The OpenSSL Software Foundation released a completely refreshed version of the OpenSSL software, that handles much of the encrypted communications on the Internet. After over 7,500 commits and contributions from over 350 different authors, OpenSSL 3.0 …
Most Linux users have this question on their minds. “Linux does not need antivirus or firewall. Myth or truth?” Currently, the greatest dangers to which we expose ourselves when connecting to the Internet are viruses and malware. To avoid problems, especially when using a Windows PC, installation of an antivirus and firewall can prevent infection […]
The post “Linux Does Not Need Antivirus or Firewall” : Myth or Truth? appeared first on Linux Today.
Password managers help users to improve their online security not only by securing their passwords, but also by helping them generate strong and randomized passwords and encrypting them in a digital vault. Learn about 8 of the best password managers fo…
Software vulnerabilities are a grave threat to the security of computer systems. They often go undetected for years until it is too late and the consequences are irreversible. In order to find these weaknesses, software security testers and developers often have to manually test the entire codebase and determine if any vulnerabilities exist. However, this can take […]
The post Neural Fuzzing: A Faster Way to Test Software Security appeared first on Linux Today.
Over the years, I have come across many blogs that claim Linux is impenetrable by security attackers. While it is true that GNU/Linux operating systems for desktops and servers come with a lot of security checks in place to mitigate attacks, protection is not “enabled by default”. Check out these six must-have open source tools […]
The post 6 Must-Have Open Source Tools to Secure Your Linux Server appeared first on Linux Today.
All supported versions of FreeBSD are affected by various security bugs that need to be applied ASAP. For example, a memory corruption bug exists in the bhyve hypervisor. Another overwrite the stack of ggatec and potentially execute arbitrary code. The…
The Linux Foundation and allies will pay developers to help secure Linux and open-source software programs.
The post Get Paid to Improve Linux and Open-Source Security appeared first on Linux Today.
The biggest change in the IPFire 2.27 Core Update 159 release is a new major kernel update as the firewall/router distribution is now powered by the long-term supported Linux 5.10 LTS series, which will receive updates for five years, until December 2026. As expected, the new kernel version brings better hardware support with its many […]
The post IPFire Linux Firewall Distro Is Now Powered by the Long-Term Supported Linux 5.10 Kernel appeared first on Linux Today.
The new Ubuntu Linux security patches are available for the Ubuntu 21.04 (Hirsute Hippo), Ubuntu 20.04 LTS (Focal Fossa), and Ubuntu 18.04 LTS (Bionic Beaver) operating system series, and addresses three security issues related to the Bluetooth subsystem and NFC implementation affecting all three releases. These are CVE-2021-3564 and CVE-2021-3573, two flaws discovered in the […]
The post New Ubuntu Linux Security Patches Fix Up to Seven Vulnerabilities, Update Now appeared first on Linux Today.
Tribler is a free and open-source file-sharing app for Linux, macOS, and Windows. It adds something unique to the BitTorrent peer-to-peer protocol: onion routing. Onion routing, best known from the Tor Browser project, is a network routing scheme that relays connections via multiple proxies. Tribler encrypts your connections in layers so that each relay proxy […]
The post A Privacy Review of Tribler, the Onion-Routed BitTorrent App appeared first on Linux Today.
SIEM solutions can be expensive and difficult to manage, so one company built its own – and is pleased with the results. At last week’s Black Hat USA, NYC-based financial technology firm Two Sigma Investments took the virtual stage to outline why their existing solution didn’t cut it, the work needed to create an in-house security […]
The post An Investment Firm Built Its Own SIEM. Here’s How. appeared first on Linux Today.
SUSE Linux Enterprise Server 15 SP2 is now EAL 4+ level certified for IBM Z, Arm and x86-64 architectures, signifying compliance with the most demanding security requirements for mission-critical infrastructure.
SUSE’s Common Criteria EAL 4+ software s…
Managing network traffic is one of the toughest jobs system administrators have to deal with. They must configure the firewall in such a way that it will meet the system’s and users’ requirements for both incoming and outgoing connections, …
A vulnerability (CVE-2021-28372) in the SDK that allows IoT devices to use ThroughTek’s Kalay P2P cloud platform could be exploited to remotely compromise and control them, Mandiant researchers have discovered. Further attacks are possible depending on the functionality exposed by a device. Due to how the Kalay protocol is integrated by original equipment manufacturers (OEMs) […]
The post CVE-2021-28372: Critical Bug Allows Remote Compromise, Control of Millions of IoT Devices appeared first on Linux Today.
For everything from minor network infractions to devastating cyberattacks and data privacy troubles, digital forensics software can help clean up the mess and get to the root of what happened. Since the inception of data forensics almost forty years ago, methods for investigating security events have given way to a market of vendors and tools offering […]
The post Best Digital Forensics Tools & Software for 2021 appeared first on Linux Today.
In the following tutorial, you will learn how to install ModSecurity with Nginx on Ubuntu 20.04. ModSecurity, often referred to as Modsec, is a free, open-source web application firewall (WAF). ModSecurity was created as a module for the Apache HTTP Server. However, since its early days, the WAF has grown and now covers an array of HyperText Transfer Protocol request and response […]
The post How to Install ModSecurity with Nginx on Ubuntu 20.04 appeared first on Linux Today.
Rkhunter stands for “Rootkit Hunter” is a free and open-source vulnerability scanner for Linux operating systems. In this tutorial, we will explain, how to install and use Rkhunter on Debian 10 server.
The post Scan a Debian Server for Rootkits with Rk…
Website security is now one of the greatest concerns across most organizations and users alike in the face of growing cyber threats. There are several ways of securing your website. One of the primary ways of implementing some basic protection against hackers is to encrypt your site using an SSL/TLS certificate. Let’s look at how […]
The post Secure Apache with Let’s Encrypt Certificate on Rocky Linux appeared first on Linux Today.
Open source security has been a big focus of this week’s Black Hat conference, but no open source security initiative is bolder than the one proffered by the Open Source Security Foundation (OpenSSF). Amid discussions on the security of open source technologies like eBPF and Hadoop, OpenSSF speakers Jennifer Fernick, SVP and head of global […]
The post Open Source Security: A Big Problem appeared first on Linux Today.
Two of the largest government security agencies are laying out the key cyberthreats to Kubernetes, the popular platform for orchestrating and managing containers, and ways to harden the open-source tool against attacks. In a 52-page report released this week, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) noted the advantages to enterprises […]
The post NSA, CISA Report Outlines Risks, Mitigations for Kubernetes appeared first on Linux Today.