-
+59 +10Kubernetes co-founder flags the cloud's big open source problem
Security is a looming issue for deployments based on open-source software, Kubernetes co-founder Craig McLuckie said
-
+59 +10This is how to protect your computers from LogoFAIL attacks
This obnoxious constellation of firmware attacks takes over computers. Here's which devices are vulnerable and what you can do to protect them.
-
+47 +5Kernel security now: Linux's unique method for securing code
At Open Source Summit Japan, Linux developer Greg Kroah-Hartman recaps the current state and future challenges of kernel security, including the specter of government regulation and the essential pain of unceasing updates.
-
+56 +8Tetragon 1.0 Promises a New Era of Kubernetes Security and Observability
The eBPF-based security observability and runtime enforcement platform has grown up and sped up.
-
+52 +7Want a handsomely paid job in tech? Here's what you do
At KubeCon, the need to bridge the skills gap was clearer than ever
-
+50 +10New Tripartite Initiative Aims to Fortify Open-Source Cybersecurity
Education is key to securing software. To help that happen, the Linux Foundation Training & Certification, ISC2, and the OpenSSF.
-
+52 +6GitHub IAM Private Creds Are Being Cryptojacked by EleKtra-Leak
Repeat after me: Do not — Do Not! — put hard-coded credentials in your production code repositories.
-
+63 +6Telemarketer goes belly-up after data breach
Sensitive details of charity donors leaked and also sensitive employee information had also been leaked during the attack – including police checks, child support documents, HR incidents, immigration sponsorship details, COVID-19 vaccination credentials, and notably, tax file numbers, passports, and licences.
-
+44 +3HTTP/2 Brings Rapid Reset Misery
Thanks to the way the networking protocol was designed, we are going to be living with this nasty bug for years to come.
-
+48 +6Google plans to test proxy scheme to hide IP addresses
Plan for Chrome echoes Apple iCloud Private Relay
-
+39 +3Can open source be saved from the EU's Cyber Resilience Act?
The road to Hell is paved with good intentions, and for open source this is a well meaning cluster fudge
-
+43 +2Docker Scout Unveils Advanced Features to Bolster Software Supply Chain Integrity
Docker adds its own twist to software supply chain security.
-
+43 +6Nasty bug discovered in widely used Linux utility curl, and patches already rolled out
Curl is built into and silently used in numerous Linux distributions. A nasty security hole within it has been revealed and patched.
-
+52 +7Google Cloud, AWS, and Cloudflare report largest DDoS attacks ever
The attack on Google Cloud was 7½ times larger than any previously recorded DDoS attack. Here's what else you need to know.
-
+44 +10Ubuntu Linux 23.10 is adding an important new security feature
This has the potential to significantly improve Linux desktop and container security.
-
+50 +5Thousands of Android devices come with unkillable backdoor preinstalled
Somehow, advanced Triada malware was added to devices before reaching resellers.
-
+51 +10Patch now: This serious Linux vulnerability affects nearly all distributions
Qualys has discovered a nasty security hole, dubbed 'Looney Tunables', in the glibc C library. This means almost all Linux distributions have a bad security problem.
-
+44 +5New cryptographic protocol aims to bolster open-source software security
The Linux Foundation, BastionZero, and Docker believe OpenPubkey bolsters zero-trust passwordless authentication.
-
+58 +7Linux tries to dump Windows' notoriously insecure RNDIS protocol
Here we go again. Linux developers are trying, once more, to rid Linux of Microsoft's Remote Network Driver Interface Specification. Here's why it's complicated.
-
+50 +6Chainguard's Wolfi: Revolutionizing Containerized Workloads with Rapid Updates and Robust Security
A Small Octopus and a Big Idea: How Wolfi Linux is Improving the Cloud’s Software Supply Chain Security.
Submit a link
Start a discussion