Collaborate Disseminate
Michael Larabel reports via Phoronix: While Fedora 41 in late 2024 is aiming to have more reproducible package builds, openSUSE Factory has already achieved a significant milestone in bit-by-bit reproducible builds. Since last month openSUSE Factory ha… Continue reading openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
A vulnerability (CVE-2024-3094) in XZ Utils, the XZ format compression utilities included in most Linux distributions, may “enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely,” R… Continue reading Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)
SUSE announced enhancements across its cloud native and Edge portfolio to enable customers to securely deploy and manage business-critical workloads anywhere. New capabilities in Rancher Prime 3.0, SUSE’s commercial offering of Rancher and SUSE E… Continue reading SUSE announces new enhancements to help users manage business-critical workloads
2024 is expected to witness a surge in cyberattacks driven by global events and the widespread accessibility of advanced technologies. In this Help Net Security round-up, we present segments from previously recorded videos where cybersecurity experts d… Continue reading 2024 cybersecurity outlook: A wave of global threats on the horizon
Security researchers have discovered a vulnerability (CVE-2023-48795) in the SSH cryptographic network protocol that could allow an attacker to downgrade the connection’s security by truncating the extension negotiation message. The Terrapin atta… Continue reading SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795)
2023 proved to be another challenging year for companies combating supply chain security and breaches. The 2024 outlook could be worse as attacks become increasingly sophisticated. In this Help Net Security video, Fei Huang, VP of Security Strategy at … Continue reading New horizons in cyber protection with 2024 trends to watch
SUSE released Rancher Prime 2.0, enhancing customers’ ability to manage heterogeneous, multi-cloud Kubernetes deployments securely and at scale. SUSE also revealed updates to Rancher community edition, SLE Micro 5.5 and the future of SUSE Edge. T… Continue reading SUSE boosts cloud native portfolio to enhance customer productivity
If you’re running GNOME on you Linux system(s), you are probably open to remote code execution attacks via a booby-trapped file, thanks to a memory corruption vulnerability (CVE-2023-43641) in the libcue library. About CVE-2023-43641 Discovered b… Continue reading GNOME users at risk of RCE attack (CVE-2023-43641)
The Chrome zero-day exploited in the wild and patched by Google a few weeks ago has a new ID (CVE-2023-5129) and a description that tells the whole story: the vulnerability is not in Chrome, but the libwebp library, which is used by many popular applic… Continue reading Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)
The attestation service is designed to allow data in confidential computing environments to interact with AI safely, as well as provide policy enforcements and audits. Continue reading Intel Innovation 2023: Attestation and Fully Homomorphic Encryption Coming to Intel Cloud Services