JavaScript developer Marak Squires wasn’t happy about not making money from his open-source libraries, so he deliberately corrupted them, leaving programmers and end-users with dead-in-the-water programs.
The post When Open-Source Developers Go B…
These new Linux kernel security updates are here a little over a month after the previous ones, which addressed six vulnerabilities, and they’re available for Ubuntu 21.10 (Impish Indri), Ubuntu 21.04 (Hisute Hippo), Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), as well as the Ubuntu 16.04 and 14.04 ESM releases. Patched in […]
The post PATCH NOW: New Ubuntu Linux Kernel Security Updates Fix 9 Vulnerabilities appeared first on Linux Today.
Read MoreUsing SSH profiles can help you in cases where you regularly connect to various servers without needing to remember the IP address and other such details.
The post Use SSH Config File to Manage SSH Connections to Various Remote Servers appeared fir…
Read MoreSSHGuard is an open-source daemon that shields hosts from brute-force attacks. It accomplishes this through monitoring and aggregation of system logs, detecting attacks, and blocking attackers using Linux firewall backends. Learn more here.
The post Ho…
The post How to Block SSH Brute Force Attacks Using SSHGUARD first appeared on Tecmint: Linux Howtos, Tutorials & Guides .SSHGuard is an open-source daemon that shields hosts from brute-force attacks. It accomplishes this through monitoring and aggrega…
Read MoreEveryone knows that Linux systems come with root user access and by default, root access is enabled for the outside world. For security reasons, it’s not a good idea to have ssh root access enabled for unauthorized users. Because any hacker can try to brute force your password and gain access to your system. Here, […]
The post Disable or Enable SSH Root Login and Limit SSH Access in Linux appeared first on Linux Today.
Read MoreOne of the easiest ways to protect and secure SSH logins is by displaying warning messages to unauthorized users or welcome/informational messages to authorized users. Learn more about protecting SSH logins with banner messages here.
The post Protect S…
Linux and open-source software will be hotter than ever, but the real changes will be in how they’re secured.
The post In 2022, Security Will Be Linux and Open-Source Developers’ Job Number One appeared first on Linux Today.
In this guide we will explore how to configure a scan policy on Nessus, later we will also use this policy to create a scan. We will then select a target system for scanning.
The post How to Configure a Nessus Vulnerability Scan Policy appeared first o…
Due to the extraordinary widespread use of the open-source Apache Log4j library, the saga of the Log4Shell (CVE-2021-44228) vulnerability is nowhere near finished. As Dr. Johannes Ullrich, Dean of Research at the SANS Technology Institute, recently noted, “Log4Shell will continue to haunt us for years to come.” His advice? “Dealing with Log4Shell will be a […]
The post Log4Shell: A New Fix, Details of Active Attacks, and Risk Mitigation Recommendations appeared first on Linux Today.
Read MoreA vulnerability (CVE-2021-39685) has been identified in USB Gadget, a subsystem of the Linux kernel that provides a programming interface for creating client USB devices and software simulation of USB devices. This could lead to a kernel leak, crash, or arbitrary code execution at the kernels. The attack is carried out by an unprivileged local […]
The post Vulnerability Found in the USB Gadget Linux Kernel Subsystem appeared first on Linux Today.
Read MoreNation-state cyber threat groups and ransomware attackers are moving in to exploit a critical flaw found in the seemingly ubiquitous Apache Log4j open-source logging tool, as attacks spread just days after the vulnerability that could affect hundreds o…
Read MoreA basic hands-on tutorial that shows you how to get started with encrypting and decrypting files with GPG in Linux.
The post Using GPG to Encrypt and Decrypt Files on Linux [Hands-on for Beginners] appeared first on Linux Today.
Everybody says that Linux is secure by default and agreed to some extent, though that’s a debateable topic. Linux does have in-built security model in place by default. But you may need to tune it up and customize it as per your need to make the system more secure. Linux is harder to manage but […]
The post 25 Hardening Security Tips for Linux Servers appeared first on Linux Today.
Read MoreFontOnLake is a new malware that can attack Linux systems. A somewhat unprecedented issue for this malware is the fact that developers are constantly tweaking modules so that they evolve to infect as many systems as possible. Learn more about FontOnLak…
Read MoreA critical vulnerability in the open-source logging software Apache Log4j 2 is fueling a chaotic race in the cybersecurity world, with the Apache Software Foundation (ASF) issuing an emergency security update as bad actors searched for vulnerable serve…
Read MoreXMGoat is an open-source tool that enables penetration testers, red teamers, security consultants, and cloud experts to learn how to work with misconfigurations within the Azure environment.
Misconfigurations within Azure environments are common. It’s …
Discover CrowdSec, the open-source and crowd-powered cybersecurity solution for Linux and learn how it can help you secure your PHP websites.
The post Protect your PHP Websites with CrowdSec, the Open-Source, Participative IPS for Linux appeared first …
Researchers at Spectral recently discovered a security flaw in Kafdrop, a popular open-source UI and management interface for Apache Kafka clusters that has been downloaded more than 20 million times. The Kafdrop flaw has allowed the data from Kafka clusters – everything from financial transactions to mission-critical data – to be exposed internet-wide. It can […]
The post Kafdrop Security Flaw Exposes Kafka Clusters Data appeared first on Linux Today.
Read MoreAcra’s features enable the implementation of application-level encryption in modern cloud applications, saving development costs and allowing tighter grip on sensitive data lifecycle. Security teams value that Acra unifies security control set around sensitive data, combining 9 strong data security controls on one choke point to data access: application-level encryption, searchable encryption, data masking, data […]
The post Acra: Open-source Database Protection with Field-level Encryption and Intrusion Detection appeared first on Linux Today.
Read More