Security

There is little doubt among experts in the field that 2024 will primarily focus on better hardening open-source software in general. With its growing dominance in software development, enterprises can no longer afford to overlook open source, as it is everywhere.

Employees in nearly three out of four organizations worldwide are using generative AI tools frequently or occasionally, but despite the security threats posed by unchecked use of the apps, employers don't seem to know what to do about it.

A key concern with Looney Tunables is the buffer overflow it triggers in the dynamic loader's handling of the GLIBC_TUNABLES environment variable. It leads to full root privileges on major Linux distributions.

EXPERT ADVICE

More Linux Malware Means More Linux Monitoring

TuxCare technical evangelist Joao Correia highlights the perils of delayed system patching in Linux environments, offering vital advice to prevent ransomware attacks and data breaches.

A Reddit user with the handle 'Educational-Map-8145' published a proof-of-concept exploit last week for a zero-day flaw in the Linux client of Atlas VPN. The exploit code works against the latest version of the client, 1.0.3.

Exploring the landscape of Linux desktop security, Jonathan Terrasi delves into the vulnerabilities of IoT devices, the focus on Linux servers for attacks, and why Linux remains a more secure albeit less popular operating system.

Efforts to fortify cloud security and identity management are at the forefront of new U.S. measures to mitigate cyberthreats.

There is a notable increase in tension between application security workers and application developers over consensus on cloud-native needs, in addition to a growing concern about retaining developer talent in this context.

Researchers reveal a novel security risk as hackers exploit generative AI's 'hallucinations' to deliver malicious code into a company's development environment, posing a growing threat to enterprise security.

A significant portion of the focus for the Red Hat Software Summit held in Boston this week are three core products designed to meet the growing demands for better software security and government regulations requiring enhanced application security across all industries.

New cyber research connects the infamous North Korea-aligned Lazarus Group behind the Linux malware attack called Operation DreamJob to the 3CX supply-chain attack.

Companies that established open-source program offices over the last few years now need more C-suite oversight to drive education, awareness, and use of open-source software. That sets the stage for an expanded role of open-source program officers.

2023 might be a volatile year for cybersecurity officers as they deal with the pressures of maintaining a ridged security posture while also dodging the bullet of blame when attacks are successful.

While Linux malware reached never-before-seen numbers in 2022, the total number of new malware developments among other major computing platforms fell.

LinuxInsider Channels