DevOps.com

APRIL 7, 2021

Linux does, occasionally, raise security concerns. While many users see it as the most secure, robust and versatile operating system available — that’s this writer’s opinion, as well — security precautions still have to be taken.

Linux 144

Linux Operating System System Open Source 144

Lacework

FEBRUARY 27, 2023

These days, in both on-premise datacenters and cloud environments, Linux servers are at the core of enterprise computing. And most enterprises abide by commonly accepted guidelines for securing virtualized Linux servers with least-privilege access control, file encryption, segmentation, process isolation, and other best practices.

Linux 52

Linux Guidelines Virtualization Enterprise 52

Tenable

SEPTEMBER 15, 2023

Tasked with securing your org’s new AI systems? Plus, open source security experts huddled at a conference this week – find out what they talked about. That’s the topic of the paper “ Securing AI: Similar or Different? published by Google’s Cybersecurity Action Team. ” published by Google’s Cybersecurity Action Team.

Open Source 115

Open Source Systems Review System Software Review 115

Synopsys

AUGUST 18, 2022

This in-depth analysis explores CVE-2020-25669, a vulnerability that exploited a memory corruption issue in Linux Kernel. The post CyRC Case Study: Exploitable memory corruption using CVE-2020-25669 and Linux Kernel appeared first on Application Security Blog.

Case Study 142

Case Study Linux Study Analysis 142

DevOps.com

APRIL 7, 2020

The Linux Foundation announced today it will host the seL4 Foundation, the nonprofit organization established by Data61, an arm of Commonwealth Scientific and Industrial Research Organization (CSIRO) in Australia that has been developing the seL4 microkernel operating system.

Linux 111

Linux Nonprofit Operating System Research 111

Tenable

MARCH 29, 2024

Frequently asked questions about CVE-2024-3094, a supply-chain attack responsible for a backdoor in XZ Utils, a widely used library found in multiple Linux distributions. What Linux distributions are affected? build of XZ as a precaution Red Hat Enterprise Linux (RHEL) [link] No versions of RHEL are affected.

Linux 142

Linux Open Source Authentication Operating System 142

Linux Academy

FEBRUARY 5, 2019

Wondering if information security is the right profession for you? I’ve been working in information security for many years and have had the opportunity to fill a variety of roles. In this post, I’ll fill you in about some of the available jobs in information security and what it takes to succeed in each one.

Firewall 75

Firewall Backup Testing Systems Administration 75

Ooda Loop

MARCH 6, 2024

Cado Security has issued a warning about a cryptojacking campaign leveraging Linux malware, which targets misconfigured Apache Hadoop, Confluence, Docker, and Redis instances with innovative malicious payloads.

Malware 53

Malware Linux Cloud Innovation 53

Aqua Security

APRIL 21, 2022

Today, cloud native platforms are increasingly using eBPF-based security technology. Tracee is an open source runtime security and forensics tool for Linux that is powered by eBPF and is more optimized for secure tracing.

Linux 142

Linux Malware Open Source Analysis 142

DevOps.com

MARCH 9, 2021

The Linux Foundation today embraced a sigstore project founded by Red Hat, Google and Purdue University to make it simpler for developers to employ cryptographic software, enabled by transparency log technologies, to secure software supply chains.

Linux 73

Linux Software Engineering Technology 73

TechCrunch

NOVEMBER 10, 2020

In addition, the company today officially launched its Cilium platform (which was in stealth until now) to help enterprises connect, observe and secure their applications. The founding team of CEO Dan Wendlandt and CTO Thomas Graf has deep experience in working on the Linux kernel and building networking products.

Network 274

Network Linux Cloud Open Source 274

TechCrunch

JULY 13, 2021

AttackIQ, a cybersecurity startup that provides organizations with breach and attack simulation solutions, has raised $44 million in Series C funding as it looks to ramp up its international expansion. Cymulate nabs $45M to test and improve cybersecurity defenses via attack simulations.

Linux 242

Linux Technical Review Windows Software Review 242

TechCrunch

FEBRUARY 15, 2023

Oligo Security , a Tel Aviv-based startup that focuses on runtime application security and observability to detect and prevent open-source vulnerabilities, is coming out of stealth today and announcing that it has raised a total of $28 million in seed and Series A funding. This, ideally, cuts down on unnecessary alerts.

Open Source 248

Open Source Google Cloud Linux DevOps 248

DevOps.com

MARCH 2, 2022

The Linux Foundation today published a report that provides access to eight lists of the top 500 open source libraries being used by organizations as part of an ongoing effort to help better secure software supply chains. The post Linux Foundation Lists Top Open Source Libraries appeared first on DevOps.com.

Open Source 98

Open Source Linux Report Applications 98

Tenable

FEBRUARY 9, 2024

critical infrastructure IT and operational technology security teams, listen up. So said cybersecurity agencies from the U.S., Cybersecurity and Infrastructure Security Agency (CISA) said in a statement. Dive into six things that are top of mind for the week ending February 9.

Weak Development Team 68

Weak Development Team Infrastructure Generative AI Artificial Inteligence 68

Ooda Loop

FEBRUARY 7, 2024

A critical vulnerability in Shim, a crucial component used by most Linux distributions during the boot process to support secure boot, has been identified. Tracked as CVE-2023-40547, the flaw allows a network attacker to bypass secure boot and take control of a vulnerable Linux system.

Linux 49

Linux System Network 49

Aqua Security

MARCH 8, 2022

A new CVE in the Linux kernel was released this week. CVE-2022-0847, aka “Dirty Pipe”, is a vulnerability that allows users on a Linux system to overwrite the contents of files that they can read but shouldn’t be able to write to.

Linux 145

Linux Software System 145

DevOps.com

OCTOBER 28, 2021

Linux has become the largest collaborative development project in the history of computing over the last 30 years. The post What 30 Years of Linux Taught the Software Industry appeared first on DevOps.com. The web may not have reached full adulthood […]. The web may not have reached full adulthood […].

Linux 145

Linux Industry Software Open Source 145

Lacework

SEPTEMBER 23, 2021

Jared Stroud, Tom Hegel Cloud Security Researchers – Lacework Labs Key Points Lacework Labs identified new samples and infrastructure associated with HCRootkit / Sutersu Linux rootkit activity, building-off its recent initial identification from our colleagues at Avast. These files compromise a host [.].

Linux 98

Linux Analysis Infrastructure Research 98

CIO

NOVEMBER 3, 2022

One technology that modern mainframes need is secure open-source software. Four years ago, the Linux Foundation’s Open Mainframe Project introduced Zowe , a first-of-its-kind open-source framework based on z/OS, making it easier than ever to connect the gap between modern applications and the mainframe.

Open Source 261

Open Source Development Compliance Survey 261

DevOps.com

APRIL 17, 2024

Linux dodged a bullet the other day. If the XZ exploit had gone undiscovered for only a few more weeks, millions of Linux systems would have been compromised with a backdoor. The Open Source Security […] The XZ attack wasn’t the first, nor will it be the last. We were lucky. But, can we stay lucky?

Open Source 120

Open Source Social Linux Engineering 120

Tenable

JANUARY 20, 2023

Plus, NIST mulls major makeover of its Cybersecurity Framework. Also, the struggle to develop secure apps is real. Then check out how Uncle Sam plans to use AI and ML to boost cybersecurity. Almost 70% of organizations' SDLCs are missing critical security processes. Learn all about the spike in CISO job satisfaction.

Software Review 64

Software Review Artificial Inteligence SDLC Technical Review 64

Perficient

JANUARY 31, 2023

A common operating system (OS) on personal computers, servers, and other gadgets is Linux. The fact that Linux is very customizable is one of its key advantages. Linux is also renowned for its security and dependability. Customizability Because Linux is so flexible, users can change the OS to their preferences.

Linux 64

Linux Software Review Malware Open Source 64

TechCrunch

JANUARY 7, 2021

RedHat today announced that it’s acquiring container security startup StackRox. RedHat, which is perhaps best known for its enterprise Linux products has been making the shift to the cloud in recent years. Another competitor, Aqua Security, which has raised $130 million, remains independent. StackRox nabs $26.5M

Company 306

Company Google Cloud Linux Azure 306

CIO

JANUARY 18, 2023

Within IT, this could mean finding workers to do programing, testing, cybersecurity, operations, project management, or other similar tasks. A role to monitor incoming security threats or intrusion detection could be a person from the IT operations team currently running and monitoring standard daily and nightly batch production runs.

Technical Review 293

Technical Review Systems Review Systems Administration SCRUM 293

Tenable

NOVEMBER 17, 2023

1 - CISA, NSA push SBOM adoption to beef up supply chain security As the Log4Shell bug and SolarWinds hack made clear, cybersecurity teams must continuously assess and mitigate risks in their organizations’ software supply chain. It can also be used by software buyers to assess their supply chain security practices.

Artificial Intelligence 62

Artificial Intelligence Artificial Inteligence Government Storage 62

Tenable

NOVEMBER 25, 2022

Get the latest on the Hive RaaS threat; the importance of metrics and risk analysis; cloud security’s top threats; supply chain security advice for software buyers; and more! . 2 - CompTIA: Cybersecurity and risk analysis will mesh in 2023. Cybersecurity Measurement (U.S. That’s according to an advisory from the U.S.

Metrics 52

Metrics Cloud Backup Software Review 52

DevOps.com

FEBRUARY 1, 2022

A global survey of 412 organizations published today by the Linux Foundation found nearly half of respondents (47%) producing or consuming software bills of material (SBOMs), and more than three-quarters said they expected to produce or consume them in 2022. SBOMs have become a bigger area of focus in the wake of a series of […].

Linux 114

Linux Survey Software Organization 114

Aqua Security

MARCH 9, 2022

CVE-2022-0492, a recently disclosed high-severity Linux vulnerability that relates to a weakness in the handling of release_agent in cgroups, could allow for container escape under some circumstances.

Linux 98

Linux 98

Aqua Security

JANUARY 24, 2022

Last week, a new high-severity CVE was released that affects the Linux kernel. To do this, the attacker must have a specific Linux capability, CAP_SYS_ADMIN, which reduces the risk of breakout in some container cases.

Linux 145

Linux System 145

Daniel Bryant

MAY 13, 2022

There were a bunch of product launches, such as Docker Extensions, Docker Desktop for Linux, and more. indeed, I was a happy Linux user for many years until I got tempted with the shiny Mac hardware! Until recently, although Docker ran on Linux, you didn’t get quite the same experience as you did on Mac or Windows.

Linux 98

Linux Engineering Virtualization Development 98

Linux Academy

APRIL 25, 2019

Welcome back to another iteration of Hacking In To Cybersecurity! Basically what happens is we have a group of people who come together to architect some parts of a security program, usually through legislation or regulatory frameworks, that says “this is what you need to have a fully functioning security program.”

Security 60

Security Compliance Malware Policies 60

Ivanti

OCTOBER 28, 2021

Ivanti Application Control is known for enabling IT control over endpoints, reducing security risk, and providing a great user experience. But with the introduction of Ivanti App Control for Linux, we are opening up a whole new world of possibilities. App Control for Linux lets you do just that. Zero Day Protection.

Linux 90

Linux Windows Policies Software Review 90

Linux Academy

APRIL 30, 2019

By adding free cloud training to our Community Membership, students have the opportunity to develop their Linux and Cloud skills further. Each month, we will kick off our community content with a live study group allowing members of the Linux Academy community to come together and share their insights in order to learn from one another.

Linux 113

Linux AWS Big Data Course 113

Lacework

JUNE 26, 2019

These days, in both on-premise datacenters and cloud environments, Linux servers are at the core of enterprise computing. And most enterprises abide by commonly accepted guidelines for securing virtualized Linux servers with least-privilege access control, file encryption, segmentation, process isolation, and other best practices.

Linux 62

Linux Guidelines Virtualization Enterprise 62

Tenable

SEPTEMBER 9, 2022

9 | Software supply chain security in the spotlight. Guidance for evaluating IoT security tools. Increasing diversity in cybersecurity. Another look at the major cloud security threats. government stresses software supply chain security. Defining and implementing security test plans. And much more!

Security 52

Security IoT Open Source Linux 52

Palo Alto Networks

DECEMBER 29, 2022

While it might seem counterintuitive to revisit last week’s newspaper for valuable information, “Those who cannot remember the past are condemned to repeat it.” Stepping back to recollect the security events from the recent past is particularly important, as the risk of repeating past mistakes is particularly high. Beginning on Jan.

Malware 70

Malware Linux Telecommunications Government 70