-
+50 +6
Chainguard's Wolfi: Revolutionizing Containerized Workloads with Rapid Updates and Robust Security
A Small Octopus and a Big Idea: How Wolfi Linux is Improving the Cloud’s Software Supply Chain Security.
-
+58 +7
Linux tries to dump Windows' notoriously insecure RNDIS protocol
Here we go again. Linux developers are trying, once more, to rid Linux of Microsoft's Remote Network Driver Interface Specification. Here's why it's complicated.
-
+44 +5
New cryptographic protocol aims to bolster open-source software security
The Linux Foundation, BastionZero, and Docker believe OpenPubkey bolsters zero-trust passwordless authentication.
-
+51 +10
Patch now: This serious Linux vulnerability affects nearly all distributions
Qualys has discovered a nasty security hole, dubbed 'Looney Tunables', in the glibc C library. This means almost all Linux distributions have a bad security problem.
-
+50 +5
Thousands of Android devices come with unkillable backdoor preinstalled
Somehow, advanced Triada malware was added to devices before reaching resellers.
-
+44 +10
Ubuntu Linux 23.10 is adding an important new security feature
This has the potential to significantly improve Linux desktop and container security.
-
+52 +7
Google Cloud, AWS, and Cloudflare report largest DDoS attacks ever
The attack on Google Cloud was 7½ times larger than any previously recorded DDoS attack. Here's what else you need to know.
-
+43 +6
Nasty bug discovered in widely used Linux utility curl, and patches already rolled out
Curl is built into and silently used in numerous Linux distributions. A nasty security hole within it has been revealed and patched.
-
+48 +6
Google plans to test proxy scheme to hide IP addresses
Plan for Chrome echoes Apple iCloud Private Relay
-
+44 +3
HTTP/2 Brings Rapid Reset Misery
Thanks to the way the networking protocol was designed, we are going to be living with this nasty bug for years to come.
-
+63 +6
Telemarketer goes belly-up after data breach
Sensitive details of charity donors leaked and also sensitive employee information had also been leaked during the attack – including police checks, child support documents, HR incidents, immigration sponsorship details, COVID-19 vaccination credentials, and notably, tax file numbers, passports, and licences.
-
+52 +6
GitHub IAM Private Creds Are Being Cryptojacked by EleKtra-Leak
Repeat after me: Do not — Do Not! — put hard-coded credentials in your production code repositories.
-
+50 +10
New Tripartite Initiative Aims to Fortify Open-Source Cybersecurity
Education is key to securing software. To help that happen, the Linux Foundation Training & Certification, ISC2, and the OpenSSF.
-
+52 +7
Want a handsomely paid job in tech? Here's what you do
At KubeCon, the need to bridge the skills gap was clearer than ever
-
+56 +8
Tetragon 1.0 Promises a New Era of Kubernetes Security and Observability
The eBPF-based security observability and runtime enforcement platform has grown up and sped up.
-
+47 +5
Kernel security now: Linux's unique method for securing code
At Open Source Summit Japan, Linux developer Greg Kroah-Hartman recaps the current state and future challenges of kernel security, including the specter of government regulation and the essential pain of unceasing updates.
-
+59 +10
This is how to protect your computers from LogoFAIL attacks
This obnoxious constellation of firmware attacks takes over computers. Here's which devices are vulnerable and what you can do to protect them.
-
+59 +10
Kubernetes co-founder flags the cloud's big open source problem
Security is a looming issue for deployments based on open-source software, Kubernetes co-founder Craig McLuckie said
-
+56 +11
Cyber security isn’t simple, but it could be
The biggest problem is a tendency to ignore problems you can’t see or haven’t looked for, says SecurityHQ
-
+48 +8
The Terrapin Attack: A New Threat to SSH Integrity
Researchers at Ruhr University have found a significant vulnerability that targets the SSH protocol by manipulating the handshake process.
Submit a link
Start a discussion