-
+56 +8Tetragon 1.0 Promises a New Era of Kubernetes Security and Observability
The eBPF-based security observability and runtime enforcement platform has grown up and sped up.
-
+52 +7Want a handsomely paid job in tech? Here's what you do
At KubeCon, the need to bridge the skills gap was clearer than ever
-
+50 +10New Tripartite Initiative Aims to Fortify Open-Source Cybersecurity
Education is key to securing software. To help that happen, the Linux Foundation Training & Certification, ISC2, and the OpenSSF.
-
+52 +6GitHub IAM Private Creds Are Being Cryptojacked by EleKtra-Leak
Repeat after me: Do not — Do Not! — put hard-coded credentials in your production code repositories.
-
+63 +6Telemarketer goes belly-up after data breach
Sensitive details of charity donors leaked and also sensitive employee information had also been leaked during the attack – including police checks, child support documents, HR incidents, immigration sponsorship details, COVID-19 vaccination credentials, and notably, tax file numbers, passports, and licences.
-
+44 +3HTTP/2 Brings Rapid Reset Misery
Thanks to the way the networking protocol was designed, we are going to be living with this nasty bug for years to come.
-
+48 +6Google plans to test proxy scheme to hide IP addresses
Plan for Chrome echoes Apple iCloud Private Relay
-
+39 +3Can open source be saved from the EU's Cyber Resilience Act?
The road to Hell is paved with good intentions, and for open source this is a well meaning cluster fudge
-
+43 +2Docker Scout Unveils Advanced Features to Bolster Software Supply Chain Integrity
Docker adds its own twist to software supply chain security.
-
+43 +6Nasty bug discovered in widely used Linux utility curl, and patches already rolled out
Curl is built into and silently used in numerous Linux distributions. A nasty security hole within it has been revealed and patched.
-
+52 +7Google Cloud, AWS, and Cloudflare report largest DDoS attacks ever
The attack on Google Cloud was 7½ times larger than any previously recorded DDoS attack. Here's what else you need to know.
-
+44 +10Ubuntu Linux 23.10 is adding an important new security feature
This has the potential to significantly improve Linux desktop and container security.
-
+50 +5Thousands of Android devices come with unkillable backdoor preinstalled
Somehow, advanced Triada malware was added to devices before reaching resellers.
-
+51 +10Patch now: This serious Linux vulnerability affects nearly all distributions
Qualys has discovered a nasty security hole, dubbed 'Looney Tunables', in the glibc C library. This means almost all Linux distributions have a bad security problem.
-
+44 +5New cryptographic protocol aims to bolster open-source software security
The Linux Foundation, BastionZero, and Docker believe OpenPubkey bolsters zero-trust passwordless authentication.
-
+58 +7Linux tries to dump Windows' notoriously insecure RNDIS protocol
Here we go again. Linux developers are trying, once more, to rid Linux of Microsoft's Remote Network Driver Interface Specification. Here's why it's complicated.
-
+50 +6Chainguard's Wolfi: Revolutionizing Containerized Workloads with Rapid Updates and Robust Security
A Small Octopus and a Big Idea: How Wolfi Linux is Improving the Cloud’s Software Supply Chain Security.
-
+44 +6Update NOW: OpenSSL 1.1.1's Shelf-Life Has Ended
The OpenSSL Project has announced that the long-term support version of OpenSSL 1.1.1 has come to the end of its lifecycle except for paying customers.
-
+41 +7Now it's PostgreSQL's turn to have a bogus CVE
PostgreSQL and cURL aren't the only ones. Someone is faking security alerts for numerous open-source projects.
-
+36 +6Australian Government, Of All Places, Says Age Verification Is A Privacy & Security Nightmare
In the past I’ve sometimes described Australia as the land where internet policy is completely upside down. Rather than having a system that protects intermediaries from liability for third party c…
Submit a link
Start a discussion