Security News

Jack Wallen shows you how to gain a bit more security on your Linux servers by blocking users from adding cron jobs.

To keep your Linux servers and desktops as secure as possible, you should check for and remove legacy communication services. Jack Wallen shows you how.

Three vulnerabilities found in the iSCSI subsystem of the Linux kernel could allow local attackers with basic user privileges to gain root privileges on unpatched Linux systems. GRIMM researchers discovered the bugs 15 years after they were introduced in 2006 during the initial development stages of the iSCSI kernel subsystem.

An official version of the popular 7-zip archiving program has been released for Linux for the first time. Linux already had support for the 7-zip archive file format through a POSIX port called p7zip but it was maintained by a different developer.

Mozilla today started rolling out Firefox 86.0.1 to address a known bug causing the web browser to crash frequently when launched on Linux systems. While this issue came with a low crash rate on previous Firefox versions, Linux users have started seeing more and more crashes after updating to Firefox 86 last month.

Researchers have discovered a new backdoor targeting Linux systems, which they link back to the Winnti threat group. The latter fact provides a clue that RedXOR is utilized in targeted attacks against legacy Linux systems, noted researchers.

Sigstore could eliminate the headaches associated with current software signing technology through public ledgers. The Linux Foundation, in partnership with Red Hat, Google and Purdue University, has announced a new digital signing project, potentially eliminating many of the headaches that come with securing open source software, files, images and binaries.

Security researchers at Intezer have discovered a previously undocumented backdoor dubbed RedXOR, with links to a Chinese-sponsored hacking group and used in ongoing attacks targeting Linux systems. Based on command-and-control servers still being active, the Linux backdoor is being used in ongoing attacks targeting both Linux servers and endpoints.

The Linux Foundation, Red Hat, Google, and Purdue have unveiled the free 'sigstore' service that lets developers code-sign and verify open source software to prevent supply-chain attacks. To pull these attacks off, threat actors will create malicious open-source packages and upload them to public repositories using names similar to popular legitimate packages.

Cybersecurity researchers on Wednesday shed light on a new sophisticated backdoor targeting Linux endpoints and servers that's believed to be the work of Chinese nation-state actors. RedXOR's name comes from the fact that it encodes its network data with a scheme based on XOR, and that it's compiled with a legacy GCC compiler on an old release of Red Hat Enterprise Linux, suggesting that the malware is deployed in targeted attacks against legacy Linux systems.