Security News

This week, Microsoft's Linux package repositories suffered an hours-long outage, followed by performance issues spanning over a day. Microsoft engineers have acknowledged the issue and are working towards a resolution.

CloudLinux announced UChecker, a free open source tool that scans Linux servers for vulnerable libraries that are outdated and being used by other applications. This provides detailed actionable information regarding which application is using which vulnerable library and needs to be updated, which helps improve the security awareness patching process.

GitHub this week disclosed the details of an easy-to-exploit Linux vulnerability that can be leveraged to escalate privileges to root on the targeted system. The flaw, classified as high severity and tracked as CVE-2021-3560, impacts polkit, an authorization service that is present by default in many Linux distributions.

Unprivileged attackers can get a root shell by exploiting an authentication bypass vulnerability in the polkit auth system service installed by default on many modern Linux distributions. The polkit local privilege escalation bug was publicly disclosed, and a fix was released on June 3, 2021.

A seven-year-old privilege escalation vulnerability that's been lurking in several Linux distributions was patched last week in a coordinated disclosure. In a blog post on Thursday, GitHub security researcher Kevin Backhouse recounted how he found the bug in a service called polkit associated with systemd, a common Linux system and service manager component.

A seven-year-old privilege escalation vulnerability discovered in the polkit system service could be exploited by a malicious unprivileged local attacker to bypass authorization and escalate permissions to the root user. Tracked as CVE-2021-3560, the flaw affects polkit versions between 0.113 and 0.118 and was discovered by GitHub security researcher Kevin Backhouse, who said the issue was introduced in a code commit made on Nov. 9, 2013.

Kali Linux 2021.2 released: Kaboxer, Kali-Tweaks, new tools, and more!Offensive Security has released Kali Linux 2021.2, the latest version of its popular open source penetration testing platform. June 2021 Patch Tuesday forecast: Patch management is back in the spotlightEvery day you look in the security news, there are reports of new ransomware attacks.

CloudLinux announces the release of CloudLinux OS Solo. "Our starting point was clear. Based on research results, our clients overwhelmingly want the classic CloudLinux OS with VPS and VMs, which only a few users can then utilize. One main request is a robust set of CloudLinux features on one server at affordable prices. Consequently, we found hundreds of VPSs with five or fewer websites hosted by a single client, many of which use VMs for staging and production. Some clients want a stable OS with technical support that is secure and not open-sourced."

Kali Linux 2021.2 was released today by Offensive Security and includes new themes and features, such as access to privileged ports, new tools, and a console-based configuration utility. Kali Linux is a Linux distribution designed for cybersecurity professionals and ethical hackers to perform penetration testing and security audits.

Offensive Security has released Kali Linux 2021.2, the latest version of its popular open source penetration testing platform. Offensive Security has introduced two new tools for making Kali easier to use: Kaboxer and Kali-Tweaks.