Collaborate Disseminate
Ubuntu and its flavors (Lubuntu, etc.) now have a Pro feature (free for personal use) that provide security patches for basically all common software (over 20,000 packages), for several years in long-term support releases.
I’m not sure how… Continue reading Ubuntu Pro: How does the updating process work? [migrated]
I have problems when I try to update Ubuntu 20.04 , when I run sudo apt update to update, I get this output:
sudo apt-get update Err:1 http://security.ubuntu.com/ubuntu focal-security InRelease Could not resolve ‘security.ubuntu.com’ Hit:2… Continue reading How should I solve Ubuntu 20.04 update errors? [migrated]
Many software vendors maintain old versions by providing security-only fixes. Some examples include:
Android on Google Pixel Phones.
Python.
Firefox ESR.
My understanding is that people are most actively working on the latest version of … Continue reading How much should we generally trust security-only support of a legacy version of a software and what should we look out for? [closed]
The Secure Enclave is isolated from the main processor to provide an extra layer of security and is designed to keep sensitive user data secure even when the Application Processor kernel becomes compromised.
This information is sourced A… Continue reading How do regular software updates to Apple’s secure enclave remain secure?
My company has a lot of projects and uses various vulnerability scanners (e.g. Trivy, npm audit, SAST,…) in different stages in each of them.
The Problem is now that although they run well, it’s not easy to keep the overview over each of… Continue reading How to manage a lot of vulnerability scanners from CICD Pipelines?
Windows has offered the ability to download updates from machines in the local network for some time. My gut feeling tells me this would be a great attack vector for Windows security vulnerabilites.
Have there been security vulnerabilites … Continue reading Security vulnerabilites in Windows updates from local network
I’m trying to update the Ubuntu OpenSSH version to 9.3p2, because of the CVE-2023-38408 vulnerability, but I can’t.
The recomendation is update to last version: https://ubuntu.com/security/CVE-2023-38408
I am running the following command:… Continue reading How to update Ubuntu SSH version to latest version [closed]
The environment: A landscape of 4500+ endpoints connected to a corporate network, of which most but not all devices are Windows Desktop devices. The devices are managed by a local / on-prem AD NOT Azure. The devices are not managed by Offi… Continue reading Best solution for enterprise endpoint patch management [migrated]
I recently created a Windows 10 installation stick via the official media creation tool. Presumably, there was no malware on my host system on which I created the stick. It’s a pretty fresh install as well, and was only used shortly on my … Continue reading Windows Update installs yandex.ru browser hijacker
I have a custom Debian router installation which I’m trying to keep both secure and low-maintenance. I’ve therefore set some scripts which keep my Docker containers, blocklists, and OS (security updates only) actual by checking for updates… Continue reading Security Implications of Automatic Updates?