Security News

Red Hat Enterprise Linux serves as operating system for supercomputers
2020-07-03 00:45

Each supercomputer deployment powered by Red Hat Enterprise Linux uses hardware that can be purchased and integrated into any datacenter, making it feasible for organizations to use enterprise systems that are similar to those breaking scientific barriers. Regardless of the underlying hardware, Red Hat Enterprise Linux provides the common control plane for supercomputers to be run, managed and maintained in the same manner as traditional IT systems.

Patch time! NVIDIA fixes kernel driver holes on Windows and Linux
2020-06-25 18:24

In contrast, a high-end GPU might have 2000 to 5000 cores, but they aren't each able to run completely different instructions at the same time. Servers fitted with GPUs probably need two sets of patches, covering both the NVIDIA GPU drivers that control the actual hardware in the physical system, and the NVIDIA vGPU software, which shares out physical GPUs between guest operating systems running under virtualisation software from vendors including Citrix, Red Hat and VMWare.

Microsoft releases Defender ATP for Android and Linux
2020-06-24 10:30

Microsoft has added support for Linux and Android to Microsoft Defender ATP, its unified enterprise endpoint security platform. "Adding Linux into the existing selection of natively supported platforms by Microsoft Defender ATP marks an important moment for all our customers. It makes Microsoft Defender Security Center a truly unified surface for monitoring and managing security of the full spectrum of desktop and server platforms that are common across enterprise environments," noted Helen Allas, a principal program manager at Microsoft.

Here's a headline we never thought we'd write 20 years ago: Microsoft readies antivirus for Linux, Android
2020-06-23 22:55

Microsoft has extended its antivirus package for servers - better known the Defender Advanced Threat Protection for servers suite - to Linux as a general availability release. More importantly for admins, it can be controlled through the Microsoft Defender Security Center alongside Windows Server boxen and fleets of PCs. Mind you, this isn't something Microsoft expects to help it break into organizations exclusively using Linux.

Tencent floats bug bounties for its cloudy Linux and IoT OSes
2020-06-11 04:05

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

Thought you'd addressed those data-leaking Spectre holes on Linux? Guess again. The patches aren't perfect
2020-06-09 19:39

In three posts marked urgent to the Linux kernel mailing list on Tuesday, Anthony Steinhauser points out problems with countermeasures put in place to block Spectre vulnerabilities in modern Intel and AMD x86 microprocessors that perform speculative execution. The Spectre family of flaws involve making a target system speculate - perform an operation it may not need - in order to expose confidential data so an attacker can obtain it through an unprotected side channel.

Thought you'd fixed those Linux Spectre issues? Guess again, and AMD users need to be especially on their toes
2020-06-09 19:39

In three posts marked urgent to the Linux kernel mailing list on Tuesday, Anthony Steinhauser points out problems with countermeasures put in place to block Spectre vulnerabilities in modern Intel and AMD x86 microprocessors that perform speculative execution. The Spectre family of flaws involve making a target system speculate - perform an operation it may not need - in order to expose confidential data so an attacker can obtain it through an unprotected side channel.

This new ransomware targets Windows and Linux in surprising ways
2020-06-04 15:00

Aimed at SMBs, educational facilities, and software companies, the ransomware leverages Java to encrypt server-based files, according to BlackBerry and KPMG. Cybercriminals are always looking for new tricks and techniques to target potential victims without being caught. That's especially true of ransomware attackers who need to stealthily invade an organization's network to encrypt the sensitive files they plan to hold hostage.

'Beyond stupid': Linus Torvalds trashes 5.8 Linux kernel patch over opt-in Intel CPU bug mitigation
2020-06-02 12:19

Linus Torvalds has removed a patch in the next release of the Linux kernel intended to provide additional opt-in mitigation of attacks against the L1 data CPU cache. The patch from AWS engineer Balbir Singh was to provide "An opt-in mechanism to flush the L1D cache on context switch. The goal is to allow tasks that are paranoid due to the recent snoop-assisted data sampling vulnerabilities, to flush their L1D on being switched out. This protects their data from being snooped or leaked via side channels after the task has context switched out."

'Beyond stupid': Linus Torvalds trashes 5.8 Linux kernel patch over opt-in Intel CPU bug mitigation
2020-06-02 12:19

Linus Torvalds has removed a patch in the next release of the Linux kernel intended to provide additional opt-in mitigation of attacks against the L1 data CPU cache. The patch from AWS engineer Balbir Singh was to provide "An opt-in mechanism to flush the L1D cache on context switch. The goal is to allow tasks that are paranoid due to the recent snoop-assisted data sampling vulnerabilities, to flush their L1D on being switched out. This protects their data from being snooped or leaked via side channels after the task has context switched out."