Multiple Squid Vulnerabilities Fixed in Ubuntu
The Ubuntu security team has recently rolled out critical security updates aimed at addressing several vulnerabilities identified in Squid, a widely used web proxy cache...
Check the status of CVEs. Learn More.
Easy Self Checkout: Buy KernelCare, Extended Lifecycle Support, or Enterprise Support for AlmaLinux Online Now
The Ubuntu security team has recently rolled out critical security updates aimed at addressing several vulnerabilities identified in Squid, a widely used web proxy cache...
A critical flaw has been discovered in the Rust standard library that could lead to serious command injection attacks against Windows users. The BatBadBut vulnerability,...
PALO ALTO, Calif. – April 23, 2024 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced that Glen Kuhne now serves as...
Have you ever downloaded a file and wondered if it’s safe? Now, there’s a powerful new weapon in the fight against malware thanks to the...
Several security vulnerabilities have been identified in LG webOS, the operating system running on LG smart TVs. These LG Smart TV vulnerabilities could be exploited...
Recently, researchers uncovered a significant threat dubbed Spectre v2, a variant of the notorious Spectre attack, targeting Linux systems running on modern Intel processors. Let’s...
The virsh command is used for managing guest virtual machines. You can start, stop, reboot, and get information about VMs effortlessly with commands. Automating security...
Researchers at Proofpoint have found out that the TA547 phishing attack campaigns have been targeting different German companies. Identified as TA547, the threat actor has...
PHP Extended Lifecycle Support (ELS) allows you to continue using older versions of PHP while still receiving security updates for the language, without introducing breaking...
In light of cookie stealing attacks and to ensure Chrome browser protection, Google has recently piloted its new Chrome DBSC. The device-bound session credentials (DBSC)...
On April 3, 2024, the Linux kernel maintainer Greg Kroah-Hartman announced the last 6.7.12 kernel version and end of life (EOL) for the Linux kernel...
Management and support are key components for the efficient utilization of an operating system in cloud computing environments. Adopting security best practices like regular updates,...
In the realm of smartphone security, the recent spotlight has fallen on Google Pixel devices, where two zero-day vulnerabilities have been unearthed and promptly addressed...
Researchers from ETH Zurich have uncovered a new attack method dubbed “Ahoi Attacks” that threatens the security of confidential virtual machines (CVMs) within cloud environments....
In the digital landscape, security is paramount, especially for web servers handling vast amounts of data. As per recent reports, a vulnerability has emerged within...
Recently, the Debian security team fixed several issues in GTKWave, an open-source waveform viewer for VCD (Value Change Dump) files. These vulnerabilities, if exploited, could...
An increasing proportion of critical business infrastructure today exists in the cloud. Companies are investing more and more in digital assets and tools every day....
In recent news, the U.S. Cyber Safety Review Board (CSBR) has raised concerns over Microsoft’s handling of the Storm-0558 attacks, highlighting significant security lapses that...
DinodasRAT, a C++-based malware, has emerged as a serious threat to Linux users. Initially discovered targeting Windows systems, researchers have recently reported a Linux variant...
Protecting the web server with sensitive information is crucial to secure your website. Linux servers are one of the most popular choices among developers and...
Recent media reports have revealed a crucial LayerSlider plugin flaw. According to these reports, this flaw has exposed numerous WordPress sites to SQL attacks and...
In a digital landscape fraught with threats, vigilance is paramount. The cybercriminals are exploiting End-of-Life devices to perpetrate their malicious activities. Recently, Black Lotus Labs,...
Multiple security vulnerabilities were discovered in Cacti, a widely used web interface for monitoring system graphs. These vulnerabilities, if exploited, could lead to severe consequences...
Two terms frequently trip up even seasoned data security professionals: patch management and vulnerability management. But while both are undeniably crucial for keeping your digital...
In light of recent cyber threats, a CISA SharePoint vulnerability warning has been issued. According to media reports, threat actors are exploiting the remote code...
A vulnerability has been identified in the wall command-line utility in Linux, which could allow an attacker to steal user passwords or modify the clipboard...
In light of recent cyber threats, the Dracula phishing platform has prevailed, targeting organizations in over 100 countries. The Dracula phishing attacks are centered on...
SQL injection vulnerabilities, often abbreviated as SQLi, persist as a significant issue in commercial software products. In response to a recent highly publicized malicious campaign...
In an unexpected move, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced an initiative aimed at bolstering the security posture of open-source software...
In light of the recent cybercriminal activity, new user sign-ups on the PyPI platform were halted. Currently, an increase in PyPI malicious package uploads is...
Update April 8th, 2024: Updated ETA for CloudLinux 6h and CloudLinux 7. Update April 10th, 2024: Live patch for CloudLinux 6h and CloudLinux 7 are...
The recent joint warning issued by CISA, NSA, FBI, and other U.S. government and international partners highlights a critical cybersecurity threat: Volt Typhoon, a Chinese...
Handling end of life (EOL) for operating systems is a relatively common, if cumbersome, task that IT teams have to grapple with as part of...
APT31 Hackers, a Chinese threat actor group, has recently been accused by the Finnish police of attacking the nation’s parliament in 2020. According to recent...
Update April 8th, 2024: Updated ETA for AlmaLinux 8. Update April 8th, 2024 – #2: Updated ETA for AlmaLinux 9. Update April 9th, 2024: Live...
The KernelCare team is working on deploying a live patch for CVE-2024-1086 for CloudLinux users. A patch has already been released for CloudLinux 7h and...
Advancements in Internet of Things (IoT) technologies are paving the way for a smarter, more interconnected future. They’re taking down communication barriers among consumers and...
Atlassian, a leading provider of collaboration and productivity software, has recently rolled out a series of patches aimed at fortifying the security of its popular...
Puma is a threaded HTTP 1.1 server used for running Ruby web applications. It facilitates communication between web browsers and Ruby applications, handling incoming requests...
Live patching allows for updating OpenSSL without system reboots – reducing downtime and maintaining service availability. While live patching improves security by enabling faster updates,...
In the ever-evolving landscape of cybersecurity threats, a new variant of malware has emerged, posing significant challenges for detection and mitigation efforts. Known as BunnyLoader...
Recently, several critical vulnerabilities were identified in the Linux kernel. These vulnerabilities could potentially allow attackers to crash systems, steal sensitive information, or even execute...
In a digital landscape where cybersecurity threats constantly evolve, a recent discovery by researchers at the CISPA Helmholtz Center for Information Security has unveiled a...
xz is a widely distributed package that provides lossless compression for both users and developers, and is included by default in most, if not all,...
Several security vulnerabilities were discovered in OpenSSL, a critical library for securing communication across the internet. These vulnerabilities could be exploited by attackers to launch...
In the shifting sands of the world of web development, milestones like the PHP 7.4 end of life (EOL) transition signify crucial inflection points for...
Recent news reports have stated that a hacker allegedly connected to China has been involved in exploiting two popular vulnerabilities. The purpose of such exploits...
KDE, the developer of the popular Plasma desktop environment for Linux, has issued a warning to users regarding the installation of global themes. While these...
Linux kernel embodies a strong security design including least privilege, memory protection, user isolation, and frameworks for adding stricter access controls. Best practices for securing...
Recent media reports have revealed a malicious malware campaign that has been active for the past six months. Reports claim that the WordPress Sign1 malware...
The healthcare sector has once again found itself at the center of a storm. On February 21, Change Healthcare, a titan in healthcare support services,...
Recent reports about legal proceedings, a 34-year-old Russian-Canadian national, Mikhail Vasiliev, has been handed a sentence of almost four years in Canadian prison. Vasiliev’s involvement...
The X.Org X Server, a fundamental component of graphical user interfaces in Linux systems, recently encountered a series of vulnerabilities. These vulnerabilities, if exploited, could...
For modern organizations, safeguarding your system against cyber threats is paramount. Linux, renowned for its robust security features, offers a plethora of firewall solutions to...
In a recent revelation by cybersecurity experts at Kaspersky Labs, a concerning cyber threat has emerged targeting users of popular text editing software in China....
ImageMagick, a popular image manipulation program and library, has been exposed to several vulnerabilities that could leave your system vulnerable to denial-of-service (DoS) attacks. In...
The Zero Day Initiative (ZDI) by Trend Micro uncovered a phishing campaign that exploited a patched Microsoft flaw to infect devices with DarkGate malware. CVE-2024-21412...
Chromium is the open-source browser project that powers popular browsers like Google Chrome and Microsoft Edge. Users of Chromium browsers on Debian 12 “Bookworm” should...
Python 2.7 no longer receives official support from the Python Software Foundation (PSF), including bug fixes, security patches, or any other updates. Migrating from Python...
In the realm of cybersecurity, constant vigilance is paramount as threat actors perpetually seek novel ways to exploit vulnerabilities. Recent research has shed light on...
Linus Torvalds recently announced the release of Linux kernel 6.8, the latest stable version of the Linux kernel. This update brings a plethora of new...
The Proxmox QEMU agent is a daemon which is used to exchange information between the host and the guest. It provides functionalities like properly shutting...
Tomer Peled, an Akamai cybersecurity security researcher, recently discovered a Kubernetes RCE vulnerability that allows threat actors to remotely execute code on Windows endpoints. Not...
Regular security audits and up-to-date patch management are essential for Linux compliance. User access control and robust network security are critical to safeguard Linux systems....
Cybersecurity experts at ESET have come across a malicious campaign that targets Tibetans in many countries by leveraging the website of a religious gathering. Evasive...
BIND, also known as Berkeley Internet Name Domain, is a widely used DNS server software that translates domain names into numerical IP addresses and vice...
After PHP 7.4 EOL, it is difficult to maintain PHP 7.4-based applications securely due to the increased risk of security breaches. Upgrading to newer PHP...
As per recent reports, threat actors are increasingly leveraging Facebook messages to distribute the Python Snake Info Stealer malware. Researchers have noticed that threat actors...
libgit2 is a portable, pure C implementation of the Git core methods library that allows you to use Git within your own software applications. Essentially,...
In light of recent events, Cisco has released patches for two high-severity network vulnerabilities in its Secure Client. As per recent reports, vulnerabilities leading to...
Several vulnerabilities within Node.js were identified, posing a significant threat to Ubuntu systems. These vulnerabilities could enable attackers to execute arbitrary code on compromised systems,...
Extensive code rewrites for upgrading PHP impact operations and security. Extended Lifecycle Support provides patches and fixes for PHP EOL, enabling you to avoid extensive...
In a recent discovery by Sucuri, a concerning trend has emerged involving brute-force attacks on WordPress sites through malicious JavaScript injections. These WordPress brute-force attacks...
In recent times, malicious actors have been found using innovative techniques to infiltrate systems and networks. One such development involves abusing the QEMU open-source hardware...
Live patching techniques for IoT devices have evolved significantly, driven by the need to enhance security and minimize operational disruptions. Automation in IoT live patching...
The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical JetBrains TeamCity vulnerability, emphasizing the urgent need for users to take preventive measures....
Timely patching of OpenSSL vulnerabilities is essential, as attackers often exploit unpatched systems. Implementing automated patching tools minimizes the risk of human errors and ensures...
In the ever-evolving landscape of cybersecurity, a fresh menace has emerged, targeting crypto enthusiasts through a sophisticated phishing kit. This crypto phishing kit, part of...
Recently, the Ubuntu security team released updates aimed at mitigating libde265 vulnerabilities across several releases, including Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu...
In the realm of Linux security, one name stands out for its robustness and effectiveness: Security-Enhanced Linux. This powerful security mechanism, integrated into the Linux...
A highly sensitive flaw has been identified in the LiteSpeed plugin of WordPress, which has put as many as 5 million websites at risk. Uncovered...
In the realm of web development, it is critical to make sure our applications are secure. Recently, the Ubuntu security team addressed a number of...
LockBit ransomware, which has also been known as “ABCD,” has resurfaced on the dark web despite being dealt with strictly by the global law enforcement...
Are you passionate about technology and eager to make a significant impact in the world of Linux security, cybersecurity, or open-source software? Look no further!...
Redis is an open-source, in-memory data structure store, often referred to as a key-value store. It is used as a database, cache, and message broker....
According to W3Techs.com, more than 50% of all the PHP websites still use PHP 7 versions. Each PHP release branch has three years of support:...
In recent months, a concerning trend has emerged within the healthcare sector: the resurgence of BlackCat ransomware attacks. The BlackCat ransomware healthcare attack has prompted...
LinuxTalk with TuxCare series offers valuable insights surrounding malware, exploits and patch management PALO ALTO, Calif. – March 11, 2024 – TuxCare, a global...
GNU binutils is a set of programming tools for creating and managing binary programs and object files on various computer architectures. It includes utilities like...
Occasionally, the IT world is gripped by a resurgence of concern – sometimes a fleeting trend, other times a significant issue. Lately, the term “Security...
The cybersecurity world is abuzz with the revelation of Lazarus Group’s exploitation of a critical vulnerability in Windows Kernel. The Windows Kernel flaw, targeting CVE-2024-21338,...
Mitigating potential vulnerabilities requires proactive measures due to the complexity of embedded Linux IoT devices The use of containerization and virtualization reduces the attack surface...
Avast, the famous antivirus software company, has been hit by a $16.5 million fine by the Federal Trade Commission (FTC). The Avast FTC fine was...
The Sysdig Threat Research Team (TRT) discovered that a threat actor is leveraging an open-source network mapping tool called SSH-Snake for malicious activities. This tool...
KVM offers several methods to manage virtual machines, including command-line tools and graphical user interfaces (GUIs) All logs related to KVM virtual machines are stored...
Disinformation campaigns play an important role in cyber warfare, and this is exactly what Russian hackers target Ukraine. After waging war on Ukraine on land,...
VMware has issued a no-patch advisory urging users to take swift action by removing the deprecated Enhanced Authentication Plug-in (EAP). EAP was deprecated nearly three...
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue...
Recent cybersecurity research has unveiled critical vulnerabilities in open-source Wi-Fi software, impacting a wide range of devices, including Android smartphones, Linux systems, and ChromeOS devices....
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue...
A new threat has emerged in the form of a Python script called SNS Sender, which malicious actors are utilizing to send bulk smishing messages...
In recent cybersecurity developments, a malevolent Python script named SNS Sender has surfaced as a tool for threat actors to conduct bulk smishing attacks by...
Recently, Ubuntu has rolled out security updates addressing several Linux kernel vulnerabilities in Ubuntu 18.04. In this article, we will delve into the specifics of...
In a landscape where cyber threats loom large, the hunt for cybercriminals intensifies. Today, we’re turning the spotlight on LockBit ransomware attacks and the unprecedented...
Neglecting patch management for QEMU poses serious risks, including data breaches, privilege escalations, and compliance violations Timely deployment of security patches is crucial for mitigating...
In the ever-evolving landscape of mobile Deepfakes malware attacks, a notorious threat actor named GoldFactory has surfaced, leaving a trail of highly sophisticated banking trojans...
Ivanti Pulse Secure VPN appliances have recently been a target of several sophisticated attacks, highlighting the ongoing challenges in safeguarding critical IT infrastructure like network...
As a CIO, security officer, or compliance officer, have you adopted the CARE model yet? In your role, you understand the importance of cybersecurity. You’ve...
On February 10th, 2024, the Debian Project unveiled Debian 12.5, the fourth ISO update to the ongoing Debian GNU/Linux 12 “Bookworm” series. This release, which...
As of the time I’m writing this, earlier this week a cybersecurity bombshell story just broke that, for once, is actually a positive turn of...
A cybersecurity firm has recently detected a flaw in the Microsoft Defender SmartScreen and is terming it a zero-day threat. The target devices are infected...
Recently, several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in side channel attacks, leaking of sensitive data to log files,...
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue...
A recent report revealed that, four months after its sudden disappearance, the notorious Bumblebee malware has emerged once again with different US-based organizations as its...
Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Roundcube webmail vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2023-43770, this...
-You want to fix your supply chain vulnerability, but have no update available for your environment -Maintaining open-source packages is mostly done on a...
In a recent disclosure by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), a state government organization fell victim to a cyber breach facilitated by...
As businesses accelerate their digital initiatives, the shadow of cybersecurity threats grows. Every advancement brings new challenges—is your Google account hacked? Are covert malware campaigns...
Financial cyberattacks pose a significant threat to the stability of global economies and the security of financial institutions. In a recent cybersecurity development, a staggering...
A race condition vulnerability usually occurs in concurrent or multi-threaded programs where multiple processes or threads access shared resources without proper synchronization. Unpredictable outcomes like...
CentOS 7 optimization is essential for running virtual machines efficiently, especially as its end-of-life date approaches, which will necessitate security updates, kernel tuning, and resource...
In a recent revelation, the U.S. government disclosed that the Chinese state-sponsored hacking group, Volt Typhoon has surreptitiously infiltrated critical infrastructure networks within the country...
Multiple vulnerabilities were discovered in FreeImage, an open-source support library for graphic image formats. These vulnerabilities, when left unaddressed, could potentially lead to denial of...
The nearing CentOS Stream 8 EOL on May 31st, 2024, left many users and organizations scrambling for alternatives Users can either migrate to alternative Linux...
In recent cyber threat intelligence developments, an unnamed Islamic non-profit organization based in Saudi Arabia has fallen victim to a covert cyber-espionage campaign employing a...
Squid is a powerful tool for caching proxy for the web, but like any software, it is not immune to vulnerabilities. Several security vulnerabilities have...
Will your critical applications run smoothly on AlmaLinux? It’s important to test them beforehand. Integrating AlmaLinux requires a comprehensive strategy to address potential issues and...
Cybersecurity threat experts have recently discovered a new variant of the malware named XLoader, commonly known as MoqHao, that has the ability to automatically infect...
Several vulnerabilities were discovered in libde265, an Open H.265 video codec implementation. These vulnerabilities could result in denial of service and potentially the execution of...
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue...
In a recent revelation, the Dutch Ministry of Defence disclosed a concerning breach in its internal computer network, orchestrated by Chinese state-sponsored hackers. The network...
In a recent revelation, Cloudflare, a prominent networking giant, disclosed a security breach that occurred in late November, where threat actors exploit stolen passwords to...
A set of critical security vulnerabilities has been found in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware...
nftables provides a simpler, more efficient alternative to iptables, with unified IPv4/IPv6 handling. Features like rule tracing and multi-action rules in nftables enhance network management....
In response to pressing security concerns, Juniper Networks has swiftly deployed out-of-band updates aimed at mitigating two high-severity vulnerabilities. These vulnerabilities, identified as CVE-2024-21619 and...
Google-owned Mandiant has uncovered a new malware exploiting vulnerabilities in Ivanti Connect Secure VPN and Policy Secure devices. These malwares have been utilized by several...
A software vendor, a threat actor, and a bug bounty hunter walk into a bar. The bug bounty hunter goes “have you guys heard about...
Exposed Docker API risks pose significant security threats to organizations utilizing container technology. In recent months, a sophisticated crypto jacking operation dubbed Commando Cat has...
A new variant of the sophisticated botnet “FritzFrog” has emerged, leveraging the Log4Shell vulnerability for propagation. Despite more than two years passing since the Log4j...
Unpatched devices often have known security vulnerabilities that could be exploited by attackers IoT live patching keeps devices online and operational even during security updates,...
In recent developments, security researchers have unveiled a series of high-severity vulnerabilities, collectively named ‘Leaky Vessels,’ or the RunC flaw exploits impacting key container infrastructure...
GitLab has recently released important patches to fix a critical security vulnerability affecting both its Community Edition (CE) and Enterprise Edition (EE). The flaw, identified...
Facing CentOS 7 end of life (EOL), organizations must migrate to new Linux distributions, requiring strategic planning to avoid disruptions and security risks. Migration involves...
In recent developments, the Italian data protection regulators have raised concerns regarding some privacy issues with ChatGPT, specifically the compliance of OpenAI’s ChatGPT with local...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
In the realm of cybersecurity, recent events have once again brought attention to the persistent and evolving cyber-attack on organizations worldwide. One such incident involves...
As a fundamental element of nearly every Linux-based system, the GNU C Library, or glibc, acts as a core library connecting applications with the Linux...
Since PHP 8.0 reached its end of life in November 2023, organizations have been facing significant security and operational risks due to the lack of...
Online scams through Google ads continue to pose a significant threat to internet users worldwide. Malicious actors continuously evolve their strategies to exploit vulnerabilities and...
Mozilla released the new version of its popular browser, Firefox 122, on January 23, 2024. It came 1 month and 5 days after the previous...
Enterprise live patching services are essential in proactive cybersecurity strategies. There is no need to reboot the system when using the live patching method....
In a recent announcement, Microsoft issued a warning regarding the increasing activities of APT29, a Russian state-sponsored cyber threat group. This group, notorious for its...
In a recent revelation, German cybersecurity firm DCSO has uncovered the Konni RAT malware attack, which involves the deployment of a Remote Access Trojan. The...
The Ubuntu security team has recently released Ubuntu kernel updates to address several high-severity Linux kernel vulnerabilities. The affected operating systems include Ubuntu 22.04 LTS,...
Linux Security Is Multifaceted: Effective Linux security encompasses user management, network design, and consistent system updates to safeguard against threats. User Management Is Crucial: Properly...
Russian cybercriminals are known for their sophisticated tactics and global reach. In recent news, a significant development has shed light on the consequences of cybercriminal...
In recent times, the cybersecurity landscape has witnessed a surge in threats targeting Ivanti Connect Secure and Ivanti Policy Secure solutions. The Cybersecurity and Infrastructure...
QEMU stands out for its ability to emulate various CPU architectures, making it an essential tool for developers and testers. While QEMU operates on software-based...
Jenkins, an influential Java-based open-source automation platform celebrated for its extensive plugin ecosystem and continuous integration capabilities, recently unveiled a series of vulnerabilities in its...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
In recent cybersecurity developments, the COLDRIVER custom malware. A notorious hacking group, COLDRIVER, has taken its attack tactics to a new level, deploying a custom...
CISA and FBI have jointly issued a warning about the threat posed by AndroxGh0st malware, emphasizing its use in establishing a botnet for “victim identification...
Live patching plays a vital role in helping enterprises stay secure Live patching is becoming crucial for maintaining compliance with various data privacy standards...
In recent developments, GitHub, a Microsoft-owned subsidiary, has taken proactive measures to address a security vulnerability potentially exposing credentials within production containers. In this article,...
In recent times, Docker services have become a focal point for malicious actors seeking innovative ways to monetize their exploits. A recent discovery by cloud...
Get an additional 6 years of lifecycle support after the standard 10-year lifecycle Includes automated live patching tools (KernelCare Enterprise and LibCare) Enterprise-grade...
In a recent cyber threat development, the notorious Remcos RAT attack has shifted its focus towards South Korean users, leveraging files shared on the Webhards...
Ubuntu 22.04 LTS was first released on 21 April 2021 and is supported until April 2027. The latest version of this long-term support release (5...
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue...
Threat actors have recently used the Balada injector malware to exploit a plugin vulnerability, leading to the compromise of more than 7,000 WordPress sites. Recent...
In a recent move to bolster cybersecurity defenses, CISA has issued a directive to U.S. federal agencies to urgently secure their systems against three newly...
Quick question: when is it ok to run a networked system without updates? If the answer takes more than 1 second and is anything other...
In a startling cybercrime saga that unfolded between November 2022 and November 2023, the notorious Inferno Drainer, operating under a scam-as-a-service model, managed to amass...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
In recent developments, Cisco has taken swift action to address a critical security flaw impacting Unity Connection, a vulnerability marked as CVE-2024-20272, with a concerning...
New CentOS 7 ELS Complete tier of service from TuxCare is set to make CentOS 7 end of a life a non-event when it takes...
Linus Torvalds announced the release of Linux kernel 6.7 on January 7, 2024, featuring various improvements and new features. One major addition is the bcachefs...
AI was the leading story of 2023 – to provide some context, ChatGPT became Wikipedia’s most viewed article of 2023 – and it has been...
In the ever-evolving realm of cybersecurity threats, GitHub, a widely embraced collaborative coding and version control platform, has become a prime target for cybercriminals and...
Go is an open-source programming language that has gained popularity for efficiency and simplicity. However, as with any software, vulnerabilities can lurk within its libraries...
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue...
In the ever-evolving landscape of cybersecurity, a recent revelation has come to light – the emergence of a new Python-based hacking tool. Malicious activities initiated...
QEMU is a widely used open-source emulator for running multiple operating systems within a virtual machine. However, recent discoveries by the Ubuntu security team have...
Flexible, remote, and hybrid working models have been in the business environment for quite some time now, and the recent health crisis has made it...
In a groundbreaking move, the U.S. Federal Trade Commission (FTC) has taken decisive action against data broker Outlogic, formerly known as X-Mode Social. Recently, the...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning for organizations nationwide, adding six critical vulnerabilities to its “Known Exploited Vulnerabilities” (KEV)...
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue...
In recent cybersecurity developments, a novel Mirai-based botnet known as Mirai NoaBot has emerged, posing a significant threat to Linux servers since the start of...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
In a recent cybersecurity incident, Orange Spain faced a significant internet outage on January 3, 2024. A threat actor, going by the name ‘Snow,’ exploited...
Debian 10’s End of Life (EOL) highlights the critical need for upgrading to maintain security and compatibility. Upgrading from Debian 10 involves balancing hardware compatibility,...
In the evolving landscape of healthcare cybersecurity, the recent data breach at HealthEC LLC has sent shockwaves through the industry, affecting nearly 4.5 million individuals...
In the ever-evolving landscape of cybersecurity, a recent discovery by Palo Alto Networks Unit 42 and Symantec sheds light on a new Go-based malware loader...
In a recent cybersecurity revelation, the Python Package Index (PyPI) has fallen victim to the infiltration of three malicious packages: modularseven, driftme, and catme. These...
”Supply chain attack” encompasses many different forms of attacks and exploits Yet another type was recently uncovered – malicious behavior in properly signed installers While...
In the ever-evolving landscape of cyber threats via email, a novel exploitation technique has emerged – Simple Mail Transfer Protocol – SMTP smuggling. This method,...
The Ubuntu security team has recently addressed several vulnerabilities affecting Node.js packages in Ubuntu 22.04 LTS. These vulnerabilities were initially found in OpenSSL. As the...
CentOS Stream 8 will reach the end of life on May 31, 2024 Using CentOS Stream 8 after EOL could lead to security and compliance...
In a recent revelation by Ukraine’s top cyber official, Illia Vitiuk, it has been unveiled that the cyberattack on Kyivstar, Ukraine’s largest telecom operator, had...
In the dynamic realm of cybersecurity, staying ahead of potential threats is crucial for maintaining a secure computing environment. For Debian GNU/Linux users, keeping the...
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue...
Recent research findings have brought to light a new DLL variant pertaining to search order hijacking techniques. As per recent reports, this dynamic link library...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
The landscape of cybersecurity threats 2024 presents unprecedented challenges, requiring a proactive and adaptive approach to safeguard digital ecosystems. This brings us to a recent...
Recently, Google Cloud addressed a medium-severity security vulnerability that could potentially be exploited by attackers with access to a Kubernetes cluster. This flaw, discovered and...
*The Supply Chain is vulnerable at all levels, from the code to the distribution *Node.js repository was effectively locked after a developer uploaded a malicious...
In a recent announcement, Microsoft disclosed its decision to once again disable the ms-appinstaller protocol handler by default amid the Microsoft malware attacks. They took...
Data breaches are a major concern in the ever-evolving landscape of digital healthcare. One recent incident that has come to light involves ESO Solutions, a...
Live patching does not necessitate rebooting IoT devices, enabling patching without disruptions KernelCare IoT is an affordable option for automated live patching of connected devices...
In the ever-evolving landscape of cyber threats, a recent phishing campaign has surfaced. This Nim-based malware employs decoy Microsoft Word documents to deliver a backdoor...
In recent times, Linux SSH servers have become a prime target for attackers aiming to compromise security and exploit vulnerabilities for malicious activities. This article...
Embedded systems are vulnerable to network-based attacks. Containers provide an added layer of security to embedded systems. Hardware security modules can be used to protect...
In recent developments, Barracuda, a prominent network and email cybersecurity firm, has been grappling with a zero-day vulnerability. The vulnerability has been identified as CVE-2023-7102...
Debian and Ubuntu have released security updates for their respective OS versions, addressing five flaws discovered in the openssh package. In this article, we will...
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue...
Recent reports have highlighted the return of the Carbanak Malware. As per the reports, it’s a banking malware used in ransomware attacks that leverages updated...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
In a disconcerting revelation, a newly identified strain of JavaScript malware has set its sights on compromising online banking accounts, orchestrating a widespread campaign impacting...
In its latest stride towards user security, Mozilla has rolled out Firefox 121, bringing along a slew of crucial updates to address 18 vulnerabilities, five...
The need for virtualization is crucial in many corporate systems, as it offers significant savings in both financial and energy resources. Consequently, advancing in this...
In the realm of cybersecurity, vigilance is paramount, and recent developments reveal a persistent threat facing Ukrainian entities. In mid-2023, the Ukrainian CERT issued advisory...
Researchers at Ruhr University Bochum have discovered a new threat to OpenSSH security known as the Terrapin attack. This sophisticated attack manipulates sequence numbers during...
As CentOS 7 approaches its end of life (EOL), it’s crucial for users and administrators to understand the implications of this transition. The EOL of...
AT&T Alien Labs has recently discovered an information stealer called the JaskaGo malware. Threats arising from the cross-platform malware are highly severe as it can...
Canonical has officially marked the end-of-life date for Ubuntu 23.04, also known as “Lunar Lobster,” as January 25, 2024. As the sun sets on this...
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue...
Google, in light of recent events, has launched a critical update for a high-severity Chrome zero-day vulnerability. As per recent reports, Google claims that the...
In an ever-evolving digital landscape, the healthcare and public health (HPH) sector faces increasing cybersecurity challenges. The United States Cybersecurity and Infrastructure Security Agency (CISA)...
When you find out your website is hacked, it’s understandable that you’d begin to panic. But it’s much better to plan and take action immediately...
Threat actors with malicious intent have now been exploiting an old MS Excel vulnerability as part of their phishing campaign. The aim of such exploits...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
In a significant stride against cybercrime, Microsoft has declared victory in dismantling cybercrime operations of Storm-1152. This group, a major player in the cybercrime-as-a-service (CaaS)...
The third ISO update to the current stable Debian 12 series, Debian 12.4, has arrived superseding Debian 12.3. Debian 12.3 was delayed due to an...
In recent findings by Sonar, critical security vulnerabilities have emerged within the widely-used open-source Netgate pfSense firewall solution, potentially exposing susceptible appliances to unauthorized command...
An alarming 38% of applications that use the Apache Log4j library use the versions susceptible to security vulnerabilities. One of them is a critical vulnerability,...
The conventional patching method necessitates a reboot. Live patching eliminates the need to reboot the system. KernelCare IoT automates patching for Linux-based IoT devices. ...
Ukraine’s largest telecom operator, Kyivstar, was recently shut down after falling prey to a cyberattack. The Kyivstar cyber attack left millions of Ukrainians without access...
In a groundbreaking revelation, researchers from Vrije Universiteit Amsterdam have uncovered a formidable side-channel attack known as SLAM, posing a serious threat to the security...
Multiple UEFI vulnerabilities can lead to Linux, Windows, and Mac exploits LogoFAIL persists across operating system reinstallations It also extends the supply chain risks to...
Recent events have brought to light the Ledger supply chain breach, a cybercrime incident that led to the theft of $600,000 in virtual assets. For...
Vim, a powerful and widely used text editor, has recently come under scrutiny due to several vulnerabilities that could potentially compromise system security. In this...
Sophisticated Internet of Things (IoT) technologies transformed the cybersecurity systems in financial services. They’re continuously evolving and improving. Take credit cards as an example—commercial banks...
In light of recent GambleForce attacks, a new threat actor has emerged, targeting more than 20 organizations across the Asia-Pacific region. The hacker group is...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
In a significant development, Anatoly Legkodymov, the Russian founder of the now-defunct Bitzlato cryptocurrency exchange, has recently pleaded guilty to charges related to operating an...
In the fast-paced world of mobile technology, ensuring the security of our devices is paramount. Google, the company behind the Android operating system, has recently...
QEMU is mostly used for system-level virtualization and emulation. QEMU operates in both user mode and system mode. Automate patching with the QEMUCare...
In the ever-evolving landscape of cybersecurity, a significant Bluetooth security flaw has emerged, posing a threat to devices operating on Android, Linux, macOS, and iOS....
In the field of cybersecurity, a potent and covert threat called Krasue has surfaced. This remote access trojan has been silently infiltrating Linux systems, primarily...
Python 3.7 reached end of life on June 27, 2023 The current newest Python major release is Python 3.12 Running end-of-life software poses...
In a recent Microsoft security alert, the notorious threat actor known as COLDRIVER has escalated its credential theft activities, targeting entities strategically significant to Russia....
In this dynamic field of cybersecurity, one persistent threat continues to loom over businesses that use Adobe’s ColdFusion application. Despite a patch released in March,...
As many as 70 to 80 percent of companies are moving at least part of their data back from the public cloud every year. At...
In a recent scrutiny of Sierra wireless routers, Forescout’s Vedere Labs uncovered 21 novel vulnerabilities that, though relatively straightforward to exploit, pose historical challenges for...
The recent Ubuntu Linux Kernel security updates have fixed several vulnerabilities found in the Linux kernel. These updates are available for Ubuntu 23.04 and Ubuntu...
Automated tools simplify the Linux kernel patching process. Most distributions provide patches through system updates. Live patching eliminates the need to reboot the...
In the ever-evolving landscape of digital security, WordPress has recently released a critical code execution update, version 6.4.2, addressing a potential threat that could jeopardize...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
In a bid to fortify the security of its Chrome browser, Google has swiftly addressed seven vulnerabilities, with one particularly menacing zero-day exploit. This critical...
In the cybersecurity world, the second Tuesday of every month is a significant date marked by the release of security updates known as Patch Tuesday....
Discussions about cybersecurity often unfold amidst grandiose and alarming narratives: ‘high impact,’ ‘critical,’ ‘most dangerous vulnerability‘ – phrases designed to catch headlines. The conversation floats...
The U.S. Treasury Department recently took a significant step in the ongoing battle against cybercrime by imposing sanctions on Sinbad. It’s a virtual currency mixer...
Recently, ownCloud, a renowned open-source file-sharing software, disclosed three critical security vulnerabilities that demand immediate attention. This article delves into the specifics of these vulnerabilities...
Python 2 was officially maintained and supported until January 1, 2020. The system becomes highly vulnerable without Python 2 security updates. TuxCare’s ELS...
A cyberattack campaign dubbed the CACTUS Qlik Ransomware has become prominent in ransomware attacks on BI systems. Researchers have warned of threat actors exploiting three...
A new threat has emerged, sending shockwaves through the cybersecurity industry – the LogoFAIL attack. This vulnerability targets the image-parsing components within the UEFI code,...
In recent years, the adoption of open-source software in development has surged, now comprising up to 90% of what’s built. Its popularity among companies globally...
Threat actors from North Korea have been increasingly targeting the cryptocurrency sector since 2017 as a source of generating revenue. Reports have claimed that the...
The year 2023 is coming near to end and by far, 271 vulnerabilities have been discovered in the Linux kernel. Recently, the three end-of-life Ubuntu...
Learn about the Proxmox QEMU agent for exchanging information between the host and VMs Discover how to execute QEMU guest agent commands in the...
In a significant development, a Russian individual, Vladimir Dunaev, has confessed to his involvement in the creation and deployment of the notorious Trickbot malware. Trickbot,...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service (SaaS) provider, reported unauthorized access to its MOVEit Transfer server, affecting the...
In recent times, a concerning surge in a new wave of cyber threats, specifically targeting Android users in India, has come to light. Cyber attackers...
QEMU is a popular open-source machine emulator. QEMU supports hardware virtualization extensions (Intel VT-x and AMD-V). QEMUCare offers a live patching solution for...
In the realm of cybersecurity, a recent study has brought to light a series of Hello Authentication vulnerabilities that could compromise the Windows Hello authentication...
Ubuntu has recently released security fixes for Ubuntu 22.04 LTS and Ubuntu 23.04, addressing several vulnerabilities found in the Linux kernel. Exploiting these vulnerabilities could...
In the realm of Linux system management, task automation stands as a cornerstone, a trusted ally for administrators seeking to navigate the complex landscape of...
Cybersecurity researchers are warning of Kubernetes security issues amid the exposure of configuration secrets. It has been deemed that such exposure could put organizations at...
Calling all professional Linux users, open-source software enthusiasts, and anyone who knows what’s happening in Enterprise Linux! TuxCare invites you to participate in our year-in-review...
In the realm of secure communication protocols, RSA keys play a pivotal role in safeguarding sensitive information. Recently, a group of researchers from prominent universities...
Organizations often encounter the challenge of managing complex technology ecosystems while ensuring data security, compliance, and risk management. One crucial aspect of this challenge is...
In the ever-evolving landscape of cybersecurity, a recent discovery sheds light on a new phishing attack being dubbed the Konni malware. This cyber assault employs...
Cybersecurity challenges persist in the ever-evolving digital landscape, and DDoS (Distributed Denial of Service) attacks have been a significant threat. Recently, Blender, a renowned 3D...
KVM (Kernel-based Virtual Machine) is a powerful open-source virtualization technology that is built into the Linux kernel. It enables the operation of multiple virtual machines...
InfectedSlurs, a Mirai botnet malware, has been exploiting two zero-day remote code execution (RCE) vulnerabilities. The malware targets routers and video recorders (NVR) devices, aiming...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
Cyber threats in business email systems have become extremely common in this digital world. Recently, a critical zero-day vulnerability in the widely used Zimbra Collaboration...
Recently, security researchers have discovered a new attack method named CacheWarp. This attack poses a threat to AMD SEV-protected virtual machines, allowing malicious actors to...
System administrators face the continuous challenge of ensuring reliability, security, and efficiency in their IT environments. One solution that is increasingly gaining traction is AlmaLinux....
In a recent cybersecurity revelation, a formidable and highly sophisticated cyber threat has surfaced, going by the name DarkCasino. Initially perceived as a phishing campaign...
A series of Cobbler vulnerabilities have been addressed in Ubuntu 16.04 ESM in the recent security updates. Ubuntu 16.04 ESM (Expanded Security Maintenance) is the...
The Forum of Incident Response and Security Teams (FIRST) has officially released version 4.0 of the Common Vulnerability Scoring System (CVSS). This new version comes...
Intel recently released multiple fixes for a high-severity vulnerability dubbed Reptar. The CVE-2023-23583 has a CVSS score of 8.8 and, when exploited, has the potential...
Beware of a new threat in the cyber realm: the ‘Ddostf’ malware botnet is on the prowl, specifically targeting MySQL servers. This malicious botnet enslaves...
Cybersecurity incidents are more than availability problems Malicious actors are using the legal process to their advantage Personal liability for cybersecurity mishandling is becoming more...
On Tuesday, November 14th, 2023, the United States (US) government initiated the IPStrom takedown, Russian mastermind pled guilty to being the brains behind the operation....
For the past six months, an unidentified threat actor has been slipping malicious packages into the Python Package Index (PyPI), a repository for Python software....
Security-Enhanced Linux (SELinux) is a powerful solution for improving the security posture of Linux-based systems. Developed by the National Security Agency (NSA), it has been...
The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a warning against the Rhysida ransomware threat. As...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
The latest Linux kernel 6.6, released in late October 2023, has taken an unexpected turn by being officially a Long Term Support (LTS) on kernel.org....
In a recent revelation, SysAid, a leading IT management software provider, has unveiled a critical security threat affecting its on-premises software. The threat actor, identified...
Cybersecurity is what protects your company’s important information from threats such as malware and data breaches. A cybersecurity strategy sets out the current risks facing...
The next major release, Linux kernel 6.7, is on its way, with the first Release Candidate (RC) now available for public testing. According to Torvalds,...
In a recent revelation, a cluster of malicious Python packages has infiltrated the Python Package Index (PyPI), posing a significant threat to developers’ systems by...
IoT device management refers to the process of remotely overseeing, configuring, monitoring, and maintaining Internet of Things (IoT) devices. It involves tasks like provisioning, firmware...
Veeam has recently released essential updates to address four security vulnerabilities in its Veeam ONE monitoring and analytics platform. Two of them are critical, and...
In a recent wave of cyber disruptions, the elusive Anonymous hacker group Sudan, self-identified as Storm-1359, claimed responsibility for orchestrating a distributed denial-of-service (DDoS) attack...
You’re probably familiar with web security risks. If you’re running a small business, whether online, bricks and mortar or both, you hopefully have some kind...
The AlmaLinux OS Foundation has just dropped the latest version of its open-source operating system, and it’s a game-changer. Say hello to AlmaLinux OS 9.3,...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a notable update incorporating a high-severity vulnerability in the Service Location Protocol (SLP) into its Known...
Stands as the company’s 10th active ELS Program, positioning TuxCare as a clear innovator in protecting end-of-life offerings PALO ALTO, Calif. – November 20,...
Attention Docker users: a new threat known as OracleIV is on the rise, targeting publicly accessible Docker Engine API instances. Researchers from Cado have uncovered...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
In a recent discovery, 48 malicious npm packages have been found lurking in the npm repository. These tricky packages have the power to deploy a...
In a significant revelation, security experts have uncovered a substantial number of Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers with potential vulnerabilities...
In 2014, the cybersecurity community witnessed a critical OpenSSL vulnerability, “Heartbleed,” which changed how the world perceived digital security. It is considered to be among...
CISA has put a spotlight on a high-severity Service Location Protocol (SLP) vulnerability. CISA has bumped it up to the Known Exploited Vulnerabilities catalog. Why...
PALO ALTO, Calif. – November 15, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it’s now offering early access to...
In the world of cybersecurity, new threats emerge constantly, and it’s vital for organizations to stay vigilant. Recently, a critical vulnerability, known as CVE-2023-46604, has...
In today’s business world, companies are determined to create software faster than ever before. Developers are under immense pressure to deliver products to customers quickly....
Atlassian has issued a warning regarding a Confluence vulnerability that could expose your system to data destruction attacks. This vulnerability, identified as CVE-2023-22518, is an...
In today’s digital landscape, ensuring the security and integrity of your data is paramount. Atlassian, a prominent software company, recently issued a crucial advisory regarding...
While checking my cybersecurity news feed a couple of days ago, an account (re-)publishing stories from years gone by was highlighting a late 2000 (actual...
Recently, there has been a concerning development in the world of cloud security. A group of threat actors linked to Kinsing is actively targeting cloud...
In a surprising turn of events, the Mozi botnet experienced a sudden and significant drop in malicious activities in August 2023. This unexpected decline was...
The looming end of life (EOL) for CentOS Stream 8 – set for May 31, 2024 – presents both challenges and opportunities for developers, administrators,...
When it comes to securing the CentOS server, one of the essential tools at your disposal is Firewalld. Firewalld is, by default, available in CentOS...
xrdp is a free and open-source project that enables a graphical login to remote systems by utilizing the Microsoft Remote Desktop Protocol (RDP). The Ubuntu...
In the cybersecurity domain, we often assume that regularly checking for and applying updates keeps our systems secure. However, a subtle nuance is frequently overlooked....
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
Recently, there’s been a buzz in the tech world about a potential security risk known as the ‘Citrix Bleed’ vulnerability, officially labeled as CVE-2023-4966. This...
In recent news, F5 has issued a critical security alert regarding a significant BIG-IP vulnerability that poses a severe risk to their BIG-IP systems. This...
Kernel patches are changes in code that are applied to the Linux kernel to address bugs and security issues as well as improve hardware support....
Ubuntu 22.04 LTS has received security updates addressing several Node.js vulnerabilities that could be exploited to cause a denial of service or arbitrary code execution....
In the realm of healthcare, the security and integrity of patient data are paramount. However, a recent discovery has shed light on a critical vulnerability...
PALO ALTO, Calif. – November 8, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it debuted a new partner program...
The robust security features of Linux make it the preferable choice for many enterprises. However, like any other operating system, security vulnerabilities can occur in...
Mozilla and Google have recently released important security updates for their web browsers, Firefox and Chrome. These updates include patches for several vulnerabilities, including some...
In a recent cybersecurity development, an elusive threat actor named Winter Vivern aimed its sights at the popular Roundcube webmail software, successfully exploiting a zero-day...
Since 2016, new vulnerabilities reported each year have nearly tripled. With the increasing number of discovered vulnerabilities, organizations need to prioritize which of them need...
The latest release of Linux Kernel, version 6.6, has just landed, and it’s packed with a bunch of awesome updates. Whether you are a Linux...
In the ever-evolving world of cybercrime, a formidable adversary is on the rise – Octo Tempest, a group of native English-speaking hackers who have transitioned...
Despite advances in fraud detection technology, many individuals and businesses still face the impact of financial crime. In fact, losses from e-commerce online payment fraud...
CISA and HHS joined forces to discuss the cybersecurity challenges faced by the U.S. healthcare and public health (HPH) sector. This discussion aims to address...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
The Ubuntu security team has released new updates for Ubuntu 16.04 and Ubuntu 18.04, patching several high severity vulnerabilities discovered in the Linux kernel. Since...
In recent times, security experts have detected a surge in cyber threats linked to the exploitation of a known vulnerability, CVE-2023-38831, in WinRAR, a widely...
The ability to run various operating systems, be it for development, testing, or just plain experimentation, is no longer a luxury – but a necessity....
CISA, FBI, and MS-ISAC are strongly advising network administrators to promptly apply patches to their Atlassian Confluence servers to protect against the active exploitation of...
In recent developments, cybersecurity experts have uncovered a series of cyberattacks originating from Vietnam, targeting the digital marketing sector in the United Kingdom, the United...
PALO ALTO, Calif. – November 1, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it now offers Extended Lifecycle...
While AlmaLinux is designed to be stable and reliable, like any other operating system, it can encounter common problems. AlmaLinux is a popular open-source Linux...
VMware has recently issued important security updates to address a critical vulnerability in its vCenter Server, which is a crucial component for managing virtualized infrastructure....
In the ever-evolving landscape of cybersecurity threats, a new information stealer has emerged known as ExelaStealer. This latest addition to the array of malicious software...
Supply chain attacks have surged in recent years, gradually becoming a formidable threat in the cybersecurity landscape. Yet, despite their growing prevalence, there seems to...
Cisco has patched two vulnerabilities, tracked as CVE-2023-20198 and CVE-2023-20273 that hackers are actively exploiting to compromise thousands of devices. The patch has been made...
In recent news, Microsoft has issued a warning about a JetBrains TeamCity flaw being exploited by North Korean threat actors. These attacks, linked to the...
The realm of cryptography finds itself on the cusp of a groundbreaking evolution. While classical encryption methodologies have been heralded for their resilience against brute-force...
Hey there, Ubuntu users! We have got some important news about your favorite text editor, Vim. The latest security updates have been released to fix...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
Several FFmpeg vulnerabilities were addressed in the latest Ubuntu security updates. These updates are available for Ubuntu 20.04 LTS, Ubuntu 18.04 ESM, and Ubuntu 16.04...
Microsoft published its monthly Patch Tuesday updates in October 2023, resolving a total of 103 vulnerabilities across its platforms. In the wild, two of these...
Some information found in this blog post has been sourced from an AMD security bulletin as well as a Phoronix article covering a speculative side-channel...
Following Linux kernel vulnerabilities have been addressed in Ubuntu security updates for different Linux kernel packages in Ubuntu 20.04 LTS and Ubuntu 18.04 ESM. ...
In the ever-evolving landscape of cybersecurity threats, hackers have once again employed a cunning strategy by exploiting LinkedIn’s Smart Links in phishing attacks, aiming to...
Virtualization is a cornerstone of the modern IT landscape, enabling businesses to consolidate server workloads, enhance security, and foster a more efficient infrastructure. At the...
The recent Ubuntu security updates released patches for several Intel IoTG vulnerabilities in the Ubuntu 22.04 LTS operating system. It is essential to update the...
In a recent security issue, a deceptive NuGet package threatens .NET developers with the deployment of the SeroXen RAT, a harmful remote access trojan. Because...
Cloud infrastructure is the underlying foundation of hardware and software elements that enable the delivery of cloud computing services through the Internet. It offers the...
A memory corruption vulnerability within the open-source libcue library allows attackers to execute arbitrary code on Linux systems running the GNOME desktop environment. The libcue...
In the ever-evolving world of cybersecurity, vigilance is crucial to safeguarding your website. A recent threat known as Balada Injector has cast a dark shadow...
Supply chain attacks have witnessed a staggering surge in recent years, morphing into a formidable threat in the cyber landscape. When businesses are increasingly reliant...
The most anticipated Ubuntu interim release, Ubuntu 23.10, has finally arrived with the Linux kernel 6.5, GNOME 45, and many other improvements. Codenamed “Mantic Minotaur”,...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
Debian 12.2 was released on October 7, 2023. This update arrived two and a half months after the previous Debian 12.1 release, mainly addressing security...
In the ever-evolving landscape of cyber threats, a familiar adversary has reared its head once again. QakBot, a well-known malware and botnet operator with a...
One might assume that upgrading an operating system (OS) is a straightforward task. However, this couldn’t be further from the truth, especially when it comes...
Several Samba vulnerabilities were fixed in different Ubuntu releases, including Ubuntu 23.04, Ubuntu 22.04 LTS, and Ubuntu 20.04 LTS. However, the updates introduced a regression...
A number of security flaws have recently been discovered in Supermicro’s baseboard management controllers (BMCs). These Supermicro IPMI firmware vulnerabilities in the Intelligent Platform Management...
The Internet of Things (IoT) market is growing rapidly. Investments in the IoT ecosystem will surpass $1 trillion in 2026, according to an International Data...
Ubuntu Livepatch service effectively addresses high and critical vulnerabilities in the Linux kernel, eliminating the need to reboot after patching. It is included in the...
Cisco has recently provided a series of key security upgrades aimed at correcting a notable vulnerability inside its Cisco Emergency Responder (CER) in an earnest...
As Linux is used everywhere, from servers to embedded systems, mobile devices, and critical infrastructures, it is a prime target for attackers. Given this unfortunate...
The recent Ubuntu security updates have addressed 13 vulnerabilities in the Vim package. Canonical has released updates for different Ubuntu releases, including Ubuntu 22.04 LTS,...
In recent times, cybersecurity threats and dual ransomware incidents have evolved, affecting organizations worldwide. The Federal Bureau of Investigation (FBI) has issued a warning about...
Vulnerability: Buffer overflow in glibc’s parsing of GLIBC_TUNABLES environment variable CVE ID: CVE-2023-4911 CVSS Score: 7.8 TuxCare’s Extended LifeCycle Support status can be found in...
Ubuntu security updates for Ubuntu 18.04 have addressed multiple Linux kernel KVM vulnerabilities. In this blog, we will discuss KVM and its discovered vulnerabilities, as...
Ah, the sweet residue of summer vacations! It’s that time when IT professionals, having (hopefully) soaked up enough sun, reluctantly drag themselves back to their...
Are you passionate about technology and eager to make a significant impact in the world of Linux security, cybersecurity, or open-source software? Look no further!...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
The Debian team has recently released a security update addressing five vulnerabilities discovered in Mosquitto, which is an open-source MQTT-compatible message broker. These vulnerabilities have...
In a digital landscape rife with vulnerabilities, a recent and disconcerting phenomenon has come to light. GitHub repositories, the foundation of numerous software projects, have...
PALO ALTO, Calif. – October 12, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced the addition of a new Extended...
Django is a powerful open-source web framework written in Python. It is intended to simplify and accelerate the process of producing web applications by offering...
Vulnerability: Heap Buffer Overflow in libwebp CVE ID: CVE-2023-4863 CVSS Score: 8.8 (Though a different CVE merged into this one was scored 10.0. The 8.8...
Progress Software has acted quickly to strengthen the security of its software offerings by issuing a number of hotfixes. These Progress hotfixes are intended to...
Multiple vulnerabilities were discovered in the Linux kernel that may lead to denial of service or local privilege escalation. Since the vulnerabilities could cause serious...
IoT stands for Internet of Things. It refers to manufacturing equipment, vehicles, household appliances, and other devices that are embedded with sensors, software, and communication...
The recent Ubuntu security updates have addressed several Node.js vulnerabilities, including high and critical severity flaws in different Ubuntu versions. These issues could result in...
In a concerning development, fraudulent advertising has infiltrated Microsoft’s Bing Chat AI chatbot, possibly exposing unsuspecting users to malware-infected websites. These Bing Chat malware findings...
For IT security teams, transitioning from one Linux distribution to another is often a nuanced task requiring careful planning and execution. As CentOS shifts its...
The recent Ubuntu security updates have fixed multiple Linux kernel Raspberry Pi vulnerabilities for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 ESM, and Ubuntu...
Google recently made waves in the cybersecurity world by quickly resolving a new zero-day vulnerability aggressively exploited in its Chrome browser. This is the fifth...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
The recent Ubuntu security updates fixed multiple high-severity vulnerabilities in different Ubuntu operating systems, Ubuntu 18.04 ESM, Ubuntu 16.04 ESM, Ubuntu 14.04 ESM, Ubuntu 20.04...
GitLab recently released critical security upgrades in order to improve the security of its widely used open-source code repository and DevOps collaborative software development platform....
KernelCare Enterprise Live Patching Services Recognized for Innovation in Information...
Java remains one of the most popular and widely-used programming languages. It’s not just about writing and running Java programs, though. A typical Java developer...
In 2023, a total of 17 vulnerabilities have been addressed in OpenSSL, a popular cryptography library. They pose a significant risk due to their potential...
A hacker recently posted a fake proof-of-concept (PoC) exploit for a previously patched WinRAR vulnerability, which is a concerning revelation. The goal of this malevolent...
Monitoring Linux servers comes with a unique set of challenges, which you won’t encounter with other operating systems. It requires a deeper level of tech...
Released last week, Firefox 118 arrives with the most anticipated built-in translation feature, which was initially planned for Firefox 117. This new feature allows users...
The frightening Bumblebee malware attacks have made a forceful return in the realm of cybersecurity, posing a major threat to organizations’ digital security. Following a...
The Heartbleed vulnerability, which came to light in April 2014, had significant implications for IT risk compliance and exposed the vulnerabilities within many organizations’ security...
LibreOffice, developed by The Document Foundation is a free and open-source suite of office productivity software. Recently, The Document Foundation released the LibreOffice security updates...
A number of Nagios XI network monitoring software flaws have recently been discovered. These flaws have the potential to result in privilege escalation and data...
The GNU C Library, also called glibc, is a fundamental component of the Linux-based operating systems. It offers essential functions that programs need to work...
Multiple use-after-free vulnerabilities have recently been found in the Linux kernel that can be exploited to achieve local privilege escalation. That means an attacker or...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
As expected, Ubuntu 23.10 “Manitic Minotaur” now features the latest kernel series Linux 6.5. It will also be the default kernel on the final release....
Our dependency on Wi-Fi networks has risen enormously in this age of technological innovation. But with innovation comes new threats. This blog delves into the...
…or how to steal 15 million USD from a casino without resorting to “Ocean’s Eleven”-level shenanigans. When data breaches and ransomware attacks are becoming...
Securelist has issued a concerning revelation for Linux users, unveiling that a Debian package associated with the widely-used ‘Free Download Manager’ contains malware, posing a...
In the ever-changing landscape of cybersecurity, vigilance is crucial, especially when it comes to complicated and frequently used systems like Kubernetes. A trio of high-severity...
There are numerous tools and methodologies for protecting Linux servers from unauthorized access and other cyber threats. Most users consider Linux an excellent system with...
The latest release of Mozilla Firefox, Firefox 117, arrived last month with new features and various security fixes. Now, in the newer update, Mozilla patched...
Microsoft’s security researchers have discovered a number of critical memory security vulnerabilities in the ncurses library patch. Ncurses is the short form of new curses....
There are many forms of supply chain attacks – repository hacking, developer initiated attacks, library tampering, domain hijacking, the list goes on – but an...
Released three months ago, Linux kernel 6.4 has officially reached its End of Life (EOL) status. That means it will no longer receive any updates...
Recently, the world was made aware of a major vulnerability lurking within Windows Themes, tagged as CVE-2023-38146. This vulnerability, called ‘ThemeBleed,’ has a high severity...
AlmaLinux is a widely used enterprise operating system and has become an excellent choice for CentOS alternatives as CentOS has reached end-of-life status. This community-driven...
In the year 2023, a total of 233 vulnerabilities have been found in the Linux kernel, with an average Common Vulnerability and Exposure (CVE) base...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
Recently, Google released a Chrome 116 update, which includes the security fixes for four high-severity vulnerabilities discovered by external researchers. This blog post will discuss...
Popular for media streaming, low-cost Android TV set-top boxes are facing a new threat: a form of the Mirai malware botnet, which has recently attacked...
Linux vulnerabilities appear frequently and often with severe repercussions. One such concerning issue is a glibc vulnerability. GNU C Library (glibc) is a shared library...
The latest release of Manjaro OS, Manjaro 23 “Uranus”, is powered by the latest kernel series Linux 6.5, which just arrived a few weeks ago....
Threat actors linked to North Korea have targeted cybersecurity experts in recent weeks, causing zero-day exploits. These attackers are infiltrating the researchers’ networks by exploiting...
Linux is popular for its robust security features, and user access control serves as a pillar of Linux security. Managing user permissions is crucial for...
LibreOffice 7.5.6, the latest and sixth update to this stable open-source office suite series, is available now with a total of 53 bug fixes. The...
A worrying malvertising On Mac campaign has just appeared, propagating an improved variation of the infamous macOS stealer malware known as Atomic Stealer, or simply...
The Heartbleed bug, a critical vulnerability in the OpenSSL library, resulted in a severe cybersecurity event affecting millions of systems all over the world. This...
Two weeks after the release of Linux kernel 6.5, the merge window for Linux kernel 6.6 has officially closed. So, the first release candidate is...
In the ever-changing spectrum of cyber threats, poorly secured Microsoft SQL (MSSQL) servers have emerged as key targets for hackers, notably ransomware groups. In a...
Linux operating systems have become immensely popular among web developers, creating applications in servers, routers, mobile phones, and even some desktop computers. These operating systems...
Recently, two critical security vulnerabilities have been addressed in PHP that could allow an attacker to steal sensitive information, cause a system crash, and execute...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
After seven weeks of testing phase with Release Candidates, Linux kernel 6.5 is out now with new exciting features like Wi-Fi 7 support, the integration...
A suspected hacking organization with ties to China has recently exploited a newly found zero-day vulnerability in Barracuda Networks Email Security Gateway (ESG) devices. This...
The healthcare industry’s reliance on technology to provide efficient patient care has led to the widespread use of connected medical devices. These devices, however, often...
During its beta phase, Firefox 117 introduced an exciting new feature that was already present in other browsers – an integrated website translation engine that...
The FBI has successfully halted malware that had penetrated over 700,000 computers worldwide in a huge operation aimed at eliminating a critical component of the...
First released in 2014, CentOS 7 is still a popular and widely-used operating system worldwide. Many organizations prefer to use CentOS for its stability, reliability,...
Mageia 9 is now available for download, a significant upgrade to this Mandriva Linux-based distribution, bringing forth a slew of fresh technologies, innovative features, and...
The renowned American entertainment giant Paramount Global recently announced a significant data breach that compromised its networks and exposed personal information. This blog delves into...
Patch management is an area that can’t afford negligence, especially when it comes to security libraries like OpenSSL. OpenSSL provides the foundational structures for secure...
Two critical security vulnerabilities were recently addressed in OpenSSH that allow remote code execution (RCE). They are identified as CVE-2023-28531 and CVE-2023-38408, and both have...
Intelligence agencies from the United States (US), Canada, Australia, New Zealand, and the United Kingdom (UK) recently collaborated to shed light on the Chisel cyberattack...
In the vast world of the Internet of Things (IoT), Linux-based operating systems have carved out a significant space due to their robustness, flexibility, and...
As the Linux kernel 6.5 is already out, the GNU Linux-libre project did not stay behind in releasing its modified version, GNU Linux-libre 6.5-gnu. The...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
The third point release to the latest Kali Linux 2023 series, Kali Linux 2023.3, is out now, featuring 9 new tools and revamped internal infrastructure....
In a recent development, Tesla, the renowned electric vehicle company, has disclosed information on a security problem: Tesla user information compromised the personal data privacy...
Linux kernel patching means applying security updates to the kernel to address known vulnerabilities. As the kernel is a core component of Linux, it is...
The KDE Project has launched a new series of open-source KDE Gear with the release of KDE Gear 23.08 on August 24, 2023. KDE Gear...
In the ever-changing world of cybersecurity, AppOmni’s new State of Software as a Service (SaaS) Security Posture Management Report has highlighted the growing importance of...
Linux kernel patching is a process that includes applying security patches to the Linux kernel for addressing the known vulnerabilities that could harm the system....
After four months, Qemu 8.0 gets the first significant update to its series with Qemu 8.1 with several features and enhancements. One of the notable...
The FBI and the US government issued a strong warning about the Lazarus hackers’ stolen crypto cashout. The North Korean group ambitions to profit from...
The Defense Information Systems Agency (DISA) is an agency under the United States Department of Defense (DoD) responsible for planning, developing, and executing communication and...
OpenMandriva ROME 23.08, the latest version of the rolling-release edition created by the OpenMandriva Association, has been released with the Linux kernel 6.4 and several...
In a huge blow to Medibank, the consequences of a data breach in 2022 have been long-lasting, with the health insurer expecting to spend roughly...
A Linux server refers to a server built on any Linux-based operating system. It is primarily used in handling web servers and database servers....
Finally, a new version of Bodhi Linux has arrived after 2+ years of the previous release, Bodhi Linux 6. The standard ISO image of Bodhi...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
On August 3, 2023, Vim’s creator, Bram Moolenaar, passed away at the age of 62. A family member broke the news, saying that Bram died...
Recently, a mass social engineering campaign targeted Zimbra Collaboration email server users, namely the Zimbra credential stealing campaign. Although the origin of the campaign still...
The growing adoption of cloud services has transformed the landscape of modern computing, enabling businesses and government agencies to scale their operations efficiently. However, this...
Devuan GNU+Linux 5.0 “Daedalus” is now available as the latest stable version based on Debian 12 with Linux kernel 6.1. Devuan GNU+Linux is a fork...
Once again, HiatusRAT malware is identified as a severe threat to both American and Taiwan-based businesses. Threat actors have started using additional reconnaissance and targeting...
Hardware level vulnerabilities are a nightmare in the IT world, striking fear into the hearts of professionals and corporations alike. From early examples to recent...
In addition to the latest RISC-V entry to Debian’s official architecture, Debian is now welcoming the LoongArch’ Loong64’ CPU architecture and plans to fully support...
A new WinRAR security flaw endangers more than half a billion users of the WinRAR archiver. Opening a RAR archive generated by the attackers allows...
Especially when it comes to organizations using enterprise software languages that have a tendency to receive updates, staying current with the latest technologies is not...
The latest version of a free and open-source office suite, LibreOffice 7.6, has been released with various new features and improvements. Some new additions in...
The Downfall Intel CPU vulnerability response is a serious issue that needs attention from companies. It is the new safety flaw affecting Intel CPUs, with...
The digital world thrives on interconnectedness, and nowhere is this more apparent than in the vast web of dependencies that form the backbone of modern...
The Debian Project, which made the Debian GNU/Linux system, has turned 30 years old. Can you believe it? Back in 1993, the late Ian Murdock...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
The first point release to the Nitrux 2.9 OS has arrived after a month with the latest software updates, bug fixes, and performance improvements. Despite...
Discord.io is a third-party platform renowned for its customized invite services. It has recently taken decisive action to stop its operations in the aftermath of...
A common misconception in the world of Linux is that patch management is a straightforward process – that, once you’ve got your Linux system up...
A software tool called NetworkManager aims to make using computer networks simpler for Linux kernel-based and other Unix-like operating systems. Almost after half a year,...
The Colorado Department of Health Care Policy and Financing (HCPF) has revealed a massive data breach caused by a recent cyberattack on MOVEit platform. This...
CentOS 7 is a popular RHEL-based Linux/GNU distribution among system administrators and is actively used in small to large enterprises. As many organizations still rely...
After Firefox 116 was made available on the stable channel, Mozilla moved Firefox 117, the following major release, to the beta channel and released the...
The Biden administration has set out an objective in securing the future of electric vehicle charging. These objectives are set to be met using frameworks...
The Cybersecurity Maturity Model Certification (CMMC) has taken center stage in security conversations within the Department of Defense (DoD) supply chain. The focus of this...
Ubuntu is planning to have a new store that aims to be an improvement over both the existing Flutter store and the classic software center....
The recent Microsoft email intrusion sparks US cyberboard investigation. The United States Cyber Security Review Board (CSRB) has launched this investigation in a key step...
Enterprise software is a powerful tool for large companies, making them a prime target for ne’er-do-wells who want to steal your data. To avoid that...
With the first stable release on August 8, 2023, Rhino Linux came out of the beta phase introducing version 2023.1. It is the successor project...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
The new version of Arch Linux ISOs, 2023.08.01, is now publicly available to download from the official website. Released on 2023 August 1, this release...
The Google Cloud security team has recently shed light on a common issue where Android malware slips onto Google Play store. This method is used...
Organizations must comply with industry laws and regulations to handle and mitigate risks. This is known as risk compliance. It may include identifying potential risks,...
A Debian-based distribution, MX Linux released its new stable version, MX-23, based on Debian 12 “Bookworm”. MX-23 “Libretto” is readily available in three different desktop...
A disturbing new trend is growing in the world of cybersecurity. Hackers have found a way to increasingly abuse Cloudflare Tunnels for their malicious intent....
Some information found in this blog post has been sourced from a Red Hat advisory, Intel’s Gather Data Sampling Technical Paper, and Intel Security Advisory...
Initially released on April 21, 2022, Ubuntu 22.04 LTS arrived with Linux 5.15 LTS kernel, which was later replaced by Linux kernel 5.19 in the...
A new speculative execution vulnerability called Downfall, also known as GDS (Gather Data Sampling)- that affects multiple generations of Intel processors, has been discovered recently....
For organizations that rely on Linux-based systems, especially the popular CentOS 7 distribution, effective security management is a critical concern. To bolster security in CentOS...
Fedora Asahi Remix has been announced as the new Asahi Linux flagship distribution. With this distro, the Asahi Linux team aims to offer a polished...
A recent crypto scam warning from the Federal Bureau of Investigation (FBI) in the United States sheds light on a worrying trend involving cybercriminals posing...
Meeting compliance requirements means that individuals or organizations comply with the relevant laws and regulations. They are essential for maintaining accountability and protecting an organization’s...
GNOME’s window management functionality has remained largely unchanged for quite a while, maintaining its simplicity. Therefore, during the GUADEC 2023 conference, GNOME developer Tobias Bernard...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
The Debian operating system has recently expanded the remarkable list of supported architectures by adding the RISC-V architecture as an official Debian architecture. Reduced Instruction...
The digital era is characterized by one incontrovertible truth: change. Whether it’s the rapid advancements in artificial intelligence, the startling discovery of new security vulnerabilities,...
Almost ten months ago, on October 20, 2022, Ubuntu made an announcement regarding the release of its 22.10 version. Dubbed “Kinetic Kudu” by Canonical, Ubuntu...
The Linux kernel is the core of the Linux operating system, serving as a bridge between computer hardware and the software programs that run on...
The new stable version of the Neptune operating system, Neptune 8.0 “Juna”, has been released based on Debian 12 “Bookworm”. Powered by Linux kernel 6.1,...
Back in February earlier this year, Canonical had already made headlines with the release of the real-time Ubuntu 22.04 LTS for users subscribed to Ubuntu...
The modern software development ecosystem is intrinsically interwoven with libraries and dependencies. While this interconnectedness fosters efficiency and productivity, it can also introduce vulnerabilities, as...
Cybersecurity has grown to be a major concern in the current digital world, as technology is the foundation of the majority of enterprises and daily...
Zorin OS 16.3 has arrived just nine months following the release of Zorin OS 16.2. This latest version incorporates all the recent updates from the...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
The first update to the latest stable Debian 12 “Bookworm” series, Debian 12.1, arrived with a total of 89 bug fixes and 26 security updates....
Linux server problems result in unplanned downtime, causing service interruption and productivity loss. It can harm business operations, client happiness, and revenue production when essential...
Oracle has released the latest stable version, VirtualBox 7.0.10, approximately three months after the previous release, VirtualBox 7.0.8. The new version brings several features and...
In the wake of high-profile security breaches, the tech world has become more cognizant of the necessity for effective, end-to-end infrastructure protection strategies. This awareness...
The latest semi-rolling distribution of SparkyLinux, SparkyLinux 2023.07, is available with updated packages from the upcoming Debian 13 release and Sparky testing repos. A new...
Even seasoned professionals need a refresher every now and then. Maybe some concepts are not clearly defined, or were just glossed over without much further...
Firefox 116 is the upcoming Nightly release of the popular web browser Mozilla Firefox. While there are many features and improvements to be introduced in...
A stealthy Linux malware called AVrecon has been used to infect over 70,000 Linux-based small office/home office (SOHO) routers, according to a report by Lumen’s...
As we find ourselves amidst the height of summer, also fondly known as the IT industry’s silly season, things have noticeably slowed down. Half-strength teams...
The new maintenance release for a Linux graphic driver, NVIDIA 535.86.05, undergoes several bugs and issues fixes. This version arrived over a month after the...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
As we celebrate another System Administrator Appreciation Day, we would like to extend our heartfelt thanks to all the SysAdmins worldwide. Your dedication, proficiency, and...
You might have noticed that the Linux kernel 6.3 series has been marked End of Life (EOL) on the kernel.org website. That means this kernel...
Zimbra has warned of a critical zero-day security flaw in its email software that has been actively exploited in the wild. The vulnerability, which has...
Compliance means conforming to particular laws, standards, and regulations set by legislative organizations. These rules are meant to safeguard sensitive information’s availability, confidentiality, and integrity...
Linux Torvalds has recently announced the availability of the first Release Candidate (RC) development milestone for the upcoming Linux kernel 6.5 series. The two-week merge...
A fake proof-of-concept (PoC) repository has been discovered by Uptycs on GitHub to be masquerading as a legitimate PoC for CVE-2023-35829, a recently disclosed high-severity...
Some information found in this blog post has been sourced from a Tom’s Hardware article as well as a post written by Tavis Ormandy, who...
AlmaLinux OS, known for its commitment to providing a seamless transition from CentOS to a free and open-source RHEL alternative, has recently made a groundbreaking...
Microsoft has revealed that a China-based hacking group, dubbed Storm-0558 was behind the calculated attempt to infiltrate email systems for intelligence collection purposes. The group...
A fake proof of concept (PoC) exploit targeting cybersecurity researchers has emerged that installs malware designed to steal Linux passwords. Uptycs analysts stumbled upon this...
Jim Jackson to remain as TuxCare President PALO ALTO, Calif. – July 25, 2023 – TuxCare, global innovator in enterprise-grade cybersecurity for Linux, today announced...
SonicWall has issued an urgent patch for critical vulnerabilities in its Global Management System (GMS) and Analytics network reporting engine software suites after they were...
The software development ecosystem is more interconnected than ever before. With countless languages, libraries, and dependencies, it becomes incredibly difficult to manage them all effectively,...
The Mint team has announced the new version of their OS, Linux Mint 21.2, codenamed “Victoria”. This release is a long-term support version that will...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
The maintainers of the open source software that powers the Mastodon social network have released a security update that patches a critical vulnerability that could...
After Debian 12 “Bookworm” was released a month ago, many Debian-based Linux distributions have upgraded their base to Debian 12. The latest stable version of...
In a world growing ever more digitally interconnected, cybersecurity risk compliance has become a top priority for all organizations. This holds especially true for Linux...
A new malware dubbed Meduza Stealer has been discovered to be targeting Windows operating systems, and identified as a stealer of information from a large...
The latest version of the Solus operating system, Solus 4.4, was released with new desktop environment updates, new software, and hardware enablement. Solus 4.4, code-named...
It is common knowledge that security is crucial for every enterprise dealing with sensitive information, and that includes just about every business today. When we...
A new variant of the TrueBot malware has been used in attacks against organizations in the United States and Canada. The malware is delivered via...
A new vulnerability, called StackRot, was discovered by a security researcher, Ruihan Li, in the Linux kernel’s memory management subsystem. The incorrect lock handling for...
Cyberattacks that involve ransom demands are a common and serious danger to organizations of all kinds in today’s digital environment. It is crucial for organizations...
According to IDIQ’s IdentityIQ 2022 Scam Report, there has been a surge in AI voice scams enabled by AI voice technology. Scammers are now able...
blendOS v3, codenamed “Bhatura,” was released with tons of new features and improvements on July 6, 2023. Bhatura is a name of popular bread in...
As more businesses undergo digital transformation, the importance of securing their IT systems has become paramount. The integrity and security of these systems are critical...
A new report by Microsoft’s Incident Response team has found that there has been a surge in BlackByte 2.0 ransomware attacks. These attacks are characterized...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
According to Inky Technology Corp., image-based emails with integrated Quick Response (QR) codes are being used in phishing attacks. To fool receivers more readily and...
The latest stable version of Nitrux OS, Nitrux 2.9, was released last week with a new Update Tool System, KDE Plasma 5.27.6 LTS, and Linux...
In a move that has sent shockwaves through the cybersecurity industry, the US Securities and Exchange Commission (SEC) has issued Wells Notices to executives of...
Six vulnerabilities affecting Samsung mobile devices have been added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities Catalogue. Samsung addressed all...
Peppermint OS, a popular lightweight distribution aimed at providing a user-friendly experience for Linux enthusiasts, has recently announced the availability of new ISO images. These...
As IT environments continue to grow in complexity, the need to maintain compliance becomes ever more crucial, particularly in the realm of cybersecurity. This is...
The increased use of AI tools/SaaS-based solutions is changing the way businesses function. These AI tools/SaaS-based solutions, which allow users to use AI tools without...
The Fedora Project’s Anaconda team has been diligently developing a new web-based installer called Anaconda WebUI, which aims to provide a significantly improved and polished...
The world’s largest chipmaker, Taiwan Semiconductor Manufacturing Company (TSMC), has revealed that one of its suppliers, Kinmax Technology, was attacked by the LockBit ransomware organization....
Canonical has announced the release of new Ubuntu kernel security updates to address three vulnerabilities that security researchers have found. The Ubuntu kernel security updates...
In today’s software development landscape, understanding the Java supply chain infrastructure is not just an option — it’s a necessity. As Java developers, we interact...
MITRE has announced its list of the top 25 most dangerous software vulnerabilities that have afflicted the industry over the last two years, after rigorously...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
AhnLab Security Emergency Response Center (ASEC) researchers have discovered an ongoing hacking activity aimed at installing the Tsunami DDoS botnet, commonly known as Kaiten, on...
The upcoming Ubuntu release, Ubuntu 23.10, began its development in late April and was initially powered by Linux kernel 6.2. As we all know, Linux...
We’re excited to announce the launch of our new TuxCare Support Portal, a comprehensive information repository designed to facilitate access to all the information you...
A cyberespionage campaign called RedClouds is using malware called RDStealer to steal data from drives shared through Remote Desktop connections. The campaign has been targeting...
The new release of the GNU Linux-libre 6.4 kernel has been made available by the GNU Linux-libre project. This latest version caters to individuals seeking...
With the Linux open-source community, you have the power of developers to add to its codebase as well as improve features and performance. However, this...
Reddit has revealed that it was attacked in February 2023 by the BlackCat ransomware organization. According to the gang, they grabbed 80GB of material from...
Proxmox Server Solutions GmbH has released the new stable version of Proxmox Virtual Environment, Proxmox VE 8.0, based on the latest Debian 12 “Bookworm” release....
These are some of the security-relevant features making a debut on recent (and even still-in-testing) Linux Kernel versions. They are intended to increase the inherent...
Cybersecurity researchers at Checkmarx have warned that abandoned Amazon Simple Storage Service (S3) buckets can be used to spread malware. It all started with an...
As we know, Linux Kernel 6.4 has been released last week on June 25, 2023. This latest version arrived almost two months after the previous...
Your company’s vital business operations depend largely on the dependability and accessibility of your IT infrastructure. Amid this expansive structure, the kernel stands as the...
Over 101,100 ChatGPT account credentials have been hijacked and are available for sale on criminal dark web marketplaces, according to Group-IB. The hacked ChatGPT account...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
Cybersecurity researchers at Stairwell have identified a threat actor known as ChamelGang employing a previously undisclosed implant to establish backdoors in Linux systems. This new...
Distrobox serves as a container wrapping layer, enabling users to effortlessly deploy containerized versions of Linux distributions that are different from the host, all while...
Welcome back to TuxCare’s official blog! Today, we’re thrilled to introduce a brand-new service that we’ve been working on diligently — our Technical Account Manager...
Security researchers from ESET have discovered an updated version of the Android GravityRAT spyware, which now focuses on infiltrating WhatsApp backups. GravityRAT, a remote access...
ONLYOFFICE is a free and great alternative to Microsoft Office, making it a popular choice among users. A new version, ONLYOFFICE Docs 7.4 has been...
In a recent post entitled “Fishy Zero Day Exploits,” we outlined the discovery of a troubling zero-day exploit of the Barracuda Email Security Gateway (ESG),...
According to an Akamai report titled “Entering through the Gift Shop: Attacks on Commerce” that includes a 15-month evaluation beginning in January 2022, assaults on...
In an ever-evolving technological landscape, handling complex environments is far from a walk in the park. From larger and pricier ops teams to stricter hardware...
SparkyLinux 7.0, codenamed Orion Belt, has arrived based on the recent Debian release, Debian 12 “Bookworm”. While SparkyLinux 7.0 comes with the stable Linux 6.1...
The emergence of disinformation has put doubt on many elements of society, and it is also posing a huge danger to cybersecurity. Disinformation is the...
Almost nine months ago, on October 20, 2022, Ubuntu made an announcement regarding the release of its 22.10 version. Dubbed “Kinetic Kudu” by Canonical, Ubuntu...
KernelCare Enterprise is a fully automated live patching system designed to automatically patch vulnerabilities in the Linux kernel without system reboots, downtimes, or scheduled maintenance...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the Multi-State Information Sharing and Analysis Center (MS-ISAC), and cybersecurity authorities from Australia, Canada, the...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
Eisai, a Japanese pharmaceutical company, announced that it was the victim of a ransomware attack on Saturday, June 3. The hack targeted the company’s computers...
The Document Foundation has released LibreOffice 7.5.4, the latest maintenance update for the open-source and free office suite series. This version brings numerous bug fixes...
Google recently announced the end of life for its first-generation Chromecast device. This move essentially puts the final nail on updates, security patches, and technical...
In a collaborative effort, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory exposing...
The use of ChatGPT has resulted in the creation of malicious software capable of evading detection and reaction from traditional antivirus and endpoint detection and...
Several security vulnerabilities have been found in the Linux kernel from medium to high severity scores. This article examines various discovered vulnerabilities and explores the...
Behind the scenes of every well-oiled IT infrastructure, there is a Linux administrator ensuring smooth operations. The role requires a diverse skill set and a...
NXP Semiconductors has recently announced its i.MX 91 applications processor family, specifically designed to cater to the evolving demands of the next generation of Linux-based...
According to SentinelLabs, a North Korean APT organization known as Kimsuky is conducting a social engineering effort against specialists in North Korean issues. The attack...
Embedded Linux refers to a scenario where an embedded system employs an operating system that utilizes the Linux kernel. This Linux distribution will be specifically...
The Debian Project has announced the highly anticipated release of Debian 12 “Bookworm”, a significant milestone packed with a multitude of new features, updated components,...
In the continually shifting arena of cybersecurity threats, recent insights point towards a crucial change in the strategies adopted by threat actors. One key development...
Healthcare institutions today are under increasing threat from cyberattacks, with ransomware, data breaches, and data theft becoming more prevalent. The complexity of healthcare infrastructures, connecting...
Kemba Walden, the acting national cyber director at the White House, has revealed that the Biden administration’s National Cybersecurity Strategy aims to address threats from...
Threat actors have been discovered by security researchers at Rapid7 to be exploiting a zero-day vulnerability in Progress Software’s MOVEit Transfer product, widely used by...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
In a recent blog post, Oliver Smith from Canonical shared updates on the upcoming immutable Ubuntu desktop using Ubuntu Core. Canonical started working on Ubuntu...
CentOS 7, a powerful Linux distribution widely used by system administrators, offers a wide range of features that are essential for sysadmins to effectively perform...
Trend Micro has discovered a new campaign involving a malware called RomCom which tricks users into downloading harmful software by impersonating well-known or fictional websites....
Arch Linux is based on a rolling-release model. It includes numerous advanced features that cater to the needs of GNU/Linux users, such as the systemd...
In recent years, data leasks and breaches have emerged as significant risks for organizations, particularly those that rely heavily on cloud services for storing and...
ReversingLabs has uncovered a novel attack targeting the Python Package Index (PyPI). This attack method involves integrating malware with compiled code, exploiting the direct execution...
The GNOME developers have already announced the release schedule for the upcoming release, GNOME 45. This includes the six-month-long development cycle and the official release...
Open-source software has emerged as a crucial component of the software development ecosystem. It has gained widespread adoption among developers worldwide, owing to its benefits...
Kaspersky has warned about an ongoing attack called Operation Triangulation on Apple’s iMessage. The attacks, which started in 2019, are utilizing a zero-click, zero-day vulnerability...
Offensive Security has announced the release of the second 2023 Kali rolling release, Kali Linux 2023.2, on May 30, 2023. Kali Linux 2023.2 brings numerous...
Customers gain peace of mind, accelerated efficiencies, and strengthened compliance with independently verified and vulnerability-free Java packages and an assured Software Bill of Materials (SBOM)...
Trend Micro has disclosed details about a ransomware attack that utilized the ALPHV/BlackCat virus. The attack employed a sophisticated technique involving the use of signed...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
Western Digital, SanDisk’s parent firm, has discreetly revealed that their wildly popular SanDisk Extreme Pro portable solid-state drives (SSDs) were faulty, and has released a...
The Linux kernel has a number of newly discovered security vulnerabilities that can be used to escalate local privileges or crash the system. These vulnerabilities...
The Cybersecurity and Infrastructure Security Agency (CISA) maintains a regularly updated list of Known Exploited Vulnerabilities (KEV) in order to provide a better understanding of...
The influence of ChatGPT on cybersecurity, the threat landscape, and society in general has provoked much debate and discussion. There are concerns about the hazards...
Red Hat introduced a solution called the Red Hat Trusted Software Supply Chain that increases resistance to vulnerabilities in the software supply chain. This innovation...
Maintaining a secure and reliable system requires constant attention to the latest Linux kernel updates on the system administrator’s task list. Updates to the Linux...
A detailed paper provided by Hudson Institute experts sheds light on the major consequences of quantum computing on the global financial system. The vulnerability of...
Firefox 115 is the latest Nightly version of Firefox, scheduled for release on July 04, 2023. Nightly serves as an unstable platform dedicated to testing...
Yes, compliance life is getting more and more complicated as industry after industry is hammered by new compliance requirements. It’s all for a good reason...
Check Point Research published a report on the activities of Camaro Dragon, a Chinese state-sponsored advanced persistent threat (APT) group that was using a customized...
The Python Package Index (PyPI), with an extensive collection of more than 450,000 Python packages, is a highly popular repository among developers. These packages are...
PALO ALTO, Calif. – June 5, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced that its KernelCare Enterprise, now supports...
Dish Network notified the Maine Attorney General of a data breach that occurred in February, informing them that approximately 296,000 people were affected by the...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
eSentire Threat Response Unit (TRU) experts have discovered an ongoing BatLoader campaign that uses Google Search Ads to drive unwary consumers to fake web pages...
Canonical confirmed that they had been developing a new method for managing PPAs (Personal Packaging Archives) in the next Ubuntu 23.10 (Mantic Minotaur) release. The...
Ransomware perpetrators are continually devising innovative strategies to coerce their victims into meeting their demands. But, in most cases, threats are aimed at those who...
UNC3944 has been using advanced phishing and SIM swapping methods to access Microsoft Azure administrator accounts and infiltrate virtual machines (VMs), gain control of compromised...
Tails 5.13, a privacy-focused Debian-based GNU/Linux distribution, has been released with important changes for enhanced anonymity and file security. The Amnesic Incognito Live System, or...
As part of the #StopRansomware campaign, the U.S. and Australian governments, as well as the Cybersecurity and Infrastructure Security Agency (CISA), the FBI and Australian...
CISOs are getting more deeply involved in organizations, which includes an increasing focus on risk management, and not just from a threat perspective – but...
Linux Kernel 6.2 is now EOL (End of Life) as displayed on kernel.org, which means it will no longer receive bug and security fixes. Released...
Claroty and Otorio have discovered severe flaws in Teltonika Networks’ Industrial Internet of Things (IIoT) devices, posing a substantial danger to operational technology (OT) networks....
CISA (Cybersecurity and Infrastructure Security Agency) added seven new Linux vulnerabilities to its known exploited vulnerabilities (KEV) catalog on May 12, 2023. These include Ruckus...
In a world where technology ceaselessly advances, organizations find themselves in a constant pursuit of the latest software iterations. Canonical’s Ubuntu 18.04, a Long Term...
A researcher known as “vdohney” discovered a critical vulnerability (CVE-2023-32784) in the open-source password manager KeePass. This vulnerability allows hostile actors to get the master...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
SentinelOne has issued a warning regarding an increase in the number of new ransomware families created exclusively for VMware ESXi systems. These dangerous apps are...
The AlmaLinux OS recently announced the release of AlmaLinux 9.2, the newest version of their free and open-source enterprise-grade operating system. This release is binary...
In May 2022, the AlmaLinux Foundation launched AlmaLinux 9. At first, there wasn’t a straightforward method for upgrading from AlmaLinux 8 to AlmaLinux 9, so...
According to a recent Capterra survey, an alarming 61% of U.S. organizations have suffered significant repercussions as a result of software supply chain vulnerabilities in...
KDE Plasma 6 is in development and will bring numerous exciting updates and new features. Over the past weekend, the KDE Project and TUXEDO Computers...
Operational technology (OT) requires protective cybersecurity measures just like any other system – and even more so given that some OT supports mission-critical environments such...
Deep Instinct has discovered the existence of BPFDoor, a previously unreported and exceedingly elusive variation of a Linux backdoor. This backdoor has garnered popularity due...
Canonical, the publisher of widely used Ubuntu Linux distribution, has announced the release of an optimized version of Ubuntu 23.04 for the StarFive VisionFive 2...
We have received requests for assistance with converting systems running RHEL 7 to CentOS 7. There are various reasons for organizations wanting to make this...
According to Imperva’s 10th annual Bad Bot Report, bad bot traffic has dominated the internet, hitting a new high of 47.4% of all online activity,...
Red Hat has announced the release of Red Hat Enterprise Linux 9.2, the latest update to their Red Hat Enterprise Linux operating system series. RHEL...
Cyberattacks are primarily motivated by financial gain, which leads attackers to come up with new techniques to access data continuously. Despite the constant rise in...
ESET has discovered a new Lazarus campaign as part of “Operation DreamJob,” marking the first instance of malware targeting Linux users and verifying Lazarus’ participation...
Companies collaborate to efficiently offer world-class support for Japan’s vast prospective user base Uniquely arms organizations with automated security patching, continuous compliance and minimal downtime...
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the...
Core technologies including encryption, password management, and two-factor authentication are being evaluated as threat actor protection tactics, however, patch management should not be forgotten in...
A new version of the Raspberry Pi OS for Raspberry Pi devices was recently made available by the Raspberry Pi Foundation. It includes updated applications,...
DevSecOps, an evolution of the DevOps approach, takes security into deeper consideration from the start of the software development process. By taking a DevSecOps approach,...
A NewsGuard research discovered the use of artificial intelligence (AI) in the production of content farms that not only lack usefulness but also restrict access...
The Debian Project has made an announcement about the release of Debian 11.7, which is now publicly available. This release marks the seventh ISO update...
Vulnerability management is a critical process for organizations to ensure the security and integrity of their systems and data. Core to proper vulnerability management is...
In a threat alert, Meta revealed that malicious actors are taking advantage of the rising popularity of generative artificial intelligence (AI), particularly ChatGPT, to carry...
As the sun sets on Ubuntu 18.04’s standard support, you must take quick action to avoid vulnerability exposure and potential risks. However, it’s crucial not...
A nation’s infrastructure makes for an attractive target because infrastructure is so critical to everyday life. Critical infrastructure such as electricity distribution, telecoms, and oil...
Denis Gennadievich Kulkov, a Russian national suspected of masterminding a profitable stolen credit card checking enterprise worth tens of millions of dollars, has been indicted...
In May 2022, the team behind AlmaLinux published AlmaLinux release 9, but initially, there was no simple upgrade route from AlmaLinux 8 to AlmaLinux 9,...
Kaspersky Lab has discovered a new Android subscription virus known as ‘Fleckpe’ on Google Play, the main software store for Android smartphones. This virus, disguised...
The Document Foundation released LibreOffice 7.5.3 as the third maintenance update to the free and open-source office suite series, LibreOffice 7.5. Almost five weeks after...
As software gets older and reaches its end-of-life (EOL) stage, it is no longer supported by the developers and can become vulnerable to security threats...
Microsoft has issued a warning about two cybercrime gangs that are aggressively exploiting vulnerabilities in PaperCut, a popular print management program. The groups in question...
Canonical released new Ubuntu kernel updates to patch two security vulnerabilities that allow an attacker to escalate their privileges on the system. The security updates...
Technological evolution can be defined in two contrasting ways: a steady progression marked by incremental improvements or a disruptive leap that redefines the status quo....
U.S. cybersecurity authorities have met with tech leaders and industry groups to advocate for the use of “secure by design” concepts in commercial software. The...
The latest desktop environment, GNOME 44, has received its first point release as the GNOME project released GNOME 44.1 last week. This brings numerous fixes...
APTs are highly sophisticated cyberattacks that are targeted at large or prominent organizations and carried out by well-resourced threat actors, such as nation-state-sponsored groups or...
According to a recent MyCena Security Solutions analysis, password resets may cost Financial Times Stock Exchange (FTSE 100) corporations more than $156 million every month....
GNU Linux-Libre 6.3 kernel is now publicly available, allowing users to have 100% freedom for their Linux systems. Linux 6.3 introduced several new wireless drivers,...
Red Hat announced over two years ago that they were altering their approach towards CentOS Linux, which involved discontinuing support for the widely popular stable...
The Cloud Security Alliance (CSA) has released a study detailing five ways attackers might leverage ChatGPT to improve their attack arsenal. The research investigates how...
Senior executives in financial services firms understand the critical role that risk management plays in protecting the assets of their clients, their organization’s assets, and...
The latest release of Fedora Linux, Fedora 38 has finally been released, which comes packed with lots of improvements, including Linux kernel 6.2 and GNOME...
Cybersecurity researchers have issued a warning about ViperSoftX, an information-stealing virus that has infected a large number of people and businesses who use Windows. According...
If you’re employed at the C-level, you’re hired to deal with challenges and… well, every year is going to be challenging. That said, sometimes these...
Fortra has discovered a zero-day remote code execution (RCE) vulnerability in its GoAnywhere MFT utility, which has been actively abused by ransomware perpetrators to steal...
You may be familiar with the KDE desktop environment and the many software applications that are available through the KDE community. On April 20th, the...
Introduction: As businesses grow and evolve, they often need to upgrade their technology infrastructure to meet changing demands. One way to accomplish this is...
According to Palo Alto Networks Unit 42, there has been a monthly surge of 910% in newly registered and squatted domains associated to ChatGPT between...
With the release of Ubuntu 23.04, all the official Ubuntu flavors have been upgraded to version 23.04. Those official flavors include Edubuntu 23.04, Kubuntu 23.04,...
Recognizes KernelCare Enterprise’s uniquely automated security patching with zero downtime PALO ALTO, Calif. – May X, 2023 – TuxCare, a global innovator in enterprise-grade...
Proxylife and the Cryptolaemus group have detected a new phishing effort that distributes QBot malware via PDFs and Windows Script Files (WSF). QBot, also known...
Canonical released new kernel security updates on 19th April 2023 for patching 17 security vulnerabilities found in the Ubuntu kernels. These Ubuntu kernel security updates...
Binary compatibility is an essential technical concept that often remains overlooked but plays a crucial role in enabling programs to be distributed across different platforms....
A study conducted by ESET reveals that 56% of second-hand corporate network devices still contain sensitive company data. The security vendor purchased 16 recycled devices...
After the release of Linux Kernel 6.2 a few months ago, the latest stable version, Linux Kernel 6.3 has been released on April 23rd. This...
Patch management is a critical element in the world of cybersecurity, and patching vulnerabilities is critical across an organization’s entire ecosystem – from the largest...
Cisco and VMware have released security patches to address serious security flaws which malicious actors might exploit to execute arbitrary code on vulnerable computers. A...
AlmaLinux 9 was released in May 2022. At first, there was no easy upgrade path from AlmaLinux 8 to AlmaLinux 9. All upgrades required a...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has found two actively exploited vulnerabilities in its Known Exploited Vulnerabilities (KEV) list. The first is an...
Edubuntu 23.04 has released on April 20th as an official Ubuntu flavor based on Ubuntu 23.04 (Lunar Lobster). Edubuntu, formerly known as Ubuntu Education Edition,...
Welcome to the final installment of our five-part series looking at code bugs responsible for the vulnerabilities and exploits we try to stay safe from....
Trellix, a cybersecurity firm, has provided detailed information on the modus operandi of a new cybercriminal gang called the “Read The Manual” Locker. The group...
The Slint team announced the release of Slint 1.0, an open-source graphical toolkit based on the Rust programming language, on April 3rd, 2023. Formerly known...
“What do you mean having poor cybersecurity can get me in jail?” … is what probably went through the mind of the ex-CEO of a...
Google’s product security response team has discovered a Spectre-related vulnerability in Linux kernel version 6.2, extending the threat posed by the bug that has plagued...
The CentOS Project issued an important notice regarding the end dates for CentOS Linux 7 and CentOS Stream 8, urging users and administrators to start...
As the U.S. tax season comes to a close, Microsoft warns that a new phishing effort is targeting accounting companies and tax preparers, planting malware...
The upcoming release, Firefox 113 is set to introduce some exciting features, such as animated AV1 images (AVIS) support, a more secure password generator with...
Managed Service Providers (MSP s) play a critical role in maintaining reliable and secure systems for their clients. But, as a trusted technology partner, MSPs...
The notorious North Korean threat group, the Lazarus Group, has shifted its focus and updated its tactics as part of a campaign called DeathNote, according...
Welcome to part four of the five-part series where we look at the code bugs that explain the many exploits reported on a regular basis....
A handful of faults in Nexx’s smart home gadgets that hackers can exploit are estimated to put over 40,000 residential and commercial premises at danger....
End-of-life (EOL) software can pose serious security risks. In this post, we’ll be exploring the dangers of using EOL software, including specific risks for Linux...
BlackArch Linux, a distribution for penetration testing and ethical hacking based on Arch Linux, has released new ISOs containing more than 2800 tools. After a...
Security researchers from Trustwave SpiderLabs have discovered a new strain of malware called Rilide, which specifically targets users of Chromium-based browsers, including Google Chrome, Microsoft...
Linux Lite, an Ubuntu-based distribution designed to run smoothly on less powerful hardware, has released a fresh version 6.4 for download. Linux Lite 6.4 is...
The Cybersecurity and Infrastructure Security Agency (CISA) in the United States has released eight advisories concerning Industrial Control Systems (ICS) vulnerabilities in products from Hitachi...
Recently, the Linux kernel was found to have several critical flaws. Memory exhaustion, system crashes, denial of service (DoS), the disclosure of private data, cross-site...
A persistent effort that targets “all known and recently discovered theme and plugin vulnerabilities” has hacked an estimated one million WordPress websites according to Sucuri....
Operating system (OS) virtualization can accomplish incredible things. By abstracting the hardware layer, virtualization makes an OS believe it is running natively on hardware –...
Xubuntu 23.04, based on Ubuntu 23.04 (Lunar Lobser), is scheduled to release on April 20, 2023. Built on the Linux kernel 6.2, Xubuntu 23.04 will...
Operating in a cloud environment has risks that you need to be aware of, folks. In this article, I’ll be talking about the cloud security...
Genesis, an infamous hacker marketplace, was brought down by a 17-country multinational law enforcement operation. It was discovered that the marketplace was selling access to...
You’ve surely noticed the trend – it’s hard to miss if you’ve been paying attention. Changelogs have been getting more and more sparse, especially in...
Two security companies have detected a supply chain attack on 3CX, a popular communication software provider. The malware has infected the Windows Electron client, but...
Canonical made the beta version of its upcoming Ubuntu 23.04 (Lunar Lobster) operating system available for public testing on March 30 before the official release...
Fintech applications require a particularly strong security posture. After all, you’re safeguarding the financial data (or even more disconcerting – the money) of your customers. ...
The Cybersecurity and Infrastructure Security Agency (CISA) has directed government agencies to address security flaws used in zero-day attacks during recent incidents in which commercial...
GNOME 44, code-named “Kuala Lumpur”, is officially released and packed with new improvements, eye-catching features, quick settings, accessibility improvements, and more. GNOME is a widely...
A new modular toolkit, AlienFox, allows malicious actors to harvest credentials from multiple cloud service providers, according to SentinelLabs. The toolset is available for sale...
PALO ALTO, Calif. – April 11, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it was honored in the 17th...
Google Project Zero discloses CentOS Linux kernel flaws after failing to release timely fixes before the 90-day deadline. Google Project Zero is a security team...
Linux is everywhere in higher education – from the computer science lab right through to the large server fleets power cutting-edge research and everything in...
Experts in cybersecurity have lately identified a significant increase in the activity of botnets that propagate malware and attack vulnerable network devices. These assaults transmit...
Ubuntu Cinnamon Remix will officially join the other flavors as an official Ubuntu flavor with the next Ubuntu 23.04 (Lunar Lobster) release. The primary goal...
AlmaLinux is proving to be a popular alternative to the now-nearly-dead CentOS stable release. However, plenty of CentOS 7 and 8 users are still using...
Security researchers from cybersecurity firm Wiz have uncovered a new type of attack that enables hackers to bypass authentication and take over user accounts in...
As enterprises continue to innovate, the need for faster and more efficient data processing is growing. Edge computing, Internet of Things (IoT) devices, and sensors...
According to a recent campaign by Earth Preta, nation-state hackers aligned with China are becoming increasingly adept at circumventing security solutions. The threat actor has...
Healthcare organizations handle a vast amount of sensitive and confidential information, making these organizations a prime target for cyberattacks. The result: strict compliance requirements that...
Ubuntu 23.04, which is also known as Lunar Lobster, is set to get its final release on April 20, 2023. It is a short-term release...
According to Malwarebytes, tax fraudsters are on the rise courtesy of the “Trojan Emotet” to carry out their operations. It is capable of intercepting network...
The popular open-source and cross-platform browser, Mozilla Firefox, is gearing up for its major next release, Firefox 112. This release brings some exciting updates for...
On the second day of Pwn2Own Vancouver 2023, a group of security researchers exploited ten zero-day vulnerabilities in various products, earning $475,000 in total. The...
Mozilla has allocated a $30 million budget to initiate a new startup Mozilla.ai, which aims to build a trustworthy open-source AI ecosystem that benefits all....
The AT&T Alien Labs team discovered a new version of the BlackGuard stealer with additional features such as USB propagation, persistence mechanisms, memory loading of...
SaveDesktop is an open-source application that allows you to store your Linux desktop configuration. Have you spent hours configuring your Linux desktop to look just...
Google has removed a fake Chrome browser extension called “ChatGPT For Google” from its Web Store after it was discovered to be a phishing tool...
Google’s Project Zero has discovered 18 zero-day vulnerabilities in Samsung’s Exynos chips, which attackers could use to completely compromise a phone without the user’s knowledge....
A new variant of IceFire ransomware has been discovered that targets Linux systems. In the past, it has been found to target Windows only. This...
Cybersecurity threats are ever present and government organizations face unique challenges in securing the sensitive information of citizens. As workers with limited technology training become...
ReliaQuest has discovered a security incident caused by the QBot banking trojan in a client’s environment. A threat actor gained access to the network via...
Docker is a popular open-source containerization platform that helps to create, deploy, and manage applications in a containerized environment. Recently, concerns have been raised in...
Sometimes getting 101’s right comes down to how seriously you take the issue – whether it’s given the right level of priority. Take health 101’s:...
Offensive Security has announced the release of Kali Linux 2023.1, marking the 10th anniversary of the project. The latest version of the distribution includes a...
The sanctions imposed on the Russian government and its defense industry have caused some interesting issues in the open-source community. The conflict between Russia and...
IoT in manufacturing and production industries enables higher levels of automation, data collection, and efficiency, so it’s no surprise that IoT empowers manufacturers tremendously. In...
Cybercriminals have found a new way to distribute info-stealing malware to unsuspecting users by abusing Adobe Acrobat Sign, a popular online document signing service. Avast...
A new Ubuntu Desktop is in development that provides the usual Ubuntu experience with the addition of Flatpak preinstalled. Since Canonical announced it to not...
“No plan survives contact with the enemy” is one of the truisms of conflict. It’s somewhat (un)surprising how accurately this describes the cybersecurity posture of...
Btrfs, the short form for “B-Tree File System,” is a Linux kernel-based, state-of-the-art file system that seeks to replace the current standard ext4 file system...
Reaching an acceptable level of cyber hygiene is a challenge for all healthcare providers, hospitals, and pharmaceutical companies. Many security breaches occur with legacy systems...
Cybersecurity researchers from SentinelLabs discovered a new variant of the Icefire ransomware, with a specific focus on Linux enterprise systems. SentinelLabs was the first to...
Vanilla OS 2.0 had been using Ubuntu from its early development stages, but now it is all set to shift to Debian Sid. Vanilla OS...
The core reason why organizations utilize CI/CD is that they’re supremely beneficial for system administration, live patching, or patch management, as well as testing code...
A former TikTok risk manager has met with congressional investigators to express his concerns that the company’s plan for protecting user data in the United...
In the current scenario where almost all software uses open-source code, at least one known open-source vulnerability was detected in 84% of them. The researchers...
It’s been about a decade since the discovery of Heartbleed, a dangerous OpenSSL exploit that affected millions of systems – and a vulnerability that made...
Palo Alto Networks’ Unit42 researchers have discovered a new GoBruteforcer malware that targets phpMyAdmin, MySQL, FTP, and Postgres. The newly discovered Golang-based botnet malware seeks...
Several critical vulnerabilities were detected in the Linux kernel that could cause a denial of service (DoS), possibly execute arbitrary code, and leak sensitive information....
Buffer overflow vulnerabilities are still a common route by which cyber criminals get illegal access to computer systems. It’s a growing problem too as there...
According to cybersecurity firm Mandiant, a North Korean espionage group known as UNC2970 has been carrying out spear-phishing attacks against media and technology organizations in...
Linux Torvalds announced the first release candidate for Linux Kernel 6.3 on March 14, 2023. This kernel release candidate officially starts the testing phase for...
We need an opportunity to achieve our cybersecurity goals. The tighter this window, the harder it becomes to do our cybersecurity jobs. Recent reports stating...
PALO ALTO, Calif. – March 21, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it received top honors in this...
Mandiant researchers have discovered a malware campaign that targets SonicWall SMA 100 Series appliances and is thought to have originated in China. The malware was...
You don’t need to be a Linux mastermind to recover lost and deleted data in Linux. With the right know-how, you can recover both, and...
Two buffer overflow vulnerabilities in the Trusted Platform Module (TPM) 2.0 specification could allow attackers to access or replace sensitive data such as cryptographic keys....
Canonical has released new Linux kernel security updates that address 17 vulnerabilities affecting Ubuntu 22.10, Ubuntu 22.04 LTS, and Ubuntu 20.04 LTS systems running Linux...
Lucky Mouse, a cyber threat group, has created a Linux version of the malware called SysUpdate, increasing its ability to attack devices that use the...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a free and open-source tool called Decider to assist defenders in mapping adversary behavior to...
It’s crucial for organizations to adopt patch management best practices to keep their systems as secure as possible. I’ll be walking you through the importance...
Brave Search now includes Summarizer, an AI-powered tool that provides a summarized answer to an inputted question before the rest of the search results. It...
Recently, Canonical announced that all Ubuntu Flavors would not include Flatpak by default. Flatpak was introduced to Ubuntu several years ago with the goal of...
Cybercriminals use a range of strategies to target vulnerable systems – and remote code execution (RCE) attacks are one of the most common strategies. Indeed,...
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a warning about a new ransomware gang known as Royal ransomware. The ransomware...
Security researchers have discovered 700+ malicious open-source packages in npm and PyPI. npm and PyPI are among the most widely used software repositories globally by...
Freshen up with something new and improved – if it’s as simple as applying a software update…. well, why not? That’s a tempting argument to...
In an effort to shift the burden of defending U.S. cyberspace away from small organizations and individuals, the Biden Administration is pushing for new regulations...
There have been countless articles posted about the new AI chat bots in the past few months, and, since those bots became available to the...
The Trellix Advanced Research Center (TARC) has discovered a new type of privilege escalation bug on MacOS and iOS. These bugs could potentially allow attackers...
Elektrobit and Canonical announced the partnership on October 27, 2022, to lead the path toward a new era of software-defined vehicles. After some months of...
It’s impossible to avoid change in technology – by definition, technology always moves forward. And that’s generally great news, but keeping up with the changes...
Microsoft recently issued a new security advisory urging Exchange Server administrators to remove certain antivirus software exclusions that could expose systems to attacks. According to...
KDE Plasma is a popular desktop environment that allows users to interact with their computers through a graphical interface. It is widely used on Linux-based...
Infrastructure is at the core of any business – whether it’s a pipeline for liquids, a data center, or the development process you’ve taken years...
Google has uncovered a critical Remote Code Execution (RCE) vulnerability in Chrome that could allow attackers to take control of affected systems. Users who are...
Real-time Ubuntu offers secure and reliable solutions for time-sensitive workloads in modern enterprises. By including real-time computing support, Canonical showcases its dedication to providing the...
Cybercriminals are exploiting unpatched vulnerabilities in Fortinet and Zoho products, leaving many organizations vulnerable. According to a Check Point Research report, attackers have been exploiting...
Linux 6.2 is the major kernel update of the year 2023 with some new exciting features. It undergoes a range of updates and improvements, such...
Cybercriminals are now delivering stealthy malware onto Macs using pirated versions of the video editing software Final Cut Pro. This is a concerning trend because...
If you have limited resources, what should you do first: make your systems more tamper proof by patching where and when you can, or ensure...
Unit 42 researchers discovered “Mirai v3g4”, a new variant of the Mirai botnet that targets 13 unpatched vulnerabilities in Internet of Things (IoT) devices. The...
Proxmox VE is an open-source platform for server virtualization that offers robust capabilities for managing both KVM (Kernel-based Virtual Machine) hypervisors and Linux Containers (LXC)....
Threat actors are actively exploiting two zero-day vulnerabilities in Windows and iOS, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The first flaw,...
KernelCare Enterprise’s Linux kernel live patching software has supported ARMv8 (AArch64) in addition to x86_64 (Intel IA32/AMD AMD64) for some time now. However, to get...
Group-IB recently discovered a new phishing campaign believed to be the work of the notorious Chinese state-sponsored hacking group, Sidewinder. The attacks, which began in...
No matter which tech stack you depend on, you can be sure it’s composed of plenty of building blocks – lots of moving parts stacked...
A critical Remote Code Execution (RCE) vulnerability in a popular software library used by a wide range of applications has been discovered by researchers. The...
Denial of Service (DoS) attacks are a special type of cybersecurity threat. The attacker does not need to hack your systems or find a gap...
Forescout researchers discovered two new vulnerabilities in Schneider Electric’s Modicon programmable logic controllers (PLCs), which could allow for authentication bypass and remote code execution. The...
KernelCare Enterprise enables organizations to rapidly patch Linux kernel and critical userspace library vulnerabilities on enterprise Linux environments without requiring kernel restarts or system downtime....
According to Blackberry researchers, a new phishing campaign dubbed “NewsPenguin” has been targeting Pakistan’s military-industrial complex for months, using an advanced malware tool to steal...
Managed services providers (MSPs) face several challenges that can affect their ability to deliver high-quality service. Keeping up with rapidly evolving technology is one challenge...
Microsoft has announced that its support diagnostic tool, MSDT, will be phased out by 2025. The Windows Diagnostic Data Viewer (DDV) application will replace the...
Patches for recently discovered OpenSSL vulnerabilities are already available through TuxCare’s KernelCare Enterprise, which, for some distributions, we’ve released before the vendor-supplied updates have been...
A game mode in Dota 2 exploited a high-severity vulnerability, allowing attackers to remotely execute code on the targeted system. The flaw was discovered in...
Keeping databases patched with the latest security updates is essential for organizations to protect their data. Unpatched database systems can lead to exploits against core...
Proofpoint Threat Research researchers have discovered a new phishing campaign that employs screenshots to deliver malware payload to unsuspecting victims. The attacker sends an email...
TuxCare was there with you right at the start of the CentOS crisis, just as Red Hat suddenly pulled the rug from one of the...
Researchers have discovered a new type of obfuscated malware that is specifically designed to steal sensitive data from victims’ computers. Malware is distributed through phishing...
With Centos-8 EOL, open-source communities of enterprise users and web hosts now face a great amount of risk. But, extended lifecycle support solutions can buy...
Abnormal Security discovered a new business email attack threat actor known as “Firebrick Ostrich” performing Business email compromise (BEC) on a near-industrial scale. It also...
We first reported on W4SP Stealer in November in response to widespread news of a new Python supply chain attack. Unfortunately, as it so often...
Censys, a security firm, has warned that up to 29,000 network storage devices manufactured by Taiwan-based QNAP are vulnerable to easily executed SQL injection attacks,...
Agile methodologies, cloud computing, and automation tools allow software development teams to work faster and more efficiently. They emphasize fast iteration and continuous delivery, enabling...
A Lazarus Group cyberattack is targeting the medical research and energy industries, and their supply chain partners, through exploiting known vulnerabilities found in unpatched Zimbra...
Ever been in a position where you needed to validate an important technical purchase to a group of executives who just didn’t understand what value...
Atlassian has addressed a serious security vulnerability in its Jira Service Management Server and Data Center that could have allowed an attacker to impersonate another...
FIPS 140-3 is a standard issued by the National Institute of Standards and Technology (NIST) that aims to provide a consistent and secure method for...
Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) have warned of a new ransomware attack named ESXiArgs that is targeting VMware ESXi...
Organizations will often try to patch their systems “on time” in order to be secure from new threats. In this context, “on time” will mean...
Threat actors are targeting Bitwarden through Google ads phishing campaigns in order to steal users’ password vault credentials. A spoof version of Bitwarden was expertly...
In the world of Linux distributions, or “distros,” the lifecycle of a distribution refers to the period during which the distribution receives security updates and...
DDoS attacks on German airports, banks, and government agencies have been blamed on Killnet, a self-proclaimed Russian hacktivist group. DDoS is a distributed denial-of-service (DDoS)...
PALO ALTO, Calif. – February 8, 2023 – TuxCare,, a division of CloudLinux Inc, the main sponsoring company of the AlmaLinux OS Project, today announced...
According to the Trellix research team, they patched nearly 62,000 open-source projects that were vulnerable to a 15-year-old path traversal vulnerability in the Python programming...
There is one vulnerability exploited every 2 hours and attackers can cause significant disruption, downtime, and revenue loss. Before divulging into the cloud patching know-how,...
Palo Alto Networks Unit 42 security researchers investigated a PlugX malware variant that can hide malicious files on removable USB devices and then infect the...
Akamai researchers have published a proof-of-concept (PoC) for a vulnerability in a Microsoft tool that enables the Windows application development interface to deal with cryptography....
PALO ALTO, Calif. – February 3, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced that its KernelCare Enterprise Live Patching...
Ermetic researchers discovered EmojiDeploy, a cross-site request forgery (CSRF) bug in Microsoft Azure services that could allow attackers to remotely execute code on affected systems....
Chinese hackers were discovered using a recently discovered flaw in Fortinet’s FortiOS software as a zero-day vulnerability to distribute malware. CVE-2022-42475 (CVSS score of 9.8)...
Kaspersky has discovered a new malicious app known as Wroba.o that uses DNS hijacking to steal victims’ personal and financial information. The app, discovered in...
ThreatFabric cybersecurity researchers have discovered a new type of Android malware known as ‘Hook.’ Hackers can use the malware to gain remote control of an...
End-of-life software is just a fact of our fast-paced technology life. Tech teams know that they need to manage the software lifecycle. Teams also know...
According to CyberArk researchers, GPT-based models like ChatGPT can be used to create polymorphic malware because they can generate large amounts of unique and varied...
Live patching is a method of updating a Linux kernel without restarting the kernel – and therefore without the need to reboot the machine. Live...
Malicious hackers have started exploiting a critical vulnerability CVE-2022-44877 in unpatched versions of the Control Web Panel, a popular free, closed-source web-hosting interface. The vulnerability...
Regulations and standards guide companies toward a consistent cybersecurity response. Even if it sets just a minimal baseline, rulebooks still serve as an improvement on...
Deep Instinct researchers reported that RATs like StrRAT and Ratty were used in a 2022 campaign via polyglot and JAR files. Both threats appear to...
On a fictional tv show that started airing last year, a spy fell out of grace by forgetting some classified intelligence papers on a public...
According to CircleCI’s CTO, Rob Zuber, CircleCI is working with Amazon Web Services to notify customers who have AWS tokens that may have been impacted...
Anyone that’s committed to a five-nines mandate will dread the idea of a cybersecurity breach. It’s a fast way to lose service continuity and it...
A remote attacker could exploit multiple vulnerabilities in four Cisco small business routers to bypass authentication or execute arbitrary commands on an affected device. The...
Linux kernel updates are a fact of life. They are as dull as taxes and about as fun as going to the dentist. But sysadmins...
In a notable IcedID malware attack, the assailant impacted the Active Directory domain of the victim in less than 24 hours, transiting from initial infection...
System administrators that work in enterprise environments know that patching is practically a full-time job. Consider the effort involved in patching just one system: a...
Bitdefender experts have created a universal decryptor for victims of the MegaCortex ransomware family. MegaCortex has been in use since at least January 2019, and...
PALO ALTO, Calif. – January 19, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced the launch of its TuxCare OEM...
The Cybernews research team observed that the AI-powered chatbot ChatGPT can provide step-by-step directions on how to hack websites. When the researchers asked the AI...
Colleges and universities are heavily targeted by cybercriminals that seek to exploit vulnerabilities and trick staff members to infect systems with malware, spyware, and ransomware....
Zoho says it has patched several ManageEngine products for a newly disclosed high-severity SQL injection flaw. CVE-2022-47523 is a SQL injection (SQLi) vulnerability in ManageEngine...
Look, everyone knows that it’s a tough act. Thousands of CVEs are added to the list every month – all in the context of a...
Qualcomm and Lenovo have issued patches to address a number of security flaws in their chipsets, some of which could result in data leakage and...
The public sector, including state and federal agencies, are at just as much risk of cyberattacks as the private sector. Yet, in terms of technology...
Dridex, a Windows-focused banking trojan that has since expanded its capabilities to include information theft and botnet capabilities, is now targeting Macs via email attachments...
According to ARMO researchers, The Kyverno admission controller for container images has a high-severity security vulnerability. Using a malicious image repository or MITM proxy, the...
Hackers frequently target payment card industry (PCI) data. To help protect against this, compliance regimes like the PCI Data Security Standard (PCI DSS) were put...
Researchers at Cyble Research & Intelligence Labs (CRIL) have discovered GodFather malware, a new version of the Android banking Trojan. This malware has infiltrated over...
Cybersecurity insurance policies are considered by many to be a last resort safety net that, when things go wrong in a terrible way, provides at...
The United States Cybersecurity and Infrastructure Security Agency (CISA) has added two-year-old security flaws, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9),...
It’s the making of a horror film: a cyberattack that tampers with the water supply of a city and poisons the residents. It nearly happened...
According to a Guardio Labs report, “MasquerAds” malware targets organizations, GPUs, and Crypto Wallets by using the Google Ads platform to spread malware to users...
As expected, 2022 was a tough year for cybersecurity, with one headline-grabbing cyberattack after another – and there are no signs that 2023 will go...
Dr. Web has discovered Linux.BackDoor.WordPressExploit.1, a website hacking tool based on the WordPress CMS. It takes advantage of 30 vulnerabilities in various plugins and themes...
To meet organizational requirements, compliance mandates, and regulatory requirements, Managed Security Service Providers (MSSPs) have a vulnerability patching approach available to them that they may...
SentinelOne researchers discovered that the Vice Society group has released PolyVice, a custom ransomware that employs a reliable encryption scheme based on the NTRUEncrypt and...
As one of the most popular scripting languages for a variety of applications, Python also offers incredibly valuable functionality when it comes to automated live...
Okta has revealed that a malicious users hacked and replicated its source code repositories on GitHub earlier this month, after previously reporting a compromise carried...
The National Institute of Standards and Technology (NIST) advised organizations, including healthcare, federal/state government, and financial services providers, to deploy software updates through enterprise patch...
The Zerobot malware discussed in this blog post is unrelated to ZeroBot.ai, a GPT-3.5-powered verbal chatbot that shares the same name, and is also unrelated to...
SentinelOne researchers discovered that the Vice Society group has released PolyVice, a custom ransomware that employs a reliable encryption scheme based on the NTRUEncrypt and...
In cybersecurity, metrics provide a way to measure cybersecurity performance and point to how successfully you’re defending your technology assets. Mean time to patch, or...
This is part three of our five-part blog series exploring the code bugs that lead to the vulnerabilities showing up every day. In this part,...
According to Cisco Talos, two vulnerabilities in the Ghost CMS newsletter subscription system, CVE-2022-41654, and CVE-2022-41697, exist in the newsletter subscription functionality of Ghost Foundation...
Retention rates, NPS, customer score… if you work in the IT department of a telecoms company or any client-facing team, you’ll know all about the...
In an extensive two-factor authentication bypass campaign, multiple Comcast Xfinity email accounts were hacked, and the disrupted accounts were used to reset passwords for other...
Did you know that 75% of cybersecurity threats occur due to the vulnerabilities present in third-party applications? In this blog, we’ll be discussing how patch...
Understanding the relationship between development operations (DevOps) and the agile software development (Scrum) framework is critical for organizations to create a secure, rapid application development...
Eufy, an Anker security camera brand, has been under fire for quite some time due to security concerns about uploaded footage, which it recently admitted....
The Linux Kernel has grown in scope and functionality over the years. New schedulers, new drivers, new filesystems, new communication protocols, new security holes… oh,...
Talos researchers recently uncovered a phishing campaign that uses Scalable Vector Graphics (SVG) images embedded in HTML email attachments to distribute QBot malware. Basically, when...
Frameworks are an effective tool in cybersecurity because of the complexity of cybersecurity challenges and because so many organizations have so little structure to their...
Google has launched OSV-Scanner, a free tool for open-source developers to easily access vulnerability information. It is said to include an interface to the OSV...
VMware has released patches for a number of vulnerabilities, including a virtual machine escape flaw, CVE-2022-31705, which was exploited during the GeekPwn 2022 hacking challenge,...
The U.S. National Security Agency has warned that a Chinese state-sponsored group is exploiting an unauthenticated remote code execution flaw (CVE-2022-27518) to compromise Citrix Application...
Eclypsium Research has identified and reported three vulnerabilities in American Megatrends, Inc. (AMI) MegaRAC Baseboard Management Controller (BMC) software. This is used by AMD, Ampere, Asrock,...
As part of developing and testing new patches, the KernelCare team has reevaluated the impact of the Retbleed patches. We have serious concerns that the...
Google’s Threat Analysis Group discovered APT37, also known as Scarcruft or Reaper, a North Korean-linked hacking group, exploiting a zero-day vulnerability in Internet Explorer’s JScript...
PALO ALTO, Calif. – December 21, 2022 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it now offers a new CentOS...
Patching to protect systems against security vulnerabilities is at the top of the SecOps agenda. However, despite the focus on patching, it’s something that has...
According to Secureworks Counter Threat Unit researchers, the Drokbk malware has been targeting the networks of several local governments in the United States since February....
Critical infrastructure is at the core of a functional society, supplying key utilities such as water, energy, and transport to the nation. It makes infrastructure...
ThreatFabric researchers have discovered the Zombinder service, which allows cybercriminals to easily embed malware into legitimate apps and steal data while also wreaking havoc on...
Deep Instincts researchers have uncovered a hacker group known as MuddyWater, which has been linked to Iran’s Ministry of Intelligence and Security and typically engages...
Eufy denies claims that its cameras can be live streamed without encryption. Eufy stated that it does not upload identifiable footage to the cloud from...
A number of digital certificates used by vendors such as Samsung, LG, and MediaTek have been discovered to be compromised in order to stamp approval...
PALO ALTO, Calif. – December 14, 2022 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, announced it expanded its award-winning KernelCare Enterprise live...
Vedere Labs researchers recently discovered three new security flaws in a long list of flaws collectively tracked as OT:ICEFALL. The flaws are said to affect...
MySQL high availability allows companies to run databases that meet higher uptime requirements and zero data loss tolerance, which are highly sought-after goals that every...
Wiz security researchers discovered Hell’s Keychain, a first-of-its-kind cloud service provider supply-chain vulnerability, in IBM Cloud Databases for PostgreSQL. This occurred while researchers were conducting...
“We are in the process of digging ourselves into an anachronism by preserving practices that have no rational basis beyond their historical roots in an...
Aqua Nautilus, a cloud security firm, discovered new Go-based malware that targets Redis (remote dictionary server), an open source in-memory database and cache. The attack...
ESET researchers discovered an ongoing campaign by the Bahamut APT group, a notorious cyber-mercenary group that has been active since 2016, that targets Android users...
A digital twin (DT) is a virtualized representation of an actual device, and is often used in relation to operational technology (OT), industrial control system...
A memory leak bug on Local Security Authority Subsystem Service (LSASS), a service that allows users to manage local security, user logins, and permissions, is...
After discovering malicious behaviors in 1,652 of 250,000 unverified Linux images publicly available on Docker Hub, security researchers have warned developers of the risks of...
Despite fixes released by the chipmaker, a set of five medium-severity security flaws in Arm’s Mali GPU driver have remained unpatched on Android devices such...
Continuous integration (CI) refers to testing code changes before deployment to production. Continuous delivery (CD) is where code changes are automatically deployed to production systems...
The APT group DefrayX has launched a new version of its RansomExx malware known as RansomExx2, a variant for Linux rewritten in the Rust programming...
When it comes to the Industrial Internet of Things (IIoT), the legacy Purdue model no longer provides adequate levels of security projection – as newer...
DuckDuckGo, a privacy-focused search engine, has added an App Tracking Protection tool to its Android app, allowing users to see what personal data trackers are...
If your organization deploys IoT solutions, you know that development of embedded systems is a bit different from standard desktop development. Linux’s low cost is...
A few days after Microsoft acknowledged problems with Kerberos authentication that affected Windows Servers with the Domain Controller role, causing domain user sign and Remote...
Thousands of databases hosted on Amazon Web Services Relational Database Service (RDS) have been discovered to be leaking personally identifiable information, potentially providing a gold...
Security researchers from Checkmarx have uncovered an ongoing supply chain attack that involves spreading the malware identified as W4SP Stealer. W4SP Stealer is a discord...
Keeping your systems up to date can be done in many different ways, each with its own pros and cons. Some so-called “patching” methods are...
Attackers are using phishing tactics to spread QBot, a Windows malware that started as a banking trojan but evolved into a full-featured malware dropper. According...
Gone are the days of Operational Technology (OT) being distinctly separated from IT. With the need of constant monitoring and tracking of the physical assets,...
Apple has released security updates for iOS, iPadOS, and macOS Ventura to fix two remote code execution (RCE) vulnerabilities that allow remote or Internet attackers...
Cybersecurity professionals need to be aware of new threats and take action immediately so that we can minimize the risk of future incidents occurring. Much...
Worok malware makes the rounds by deploying multi-level malware designed to steal data and compromise high-profile victims such as government entities in the Middle East,...
Breakthroughs don’t often happen in cybersecurity, but when one does, it can be a real magic bullet. Linux kernel live patching, which is the ability...
IceXLoader, an updated version of a malware loader, is suspected of infecting thousands of personal and enterprise Windows machines around the world. IceXLoader is a...
Operational technology (OT) is equipment and computer software used for analyzing utility control processes for critical infrastructure, while Industrial Control System (ICS) assets are the...
A security researcher, David Schütz has received a $70,000 bug bounty after he accidentally discovered a Google Pixel lock-screen bypass hack that solved a serious...
Operational Technology (OT) and Industrial Control Systems (ICS) technologies help ensure safety by monitoring and controlling critical operations. OT includes Supervisory Controls And Data Acquisition...
Microsoft has fixed six actively exploited Windows vulnerabilities and 68 vulnerabilities in its November 2022 Patch Tuesday. Eleven of the 68 vulnerabilities fixed are classified...
There are many different ways to improve upon traditional patching, so it’s easy to get confused about how each patching approach works. In the past,...
The long-awaited OpenSSL bug fixes to fix a critical severity security hole are available now. New OpenSSL patches have reduced the severity of the bug...
Threat actors are distributing malicious Python packages to the popular Python Package Index (PyPI) service, using authentic-sounding file names, and hidden imports to deceive developers...
RomCom, a threat actor, is said to be conducting a series of new attack campaigns using the brand power of SolarWinds, KeePass and PDF Technologies....
Cisco has released security updates to address two vulnerabilities that are classified as “high”: CVE-2022-20961 and CVE-2022-20956. The vulnerabilities affect the Cisco Identity Services Engine...
We continue to look at the code issues that cause the vulnerabilities impacting the IT world. In this installment of our five-part blog series exploring...
According to security researchers from SentinelOne, the relatively new ransomware gang called Black Basta shares tooling and possibly personnel with the notorious FIN7 hacking group....
Not all Linux live patching solutions are created equal. In fact, many live patching solutions are quite limited. Oracle’s Ksplice is an example of a...
Researchers from the Leiden Institute of Advanced Computer Science have discovered thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for vulnerabilities and...
Last year, CISA created a list of vulnerabilities being actively exploited and a list of applications directly affected by those vulnerabilities. Over time, the list...
Microsoft Internet Information Services (IIS), a web server that enables hosting of websites and web applications, is being exploited by the Cranefly hacking group to...
What Is an Embedded System? Before diving into embedded Linux, let’s first discuss what it’s used for: embedded systems. There are embedded systems in everything:...
The cloud has never been about reducing costs. In fact, even staunch cloud advocates admit it – crunching the numbers just doesn’t make sense financially...
A hacker group that is identified simply as DEV-0950 is using CIop ransomware to encrypt the network of organizations that were previously infected with the...
Major operating system vendors, software publishers, email providers and technology companies that integrate OpenSSL into their products have been asked to prepare for a possible...
Researchers from the Checkmarx Supply Chain Security team have discovered a “high-severity” vulnerability in GitHub. Using a technique known as Repo jacking, attackers could take...
Researchers from the cybersecurity company Fortinet have uncovered a malicious campaign in which attackers exploit a critical vulnerability in the VMware Workspace One Access to...
The CIS Critical Security Controls, known widely as CIS Controls, are a series of actionable cybersecurity recommendations designed to prevent common and not-so-common attacks against...
Researchers from Singapore-based Numen Cyber Labs have discovered and shared details on a vulnerability in the Move virtual machine responsible for powering the Aptos blockchain...
Content giant Patreon recently laid off its entire internal cybersecurity team. While it’s publicly known that five employees from the team were let go, the...
A relatively new ransomware operation, identified as Venus is hacking into publicly exposed Remote Desktop services to encrypt Windows devices. According to researchers, Venus ransomware...
The technology world is full of big promises, including in cybersecurity. Just think about it: how many times have you heard the promise of a...
Hackers are using the Emotet botnet to exploit password-protected archive files to drop CoinMiner and Quasar RAT on vulnerable devices. Based on one of the...
It’s common to hear about new vulnerabilities and exploits, some of which even get fancy names of their own, but sometimes the details of how...
Wordfence, a WordPress security company, has uncovered attempts by hackers to exploit the new Text4Shell vulnerability. Tracked as CVE-2022-42889 the flaw was discovered in Apache...
Notorious cyber espionage group Budworm has launched deliberate attacks against a number of high-profile targets, including a U.S. state legislature, a Middle Eastern country and...
Security company Cloudflare recently ended a 2.5 Tbps distributed denial-of-service (DDoS) attack launched by a Mirai botnet. The company announced the incident while pointing to...
Hackers are exploiting a vulnerability tracked as CVE-2022-41352 in the Zimbra Collaboration Suite (ZCS). Already, threat actors were able to hack into almost 900 servers....
Attackers are using a Windows malware called Ducktail to steal Facebook accounts, browsing data and crypto wallets. Ducktail is associated with Vietnamese hackers and relies...
Hackers compromised Binance’s BNB Smart Chain (BSC) and stole an estimated USD 110 million. Hackers were able to get their hands on as much as...
A malicious campaign uncovered by security firm Armorblox shows that attackers manipulate Zoom to compromise Microsoft user data. In one of the incidents analyzed, more...
A Fortinet vulnerability in FortiGate firewalls and FortiProxy web proxies could allow a threat actor to perform unauthorized actions on vulnerable devices. The bug, a...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the NSA have issued a joint report describing an intrusion into the network of...
According to Trend Micro researchers, a threat actor identified as ‘Water Labbu’ is hacking into cryptocurrency scam sites to inject malicious JavaScript with the aim...
ESET researchers have uncovered the malicious activities of Lazarus, a North Korean hacking group that exploits a Dell hardware driver flaw for Bring Your Own...
The software security company Checkmarx has uncovered the malicious activities of the threat actor LofyGang, which distributes trojanized and typosquatted packages on the NPM open...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Bitbucket Server RCE and two Microsoft Exchange zero-days to its list of exploited vulnerabilities....
While many were away enjoying some well-deserved R&R, security researchers, hackers wearing hats of all different colors, and intelligence agents from all over the world...
Sometimes organizations must embrace evolution in the way things are done, whether it’s because a new approach has become standard practice or because of some...
According to researchers from Lumen-based Black Lotus Lab, a new Chaos malware is targeting multiple architectures to spread DDoS, cryptocurrency miners, and install backdoors. The...
Cisco Talos researchers have uncovered a social engineering malware campaign that exploits a remote code execution flaw in Microsoft Office to apply a Cobalt Strike...
Microsoft has announced that two critical vulnerabilities in its Exchange application are being exploited by attackers. The company also explained that more than 22,000 servers...
A new malware, identified as Metador, is being used by attackers to target telecommunications, internet service providers and universities on multiple continents, according to security...
GitHub warns that cyber attackers are compromising user accounts through a sophisticated phishing campaign. The malicious messages notify users that their CircleCI session has expired...
TuxCare is pleased to announce it was honored in this year’s inaugural Merit Awards for Technology. Recognized with a silver win in the information security...
Threat actors are now updating the data exfiltration tool Exmatter with a unique data corruption feature, which attackers could switch to perform ransomware attacks in...
Sophos has warned that attackers are exploiting a critical code injection security vulnerability in the company’s Firewall product. The attackers are exploiting the flaw in...
Microsoft SQL servers are being targeted with FARGO ransomware according to AhbLab Security Emergency Response Center (ASEC) researchers. MS-SQL servers are considered database management systems...
A threat actor identified as Webworm is using Windows-based remote access trojans for cyber espionage. The Symantec Threat Hunter team identified cases where the attacker...
Bitdefender has published a free decryptor, which is supposed to help LockerGoga ransomware victims to restore their files without having to pay a ransom. The...
According to security researchers from AdvIntel, ransomware gangs such as Quantum and BlackCat are now using the Emotet malware in attacks. Emotet started as a...
A hacker gained access to Rockstar Games’ internal servers and stole 3 GB worth of early GTA 6 footage, photo and source code for the...
Security researchers at Malwarebytes have uncovered an ongoing malvertising campaign that injects ads into Microsoft’s Edge News Feed, redirecting potential victims to websites that promote...
Python has grown tremendously, and its impact has been remarkable. It has become one of the most popular programming languages among developers and researchers. Python...
Cybersecurity company Trend Micro has uncovered a malware campaign in which threat actors exploit security vulnerabilities in the Oracle WebLogic Server to deliver cryptocurrency mining...
Supply chain attacks come in all forms and shapes. One example is taking over legitimate accounts to deploy malicious code into widely used libraries. Another...
Chainalysis, a U.S. company, said it had worked with the FBI to recover more than $30 million in cryptocurrency stolen from online video game maker...
TuxCare’s KernelCare Enterprise provides live patches for various enterprise-grade Linux distributions. Preparing patches for each new CVE has to account for each of those distributions’...
A new version of the Bumblebee malware loader has been discovered by researchers. The new strain of malware offers a new chain of infection, including...
Wordfence, a WordPress security company, has warned of a zero-day WordPress vulnerability that is now being exploited by attackers. The bug is in a WordPress...
Ransomware has become such a common threat over the last few years that companies anticipate coming face to face with an attack at some point....
A China-based threat actor dubbed APT TA423 is carrying out waterhole attacks on domestic Australian organizations and offshore energy companies in the South China Sea...
A new ‘GIFShell” attack technique exploits bugs and vulnerabilities in Microsoft Teams to abuse legitimate Microsoft infrastructure, execute malicious files, execute commands, and exfiltrate data....
A backdoor in information stealing malware, Prynt Stealer is used to steal data that is exfiltrated by other cyberattackers, according to Zscaler ThreatLabz researchers. Already,...
Python is a language that has experienced explosive growth since its release and is now used extensively across industries by developers with different experience levels....
Google has released an emergency patch to fix a zero-day vulnerability exploited in the wild. Tracked as CVE-2022-3075, the zero-day flaw was discovered and reported...
Extended Lifecycle Support (ELS) for Python enables continued use of Python 2 applications, with timely security updates, without requiring any code refactoring or migration to...
A ransomware attack that began on Thursday, August 25, involved Windows and Linux systems operated by the Chilean government agency, and the incident was verified...
Being faced with the prospect of having to delve into old code to get it running against a new language version is one of the...
Cybersecurity researchers at Trend Micro have identified a 75% leap year-over-year in the number of ransomware attacks targeting Linux users. Apart from ransomware groups, there...
Samsung has confirmed a cyberattack on the company which led to attackers accessing some vital information belonging to attackers. The company stated in its data...
Mozilla is promoting the upcoming Firefox 105 with amazing features and the new version is now available to the beta channel for public testing, early...
Kai-Heng Feng released a patch on Tuesday that allows users’ laptops to switch their external monitor connections to be routed via a laptop’s discrete GPU...
Openbox is the default window manager in LXDE and LXQt and is used in various Linux distributions. Many consider Openbox to be a free, stackable...
The Kubuntu Focus team has unveiled the new Kubuntu Focus NX Mini Linux PC, which will expand the Linux hardware offering to more users. Kubuntu...
Linux Kernel 6.1 one of the latest updates to the Linux operating system provides users with a new logging system that will enable them to...
Losing files can generally be a painful experience, especially when it comes to a lot of vital information and Linux users are not exempted. Often,...
Security remains a top priority for Linux users worldwide. Apart from security, users are interested in browsers that can guarantee privacy. especially in a world...
Although Linux is the most private and secure operating system, according to AtlasVPN, it has seen an increase in malware samples. The results showed that...
Researchers be have uncovered at least 241 malicious Npm and PyPI packages that drop cryptominers after infecting Linux machines. These malicious packages are largely typosquats...
Linux Torvalds, the main developer of the Linux kernel used by the Linux distribution and other operating systems such as Android, has revealed the latest...
BlackBerry threat researchers have shared common tactics and strategies to better protect Linux systems from cyberattacks. To create a viable way to security, researchers investigated...
A malicious PyPI package identified as secretslib is used by Monero cryptominer on Linux systems. The malicious package activity was uncovered by security researchers at...
According to an advisory published by Trend Micro, the Luckymouse threat actor is said to have compromised the cross-platform messaging app MiMi to install backdoors...
Zhenpeng Lin, a PhD student, and other researchers have uncovered a new Linux Kernel exploitation called Dirty Cred. The flaw tracked as CVE-2022-2588 was unveiled...
Linux is an operating system just like Windows, iOS and MacOS. Android is powered by Linux OS. Operating system is basically software that controls the...
After the Equifax data breach, which highlighted the consequences of unpatched software, administrators have the delicate task of ensuring that the latest patches are applied...
PHP is used to power a vast number of websites on the Internet, some of which will be hosted side-by-side on the same system. When...
PHP Extended Lifecycle Support provides security updates and versions if you’re interested in maintaining compatibility with existing PHP code while remaining secure against the latest...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a path traversal bug in the UnRAR utility for Linux and Unix systems to its...
If you’re reading this blog regularly, you’ll already know that unremedied security vulnerabilities open the door to cyberattacks. You’ll also know how tough it is...
Threat hunters at Fortinet have uncovered a new botnet called “RapperBot.” The malware, which has been in use since mid-June 2022, has targeted Linux SSH...
With more than 4 billion social media users around the world, cybercriminals are more inclined than ever to target these users to make money or...
Catastrophic risks such as natural disasters and indeed cyberattacks require insurance. Insurers can afford large payouts when one insured party is hit – by pooling...
The TuxCare team has improved the accessibility of our KernelCare Enterprise changelog. It is easier to navigate and has now been updated to provide a...
In a symphony orchestra, instruments harmonize to create one pleasing sound. Similarly, enterprise IT procedures orchestrate to introduce new systems to production, monitoring, and maintenance...
We are pleased to announce that a new updated ePortal version 1.37-1 is now...
We are pleased to announce that a new updated KernelCare agent version 2.64-1 is now...
We are pleased to announce that a new updated ePortal version 1.36-1 is now...
IT environments are different everywhere you look. No two companies have precisely the same needs or requirements, so it follows that no two companies will...
We are pleased to announce that a new updated KernelCare agent version 2.63-1 is now...
We are pleased to announce that a new updated ePortal version 1.35-1 is now...
It’s an endless battle and the stakes are high: your organization’s information is at constant risk from threat actors ranging from your competitors looking for...
We are pleased to announce that a new updated KernelCare agent version 2.62-2 is now...
We are pleased to announce that a new updated ePortal version 1.34-1 is now...
Welcome to the March instalment of our monthly news round-up, bought to you by TuxCare. We’re honoured to be the Enterprise Linux industry’s trusted maintenance...
As regulations around cyber security tighten and the risks increase, have you ever wondered how your company’s IT processes rank compared to others? Are you...
We are pleased to announce that a new updated ePortal version 1.33-1 is now...
A few years ago, a vulnerability dubbed “Dirty Cow” (CVE-2016-5195) was in the spotlight for a while. It was a trivially exploitable privilege escalation path...
Proof of value (POV) is a key step in the buying process. It allows tech teams to test a product or service to find out...
The University of Zagreb’s Croatian Academic and Research Network (CARNet) faced a significant threat: like other educational institutions, its networks were under constant attack from...
We are pleased to announce that a new updated ePortal version 1.32-1 is now...
Welcome to the February instalment of our monthly news round-up, bought to you by TuxCare. We’re proud to be a trusted maintenance service provider for...
We are pleased to announce that a new updated KernelCare agent version 2.61-1 is now...
Many high-level technologies in the IT industry, in fact most of them, are built on top of existing features. Containers are a prime example of...
The TuxCare Team is always looking for new ways to improve the experience provided by our products. A pain point we identified was the amount...
Samba, the widely used file sharing tool, has a well-established presence, especially in mixed system environments, where file shares have to be accessed from different...
We are pleased to announce that a new updated ePortal version 1.31-1 is now...
We are pleased to announce that a new updated KernelCare agent version 2.60-2 is now...
Delivering solutions in complex technology environments means balancing many competing priorities, both internal and external. There’s always a risk that the customer experience takes a...
Welcome to the January instalment of our monthly news round-up, bought to you by TuxCare. Proud to be a trusted maintenance service provider for the...
Death, taxes, and new CVEs… those are all things we can be very certain about in life. For users of CentOS 8, the inevitable has...
We are pleased to announce that a new updated ePortal version 1.30-2 is now...
Still using CentOS 8 even though it’s now unsupported, and in spite of the obvious risks? Well, in a way it’s understandable. Red Hat took...
It looks like IT teams have no respite. Following all the hassles caused by log4j (and its variants), there is a new high profile, high-risk...
Welcome to the December installment of our monthly news round-up, bought to you by TuxCare. We’re proud to be the Enterprise Linux industry’s trusted maintenance...
A new updated vim package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated binutils package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
GNU Binutils is one of the fundamental packages in a development environment – it includes several different tools for manipulating ELF files, object files, and...
While backporting fixes for the binutils package for older Linux distributions covered by Extended Lifecycle Support, the team identified a vulnerability in the way CVE-2018-12699...
A new updated exim package within Ubuntu 16.04 ELS is now available for download from our production...
We are pleased to announce that a new updated ePortal version 1.29-1 is now...
A new updated nss package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
If you ask a sysadmin what annoys him or her the most about their job, chances are pretty high that you’ll get, in no particular...
A new updated binutils package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated binutils package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated nss package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
If you’re interested in Linux security, kernel vulnerabilities or simply have some spare time to run some tests, this article is for you. In it,...
In some of our previous articles, we’ve covered the closely integrated relationship between open-source software – which is essentially free – and the commercial organizations...
A new updated nss package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated python3.5 package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated openssh package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated busybox package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated nss package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated vim package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated openldap package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated binutils package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
We are pleased to announce that a new updated ePortal version 1.28-1 is now...
Welcome to the November installment of our monthly news round-up, bought to you by TuxCare. We are the Enterprise Linux industry’s trusted maintenance services provider....
A new Ubuntu 16.04 kernel within ELS is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.59-1 is now...
A new updated binutils package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated binutils package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated openldap package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated openldap package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated php package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated vim package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated glibc package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
The server environment is complex and if you’re managing thousands of Linux servers, the last thing you want is for an operating system vendor to...
Let’s face it – everyone’s had just about enough. Exploits are everywhere, and it’s almost impossible to deal with the problem to a watertight degree....
A new updated bind package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.58-1 is now...
A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated php package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated php7.0 package within Ubuntu 16.04 ELS is now available for download from our production...
Iconv is a library used to convert between different character encodings and is part of a core group of tools and libraries used to perform...
A new updated glibc package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated glibc package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated glibc package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated bind package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated nginx package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated bind package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated bind package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated mysql package within Ubuntu 16.04 ELS is now available for download from our production...
Welcome to the next installment of our monthly news round-up, brought to you by TuxCare. We have developed live patching solutions that minimise maintenance workload...
If you’re a systems administrator responsible for thousands of servers, even a small slowdown can cause serious technical problems for your enterprise, and cost it...
A new updated gd package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated nginx package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated nginx package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated nginx package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated python3.5 package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated mysql package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated systemd package within Ubuntu 16.04 ELS is now available for download from our production...
TuxCare’s KernelCare team is preparing a large batch of patches for Ubuntu 20.04 HWE and AWS Hirsute variants, running the ubuntu-focal-hwe-5.11 and ubuntu-focal-aws-5.11 kernels. All...
We are pleased to announce that a new updated KernelCare agent version 2.57-1 is now...
Some time ago, we announced the availability of the CVE Dashboard for the Extended Lifecycle Support service. It provides an up-to-date view of CVE information...
A new updated httpd package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated binutils package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated gd package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated gd package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated gd package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated dovecot package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
TuxCare has recently introduced QEMUCare, the live patching solution for when you need to deploy patches to a QEMU-based infrastructure, but the logistics around the...
A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated httpd package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated httpd package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated curl package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated apache2 package within Ubuntu 16.04 ELS is now available for download from our production...
Welcome to our monthly news round-up, bought to you by TuxCare, the trusted maintenance services provider for the Enterprise Linux industry. Our services maximise system...
A new updated dovecot package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated dovecot package within OracleLinux OS 6 ELS is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.56-1 is now...
A new updated httpd package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.55-2 is now...
A new updated ntp package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated openssl package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated python package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated binutils package with the fix for the CVE-2021-3487 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
The expiration of a root certificate in the Let’s Encrypt certification chain causes multiple issues, especially when coupled with older versions of OpenSSL like those...
Let’s Encrypt is a practical way of obtaining certificates and implementing TLS encryption across a wide range of applications. Looking at the number of issued...
A new updated ntp package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated ntp package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated openssl package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated openssl package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated httpd package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated httpd package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated python package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated python package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated binutils package with the fix for the CVE-2021-3487 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated binutils package with the fix for the CVE-2021-3487 within OracleLinux OS 6 ELS is now available for download from our production repository....
A new updated binutils package with the fix for the CVE-2021-3487 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
Open-source code is at the core of many of the critical software solutions that large companies, governments, and even home users depend on. You would...
A new CentOS 6 kernel within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated openssl package with the fix for several CVEs within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated microcode_ctl package with the fix for several CVEs within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated xterm package with the fix for the CVE-2021-27135 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
Major progress is usually made step by step – building capabilities, layer by layer. That’s the case for free and open-source (FOSS) software too, with...
We are pleased to announce that a new updated KernelCare agent version 2.54-1 is now...
We are pleased to announce that a new updated ePortal version 1.27-1 is now...
A new updated openssl package with the fix for several CVEs within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated openssl package with the fix for the CVE-2021-3712 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated openssl package with the fix for the CVE-2021-3712 and CVE-2021-23841 within OracleLinux OS 6 ELS is now available for download from our production...
A new updated intel-microcode package with the fix for several CVEs within Ubuntu 16.04 ELS is now available for download from our production...
A new updated microcode_ctl package with the fix for several CVEs within OracleLinux OS 6 ELS is now available for download from our production...
A new CentOS 6 kernel within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated xterm package with the fix for the CVE-2021-27135 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated curl package with the fix for the CVE-2021-22924 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
Today TuxCare opens a survey on Patch Management of QEMU/KVM-based systems, which has a goal to create a better understanding of current practices and methodologies...
A new updated microcode_ctl package with the fix for several CVEs within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated squid package with the fix for the CVE-2020-14058 and CVE-2020-15049 within CentOS 6 ELS has been rolled out to 100% and is now available...
A new updated curl package with the fix for the CVE-2021-22924 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated curl package with the fix for the CVE-2021-22924 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated curl package with the fix for the CVE-2021-22924 within OracleLinux OS 6 ELS is now available for download from our production...
New updated glibc and java-1.8.0-openjdk packages within CentOS 6 ELS have been rolled out to 100% and are now available for download from our production...
The TuxCare Team is proud to announce QEMUCare, the live patching solution for your QEMU virtualization host systems. Now you can keep these systems updated...
Here at TuxCare, we pride ourselves on being the trusted provider of maintenance services for the Enterprise Linux industry. Our services improve system administration manageability...
The TuxCare Team is proud to announce that it is adding support for CentOS 8 under its Extended Lifecycle Support service. With this service, TuxCare...
Qualys provides visibility into the IT infrastructure, with comprehensive reporting on the state of systems and vulnerabilities that may be present in them. TuxCare’s KernelCare...
A new updated squid34 package with the fix for several CVEs within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated squid34 package with the fix for several CVEs within OracleLinux OS 6 ELS is now available for download from our production...
A new updated squid package with the fix for the CVE-2020-14058 and CVE-2020-15049 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated squid package with the fix for the CVE-2020-14058 and CVE-2020-15049 within OracleLinux OS 6 ELS is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.53-2 is now...
Few libraries are in widespread use as OpenSSL. It has a ubiquitous presence across hardware platforms and operating systems, userland applications and IoT. The chances...
A new updated openjdk-9 package with the fix for the CVE-2021-2388 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated openjdk-8 package with the fix for the CVE-2021-2388 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated glibc package with the fix for several CVEs within Ubuntu 16.04 ELS is now available for download from our production...
A new updated squid package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
As you may have seen, TuxCare’s Live Patching service, KernelCare Enterprise, now supports Rocky Linux. The first 5 CVEs fixed are already being delivered through...
New updated glibc and java-1.8.0-openjdk packages within CentOS 6 ELS have been scheduled for gradual rollout from our production...
New updated glibc and java-1.8.0-openjdk packages within OracleLinux OS 6 ELS are now available for download from our production...
This is our second article in our “concepts you’re using without even knowing” series. This time, we’re discussing identity management, and specifically centralized identity management....
A new updated OracleLinus 6 kernel v.2.6.32-754.35.2 within OracleLinux 6 ELS is now available for download from our production...
TuxCare services already cover over 40 Linux distributions commonly found in Enterprise environments. These range from CentOS to Debian, and over the years, the list...
The TuxCare Team is responsible for performing in-depth analyses of new CVEs. This is done for every new CVE that pops up, which affects, directly...
A new updated squid package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated squid package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated perl package within CentOS 6 ELS with the fix for the CVE-2020-10878 and the CVE-2020-10543 has been rolled out to 100% and is now...
A new updated glibc package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
An updated Ubuntu 16.04 ELS with the fix for the CVE-2021-33909 is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.52-1 is now...
One request we often receive is about the status of a particular fix or if we are already working on a vulnerability that has just...
One request we often receive is about the status of a particular fix or if we are already working on a vulnerability that has just...
A new updated squid package with the fix for the CVE-2021-28651 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated curl package with the fix for the CVE-2021-22925 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated perl package with the fix for the CVE-2020-10543 was updated in the current rollout within CentOS 6...
A new updated perl package with the fix for the CVE-2020-10543 within OracleLinux 6 ELS is now available for download from our production...
We are a trusted partner to the Enterprise Linux industry when it comes to delivering maintenance services. Our goal is to improve the manageability of...
We are pleased to announce that a new updated KernelCare agent version 2.51-1 is now...
A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been rolled out to 100% and is now...
The last Friday of July is System Administrator Appreciation Day. It’s the one day when Sysadmins like you who have been putting out users’ fires...
A new updated perl package within CentOS 6 ELS with the fix for the CVE-2020-10878 has been scheduled for gradual rollout from our production...
A new updated perl package with the fix for the CVE-2020-10878 within OracleLinux 6 ELS is now available for download from our production...
A new updated glibc package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
We are pleased to announce that a new updated KernelCare agent version 2.50-1 is now...
Continuing our trend of testing all the CVEs that come out that may affect the Linux distributions covered by our Extended Lifecycle Support, the team...
A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
Some weeks ago, CVE-2021-22898 was published. It affects curl/libcurl from version 7.7, dating from the 22nd of March 2001. It consisted of a flaw in...
A new updated imagemagick package within Ubuntu 16.04 ELS is now available for download from our production...
Having a centralised identity management system is the current best practice to consolidate and enforce secure login and authorisation policies over a wide range of...
A new updated curl package with the fix for the CVE-2021-22925 within OracleLinux 6 ELS is now available for download from our production...
A new updated curl package with the fix for the CVE-2021-22925 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated curl package with the fix for the CVE-2021-22925 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
CVE-2021-33909 was disclosed on the 20th of July. It describes a vulnerability in the Linux filesystem layer that can lead to local privilege elevation when...
A new updated CentOS 6 kernel v.2.6.32-754.35.6 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated systemd package with the fix for the CVE-2021-33910 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated squid package with the fix for the CVE-2021-28651 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated squid package with the fix for the CVE-2021-28651 within OracleLinux 6 ELS is now available for download from our production...
A new updated squid package with the fix for the CVE-2021-28651 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
Forgotten vulnerabilities can come back to haunt you. It’s just too easy to assume that you’ve patched or upgraded thoroughly enough so that a dangerous,...
We are pleased to announce that a new updated KernelCare agent version 2.49-2 is now...
We are pleased to announce that a new updated ePortal version 1.26-1 is now...
Vulnerability management tools are a broad and wide category, but all have the same goal: helping organizations to minimize the risk posed by everyday IT...
A new updated sudo package with the fix for the CVE-2021-23240 within CentOS 6 ELS has been rolled out from our production...
Spectre and its cousin Meltdown have been with us since 2018, and one would think that we’ve heard everything there is to hear about these...
We are pleased to announce that a new updated KernelCare agent version 2.48-1 is now...
We have updated this blog post due to high demand. Our new blog post can be found here: https://tuxcare.com/ensuring-uptime-with-mysql-high-availability/ The cost of downtime in the...
A new updated sudo package with the fix for the CVE-2021-23240 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated sudo package with the fix for the CVE-2021-23240 within OracleLinux 6 ELS is now available for download from our production...
A new updated sudo package with the fix for the CVE-2021-23240 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated curl package with the fix for the CVE-2021-22898 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated CentOS 6 kernel v.2.6.32-754.35.5 within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
As a trusted partner for providing maintenance services to the Enterprise Linux industry, our goal is to make system administration more manageable. In this monthly...
When it comes to patching, thoroughness is a critical aspect – it takes just one unpatched service to open the doors to a damaging intrusion....
A new updated hivex package with the fix for the CVE-2021-3504 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated curl package with the fix for the CVE-2021-22898 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated curl package with the fix for the CVE-2021-22898 within OracleLinux OS 6 ELS is now available for download from our production...
A new updated curl package with the fix for the CVE-2021-22898 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
We are pleased to announce that a new updated ePortal version 1.25-1 is now...
We are pleased to announce that a new updated KernelCare agent version 2.47-1 is now...
A new updated OpenSSL package with the fix for the CVE-2021-23840 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated nginx package with the fix for the CVE-2021-23017 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
Earlier this month, another set of vulnerabilities were publicly disclosed, this time in Apache code. Because Apache is, and has been for quite some time,...
A new updated apache2 package with the fixes for CVE-2021-30641, CVE-2021-26691, CVE-2021-26690, CVE-2020-35452 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated CentOS 6 kernel v.2.6.32-754.35.5 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated hivex package with the fix for the CVE-2021-3504 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated OpenSSL package with the fix for the CVE-2021-23840 within OracleLinux OS 6 ELS is now available for download from our production...
A new updated OpenSSL package with the fix for the CVE-2021-23840 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated nginx package with the fix for the CVE-2021-23017 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated nginx package with the fix for the CVE-2021-23017 within OracleLinux 6 ELS is now available for download from our production...
A new updated nginx package with the fix for the CVE-2021-23017 within Ubuntu 16.04 ELS is now available for download from our production...
Welcome to our new series about technical concepts and features that you’re probably using every day without even knowing about it. We are running this...
Backups are there to protect your operations and to ensure redundancy. You must be able to depend on your backup solution when disaster strikes but...
A new glib2 package with the fix for the CVE-2021-28153 and the CVE-2021-27219 within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available...
We are pleased to announce that a new updated KernelCare agent version 2.46-1 is now...
Full, comprehensive support from software vendors almost always have an end date. At some point, vendors need to focus their resources on supporting newer releases...
Are you running DHCP on your network? There is a good chance that you are. Make sure you’re protected against the exploit in...
The Enterprise Linux industry has become more complex to maintain, which raises the need for a trusted partner for Linux maintenance. In this monthly overview...
Nginx is a critical part of the infrastructure of many organizations. It is used as a web server, a load balancer, a (reverse) proxy server,...
As a part of TuxCare, we make sure that any and all new vulnerabilities are analyzed and tested against all the distributions and products we...
Security research is an important aspect of cybersecurity, but it is not particularly easy to carry out cybersecurity research or to do so scientifically. It...
Perceptions around the inherent security of open-source code and open-source software vary – but these perceptions matter. On the one hand, some view open-source code...
Security operations is a critical element of the enterprise technology environment – but it can sometimes be left behind as organizations focus on adopting the...
The KernelCare Team is proud to announce the latest update to ePortal, its centralized management interface for KernelCare clients. It’s now at version 1.22-1, and...
Cyberattacks come in all shapes in sizes. At times, the attacker’s express intent is to disrupt, or to steal something valuable. At other times, an...
Organizations rely more and more on open source code solutions, even if they are not aware of it. But is open source code security handled...
CloudLinux Enterprise services have been growing steadily for years now. KernelCare, for example, was launched around 6 years ago as a live patching tool for...
Our April 2021 blog post is out. We’ve got lots to tell you about, so let’s get started. First up, we highlight UChecker, a tool...
The KernelCare team is proud to announce the release of KernelCare 2.43-2, bringing new features and bug fixes to the enterprise’s live patching tool of...
So, you have your shiny new Raspberry Pi, a great idea to use it, and the technical skill to pull it off successfully. It doesn’t...
ePortal is KernelCare Enterprise’s solution for deployments where the machines that need to receive the updates have restricted internet access, serving as a central staging...
When you see so many vulnerabilities being reported and so many security-related issues being exploited, you may think to yourself “I’m lucky not to be...
In this month’s update, we highlight CVEs that just won’t die. We’ve also published some critical information regarding live patching the Microsoft Azure IoT Hub...
At what point does an old vulnerability go from being a bug to becoming a feature? That is the question probably going through the mind...
OpenSSL, the widely used cryptography toolkit and library, has been the target of security researchers’ audits more than almost any other project, perhaps only...
Updating an OS seems like a trivial task. The type of activity a sysadmin instinctively knows how to perform. But have you ever actually considered...
Shortly after exploit code was found in a public repository, two new vulnerabilities (CVE-2020-27170 and CVE-2020-27171) have been found in the Linux Kernel code that...
Very recently, a long-known vulnerability called Spectre re-emerged due to an exploit that was made available publicly, and a lack of patching meant that this...
Billions of IoT devices are transforming the capabilities of industrial control systems (ICS): delivering low cost, low power computing to achieve efficiency and automation. But...
Cyber threats come and go, but some threats leave a lasting imprint due to their impact. Think of Spectre and the closely related Meltdown, for...
A flaw in the way OpenSSL API function X509_issuer_and_serial_hash() has been disclosed that may lead applications using it to crash, causing a potential denial-of-service (DoS)...
This February we did a diligent work to keep your Linux kernels and shared libraries updated. For instance, you’ll find detailed updates regarding the latest...
We’ve covered brand new Linux kernel vulnerabilities in a few of our past articles, but in this article we’ll take a look at a vulnerability...
KernelCare added support for AlmaLinux OS. This new linux distribution is a community driven project that intends to fill the gap left by the change...
KernelCare is a solution to the problem of applying patches in a timely manner and keeping your system running without disruption, but sometimes...
The discovery of a new Linux kernel vulnerability is not a major surprise in its own right. It happens all the time. However, sometimes it...
A new week, a new vulnerability announced. This time, it affects kernels starting from version 5.5-rc1 (November 2019) up 5.10.13 (February 2021). This vulnerability...
Linux vulnerabilities pile up. Year in, year out. You could say it’s inevitable really, given today’s complex computing environment. It is nonetheless frustrating when the...
It’s hard to believe the first month of 2021 has come and gone. In this issue of KernelCare monthly blog, you’ll find useful information that...
Very recently a new vulnerability of the Linux Kernel was announced. It has been assigned CVE-2021-3347, and is (yet another) futex-related...
Your Raspberry Pi might be a hobby or a critical part of your home network, but regardless of its purpose it can be a target...
The new year is finally upon us and with that comes the task of taking a careful examination of our IT practices over the...
In the face of adversity, your enterprise’s ability to continue with business, even in a degraded mode, heavily depends on the resiliency of its cyber...
New Look, Better KernelCare You may have noticed that things look a little different around the KernelCare blog recently. And you’d be absolutely right! We’ve...
Open-source software (OSS) has quickly transformed how modern applications are built and their underlying code. Access to high-quality and robust open-source software projects has allowed...
Software bugs and vulnerabilities often lead the way to massive security breaches via exploitation. These breaches spawn heavy costs to the organization in well-known monetary...
Participate in the KernelCare Survey to share your thoughts on the state of Enterprise vulnerability detection and patch management operations in your organization for a...
Alma means “soul” in many Latin languages, including Spanish and Italian. The word comes from the Latin word almus, which means “nourishing,...
OS virtualization was a huge step forward for the delivery of large-scale enterprise computing applications. But virtual machines were just the start. Containers take virtualization...
We have finally wrapped up 2020! This past month has been intense and we’ve done our best to address all the news and changes that...
A new vulnerability (CVE-2020-16166) in pseudo random number generator (PRNG) was found by Amit Klein, vice president of security research at SafeBreach and a security...
Last week, the US Congress officially signed a bipartisan law, The Internet of Things Cybersecurity Improvement Act of 2020, or the IoT Cybersecurity Improvement Act...
We know that frequently updating Linux kernels is critical to the safety of cloud environments – kernels are, after all, a cybersecurity blind spot. But...
Today, the security of medical devices is becoming extremely important to assure customers and patients who interact with your devices that their health and personal...
CentOS is a fork of Red Hat Enterprise Linux (RHEL) and undoubtedly a popular choice to deploy on production servers because of its rock-solid stability...
Big news from the OpenSSL team – they issued the fix for a new CVE-2020-1971 that causes servers’ disruptions via x509v3 certificate fields. The good...
The Internet of Things (IoT) has been adopted by an increasing number of enterprises recently, and it has become an essential part of edge computing....
Cloud provisioning has steadily replaced locally hosted servers. It’s simply much faster, and often cheaper, to fire up cloud-hosted Linux VMs to handle workloads and...
The IoT is an integral part of many network infrastructures and a feature of everyday life for consumers. On the enterprise level, there are smart...
DevOps is a combination of software development and IT operations that aims to improve and evolve products at a faster than normal pace in order...
The KernelCare team strives to make sure you never miss a critical patch. In November, we worked to boost our products’ capacity and provide early...
Organizations that operate in the enterprise space – healthcare, insurance, banks, etc. – have unique and challenging cybersecurity compliance obligations. Enterprise data is, after all,...
The new ePortal version being released today. We strongly emphasise our ePortal based customers to upgrade to ePortal...
In this article, we explore ransomware, specifically the unique way it attacks Linux-based systems. “It was called a tribute before a battle, and a ransom...
Sad DNS (Side-channel AttackeD DNS) is a vulnerability that was disclosed by academics from the University of California and Tsinghua University, at the ACM Conference...
Keeping servers safe and keeping them secure and compliant, becomes a full-time job, one that can’t be left to chance, one that must be fully...
Upcoming ePortal 1.16-1 release candidate will...
A server reboot cycle is a generic name given to the process of rebooting a fleet of servers in an organization. This can be due...
Ever heard of a pipe-freeze kit? A pipe-freeze kit forms a plug of ice inside a water pipe, allowing a plumber to make repairs without...
On November 10, 2020, a team of academic researchers found a bug in Intel CPU architecture that allowed them to extract sensitive information from the...
Bad actors continue targeting government organizations these days. Along with increases in targeting technology, attacks focused on government targets nearly doubled in 2019 from 2017....
If you are running kcarectl versions from 2.10-1 to 2.11-3, please upgrade to the latest version by...
HeartBleed… kind of sounds like a love song from the 1970s. It’s not. HeartBleed is a serious vulnerability (CVE-2014-0160) affecting the OpenSSL shared library. It’s...
Server live patching is an essential tool that reduces system downtime, lowers maintenance expenses, and enhances security. Initially introduced in 2008, live patching is an...
Before 2008, the only way to install new patches to Linux kernels was the yum update kernel command. It quickly became clear that those...
The Industrial Internet of Things (IIoT or “IoT” for short) consists of billions of devices deployed across industrial facilities and public infrastructure. While a boon...
The KernelCare team strives to help make sure you never miss a critical patch. In October, we worked to provide you with simple instructions on...
Educational institutions are being hacked on a regular basis, and this trend shows no signs of improvement: over half (54%) of UK universities reported a...
Keeping Linux servers updated and patched isn’t the job of just one tool. You need several tools to ensure your servers are configured properly and...
Testing is essential for any software update including patches, but it’s even more essential when changes are made to critical infrastructure that powers revenue-impacting services....
Whether your system is running in a local office or remotely in a data center, security is vital to any environment. Unfortunately, there are often...
Meeting System and Organization Controls (SOC) 2 compliance is more than just a simple process implemented once to pass an audit. Permanent procedural changes are...
Google security researchers recently found a flaw in the way the Linux kernel’s Bluetooth implementation handled L2CAP packets with A2MP CID. A remote attacker in...
Google security researchers recently found a flaw in the way the Linux kernel’s Bluetooth implementation handled L2CAP packets with A2MP CID. A remote attacker in...
No downtime or non-compliant? That is the question for companies that do not use automated patch services. There is no middle ground when it comes...
Since the beginning of KernelCare+ Beta testing, we’ve been working hard on the automation of the trial and purchase of live patching for shared libraries....
Last year, a CVE-2019-19126 vulnerability was discovered in glibc, where the LD_PREFER_MAP_32BIT_EXEC environment variable is not ignored when running binaries with the setuid flag on...
Every month, the KernelCare team strives to help you never miss a critical patch. This September, we worked extremely hard to swiftly release CVE–2020-14386 patches...
CVE-2020-14386 is a new kernel vulnerability that can be exploited to gain root privileges from unprivileged processes. It corrupts the memory in kernels newer than...
To help administrators manage hundreds of servers with open-source libraries, KernelCare released UChecker – a scanner that checks network Linux servers and detects out-of-date libraries...
Rebooting servers hurts you and your customers. It’s often done during off-peak hours (usually at night) when servers process fewer transactions, but even rebooting at...
The dreaded false positive exhaustion experienced by analysts brings with it numerous issues. Analysts begin ignoring reports, reviewing a false positive takes time and money,...
Within any IT organization, there exist processes so routine and well-established that they become practically a given—with little concern for whether such processes and practices...
August was a busy month for us, as always. We added more distributions to the KernelCare+ Beta testing. You can be part of it. If...
Most developers are used to a graphical interface for development, so when diving into the world of IoT and embedded Linux development, it’s a new...
What to do if you see the “Unknown kernel” error while using...
Every month we do a lot of under-the-hood improvements to KernelCare which you may not notice, but trust us, it makes your KernelCare experience better....
Live patching allows you to update Linux kernel without rebooting your system. This approach is definitely a perfect solution for huge enterprises with interruption-sensitive services...
A Managed Services provider from Amsterdam, Webslice, was spending a lot of time and effort patching Linux kernel vulnerabilities. When it began using KernelCare, its...
KernelCare is pleased to announce that our premium live patching editions – KernelCare+ and KernelCare Enterprise – are now integrated with the DataDog cloud infrastructure...
At 10 am EST on Thursday, 3 September 2020, we’ll be conducting a live webinar on how to update shared libraries without restarts, using KernelCare+....
KernelCare is now available with a 15% discount as part of a package with CloudLinux’s extended lifecycle support (ELS)* for CentOS® 6. This KernelCare &...
We can not imagine how busy you are taking care of the infrastructure during these challenging times and we thought it would be nice to...
Every month we do a lot of under-the-hood improvements to KernelCare which you may not notice, but trust us, it makes your KernelCare experience better....
A month ago, Virtuozzo‘s Team discovered the new security vulnerability in the kernel – CVE-2020-14305. It corrupts the memory in kernels from v3.5 to v4.10...
In this podcast episode, KernelCare CEO Igor Seletskiy talks with Gaper.io’s Mark Allen about CloudLinux, and why it’s a fully remote company. In this article...
On 18 June, KernelCare CEO Igor Seletskiy was interviewed by Adam Torres on his Mission Matters Innovation podcast. The topic was rebootless updates, and why...
Updating Linux kernels is a routine – as dull as taxes and only slightly less inconvenient than death. New security vulnerabilities in the Linux kernel...
Live patching is a way of updating a Linux kernel without interruption. Because kernel updates don’t take effect until the system is rebooted, Linux kernel...
On 9 June, Anthony Steinhauser, an engineer at Google, made some urgent posts to the Linux kernel mailing list. In them, he pointed out that...
CloudLinux is an Amazon Web Services (AWS) Advanced Technology Partner, and our live patching system, KernelCare, is currently being used to patch AWS Elastic Compute...
A new version of KernelCare ePortal allows using custom paths for certificates and uses system certificates by default, as opposed to the previous version which...
A new CPU vulnerability known as SRBDS/CrossTalk was discovered in June 2020. The team at KernelCare is currently creating a patch to close it...
Cloudlinux announces End of Life initiation for the following product series with the intent of discontinuing its availability: ePortal on CentOS...
On April 30, 2020, KernelCare CEO Igor Seletskiy was interviewed on The SaaS CX Show, a podcast hosted by SaaS consultant Frank Bria. During this...
The beta version of KernelCare+ is now available for download for Red Hat Enterprise Linux 7, CloudLinux OS 7, and CentOS 7. More distributions will...
We are glad to announce that KernelCare now supports automated live patching for Ubuntu 20.04 “Focal...
KernelCare live patching system has achieved the Amazon Linux 2 Ready designation in the Amazon Web Services (AWS) Service Ready...
The coronavirus pandemic is affecting companies of all sizes all over the world and significantly impact on how many service companies deliver their services. The...
KernelCare automates kernel patching, ensuring that servers comply with security standards. Chef automates infrastructure configuration, ensuring that every system is configured correctly. Use them together,...
KernelCare, the first and exclusive live patching service for Amazon Linux 1 & 2, is now available for purchase on Amazon Web Services (AWS) Marketplace....
During RSA Conference 2020 KernelCare CEO, Igor Seletskiy, had a chance to share the best practices of enabling compliance with faster patch management. In this...
KernelCare will be at this year’s RSA Conference 2020 USA, in San Francisco’s Moscone Center, from 24 to 28 February 2020. We look forward to...
At the end of January 2020, another speculative execution vulnerability was found in Intel processors. Any modern Intel CPU built before October 2018 is likely...
At the end of January 2020, another speculative execution vulnerability was found in Intel processors. Any modern Intel CPU built before October 2018 is likely...
Our enterprise customers want more: more integration, more support, more control. That’s why we’re thrilled to announce the launch of KernelCare Enterprise, a new member...
Data breaches happen all the time for all sorts of reasons. The ones that make the news have three things in common: The data affects...
A global financial services company (name confidential) recently implemented KernelCare Enterprise to resolve a difficult Linux kernel patching situation and achieve SOC2 compliance. Read our...
KernelCare Client, Efinity, deal with clients in fourteen countries. This means that the system has to deal with a lot of data – much of...
Last year we ported KernelCare to run on Arm processors. There was such a massive response to this announcement, that we’ve worked on expanding KernelCare’s...
The next cybersecurity threat is always just around the corner. There was a time when changes to the cybersecurity landscape was measured in years, not...
You want more—more protection for business-critical applications running on Linux, applications that depend on glibc and OpenSSL. As with the kernel, vulnerabilities in glibc or...
Were you at AWS re:Invent 2019? I was, and it was a revelation. “Will you reboot your Linux server in the next 30 days?” That’s...
KernelCare Team has released Centos7, Centos7-Plus, RHEL7, OEL 7 patches for CVE-2018-12207 to the production...
KernelCare Team has released Centos7, Centos7-Plus, RHEL7, OEL 7 patches for CVE-2018-12207 to the test feed. The KernelCare test feed makes it possible to start...
Learn more about what’s included in the package...
We’ve just heard of a new bunch of Intel CPU vulnerabilities and we want you to know the KernelCare team have swung into action to...
Most IoT devices run on Arm-based processors. 71.8% of these processors use Linux as their operating system...
The Linux Kernel 5.4 is nearly complete! It is expected to debut as stable by the end of November. It will mark the last major...
During the second quarter of 2019, KernelCare became officially validated and available for customers of VMware Cloud™ on Amazon Web Services (AWS). VMware Cloud is...
The rise of the Internet of Things (IoT) has ushered in a whole new era of cybersecurity fears. In 2018, there were an estimated 10-billion...
Calling all Europe-based Embedded Linux users! On October 28–30, at the Convention Center in Lyon, France will host the Embedded Linux Conference (ELC) Europe 2019....
KernelCare now supports #CentOS8 automated live...
On September 15, Linus Torvalds announced the release of the Linux 5.3 kernel series, after a delay of one week and eight release candidates. As...
Join our upcoming webinar to see how the three co-founders of Webslice, a managed cloud services company based in the Netherlands, provide mission-critical services to...
On October 8–10, at the San Jose Convention Center, the KernelCare team will be in booth #1238, discussing the importance of live kernel patching. We...
Vulnerability scanners are programs that scan your system to tell you whether you have software installed with known vulnerabilities. However, sometimes these scanners can give...
A short while ago, we gave you an update on our SOC2 compliance journey. We’re happy to tell you that we’ve passed a small...
A short while ago, we gave you an update on our SOC2 compliance journey. We’re happy to tell you that we’ve passed a small but...
The KernelCare team are following developments for a recently-reported vulnerability involving QEMU-KVM guests running Linux...
On October 8–10, 2019, KernelCare will be attending Arm TechCon 2019 at the San Jose Convention Center. KernelCare have been live-patching Linux kernels on ARM...
What Is an Advanced RISC Machine? Advanced RISC Machine is an older name for the modern-day ARM processor, which represents the leading form of RISC...
Malicious actors are always on the hunt for vulnerabilities in operating systems, web applications, browsers, systems, and third-party software. Such vulnerabilities offer the easiest way...
On August 25th, Linux turned 28. It’s been a big 28 years for the OS with the penguin...
The upward trajectory continues here at KernelCare. As an element of the wider CloudLinux suite of offerings, KernelCare are now an Advanced Technology Partner in...
Organizations use services like VMware Cloud on AWS to deploy hybrid cloud service stacks and data centres. Its familiar vSphere operating environment makes it easy...
The widespread cloud migration of the past decade, and the attendant proliferation of VMs and containers, has made managing machines more complex than ever. DevOps...
The rise of DevOps has necessitated the creation of tools that enable engineers to manage hundreds or even thousands of machines at once. Through a...
IT infrastructure is moving to the cloud; VMs and containers are proliferating. There is a constant uptick in the amount of live applications, and all...
As you may know, KernelCare have been live patching Linux kernels on Arm architectures for a while now. But we’re not done spreading the word...
Back in the nineties and early noughties, enterprises didn’t have to juggle too many servers. The rise of cloud computing has changed all that. Technologies...
In the last week of June 2019, a new type of malware emerged, dubbed “Silex.” Reminiscent of the BrickerBot malware of 2017, Silex went after...
In the last week of June 2019, a new type of malware emerged, dubbed “Silex.” Reminiscent of the BrickerBot malware of 2017, Silex went after...
KernelCare patches will start rolling out on Monday, 12...
A new month has started—Summer is in full swing—Must be time for another CPU vulnerability. (Let’s hope this one has a catchy...
KernelCare now supports automated live patching of Debian...
KernelCare now supports #RHEL8 automated live...
Linus Torvalds is the creator and original developer of the Linux kernel. So when he has something to say about the future of software and...
Once you’ve made the wise decision to switch from regularly rebooting your servers to live patching your Linux kernel, you have some decisions to make....
The first half of 2019 has been a very exciting time at KernelCare. We’ve picked up some major enterprise customers, including Dell and Endurance. Along...
The Internet of Things was born the moment that internet connectivity expanded beyond the setup of a computer hooked up to a router. Today, there...
SOC 2 is an audit framework that gives organisations a trusted way to verify their controls for protecting, securing and utilizing data. Increasingly, cloud computing...
SOC 2 is an audit framework that gives organisations a trusted way to verify their controls for protecting, securing and utilizing data. Increasingly, cloud computing...
SOC 2 is an audit framework that gives organisations a trusted way to verify their controls for protecting, securing and utilizing data. Increasingly, cloud computing...
Everyone has heard of Zombieload. Recently made known to the public, Zombieload is a Microarchitectural Data Sampling (MDS) attack that can reveal private data by...
One day, we received a report from our client that he faced 403 Forbidden error during KernelCare package setup. We started to investigate the issue...
Everyone has heard of Zombieload. Recently made known to the public, Zombieload is a Microarchitectural Data Sampling (MDS) attack that reveals private data by breaking...
Everyone has heard of Zombieload. Recently made known to the public, Zombieload is a Microarchitectural Data Sampling (MDS) attack that reveals private data by breaking...
Everyone has heard of Zombieload. Recently made known to the public, Zombieload is a Microarchitectural Data Sampling (MDS) attack that reveals private data by breaking...
We are glad to announce that the patches for the fix of L1 Terminal Fault (L1TF) are now available for download from our production...
The latest KernelCare patchset for EL6 distributions had a bug that triggered crashes KVM hosts in some of the...
At KernelCare, we’ve known about SOC 2 for some time. We’ve had customers tell us that our Linux kernel live patching product helped them with...
Kernel patching is a never-ending job. Why? Because Linux is king of the OSes. But it is very, very complicated. The master branch of the...
SOC 2 is everywhere, and everyone has it; customers ask for it; enterprises need it. But what is it? And where does Linux kernel live...
Recently, the wrong kind of Netflix Original was revealed to the public. The streaming giant announced that they had discovered four new denial-of-service (DoS) and...
As part of our expansion into Asia-Pacific markets, we’re happy to announce a new partnership with GDEP Solutions, a leading DevOps and OSS company based...
Netflix has a new hit on its hands. They’ve discovered new Linux kernel vulnerabilities and describe how a properly formed TCP network packet can cause...
If anyone tells you that they know how to secure linux, but they fail to mention live patching – don’t listen to them. Keeping servers...
You’ve just installed a kernel update, and now you need to carry out a Linux reboot. Except guess what? You don’t. Word is only just...
Texas Linux Fest is an open source software event held in Austin on June 8 and 9, 2018, at the AT&T Conference Center. Whether you are...
This year, we are looking forward to CloudFest with great anticipation – we are ready to share all of the new and exciting features we...
This year, we are looking forward to CloudFest with great anticipation – we are ready to share all of the new and exciting features we...
This year, we are looking forward to CloudFest with great anticipation – we are ready to share all of the new and exciting features we...
This year, we are looking forward to CloudFest with great anticipation – we are ready to share all of the new and exciting features we...
Contents What is Zombieload Vulnerability? What is MDS attack? Which CPUs are affected by Zombieload? How to mitigate the MDS/Zombieload Vulnerability? MDS/Zombieload Vulnerability Patch Release...
It is Fall in the Northern Hemisphere, and everyone’s out gazing into the clear dark skies when they should be indoors looking after their servers....
Software is complex and constantly changing. Bugs are inevitable. Before the internet age, bugs were just faults to fix. Now, they are opportunities, one of...
Organizations use cloud services like AWS to be more agile and more profitable. This doesn’t stop them spending millions of dollars on cybersecurity, investing in...
Our KernelCare webinars on live patching technology and applications are growing in popularity. So, we’re happy to tell you about another. As before, this one...
At Interop ITX 2018 in Las Vegas earlier this month, visitors had the chance to stop by the KernelCare booth, meet our team and talk...
VMware has been a part of my working life for some time now. As a former Linux System Administrator, I’ve used it many times in...
We’ve just published a Technical White Paper called KernelCare: Live Kernel Patching for Linux. It covers what KernelCare is, how it works and why you...
A few weeks ago we released the KernelCare “Extra” Patchset with the security fixes and the symlink protection available to all KernelCare customers running CentOS kernels. Today...
A ptrace virtualization code to the debug registers has an incorrect error handling which was discovered by Andy Lutomirski and disclosed today (CVE–2018–1000199). This vulnerability...
In light of the recent Dirty Cow exploit, said by experts to be the “Most serious” Linux privilege-escalation bug ever, we’ve decided to push forward...
This short post lists the 10 main benefits of...
I am thrilled to let you know that we have published a toolset for livepatching of user space software, called LibCare, to GitHub. It is released...
The 2018 Best of Interop ITX awards finalists were just revealed, and we are thrilled to share that KernelCare has been selected as the finalist in the...
KernelCare supports a large number of distributions and kernel versions. List of all supported distributions, kernels, as well as patches for them is available...
At KernelCare, we strive to make our IT products well engineered, beautifully designed, and simple to use. That’s why we couldn’t be more proud to...
UPDATE as of August 28th: UEK version 4 is now also supported! If you are running the Unbreakable Enterprise Kernel (UEK), which is included as...
By now, you might have thought that the topic of Meltdown and Spectre vulnerabilities is taking a backstage in the news. Not so, as the...
KernelCare, the multiplatform Linux kernel live patching solution, now validated by VMware for customers of VMware Cloud on Amazon Web Services...
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in the EU law on data protection and privacy for all individuals within the...
KernelCare will be at the 2019 RSA Conference in San Francisco,...
Whether you are a start-up or rapidly growing enterprise, your server fleet evolves along with the Linux flavors and versions you use on your machines....
KernelCare is often deployed on a large number of servers. Adding those servers one by one is a hassle. In that case, KernelCare key can...
A few days ago, Endurance has announced that they have implemented KernelCare to keep their servers secure and limit interruptions. Endurance is a leading provider of cloud-based platform solutions,...
Rebooting your servers hurts your customers and hurts you. It is often done deep in the night to minimize the impact on peak-time services. It forces downtime...
Do you want to use KernelCare for rebootless kernel updates? But what if you are running an unsupported distribution? What if your kernel is custom,...
Categories