Security News

BleedingTooth: Vulnerabilities in Linux Bluetooth Allow Zero-Click Attacks
2020-10-14 18:09

Bluetooth vulnerabilities that a Google security researcher has identified in the Linux kernel could be exploited to run arbitrary code or access sensitive information. The most severe of these flaws is CVE-2020-12351, a heap-based type confusion that affects Linux kernel 4.8 and higher.

Google, Intel Warn on ‘Zero-Click’ Kernel Bug in Linux-Based IoT Devices
2020-10-14 13:37

Google and Intel are warning of a high-severity flaw in BlueZ, the Linux Bluetooth protocol stack that provides support for core Bluetooth layers and protocols to Linux-based internet of things devices. According to Google, the vulnerability affects users of Linux kernel versions before 5.9 that support BlueZ. BlueZ, which is an open-source project distributed under GNU General Public License, features the BlueZ kernel that has been part of the official Linux kernel since version 2.4.6.

Could Microsoft be en route to dumping Windows in favor of Linux?
2020-10-09 15:16

Microsoft Linux is the next evolution of the Microsoft desktop operating system, argues Jack Wallen. It makes sense, especially given how hard Microsoft is working on Windows Subsystem for Linux, but from everything I've witnessed over the last few years, I think there's a conclusion to be drawn that makes even more sense for Microsoft.

Mac, Linux Users Now Targeted by FinSpy Variants
2020-09-28 19:09

While the spyware previously targeted Windows, iOS and Android users, researchers have discovered these campaigns using new variants that target macOS and Linux users. These samples include "Jabuka.app," a FinSpy variant for macOS, and "PDF," a FinSpy variant for Linux.

FinSpy Spyware for Mac and Linux OS Targets Egyptian Organisations
2020-09-25 08:01

Amnesty International today exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of FinSpy spyware designed to target Linux and macOS systems. According to the human rights organization Amnesty International, the newly discovered campaign is not linked to 'NilePhish,' a hacking group known for attacking Egyptian NGOs in a series of attacks, involving an older version of FinSpy, phishing technique, and malicious Flash Player downloads.

How to encrypt files on your Linux servers with gocryptfs
2020-09-18 17:56

Looking for an easy to use encryption tool to protect data on your Linux servers? Jack Wallen shows you how to install and use gocryptfs to serve that very purpose. The gocryptfs tool allows you to encrypt only the directories you need.

Red Hat Enterprise Linux 7.6 achieves Common Criteria Certification and CSfC status
2020-09-14 15:22

Red Hat Enterprise Linux has further solidified itself as a platform of choice for users requiring more secure computing, with Red Hat Enterprise Linux 7.6 achieving Common Criteria Certification as well as Commercial Solutions for Classified Status. For Common Criteria, Red Hat Enterprise Linux 7.6 was certified by the National Information Assurance Partnership, with testing and validation completed by Acumen Security, a U.S. government-accredited laboratory.

How to hide files from any file manager on the Linux desktop
2020-09-11 17:54

Want to hide files and folders from your Linux desktop file manager? Jack Wallen shows you one handy method.

New Linux Malware Steals Call Details from VoIP Softswitch Systems
2020-09-11 05:05

Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed "CDRThief" that targets voice over IP softswitches in an attempt to steal phone call metadata. "The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, including call detail records," ESET researchers said in a Thursday analysis.

Linux servers and workstations are hackers' next target, security researchers warn
2020-09-10 11:11

According to Kaspersky, these attackers are increasingly diversifying their arsenals to contain Linux tools, giving them a broader reach over the systems they can target. Many organisations choose Linux for strategically important servers and systems, and with a "Significant trend" towards using Linux as a desktop environment by big business as well as government bodies, attackers are in turn developing more malware for the platform.