could lead to local privilege escalation, allowing any regular user in a GNU/Linux distribution to gain administrative privileges and run programs as an administrator (root). The good news is that most major GNU/Linux distributions already received […]

The post 12-Year-Old PolicyKit Local Privilege Escalation Flaw Now Patched in Major Linux Distros appeared first on Linux Today.

Share Button
Read More
| by Arround The Web

SimpleX Is a Chat Network that Preserves Metadata Privacy

SimpleX is an open-source, decentralized client-server chat network that preserves metadata privacy. It uses disposable nodes to asynchronously pass the messages, providing receiver and sender anonymity. Learn more about SimpleX here.
The post SimpleX …

Share Button
Read More
| by Arround The Web

Attacks Escalating Against Linux-Based IoT Devices

Incidents of malware targeting Linux-based Internet of Things (IoT) devices jumped by more than a third in 2021, with three malware families the primary drivers behind the increase. Learn more about how attacks are escalating against Linux-based IoT de…

Share Button
Read More
| by Arround The Web

VirusTotal Hacking: Finding Stolen Credentials Hosted on VirusTotal

VirusTotal, the popular online service for analyzing suspicious files, URLs and IP addresses, can be used to collect credentials stolen by malware, researchers at SafeBreach have found.
In fact, with a €600 VirusTotal license, they have managed to coll…

Share Button
Read More
| by Arround The Web

Open Source Security at the White House

Companies and developers, open-source organizations, and government agencies gather together to lock down and secure the software supply chain.
The post Open Source Security at the White House appeared first on Linux Today.

Share Button
Read More
| by Arround The Web

New Linux Kernel Vulnerability Patched in All Supported Ubuntu Systems, Update Now

Discovered by William Liu and Jamie Hill-Daniel, the new security flaw (CVE-2022-0185) is an integer underflow vulnerability found in Linux kernel’s file system context functionality, which could allow an attacker to crash the system or run programs as an administrator. The security vulnerability affects all supported Ubuntu releases, including Ubuntu 21.10 (Impish Indri) systems running […]

The post New Linux Kernel Vulnerability Patched in All Supported Ubuntu Systems, Update Now appeared first on Linux Today.

Share Button
Read More
| by Arround The Web

What is the ‘Ubuntu Pro’ Banner in Software Sources About?

Canonical is currently promoting a beta Ubuntu Pro for Desktop programme through the Software & Updates app on Ubuntu LTS releases. But what is it?
This post, What is the ‘Ubuntu Pro’ Banner in Software Sources About? is from OMG! Ubun…

Share Button
Read More
| by Arround The Web

Vulnerability in cryptsetup Allows Decrypting Part of LUKS2-Encrypted Device

An attacker with physical access to the medium could use this flaw to force a user into permanently disabling the encryption layer of that medium.
The post Vulnerability in cryptsetup Allows Decrypting Part of LUKS2-Encrypted Device appeared first on L…

Share Button
Read More
| by Arround The Web

How to Use Thunderbolt 3 and 4 on CentOS

A step-by-step guide on how to use Thunderbolt 3/4 on CentOS 8 and the different solutions you can apply in case you encounter any connection issues.
The post How to Use Thunderbolt 3 and 4 on CentOS appeared first on Linux Today.

Share Button
Read More
| by Arround The Web

Open Source Isn’t the Security Problem – Misusing It Is

Security is a process, not a product.
The post Open Source Isn’t the Security Problem – Misusing It Is appeared first on Linux Today.

Share Button
Read More
| by Arround The Web

When Open-Source Developers Go Bad

JavaScript developer Marak Squires wasn’t happy about not making money from his open-source libraries, so he deliberately corrupted them, leaving programmers and end-users with dead-in-the-water programs.
The post When Open-Source Developers Go B…

Share Button
Read More
| by Arround The Web

PATCH NOW: New Ubuntu Linux Kernel Security Updates Fix 9 Vulnerabilities

These new Linux kernel security updates are here a little over a month after the previous ones, which addressed six vulnerabilities, and they’re available for Ubuntu 21.10 (Impish Indri), Ubuntu 21.04 (Hisute Hippo), Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), as well as the Ubuntu 16.04 and 14.04 ESM releases. Patched in […]

The post PATCH NOW: New Ubuntu Linux Kernel Security Updates Fix 9 Vulnerabilities appeared first on Linux Today.

Share Button
Read More
| by Arround The Web

Use SSH Config File to Manage SSH Connections to Various Remote Servers

Using SSH profiles can help you in cases where you regularly connect to various servers without needing to remember the IP address and other such details.

The post Use SSH Config File to Manage SSH Connections to Various Remote Servers appeared fir…

Share Button
Read More