Tags: security

Best VPNs for Linux

Linux-based operating systems are still a very small part of the desktop market, but that hasn't stopped VPN services from providing client applications. The best we’ve found are from ExpressVPN, NordVPNand VPN Unlimited. Eight of the VPN services we've reviewed have either command-line-interface (...
Read 0 Comments

Critical Vulnerability Allows Kubernetes Node Hacking

Kubernetes has received fixes for one of the most serious vulnerabilities ever found in the project to date. If left unpatched, the flaw could allow attackers to take over entire compute nodes. “With a specially crafted request, users that are allowed to establish a connection through the...
Read 0 Comments

STIBP, Collaborate, and Listen: Linus Floats Linux Kernel That 'Fixes' Intel CPUs' Spectre Slowdown

Linus Torvalds has stuck to his “no swearing” resolution with his regular Sunday night Linux kernel release candidate announcement. Probably the most important aspect of the weekend's release candidate is that it, in a way, improves the performance of STIBP, which is a mitigation that stops malware...
Read 0 Comments

Mass Router Hack Exposes Millions of Devices to Potent NSA Exploit

More than 45,000 Internet routers have been compromised by a newly discovered campaign that’s designed to open networks to attacks by EternalBlue, the potent exploit that was developed by, and then stolen from, the National Security Agency and leaked to the Internet at large, researchers said...
Read 0 Comments

grant-likely.png

Grant Likely
Linux kernel engineer Grant Likely explained the basics of Embedded Base Boot Requirements (EBBR) at the recent Embedded Linux Conference in Edinburgh.

EBBR Aims to Standardize Embedded Boot Process

Arm’s open source EBBR (Embedded Base Boot Requirements) specification is heading for its v1.0 release in December. Within a year or two, the loosely defined EBBR standard should make it easier for Linux distros to support standardized bootup on major embedded hardware platforms. At the recent...
Read 0 Comments

Compromised npm Package: event-stream

Ownership of a popular npm package, event-stream, was transferred by the original author to a malicious user, right9ctrl. This package receives over 1.5mm weekly downloads and is depended on by nearly 1,600 other packages. The malicious user was able to gain the trust of the original author by...
Read 0 Comments

How to Install fail2ban on Ubuntu Server 18.04

If you're looking to secure your Ubuntu Server, one of the first things you should do is install the fail2ban intrusion detection system. What fail2ban does is monitor specific log files (in /var/log) for failed login attempts or automated attacks on your server. When an attempted compromise is...
Read 0 Comments

Linus Torvalds: After Big Linux Performance Hit, Spectre v2 Patch Needs Curbs

Major slowdowns caused by the new Linux 4.20 kernel have been traced to a mitigation for Spectre variant 2 that Linux founder Linus Torvalds now wants restricted. As noted by Linux news site Phoronix, the sudden slowdowns have been caused by a newly implemented mitigation called Single Thread...
Read 0 Comments

Beyond Passwords: 2FA, U2F and Google Advanced Protection

Last week I wrote a couple of different pieces on passwords, firstly about why we're going to be stuck with them for a long time yet and then secondly, about how we all bear some responsibility for making good password choices. A few people took some of the points I made in those posts as being...
Read 0 Comments

cyber-security-20.jpg

browser security
These simple steps can go a long way toward improving your online security.

5 Easy Tips for Linux Web Browser Security

If you use your Linux desktop and never open a web browser, you are a special kind of user. For most of us, however, a web browser has become one of the most-used digital tools on the planet. We work, we play, we get news, we interact, we bank… the number of things we do via a web browser far...
Read 0 Comments

Pages

Click Here!