Security News

A local privilege escalation security vulnerability could allow attackers to gain root access on Ubuntu systems by exploiting a double-free memory corruption bug in GNOME's AccountsService component. The security flaw was accidentally spotted by GitHub security researcher Kevin Backhouse while testing an exploit demo for another AccountsService bug that also made it possible to escalate privileges to root on vulnerable devices.

The latest version of the world's most popular Linux distribution, Ubuntu 21.10, codenamed 'Impish Indy', has landed on Canonical's download channels. The 'Server' edition of Ubuntu 21.10 comes with 'needrestart' enabled by default, includes certified NVIDIA GPU drivers, and offers a 'minimal' installation option to accommodate IoT or container installations.

Jack Wallen walks you through the steps to join Ubuntu Desktop to Active Directory domains.

You can add an SSH tarpit to Ubuntu Server with the help of endlessh. Jack Wallen shows you how.

A security researcher released exploit code for a high-severity vulnerability in Linux kernel eBPF that can give an attacker increased privileges on Ubuntu machines. eBPF is a technology that enables user-supplied programs to run sandboxed inside the operating system's kernel, triggered by a specific event or function.

If you've already spent the time learning SELinux, but have to deploy Ubuntu as a server operating system, you can install SELinux and be on familiar ground. Ubuntu Server has its own Mandatory Access Control system, called AppArmor, which is similar to SELinux, in that they both provide tools to isolate applications from one another, to protect the host system.

New Linux admins need to know how to give and take sudo privileges from users. Jack Wallen shows you how on both Ubuntu- and Red Hat-based Linux distributions.

Canonical has made it easy for admins to join Ubuntu Desktop to Active Directory domains. One particular feature that network and security admins will greatly appreciate is the ability to easily connect Ubuntu Desktop to an Active Directory domain.

Jack Wallen shows you how to add an SSH tarpit to Ubuntu Server with the help of endlessh. Essentially, a tarpit will run on the standard SSH port and, when a hacker attempts to break through that port, they'll wind up stuck in an endless loop.

The 2021 spring edition of Pwn2Own hacking contest concluded last week on April 8 with a three-way tie between Team Devcore, OV, and Computest researchers Daan Keuper and Thijs Alkemade. A zero-click exploit targeting Zoom that employed a three-bug chain to exploit the messenger app and gain code execution on the target system.