Security News

Researchers at cybersecurity company GRIMM recently published an interesting trio of bugs they found in the Linux kernel. Except, of course, that most Linux systems not only come with hundreds or even thousands of kernel modules in the /lib/modules directory tree, ready to use in case they are ever needed, but also come configured to allow suitably authorised apps to trigger the automatic loading of modules on demand.

Jack Wallen shows you how to gain a bit more security on your Linux servers by blocking users from adding cron jobs.

To keep your Linux servers and desktops as secure as possible, you should check for and remove legacy communication services. Jack Wallen shows you how.

Three vulnerabilities found in the iSCSI subsystem of the Linux kernel could allow local attackers with basic user privileges to gain root privileges on unpatched Linux systems. GRIMM researchers discovered the bugs 15 years after they were introduced in 2006 during the initial development stages of the iSCSI kernel subsystem.

An official version of the popular 7-zip archiving program has been released for Linux for the first time. Linux already had support for the 7-zip archive file format through a POSIX port called p7zip but it was maintained by a different developer.

Mozilla today started rolling out Firefox 86.0.1 to address a known bug causing the web browser to crash frequently when launched on Linux systems. While this issue came with a low crash rate on previous Firefox versions, Linux users have started seeing more and more crashes after updating to Firefox 86 last month.

Researchers have discovered a new backdoor targeting Linux systems, which they link back to the Winnti threat group. The latter fact provides a clue that RedXOR is utilized in targeted attacks against legacy Linux systems, noted researchers.

Sigstore could eliminate the headaches associated with current software signing technology through public ledgers. The Linux Foundation, in partnership with Red Hat, Google and Purdue University, has announced a new digital signing project, potentially eliminating many of the headaches that come with securing open source software, files, images and binaries.

Security researchers at Intezer have discovered a previously undocumented backdoor dubbed RedXOR, with links to a Chinese-sponsored hacking group and used in ongoing attacks targeting Linux systems. Based on command-and-control servers still being active, the Linux backdoor is being used in ongoing attacks targeting both Linux servers and endpoints.

The Linux Foundation, Red Hat, Google, and Purdue have unveiled the free 'sigstore' service that lets developers code-sign and verify open source software to prevent supply-chain attacks. To pull these attacks off, threat actors will create malicious open-source packages and upload them to public repositories using names similar to popular legitimate packages.