Security News

Major security audit of critical FreeBSD components now available
2024-11-18 15:19

The FreeBSD Foundation, in partnership with the Alpha-Omega Project, has released the results of an extensive security audit of two critical FreeBSD components: the bhyve hypervisor and the...

Meet Interlock — The new ransomware targeting FreeBSD servers
2024-11-03 21:09

A relatively new ransomware operation named Interlock attacks organizations worldwide, taking the unusual approach of creating an encryptor to target FreeBSD servers. [...]

FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability
2024-08-12 10:15

The maintainers of the FreeBSD Project have released security updates to address a high-severity flaw in OpenSSH that attackers could potentially exploit to execute arbitrary code remotely with elevated privileges. The vulnerability, tracked as CVE-2024-7589, carries a CVSS score of 7.4 out of a maximum of 10.0, indicating high severity.

FreeBSD Foundation hands out Beacon gongs for safer software
2024-03-26 10:15

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

FreeBSD 14.0 released, OpenSSH and OpenSSL updated
2023-11-21 14:08

Please turn on your JavaScript for this page to function normally. FreeBSD provides sophisticated features in networking, performance, security, and compatibility.

Ping of death! FreeBSD fixes crashtastic bug in network tool
2022-12-05 19:59

One of the first low-level network tools that any computer user learns about is the venerable ping utility. As a result, ping it uses a much lower-level protocol than TCP. Indeed, ping doesn't even use TCP's more casual cousin UDP, short for user datagram protocol, which a way of transmitting data chunks that is fast and easy, but is popularly referred to as send-and-hope.

Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems
2022-12-05 07:40

The maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that could be potentially exploited to crash the program or trigger remote code execution. The issue, assigned the identifier CVE-2022-23093, impacts all supported versions of FreeBSD and concerns a stack-based buffer overflow vulnerability in the ping service.

Hive ransomware now encrypts Linux and FreeBSD systems
2021-10-29 16:08

The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. The ransomware's Linux version also fails to trigger the encryption if executed without root privileges because it attempts to drop the ransom note on compromised devices' root file systems.

Tricky VPN-busting bug lurks in iOS, Android, Linux distros, macOS, FreeBSD, OpenBSD, say university eggheads
2019-12-06 05:01

OpenVPN, WireGuard, IKEv2/IPSec also vulnerable to unmasking flaw, we're told A bug in the way Unix-flavored systems handle TCP connections could put VPN users at risk of having their encrypted...

Netflix researcher spots TCP SACK flaws in Linux and FreeBSD
2019-06-19 12:26

Three vulnerabilities in the FreeBSD and Linux kernels could allow attackers to induce a denial-of-service by clogging networking I/O.