Security News

Red Hat announced the general availability of Red Hat Enterprise Linux 8.2, the foundation for Red Hat's hybrid cloud portfolio. Red Hat Enterprise Linux can help intelligently detect, diagnose and address potential issues before they impact production, driven by advancements in Red Hat Insights.

Siemens has released six new advisories for its April 2020 Patch Tuesday updates, including three that inform customers about the impact of the SegmentSmack vulnerability on some of the company's industrial products. Researcher Juha-Matti Tilli discovered in 2018 that the Linux kernel was affected by two vulnerabilities that could be exploited to launch remote denial-of-service attacks by sending specially crafted packets to the targeted system.

Five related APT groups operating in the interest of the Chinese government have systematically targeted Linux servers, Windows systems and mobile devices running Android while remaining undetected for nearly a decade, according to BlackBerry. Linux runs nearly all of the top 1 million websites online, 75% of all web servers, 98% of the world's supercomputers and 75% of major cloud service providers.

Successfully conducting cross-platform attacks targeting Linux, Windows and Android devices, the adversaries have been engaged in both financially motivated and targeted espionage attacks. For years, these groups have been strategically targeting Linux servers across a broad range of industry verticals, exploiting the immature defensive coverage within the environment and the inadequate use of endpoint protection and endpoint detection and response products, BlackBerry notes.

The Linux Foundation is a fundamental organization for the promotion of open source software and has officially endorsed the seL4 microkernel. To further boost seL4, the Linux Foundation will host seL4 Foundation, which is a non-profit organization, established by Data61.

The latest twist in the romance arrived this week when the company published details of Integrity Policy Enforcement, a Linux Security Module designed to check the authenticity of binaries at runtime. The Linux kernel has long supported LSMs for different specialised purposes, but Microsoft has spotted a gap in the protections these offer in server environments, specifically its own Azure Sphere IoT platform.

Sudo apt-get install wireguard -y. Once the VPN service is installed, you're ready to configure it. Interface] Address = SERVER IP SaveConfig = true ListenPort = 51820 PrivateKey = SERVER PRIVATE KEY [Peer] PublicKey = CLIENT PUBLIC KEY AllowedIPs = CLIENT IP. Where SERVER PRIVATE KEY is the string of characters you copied to your clipboard from the server, SERVER IP is the IP address of the hosting server, CLIENT PUBLIC KEY is the client public key, and CLIENT IP is the IP address of the client.

Linux malware is real and Advanced Persistent Threat groups have been infiltrating critical servers with these tools for at least eight years, according to a new report from BlackBerry. The RATs report describes how five APT groups are working with the Chinese government and the remote access trojans the cybercriminals are using to get and maintain access to Linux servers.

A campaign that has been ongoing for months is targeting misconfigured open Docker Daemon API ports to install a piece of malware named Kinsing, which in turn deploys a cryptocurrency miner in compromised container environments. As part of the attack, hackers abuse misconfigured Docker API ports to run an Ubuntu container hosting Kinsing.

A patch has been released for a Linux kernel vulnerability that a researcher used at the recent Pwn2Own 2020 hacking competition to escalate privileges to root on Ubuntu Desktop. He leveraged an improper input validation bug in the Linux kernel to escalate privileges to root.