Security News

New Linux admins need to know how to give and take sudo privileges from users. You might come into a situation when you need to "Promote" one of those users to admin and give them sudo privileges.

Cybersecurity researchers on Monday disclosed two new vulnerabilities in Linux-based operating systems that, if successfully exploited, could let attackers circumvent mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory. While CVE-2020-27170 can be abused to reveal content from any location within the kernel memory, CVE-2020-27171 can be used to retrieve data from a 4GB range of kernel memory.

How a social engineer ripped off a victim lured in by one of those "Small outstanding fee to pay" home delivery scams. The ransomware crooks targeting networks that still haven't done their Hafnium patches.

Researchers at cybersecurity company GRIMM recently published an interesting trio of bugs they found in the Linux kernel. Except, of course, that most Linux systems not only come with hundreds or even thousands of kernel modules in the /lib/modules directory tree, ready to use in case they are ever needed, but also come configured to allow suitably authorised apps to trigger the automatic loading of modules on demand.

Jack Wallen shows you how to gain a bit more security on your Linux servers by blocking users from adding cron jobs.

To keep your Linux servers and desktops as secure as possible, you should check for and remove legacy communication services. Jack Wallen shows you how.

Three vulnerabilities found in the iSCSI subsystem of the Linux kernel could allow local attackers with basic user privileges to gain root privileges on unpatched Linux systems. GRIMM researchers discovered the bugs 15 years after they were introduced in 2006 during the initial development stages of the iSCSI kernel subsystem.

An official version of the popular 7-zip archiving program has been released for Linux for the first time. Linux already had support for the 7-zip archive file format through a POSIX port called p7zip but it was maintained by a different developer.

Mozilla today started rolling out Firefox 86.0.1 to address a known bug causing the web browser to crash frequently when launched on Linux systems. While this issue came with a low crash rate on previous Firefox versions, Linux users have started seeing more and more crashes after updating to Firefox 86 last month.

Researchers have discovered a new backdoor targeting Linux systems, which they link back to the Winnti threat group. The latter fact provides a clue that RedXOR is utilized in targeted attacks against legacy Linux systems, noted researchers.