ClickCease Blogs - TuxCare
digital twin deployments

How to Reduce Risk in Digital Twin Deployments

A digital twin (DT) is a virtualized representation of an actual device, and is often used in relation to operational technology (OT), industrial control system...

Windows Server updates causes LSASS memory leaks

Windows Server updates causes LSASS memory leaks

A memory leak bug on Local Security Authority Subsystem Service (LSASS), a service that allows users to manage local security, user logins, and permissions, is...

Docker hub images

1,650 malicious Docker Hub images found posing securely threats

After discovering malicious behaviors in 1,652 of 250,000 unverified Linux images publicly available on Docker Hub, security researchers have warned developers of the risks of...

Security flaws in arm´s mali GPU driver

Arm’s Mali GPU driver flaws remain unpatched on Android devices

Despite fixes released by the chipmaker, a set of five medium-severity security flaws in Arm’s Mali GPU driver have remained unpatched on Android devices such...

Live patching integration into CI/CO pipelines

Live Patching Integration into CI/CD Pipelines

Continuous integration (CI) refers to testing code changes before deployment to production. Continuous delivery (CD) is where code changes are automatically deployed to production systems...

RansomExx malware offers new features to bypass detection.

RansomExx malware offers new features to bypass detection

The APT group DefrayX has launched a new version of its RansomExx malware known as RansomExx2, a variant for Linux rewritten in the Rust programming...

Gartner IIoT

What is the Gartner IIoT Framework?

When it comes to the Industrial Internet of Things (IIoT), the legacy Purdue model no longer provides adequate levels of security projection – as newer...

DuckDuckGo launches beta version of App Tracking Protection tool

DuckDuckGo launches beta version of App Tracking Protection tool

DuckDuckGo, a privacy-focused search engine, has added an App Tracking Protection tool to its Android app, allowing users to see what personal data trackers are...

Microsoft release updates to fix Kerberos sign-in failures

Microsoft issues update to fix Kerberos sign-in failures

A few days after Microsoft acknowledged problems with Kerberos authentication that affected Windows Servers with the Domain Controller role, causing domain user sign and Remote...

Publicly exposed Amazon cloud service expose user data

Publicly exposed Amazon cloud service expose user data

Thousands of databases hosted on Amazon Web Services Relational Database Service (RDS) have been discovered to be leaking personally identifiable information, potentially providing a gold...

Attackers leverage malicious python packages to spread W4SP Stealer

Attackers leverage malicious python packages to spread W4SP Stealer

Security researchers from Checkmarx have uncovered an ongoing supply chain attack that involves spreading the malware identified as W4SP Stealer. W4SP Stealer is a discord...

faces of Patching

The Many Faces of Patching

Keeping your systems up to date can be done in many different ways, each with its own pros and cons. Some so-called “patching” methods are...

Hackers exploit DLL hijacking flaw to distribute QBot malware

Hackers exploit DLL hijacking flaw to distribute QBot malware

Attackers are using phishing tactics to spread QBot, a Windows malware that started as a banking trojan but evolved into a full-featured malware dropper. According...

Operational Technology

Why Are Operational Technology Devices No Longer Isolated?

Gone are the days of Operational Technology (OT) being distinctly separated from IT. With the need of constant monitoring and tracking of the physical assets,...

Apple patch iOS and macOS RCE vulnerabilities

Apple patch iOS and macOS RCE vulnerabilities

Apple has released security updates for iOS, iPadOS, and macOS Ventura to fix two remote code execution (RCE) vulnerabilities that allow remote or Internet attackers...

cybersecurity automation risks

What are the Risks of Cybersecurity Automation?

Cybersecurity professionals need to be aware of new threats and take action immediately so that we can minimize the risk of future incidents occurring. Much...

Worok, the malware that hides in PNG image files

Worok, the malware that hides in PNG image files

Worok malware makes the rounds by deploying multi-level malware designed to steal data and compromise high-profile victims such as government entities in the Middle East,...

what is Linux Kernel

What is Linux Kernel Live Patching?

Breakthroughs don’t often happen in cybersecurity, but when one does, it can be a real magic bullet.  Linux kernel live patching, which is the ability...

IceXLoader malware targets home and corporate users

IceXLoader malware targets home and corporate users

IceXLoader, an updated version of a malware loader, is suspected of infecting thousands of personal and enterprise Windows machines around the world. IceXLoader is a...

Patching instead of upgrading legacy OT Devices

Patching Instead of Upgrading Legacy OT Devices?

Operational technology (OT) is equipment and computer software used for analyzing utility control processes for critical infrastructure, while Industrial Control System (ICS) assets are the...

Hackers exploit security flaw in Google Pixel lock screen

Hackers exploit security flaw in Google Pixel lock screen

A security researcher, David Schütz has received a $70,000 bug bounty after he accidentally discovered a Google Pixel lock-screen bypass hack that solved a serious...

Securing the Linux Kernel Hiding Inside Your OT Hosts

Securing the Linux Kernel Hiding Inside Your OT Hosts

Operational Technology (OT) and Industrial Control Systems (ICS) technologies help ensure safety by monitoring and controlling critical operations. OT includes Supervisory Controls And Data Acquisition...

Microsoft patches Windows 0-day vulnerabilities

Microsoft patches Windows 0-day vulnerabilities

Microsoft has fixed six actively exploited Windows vulnerabilities and 68 vulnerabilities in its November 2022 Patch Tuesday. Eleven of the 68 vulnerabilities fixed are classified...

Live Patching vs Virtual Patching

Live Patching vs Virtual Patching

There are many different ways to improve upon traditional patching, so it’s easy to get confused about how each patching approach works. In the past,...

OpenSSL "critical" vulnerability is less serious than expected.

OpenSSL vulnerability feared as “critical” is less serious than expected

The long-awaited OpenSSL bug fixes to fix a critical severity security hole are available now. New OpenSSL patches have reduced the severity of the bug...

Researchers uncover 29 malicious PyPI packages targeting developers

Researchers uncover 29 malicious PyPI packages targeting developers

Threat actors are distributing malicious Python packages to the popular Python Package Index (PyPI) service, using authentic-sounding file names, and hidden imports to deceive developers...

RomCom RAT operators disguise malware as legitimate programs

RomCom RAT operators disguise malware as legitimate programs

RomCom, a threat actor, is said to be conducting a series of new attack campaigns using the brand power of SolarWinds, KeePass and PDF Technologies....

Cisco release security updates to fix severe vulnerabilities

Cisco release security updates to fix severe vulnerabilities

Cisco has released security updates to address two vulnerabilities that are classified as “high”: CVE-2022-20961 and CVE-2022-20956. The vulnerabilities affect the Cisco Identity Services Engine...

The-Bugs-Behind-the-Vulnerabilities

The Bugs Behind the Vulnerabilities Part 2

We continue to look at the code issues that cause the vulnerabilities impacting the IT world. In this installment of our five-part blog series exploring...

Researchers uncover similar tools between FIN7 and Black Basta

Researchers uncover similar tools between FIN7 and Black Basta ransomware

According to security researchers from SentinelOne, the relatively new ransomware gang called Black Basta shares tooling and possibly personnel with the notorious FIN7 hacking group....

Ksplice vs KernelCare

Ksplice vs KernelCare Enterprise: Live Patching Comparison

Not all Linux live patching solutions are created equal. In fact, many live patching solutions are quite limited. Oracle’s Ksplice is an example of a...

Researchers discover GitHub repositories with fake PoC exploits

Researchers discover thousands of GitHub repositories with fake PoC exploits

Researchers from the Leiden Institute of Advanced Computer Science have discovered thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for vulnerabilities and...

Cisa Warns

CISA Warns of New Malware Exploiting Known Kernel Vulnerabilities

Last year, CISA created a list of vulnerabilities being actively exploited and a list of applications directly affected by those vulnerabilities. Over time, the list...

Cranefly hackers exploit Microsoft IIS to deploy malware

Cranefly hackers exploit Microsoft IIS to deploy malware

Microsoft Internet Information Services (IIS), a web server that enables hosting of websites and web applications, is being exploited by the Cranefly hacking group to...

Embedded Linux:: A Quick Beginner’s Guide

Embedded Linux: A Quick Beginner’s Guide

What Is an Embedded System?   Before diving into embedded Linux, let’s first discuss what it’s used for: embedded systems. There are embedded systems in everything:...

Enterprises Reassessing the Cloud vs On-Premises

Enterprises Reassessing the Cloud vs On-Premises

The cloud has never been about reducing costs.  In fact, even staunch cloud advocates admit it – crunching the numbers just doesn’t make sense financially...

Hackers target organizations with CIop ransomware

Hackers use Clop ransomware to target organizations infected with Raspberry Robin worm

A hacker group that is identified simply as DEV-0950 is using CIop ransomware to encrypt the network of organizations that were previously infected with the...

potential critical bugs in OpenSSL

Experts warn of potential critical bugs in OpenSSL

Major operating system vendors, software publishers, email providers and technology companies that integrate OpenSSL into their products have been asked to prepare for a possible...

Researchers uncover "high-severity" GitHub vulnerability

Researchers uncover “high-severity” GitHub vulnerability

Researchers from the Checkmarx Supply Chain Security team have discovered a “high-severity” vulnerability in GitHub. Using a technique known as Repo jacking, attackers could take...

Hackers exploit critical flaw in VMware Workspace One Access

Hackers exploit critical flaw in VMware Workspace One Access

Researchers from the cybersecurity company Fortinet have uncovered a malicious campaign in which attackers exploit a critical vulnerability in the VMware Workspace One Access to...

Automated patch management with live patching for CIS Controls compliance

Automated patch management with live patching for CIS Controls compliance

The CIS Critical Security Controls, known widely as CIS Controls, are a series of actionable cybersecurity recommendations designed to prevent common and not-so-common attacks against...

Critical flaw found in Aptos blockchain network

Critical flaw found in Aptos blockchain network

Researchers from Singapore-based Numen Cyber Labs have discovered and shared details on a vulnerability in the Move virtual machine responsible for powering the Aptos blockchain...

The real cost of firing a whole cybersecurity team

The real cost of firing a whole cybersecurity team

Content giant Patreon recently laid off its entire internal cybersecurity team. While it’s publicly known that five employees from the team were let go, the...

Venus ransomware exploit remote desktop service

Venus ransomware target publicly-exposed Remote Desktop services

A relatively new ransomware operation, identified as Venus is hacking into publicly exposed Remote Desktop services to encrypt Windows devices. According to researchers, Venus ransomware...

Fix-the-Weakest-Link-in-Cybersecurity

Is It Possible to Fix the Weakest Link in Cybersecurity?

The technology world is full of big promises, including in cybersecurity. Just think about it: how many times have you heard the promise of a...

Hackers drops CoinMiner and Quasar RAT using Emotet botnet

Hackers drops CoinMiner and Quasar RAT using Emotet botnet

Hackers are using the Emotet botnet to exploit password-protected archive files to drop CoinMiner and Quasar RAT on vulnerable devices. Based on one of the...

The Bugs Behind the Vulnerabilities - part 1

The Bugs Behind the Vulnerabilities – Part 1

It’s common to hear about new vulnerabilities and exploits, some of which even get fancy names of their own, but sometimes the details of how...

Hackers exploit new 'Text4Shell' vulnerability

Hackers exploit new ‘Text4Shell’ vulnerability

Wordfence, a WordPress security company, has uncovered attempts by hackers to exploit the new Text4Shell vulnerability. Tracked as CVE-2022-42889 the flaw was discovered in Apache...

Budworm hackers target U.S. organizations

Budworm hackers target U.S. organizations with new espionage attacks

Notorious cyber espionage group Budworm has launched deliberate attacks against a number of high-profile targets, including a U.S. state legislature, a Middle Eastern country and...

DDoS attack target Wynncraft Minecraft

Mirai botnet targets Wynncraft Minecraft with DDoS attack

Security company Cloudflare recently ended a 2.5 Tbps distributed denial-of-service (DDoS) attack launched by a Mirai botnet. The company announced the incident while pointing to...

Hackers discover a security flaw in Zimbra

Hackers compromise nearly 900 servers by exploiting a security flaw in Zimbra

Hackers are exploiting a vulnerability tracked as CVE-2022-41352 in the Zimbra Collaboration Suite (ZCS). Already, threat actors were able to hack into almost 900 servers....

Ducktail malware attack Facebook

New Ducktail malware targets Facebook accounts for data theft

Attackers are using a Windows malware called Ducktail to steal Facebook accounts, browsing data and crypto wallets. Ducktail is associated with Vietnamese hackers and relies...

Hackers hacks BNB

Hackers compromise Binance’s BNB smart chain (BSC) in $110 million hack

Hackers compromised Binance’s BNB Smart Chain (BSC) and stole an estimated USD 110 million. Hackers were able to get their hands on as much as...

Hackers impersonate zoom to steal

Attackers impersonate Zoom to steal Microsoft user data

A malicious campaign uncovered by security firm Armorblox shows that attackers manipulate Zoom to compromise Microsoft user data. In one of the incidents analyzed, more...

New Auth bypass flaw targets FortiGate and FortiProxy

New auth bypass bug targets FortiGate firewalls and FortiProxy web proxies

A Fortinet vulnerability in FortiGate firewalls and FortiProxy web proxies could allow a threat actor to perform unauthorized actions on vulnerable devices. The bug, a...

U.S. military contractor's network compromised, data stolen

U.S. military contractor’s enterprise network compromised, data stolen

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the NSA have issued a joint report describing an intrusion into the network of...

Hackers compromise scam sites

Hackers compromise scam sites to redirect crypto transactions

According to Trend Micro researchers, a threat actor identified as ‘Water Labbu’ is hacking into cryptocurrency scam sites to inject malicious JavaScript with the aim...

Lazarus hackers exploit Dell

Lazarus hackers exploit Dell driver bug for BYOVD attacks

ESET researchers have uncovered the malicious activities of Lazarus, a North Korean hacking group that exploits a Dell hardware driver flaw for Bring Your Own...

LofyGan distributing trojanized NPM packages

LofyGang distributes 199 trojanized NPM packages to steal data

The software security company Checkmarx has uncovered the malicious activities of the threat actor LofyGang, which distributes trojanized and typosquatted packages on the NPM open...

Hackers exploit critical bitbucket

Hackers actively exploit critical Bitbucket server vulnerability in attacks, CISA warns

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Bitbucket Server RCE and two Microsoft Exchange zero-days to its list of exploited vulnerabilities....

After “Dirty Pipe”, Linux is Now Susceptible to “Dirty Creds”

After “Dirty Pipe”, Linux is Now Susceptible to “Dirty Creds”

While many were away enjoying some well-deserved R&R, security researchers, hackers wearing hats of all different colors, and intelligence agents from all over the world...

Why You Need to Embrace SecDevOps Sooner Rather Than Later

Why You Need to Embrace SecDevOps Sooner Rather Than Later

Sometimes organizations must embrace evolution in the way things are done, whether it’s because a new approach has become standard practice or because of some...

New chaos malware target multiple operating systems

Chaos malware targets multiple architectures

According to researchers from Lumen-based Black Lotus Lab, a new Chaos malware is targeting multiple architectures to spread DDoS, cryptocurrency miners, and install backdoors. The...

Malware campaign exploit Microsoft flaw

Malware campaign exploits Microsoft vulnerability to deploy Cobalt Strike

Cisco Talos researchers have uncovered a social engineering malware campaign that exploits a remote code execution flaw in Microsoft Office to apply a Cobalt Strike...

Microsoft Exchange zero-day flaws

Microsoft Exchange zero-day flaws expose 22,000 servers

Microsoft has announced that two critical vulnerabilities in its Exchange application are being exploited by attackers. The company also explained that more than 22,000 servers...

New Metador APT Target companies

New Metador APT takes aim at telecom companies, ISPs and universities

A new malware, identified as Metador, is being used by attackers to target telecommunications, internet service providers and universities on multiple continents, according to security...

How to Apply Linux Kernel Security Patches: 3 Different Ways (2022)

Linux kernel updates are a fact of life–as dull as taxes and only slightly less inconvenient than death. Newly discovered security vulnerabilities in the Linux...

Retbleed vulneranility

An update on “Retbleed” work

The Vulnerability Retbleed is a hardware-level vulnerability conceptually similar to Spectre V2. It is a speculative execution attack targeting predictive branch functionality found in modern...

Hackers compromise Github accounts

Hackers compromise GitHub accounts with fake CircleCI notification

GitHub warns that cyber attackers are compromising user accounts through a sophisticated phishing campaign. The malicious messages notify users that their CircleCI session has expired...

TuxCare Wins 2022 Merit Award for Technology

TuxCare Wins 2022 Merit Award for Technology

TuxCare is pleased to announce it was honored in this year’s inaugural Merit Awards for Technology. Recognized with a silver win in the information security...

New ramsomware tool employs

New ransomware tool uses unique tactics to corrupt data

Threat actors are now updating the data exfiltration tool Exmatter with a unique data corruption feature, which attackers could switch to perform ransomware attacks in...

Attackers exploit Sophos’ firewall code injection vulnerability

Sophos has warned that attackers are exploiting a critical code injection security vulnerability in the company’s Firewall product. The attackers are exploiting the flaw in...

Fargo ransomware target Microsoft

Hackers target Microsoft SQL servers with FARGO ransomware

Microsoft SQL servers are being targeted with FARGO ransomware according to AhbLab Security Emergency Response Center (ASEC) researchers. MS-SQL servers are considered database management systems...

webworm hackers use modified rats

Webworm hackers use Windows-based RATs for cyber espionage

A threat actor identified as Webworm is using Windows-based remote access trojans for cyber espionage. The Symantec Threat Hunter team identified cases where the attacker...

Bitdefender LockerGoga ransomware

Bitdefender free decryptor for LockerGoga ransomware will help victims recover files

Bitdefender has published a free decryptor, which is supposed to help LockerGoga ransomware victims to restore their files without having to pay a ransom. The...

Ransomware gang deploys payload

Quantum, BlackCat ransomware gangs breach organizations with Emotet botnet

According to security researchers from AdvIntel, ransomware gangs such as Quantum and BlackCat are now using the Emotet malware in attacks. Emotet started as a...

Rockstar Games confirms GTA 6 leak

Rockstar Games confirms GTA 6 leak

A hacker gained access to Rockstar Games’ internal servers and stole 3 GB worth of early GTA 6 footage, photo and source code for the...

Microsoft edge´s news feed exploited

Microsoft’s Edge news feed exploited to advance tech support scams

Security researchers at Malwarebytes have uncovered an ongoing malvertising campaign that injects ads into Microsoft’s Edge News Feed, redirecting potential victims to websites that promote...

ELS patching for Phyton

Business Value of ELS Patching for Python

Python has grown tremendously, and its impact has been remarkable. It has become one of the most popular programming languages among developers and researchers. Python...

Hackers exploit Oracle WebLogic Servers and Docker APIs

Hackers exploit Oracle WebLogic Servers and Docker APIs to mine Crypto

Cybersecurity company Trend Micro has uncovered a malware campaign in which threat actors exploit security vulnerabilities in the Oracle WebLogic Server to deliver cryptocurrency mining...

Cybersecurity: Supply chain attacks

Owner-initiated Cybersecurity Supply Chain Attacks

Supply chain attacks come in all forms and shapes. One example is taking over legitimate accounts to deploy malicious code into widely used libraries. Another...

US Seizes $30 million stolen from Lazarus hackers

U.S. Seizes $30 Million Worth of Crypto from Lazarus Hackers

Chainalysis, a U.S. company, said it had worked with the FBI to recover more than $30 million in cryptocurrency stolen from online video game maker...

KernelCare Enterprise Patches

Checking the Status of KernelCare Enterprise Patches

TuxCare’s KernelCare Enterprise provides live patches for various enterprise-grade Linux distributions. Preparing patches for each new CVE has to account for each of those distributions’...

New version Bumblebee

Bumblebee Malware Offers a new Infection Chain

A new version of the Bumblebee malware loader has been discovered by researchers. The new strain of malware offers a new chain of infection, including...

Hackers Actively Exploit WordPress Zero-day Flaw

Wordfence, a WordPress security company, has warned of a zero-day WordPress vulnerability that is now being exploited by attackers. The bug is in a WordPress...

Data exfil

Data Exfil: The New and Darker Version of Ransomware

Ransomware has become such a common threat over the last few years that companies anticipate coming face to face with an attack at some point....

Attackers use Watering Hole Attacks to Install ScanBox Keylogger

A China-based threat actor dubbed APT TA423 is carrying out waterhole attacks on domestic Australian organizations and offshore energy companies in the South China Sea...

New ‘GIFShell’ Attack Technique Exploits Microsoft Teams GIFs

A new ‘GIFShell” attack technique exploits bugs and vulnerabilities in Microsoft Teams to abuse legitimate Microsoft infrastructure, execute malicious files, execute commands, and exfiltrate data....

Prynt Stealer’s Backdoor Steals Data Stolen from Cyberattacks

A backdoor in information stealing malware, Prynt Stealer is used to steal data that is exfiltrated by other cyberattackers, according to Zscaler ThreatLabz researchers. Already,...

Common Python Applications That Are Vulnerable to Security Threats

Common Python Applications That Are Vulnerable to Security Threats

Python is a language that has experienced explosive growth since its release and is now used extensively across industries by developers with different experience levels....

Google Release Chrome Update to Fix New Zero-day Flaw

Google has released an emergency patch to fix a zero-day vulnerability exploited in the wild. Tracked as CVE-2022-3075, the zero-day flaw was discovered and reported...

Python Extended Lifecycle Support: A Deeper Look

Extended Lifecycle Support (ELS) for Python enables continued use of Python 2 applications, with timely security updates, without requiring any code refactoring or migration to...

New Ransomware hits Chile’s Windows and Linux servers

A ransomware attack that began on Thursday, August 25, involved Windows and Linux systems operated by the Chilean government agency, and the incident was verified...

Changes From Python 2 to 3 Making Code Refactoring Unavoidable

Being faced with the prospect of having to delve into old code to get it running against a new language version is one of the...

Cyberattacks Targeting Linux Users Skyrockets

Cybersecurity researchers at Trend Micro have identified a 75% leap year-over-year in the number of ransomware attacks targeting Linux users. Apart from ransomware groups, there...

Samsung Breach Leaks U.S. Customer Data

Samsung has confirmed a cyberattack on the company which led to attackers accessing some vital information belonging to attackers. The company stated in its data...

Firefox 105 Offers New Features for Linux Users

Mozilla is promoting the upcoming Firefox 105 with amazing features and the new version is now available to the beta channel for public testing, early...

Linux Patch Triggers iGPU vs. dGPU Debate

Kai-Heng Feng released a patch on Tuesday that allows users’ laptops to switch their external monitor connections to be routed via a laptop’s discrete GPU...

Linux Distributions That Offers Fast Configuration of Openbox

Openbox is the default window manager in LXDE and LXQt and is used in various Linux distributions. Many consider Openbox to be a free, stackable...

Kubuntu Focus NX Mini Linux PC Unveiled With New Features

The Kubuntu Focus team has unveiled the new Kubuntu Focus NX Mini Linux PC, which will expand the Linux hardware offering to more users. Kubuntu...

Linux 6.1 Help Users Identify Faulty CPUs

Linux Kernel 6.1 one of the latest updates to the Linux operating system provides users with a new logging system that will enable them to...

Steps to Recover Lost and Deleted Data in Linux

Losing files can generally be a painful experience, especially when it comes to a lot of vital information and Linux users are not exempted. Often,...

The Safest Browsers for Linux Users

Security remains a top priority for Linux users worldwide. Apart from security, users are interested in browsers that can guarantee privacy. especially in a world...

Linux Malware Reach All-Time High In 2022

Although Linux is the most private and secure operating system, according to AtlasVPN, it has seen an increase in malware samples. The results showed that...

241 Npm and PyPI Packages Drops Linux Cryptominers

Researchers be have uncovered at least 241 malicious Npm and PyPI packages that drop cryptominers after infecting Linux machines. These malicious packages are largely typosquats...

New Linux 5.19 Kernel Offers Major Apple Silicon Support Upgrade

Linux Torvalds, the main developer of the Linux kernel used by the Linux distribution and other operating systems such as Android, has revealed the latest...

Researchers Share Roadmap for Strengthening Linux Defenses

BlackBerry threat researchers have shared common tactics and strategies to better protect Linux systems from cyberattacks. To create a viable way to security, researchers investigated...

Malicious PyPI package installs Crytominer on Linux Systems

A malicious PyPI package identified as secretslib is used by Monero cryptominer on Linux systems. The malicious package activity was uncovered by security researchers at...

Luckymouse Takes aim at Windows, Linux Systems via Mimi Chat App

According to an advisory published by Trend Micro, the Luckymouse threat actor is said to have compromised the cross-platform messaging app MiMi to install backdoors...

New Linux exploit “Dirty Cred” revealed

Zhenpeng Lin, a PhD student, and other researchers have uncovered a new Linux Kernel exploitation called Dirty Cred. The flaw tracked as CVE-2022-2588 was unveiled...

VPN On Linux: Pros And Cons of Using VPN on Linux

Linux is an operating system just like Windows, iOS and MacOS. Android is powered by Linux OS. Operating system is basically software that controls the...

The Ultimate Guide to Linux Kernel Live Patching Software

After the Equifax data breach, which highlighted the consequences of unpatched software, administrators have the delicate task of ensuring that the latest patches are applied...

PHP Extended Lifecycle Support integration with cPanel

PHP Extended Lifecycle Support and cPanel integration

PHP is used to power a vast number of websites on the Internet, some of which will be hosted side-by-side on the same system. When...

PHP Extended Lifecycle Support: A deeper look

PHP Extended Lifecycle Support: A deeper look

PHP Extended Lifecycle Support provides security updates and versions if you’re interested in maintaining compatibility with existing PHP code while remaining secure against the latest...

CISA Warns Of UnRAR Software Flaw For Linux Systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a path traversal bug in the UnRAR utility for Linux and Unix systems to its...

PHP ELS fixes hundreds of security issues at launch

If you’re reading this blog regularly, you’ll already know that unremedied security vulnerabilities open the door to cyberattacks. You’ll also know how tough it is...

Linux Malware ‘RapperBot’ Brute-forces SSH Servers

Threat hunters at Fortinet have uncovered a new botnet called “RapperBot.” The malware, which has been in use since mid-June 2022, has targeted Linux SSH...

Phishing Attacks On Social Media Users Are On The Rise

With more than 4 billion social media users around the world, cybercriminals are more inclined than ever to target these users to make money or...

Cybersecurity insurance and fine print: why you need to take another look

Catastrophic risks such as natural disasters and indeed cyberattacks require insurance. Insurers can afford large payouts when one insured party is hit – by pooling...

KernelCare Enterprise Changelog is live!

The TuxCare team has improved the accessibility of our KernelCare Enterprise changelog. It is easier to navigate and has now been updated to provide a...

IT Automation With Live Patching

In a symphony orchestra, instruments harmonize to create one pleasing sound. Similarly, enterprise IT procedures orchestrate to introduce new systems to production, monitoring, and maintenance...

KernelCare ePortal updated – version 1.37-1 is available

We are pleased to announce that a new updated ePortal version 1.37-1 is now...

KernelCare agent update – version 2.64-1 is available

We are pleased to announce that a new updated KernelCare agent version 2.64-1 is now...

KernelCare ePortal updated – version 1.36-1 is available

We are pleased to announce that a new updated ePortal version 1.36-1 is now...

ePortal can now be hosted on Ubuntu

ePortal can now be hosted on Ubuntu

IT environments are different everywhere you look. No two companies have precisely the same needs or requirements, so it follows that no two companies will...

KernelCare agent update – version 2.63-1 is available

We are pleased to announce that a new updated KernelCare agent version 2.63-1 is now...

KernelCare ePortal updated – version 1.35-1 is available

We are pleased to announce that a new updated ePortal version 1.35-1 is now...

KernelCare agent update – version 2.62-2 is available

We are pleased to announce that a new updated KernelCare agent version 2.62-2 is now...

KernelCare ePortal updated – version 1.34-1 is available

We are pleased to announce that a new updated ePortal version 1.34-1 is now...

Monthly TuxCare Update – March 2022

Welcome to the March instalment of our monthly news round-up, bought to you by TuxCare. We’re honoured to be the Enterprise Linux industry’s trusted maintenance...

Introducing the State of Enterprise Linux Security Report

As regulations around cyber security tighten and the risks increase, have you ever wondered how your company’s IT processes rank compared to others? Are you...

KernelCare ePortal updated – version 1.33-1 is available

We are pleased to announce that a new updated ePortal version 1.33-1 is now...

“Dirty Pipes” in the Kernel

A few years ago, a vulnerability dubbed “Dirty Cow” (CVE-2016-5195) was in the spotlight for a while. It was a trivially exploitable privilege escalation path...

Key points to consider during your 7 days of KernelCare Enterprise POV

Proof of value (POV) is a key step in the buying process. It allows tech teams to test a product or service to find out...

Securing confidential research data through TuxCare live patching

The University of Zagreb’s Croatian Academic and Research Network (CARNet) faced a significant threat: like other educational institutions, its networks were under constant attack from...

KernelCare ePortal updated – version 1.32-1 is available

We are pleased to announce that a new updated ePortal version 1.32-1 is now...

Monthly TuxCare Update – February 2022

Welcome to the February instalment of our monthly news round-up, bought to you by TuxCare. We’re proud to be a trusted maintenance service provider for...

KernelCare agent update – version 2.61-1 is available

We are pleased to announce that a new updated KernelCare agent version 2.61-1 is now...

Vulnerability in netfilter code allows local privilege escalation

Many high-level technologies in the IT industry, in fact most of them, are built on top of existing features. Containers are a prime example of...

ePortal storage optimization improvement

The TuxCare Team is always looking for new ways to improve the experience provided by our products. A pain point we identified was the amount...

Dangerous remotely exploitable vulnerability found in Samba

Samba, the widely used file sharing tool, has a well-established presence, especially in mixed system environments, where file shares have to be accessed from different...

KernelCare ePortal updated – version 1.31-1 is available

We are pleased to announce that a new updated ePortal version 1.31-1 is now...

KernelCare agent update – version 2.60-2 is available

We are pleased to announce that a new updated KernelCare agent version 2.60-2 is now...

Taking a look at the role of CXO at TuxCare – and why it matters

Delivering solutions in complex technology environments means balancing many competing priorities, both internal and external. There’s always a risk that the customer experience takes a...

Monthly TuxCare Update – January 2022

Welcome to the January instalment of our monthly news round-up, bought to you by TuxCare. Proud to be a trusted maintenance service provider for the...

Using CentOS 8 and worried about LUKS? Here’s how TuxCare can help

Death, taxes, and new CVEs… those are all things we can be very certain about in life. For users of CentOS 8, the inevitable has...

KernelCare ePortal updated – version 1.30-2 is available

We are pleased to announce that a new updated ePortal version 1.30-2 is now...

CentOS 8: Why extended support is better than rushed migration

Still using CentOS 8 even though it’s now unsupported, and in spite of the obvious risks? Well, in a way it’s understandable. Red Hat took...

PwnKit, or how 12-year-old code can give root to unprivileged users

It looks like IT teams have no respite. Following all the hassles caused by log4j (and its variants), there is a new high profile, high-risk...

When migrating to CentOS Stream makes sense (and when it does not)

Just over a year ago Red Hat announced that the company is changing gears on CentOS, dropping support for the stable release of CentOS that’s...

Monthly TuxCare Update – December 2021

Welcome to the December installment of our monthly news round-up, bought to you by TuxCare. We’re proud to be the Enterprise Linux industry’s trusted maintenance...

CentOS 6 ELS: vim package gradual rollout completed

A new updated vim package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

CentOS 6 ELS: binutils package gradual rollout completed

A new updated binutils package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

Extended Lifecycle Support update for binutils covers 92 CVEs

GNU Binutils is one of the fundamental packages in a development environment – it includes several different tools for manipulating ELF files, object files, and...

CVE-2021-45078 identified by TuxCare’s Extended Lifecycle Support Team

While backporting fixes for the binutils package for older Linux distributions covered by Extended Lifecycle Support, the team identified a vulnerability in the way CVE-2018-12699...

UBUNTU 16.04 ELS: exim package released

A new updated exim package within Ubuntu 16.04 ELS is now available for download from our production...

KernelCare ePortal updated – version 1.29-1 is available

We are pleased to announce that a new updated ePortal version 1.29-1 is now...

CentOS 6 ELS: nss package gradual rollout completed

A new updated nss package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

How Ransomware can ruin Christmas for IT Teams

If you ask a sysadmin what annoys him or her the most about their job, chances are pretty high that you’ll get, in no particular...

OracleLinux 6 ELS: binutils package released

A new updated binutils package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: binutils package gradual rollout

A new updated binutils package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

UBUNTU 16.04 ELS: vim package released

A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...

UBUNTU 16.04 ELS: nss package released

A new updated nss package within Ubuntu 16.04 ELS is now available for download from our production...

OracleLinux 6 ELS: vim package released

A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: vim package gradual rollout

A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

Linux Kernel CVE Data Analysis (updated)

If you’re interested in Linux security, kernel vulnerabilities or simply have some spare time to run some tests, this article is for you. In it,...

How(and why) a TuxCare team member contributes to open-source software

In some of our previous articles, we’ve covered the closely integrated relationship between open-source software – which is essentially free – and the commercial organizations...

OracleLinux 6 ELS: nss package released

A new updated nss package within OracleLinux OS 6 ELS is now available for download from our production...

UBUNTU 16.04 ELS: python3.5 package released

A new updated python3.5 package within Ubuntu 16.04 ELS is now available for download from our production...

UBUNTU 16.04 ELS: openssh package released

A new updated openssh package within Ubuntu 16.04 ELS is now available for download from our production...

UBUNTU 16.04 ELS: busybox package released

A new updated busybox package within Ubuntu 16.04 ELS is now available for download from our production...

CentOS 6 ELS: nss package gradual rollout

A new updated nss package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: vim package gradual rollout completed

A new updated vim package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

CentOS 6 ELS: openldap package gradual rollout completed

A new updated openldap package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

CentOS 6 ELS: binutils package gradual rollout completed

A new updated binutils package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

KernelCare ePortal updated – version 1.28-1 is available

We are pleased to announce that a new updated ePortal version 1.28-1 is now...

Monthly TuxCare Update – November 2021

Welcome to the November installment of our monthly news round-up, bought to you by TuxCare. We are the Enterprise Linux industry’s trusted maintenance services provider....

UBUNTU 16.04 ELS: kernel released

A new Ubuntu 16.04 kernel within ELS is now available for download from our production...

KernelCare agent update – version 2.59 available

We are pleased to announce that a new updated KernelCare agent version 2.59-1 is now...

CentOS 6 ELS: binutils package gradual rollout

A new updated binutils package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: binutils package released

A new updated binutils package within OracleLinux OS 6 ELS is now available for download from our production...

OracleLinux 6 ELS: openldap package released

A new updated openldap package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: openldap package gradual rollout

A new updated openldap package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

UBUNTU 16.04 ELS: vim package released

A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...

OracleLinux 6 ELS: vim package released

A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: vim package gradual rollout

A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: php package gradual rollout completed

A new updated php package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

CentOS 6 ELS: vim package gradual rollout completed

A new updated vim package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

CentOS 6 ELS: glibc package gradual rollout completed

A new updated glibc package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

Winter is Coming for CentOS 8

The server environment is complex and if you’re managing thousands of Linux servers, the last thing you want is for an operating system vendor to...

What does the critical CISA directive mean and how should you respond?

Let’s face it – everyone’s had just about enough. Exploits are everywhere, and it’s almost impossible to deal with the problem to a watertight degree....

CentOS 6 ELS: bind package gradual rollout completed

A new updated bind package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

KernelCare agent update – version 2.58-available

We are pleased to announce that a new updated KernelCare agent version 2.58-1 is now...

UBUNTU 16.04 ELS: vim package released

A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...

OracleLinux 6 ELS: vim package released

A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: vim package gradual rollout

A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: php package gradual rollout

A new updated php package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

UBUNTU 16.04 ELS: php7.0 package released

A new updated php7.0 package within Ubuntu 16.04 ELS is now available for download from our production...

Vulnerability in iconv identified by TuxCare Team (CVE-2021-43396)

Iconv is a library used to convert between different character encodings and is part of a core group of tools and libraries used to perform...

UBUNTU 16.04 ELS: glibc package released

A new updated glibc package within Ubuntu 16.04 ELS is now available for download from our production...

OracleLinux 6 ELS: glibc package released

A new updated glibc package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: glibc package gradual rollout

A new updated glibc package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: bind package gradual rollout

A new updated bind package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: nginx package gradual rollout completed

A new updated nginx package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

OracleLinux 6 ELS: bind package released

A new updated bind package within OracleLinux OS 6 ELS is now available for download from our production...

UBUNTU 16.04 ELS: bind package released

A new updated bind package within Ubuntu 16.04 ELS is now available for download from our production...

UBUNTU 16.04 ELS: mysql package released

A new updated mysql package within Ubuntu 16.04 ELS is now available for download from our production...

Monthly TuxCare Update – October 2021

Welcome to the next installment of our monthly news round-up, brought to you by TuxCare. We have developed live patching solutions that minimise maintenance workload...

Does Live Patching Slow Systems Down?

If you’re a systems administrator responsible for thousands of servers, even a small slowdown can cause serious technical problems for your enterprise, and cost it...

CentOS 6 ELS: gd package gradual rollout completed

A new updated gd package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

OracleLinux 6 ELS: nginx package released

A new updated nginx package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: nginx package gradual rollout

A new updated nginx package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

UBUNTU 16.04 ELS: nginx package released

A new updated nginx package within Ubuntu 16.04 ELS is now available for download from our production...

UBUNTU 16.04 ELS: python3.5 package released

A new updated python3.5 package within Ubuntu 16.04 ELS is now available for download from our production...

UBUNTU 16.04 ELS: mysql packages released

A new updated mysql package within Ubuntu 16.04 ELS is now available for download from our production...

UBUNTU 16.04 ELS: systemd package released

A new updated systemd package within Ubuntu 16.04 ELS is now available for download from our production...

Multiple vulnerabilities affecting Ubuntu 20.04 HWE/AWS

TuxCare’s KernelCare team is preparing a large batch of patches for Ubuntu 20.04 HWE and AWS Hirsute variants, running the ubuntu-focal-hwe-5.11 and ubuntu-focal-aws-5.11 kernels. All...

KernelCare agent update – version 2.57-1available

We are pleased to announce that a new updated KernelCare agent version 2.57-1 is now...

CVE Dashboard update and new functionality

Some time ago, we announced the availability of the CVE Dashboard for the Extended Lifecycle Support service. It provides an up-to-date view of CVE information...

CentOS 6 ELS: httpd package gradual rollout completed

A new updated httpd package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

UBUNTU 16.04 ELS: binutils package released

A new updated binutils package within Ubuntu 16.04 ELS is now available for download from our production...

CentOS 6 ELS: gd package gradual rollout

A new updated gd package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

UBUNTU 16.04 ELS gd package released

A new updated gd package within Ubuntu 16.04 ELS is now available for download from our production...

OracleLinux 6 ELS: gd package released

A new updated gd package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: dovecot package gradual rollout completed

A new updated dovecot package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

Find out how QEMUCare can reshape your maintenance operations

TuxCare has recently introduced QEMUCare, the live patching solution for when you need to deploy patches to a QEMU-based infrastructure, but the logistics around the...

Ubuntu 16.04 ELS: vim package released

A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...

CentOS 6 ELS: httpd package gradual rollout

A new updated httpd package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: vim package gradual rollout

A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: vim package released

A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...

OracleLinux 6 ELS: httpd package released

A new updated httpd package within OracleLinux OS 6 ELS is now available for download from our production...

Ubuntu 16.04 ELS: curl package released

A new updated curl package within Ubuntu 16.04 ELS is now available for download from our production...

Ubuntu 16.04 ELS: apache2 package released

A new updated apache2 package within Ubuntu 16.04 ELS is now available for download from our production...

Monthly TuxCare Update – September 2021

Welcome to our monthly news round-up, bought to you by TuxCare, the trusted maintenance services provider for the Enterprise Linux industry. Our services maximise system...

CentOS 6 ELS: dovecot package gradual rollout

A new updated dovecot package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: dovecot package released

A new updated dovecot package within OracleLinux OS 6 ELS is now available for download from our production...

KernelCare agent update – version 2.56-1 available

We are pleased to announce that a new updated KernelCare agent version 2.56-1 is now...

CentOS 6 ELS: httpd package gradual rollout completed

A new updated httpd package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

KernelCare agent update – version 2.55-2 available

We are pleased to announce that a new updated KernelCare agent version 2.55-2 is now...

CentOS 6 ELS: ntp package gradual rollout completed

A new updated ntp package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

CentOS 6 ELS: openssl package gradual rollout completed

A new updated openssl package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

CentOS 6 ELS: python package gradual rollout completed

A new updated python package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

CentOS 6 ELS: binutils package with the fix for the CVE-2021-3487 gradual rollout completed

A new updated binutils package with the fix for the CVE-2021-3487 within CentOS 6 ELS has been rolled out to 100% and is now available for download...

How Let’s Encrypt certificate changes affect Live Patching Customers

The expiration of a root certificate in the Let’s Encrypt certification chain causes multiple issues, especially when coupled with older versions of OpenSSL like those...

ELS fix is available for Let’s Encrypt certificate changes

Let’s Encrypt is a practical way of obtaining certificates and implementing TLS encryption across a wide range of applications. Looking at the number of issued...

OracleLinux 6 ELS: ntp package released

A new updated ntp package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: ntp package gradual rollout

A new updated ntp package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: openssl package released

A new updated openssl package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: openssl package gradual rollout

A new updated openssl package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: httpd package released

A new updated httpd package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: httpd package gradual rollout

A new updated httpd package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: python package gradual rollout

A new updated python package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: python package released

A new updated python package within OracleLinux OS 6 ELS is now available for download from our production...

Ubuntu 16.04 ELS: binutils package with the fix for the CVE-2021-3487 released

A new updated binutils package with the fix for the CVE-2021-3487 within Ubuntu 16.04 ELS is now available for download from our production...

OracleLinux 6 ELS: binutils package with the fix for the CVE-2021-3487 released

A new updated binutils package with the fix for the CVE-2021-3487 within OracleLinux OS 6 ELS is now available for download from our production repository....

CentOS 6 ELS: binutils package with the fix for the CVE-2021-3487 gradual rollout

A new updated binutils package with the fix for the CVE-2021-3487 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

The life and times of open source communities

Open-source code is at the core of many of the critical software solutions that large companies, governments, and even home users depend on. You would...

CentOS 6 ELS: kernel gradual rollout completed

A new CentOS 6 kernel within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

CentOS 6 ELS: openssl package with the fix for several CVEs gradual rollout completed

A new updated openssl package with the fix for several CVEs within CentOS 6 ELS has been rolled out to 100% and is now available for download...

CentOS 6 ELS: microcode_ctl package with the fix for several CVEs gradual rollout completed

A new updated microcode_ctl package with the fix for several CVEs within CentOS 6 ELS has been rolled out to 100% and is now available for download...

CentOS 6 ELS: xterm package with the fix for the CVE-2021-27135 gradual rollout completed

A new updated xterm package with the fix for the CVE-2021-27135 within CentOS 6 ELS has been rolled out to 100% and is now available for download...

Fixing the security implications of open source technical debt

Major progress is usually made step by step – building capabilities, layer by layer. That’s the case for free and open-source (FOSS) software too, with...

KernelCare agent update – version 2.54-1 available

We are pleased to announce that a new updated KernelCare agent version 2.54-1 is now...

KernelCare ePortal updated – version 1.27-1 is available

We are pleased to announce that a new updated ePortal version 1.27-1 is now...

CentOS 6 ELS: openssl package with the fix for several CVEs gradual rollout

A new updated openssl package with the fix for several CVEs within CentOS 6 ELS has been scheduled for gradual rollout from our production...

Ubuntu 16.04 ELS: openssl package with the fix for the CVE-2021-3712 released

A new updated openssl package with the fix for the CVE-2021-3712 within Ubuntu 16.04 ELS is now available for download from our production...

OracleLinux 6 ELS: openssl package with the fix for the CVE-2021-3712 and CVE-2021-23841 released

A new updated openssl package with the fix for the CVE-2021-3712 and CVE-2021-23841 within OracleLinux OS 6 ELS is now available for download from our production...

Ubuntu 16.04 ELS: intel-microcode package with the fix for several CVEs released

A new updated intel-microcode package with the fix for several CVEs within Ubuntu 16.04 ELS is now available for download from our production...

OracleLinux 6 ELS: microcode_ctl package with the fix for several CVEs released

A new updated microcode_ctl package with the fix for several CVEs within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: kernel gradual rollout

A new CentOS 6 kernel within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: xterm package with the fix for the CVE-2021-27135 gradual rollout

A new updated xterm package with the fix for the CVE-2021-27135 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: curl package with the fix for the CVE-2021-22924 gradual rollout completed

A new updated curl package with the fix for the CVE-2021-22924 within CentOS 6 ELS has been rolled out to 100% and is now available for download...

Take part in the TuxCare QEMU/KVM survey & win a CCNA certification

Today TuxCare opens a survey on Patch Management of QEMU/KVM-based systems, which has a goal to create a better understanding of current practices and methodologies...

CentOS 6 ELS: microcode_ctl package with the fix for several CVEs gradual rollout

A new updated microcode_ctl package with the fix for several CVEs within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: squid package gradual rollout completed

A new updated squid package with the fix for the CVE-2020-14058 and CVE-2020-15049 within CentOS 6 ELS has been rolled out to 100% and is now available...

CentOS 6 ELS: curl package with the fix for the CVE-2021-22924 gradual rollout

A new updated curl package with the fix for the CVE-2021-22924 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

Ubuntu 16.04 ELS: curl package with the fix for the CVE-2021-22924 released

A new updated curl package with the fix for the CVE-2021-22924 within Ubuntu 16.04 ELS is now available for download from our production...

OracleLinux 6 ELS: curl package with the fix for the CVE-2021-22924 released

A new updated curl package with the fix for the CVE-2021-22924 within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: glibc and java-1.8.0-openjdk packages: gradual rollout completed

New updated glibc and java-1.8.0-openjdk packages within CentOS 6 ELS have been rolled out to 100% and are now available for download from our production...

Announcing QEMUCare – Live Patching for your virtualization hosts

The TuxCare Team is proud to announce QEMUCare, the live patching solution for your QEMU virtualization host systems. Now you can keep these systems updated...

Monthly TuxCare Update – August 2021

Here at TuxCare, we pride ourselves on being the trusted provider of maintenance services for the Enterprise Linux industry. Our services improve system administration manageability...

Announcing the launch of Extended Lifecycle Support for CentOS 8

The TuxCare Team is proud to announce that it is adding support for CentOS 8 under its Extended Lifecycle Support service. With this service, TuxCare...

What is binary compatibility, and what does it mean for Linux distributions?

Binary compatibility is one of those important tech concepts that hides in the background – but that is a critical element in making things work....

Tips for TuxCare’s KernelCare Enterprise integration with Qualys

Qualys provides visibility into the IT infrastructure, with comprehensive reporting on the state of systems and vulnerabilities that may be present in them. TuxCare’s KernelCare...

CentOS 6 ELS: squid34 package with the fix for several CVEs gradual rollout

A new updated squid34 package with the fix for several CVEs within CentOS 6 ELS has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: squid34 package released

A new updated squid34 package with the fix for several CVEs within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: squid package has been scheduled for gradual rollout

A new updated squid package with the fix for the CVE-2020-14058 and CVE-2020-15049 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: squid package with the fix for the CVE-2020-14058 and CVE-2020-15049 released

A new updated squid package with the fix for the CVE-2020-14058 and CVE-2020-15049 within OracleLinux OS 6 ELS is now available for download from our production...

KernelCare agent update – version 2.53-2 available

We are pleased to announce that a new updated KernelCare agent version 2.53-2 is now...

Important OpenSSL vulnerabilities fixed by TuxCare CVE-2021-3711/3712

Few libraries are in widespread use as OpenSSL. It has a ubiquitous presence across hardware platforms and operating systems, userland applications and IoT. The chances...

UBUNTU 16.04 ELS: openjdk-9 package with the fix for the CVE-2021-2388 released

A new updated openjdk-9 package with the fix for the CVE-2021-2388 within Ubuntu 16.04 ELS is now available for download from our production...

UBUNTU 16.04 ELS: openjdk-8 package with the fix for the CVE-2021-2388 released

A new updated openjdk-8 package with the fix for the CVE-2021-2388 within Ubuntu 16.04 ELS is now available for download from our production...

UBUNTU 16.04 ELS: glibc package with the fix for several CVEs released

A new updated glibc package with the fix for several CVEs within Ubuntu 16.04 ELS is now available for download from our production...

CentOS 6 ELS: squid package rollout completed

A new updated squid package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

The first batch of live patches for Rocky Linux are being delivered

As you may have seen, TuxCare’s Live Patching service, KernelCare Enterprise, now supports Rocky Linux. The first 5 CVEs fixed are already being delivered through...

CentOS 6 ELS: glibc and java-1.8.0-openjdk packages have been scheduled for gradual rollout

New updated glibc and java-1.8.0-openjdk packages within CentOS 6 ELS have been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: glibc and java-1.8.0-openjdk packages released

New updated glibc and java-1.8.0-openjdk packages within OracleLinux OS 6 ELS are now available for download from our production...

A Look at Centralized Identity Management

This is our second article in our “concepts you’re using without even knowing” series. This time, we’re discussing identity management, and specifically centralized identity management....

Where does risk management fit in with CISOs – why is it so important?

A growing threat landscape rapidly made the CISO role one of the most influential C-level positions. It’s no surprise that the remit of CISOs keeps...

OracleLinux 6 ELS: kernel v. 2.6.32-754.35.2 released

A new updated OracleLinus 6 kernel v.2.6.32-754.35.2 within OracleLinux 6 ELS is now available for download from our production...

TuxCare has added support for Rocky Linux

TuxCare services already cover over 40 Linux distributions commonly found in Enterprise environments. These range from CentOS to Debian, and over the years, the list...

TuxCare Team identifies CVE-2021-38604, a new vulnerability in glibc

The TuxCare Team is responsible for performing in-depth analyses of new CVEs. This is done for every new CVE that pops up, which affects, directly...

OracleLinux 6 ELS: squid package released

A new updated squid package within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: squid package has been scheduled for gradual rollout

A new updated squid package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: perl package with the fix for the CVE-2020-10878 and the CVE-2020-10543 gradual rollout completed

A new updated perl package within CentOS 6 ELS with the fix for the CVE-2020-10878 and the CVE-2020-10543 has been rolled out to 100% and is now...

CentOS 6 ELS: glibc package gradual rollout completed

A new updated glibc package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

UBUNTU 16.04 ELS with the fix for the CVE-2021-33909 released

An updated Ubuntu 16.04 ELS with the fix for the CVE-2021-33909 is now available for download from our production...

KernelCare agent update – version 2.52-1 available

We are pleased to announce that a new updated KernelCare agent version 2.52-1 is now...

Track the status of fixes for all CVEs with ELS’s new Dashboard

One request we often receive is about the status of a particular fix or if we are already working on a vulnerability that has just...

Track the status of fixes for all CVEs with ELS’s new Dashboard

One request we often receive is about the status of a particular fix or if we are already working on a vulnerability that has just...

CentOS 6 ELS: squid package with the fix for the CVE-2021-28651: gradual rollout completed

A new updated squid package with the fix for the CVE-2021-28651 within CentOS 6 ELS has been rolled out to 100% and is now available for download...

CentOS 6 ELS: curl package with the fix for the CVE-2021-22925: gradual rollout completed

A new updated curl package with the fix for the CVE-2021-22925 within CentOS 6 ELS has been rolled out to 100% and is now available for download...

CentOS 6 ELS: a new perl package with the fix for the CVE-2020-10543 was updated in the current rollout

A new updated perl package with the fix for the CVE-2020-10543 was updated in the current rollout within CentOS 6...

OracleLinux 6 ELS: perl package with the fix for the CVE-2020-10543 released

A new updated perl package with the fix for the CVE-2020-10543 within OracleLinux 6 ELS is now available for download from our production...

Monthly TuxCare Update – July 2021

We are a trusted partner to the Enterprise Linux industry when it comes to delivering maintenance services. Our goal is to improve the manageability of...

KernelCare agent update – version 2.51-1 available

We are pleased to announce that a new updated KernelCare agent version 2.51-1 is now...

CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout completed

A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been rolled out to 100% and is now...

Happy Sysadmin Day from TuxCare!

The last Friday of July is System Administrator Appreciation Day. It’s the one day when Sysadmins like you who have been putting out users’ fires...

CentOS 6 ELS: perl package with the fix for the CVE-2020-10878 gradual rollout

A new updated perl package within CentOS 6 ELS with the fix for the CVE-2020-10878 has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: perl package with the fix for the CVE-2020-10878 released

A new updated perl package with the fix for the CVE-2020-10878 within OracleLinux 6 ELS is now available for download from our production...

CentOS 6 ELS: glibc package gradual rollout

A new updated glibc package within CentOS 6 ELS has been scheduled for gradual rollout from our production...

KernelCare agent update – version 2.50-1 available

We are pleased to announce that a new updated KernelCare agent version 2.50-1 is now...

Testing CVE-2021-22922 and CVE-2021-22923 / Extended Lifecycle Support

Continuing our trend of testing all the CVEs that come out that may affect the Linux distributions covered by our Extended Lifecycle Support, the team...

CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 gradual rollout

A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

Curl’s 20-year-old bug is resilient – back for another fix – CVE-2021-22925

Some weeks ago, CVE-2021-22898 was published. It affects curl/libcurl from version 7.7, dating from the 22nd of March 2001. It consisted of a flaw in...

Ubuntu 16.04 ELS: imagemagick package released

A new updated imagemagick package within Ubuntu 16.04 ELS is now available for download from our production...

Introducing OAuth2.0 Single Sign-On support for ePortal authentication

Having a centralised identity management system is the current best practice to consolidate and enforce secure login and authorisation policies over a wide range of...

OracleLinux 6 ELS: curl package with the fix for the CVE-2021-22925 released

A new updated curl package with the fix for the CVE-2021-22925 within OracleLinux 6 ELS is now available for download from our production...

Ubuntu 16.04 ELS: curl package with the fix for the CVE-2021-22925 released

A new updated curl package with the fix for the CVE-2021-22925 within Ubuntu 16.04 ELS is now available for download from our production...

CentOS 6 ELS: curl package with the fix for the CVE-2021-22925 gradual rollout

A new updated curl package with the fix for the CVE-2021-22925 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

Patches for CVE-2021-33909 are being delivered [UPDATE #3 27/07]

CVE-2021-33909 was disclosed on the 20th of July. It describes a vulnerability in the Linux filesystem layer that can lead to local privilege elevation when...

CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.6 gradual rollout

A new updated CentOS 6 kernel v.2.6.32-754.35.6 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

Ubuntu 16.04 ELS: systemd package with the fix for the CVE-2021-33910 released

A new updated systemd package with the fix for the CVE-2021-33910 within Ubuntu 16.04 ELS is now available for download from our production...

Ubuntu 16.04 ELS: squid package with the fix for the CVE-2021-28651 released

A new updated squid package with the fix for the CVE-2021-28651 within Ubuntu 16.04 ELS is now available for download from our production...

OracleLinux 6 ELS: squid package with the fix for the CVE-2021-28651 released

A new updated squid package with the fix for the CVE-2021-28651 within OracleLinux 6 ELS is now available for download from our production...

CentOS 6 ELS: squid package with the fix for the CVE-2021-28651 gradual rollout

A new updated squid package with the fix for the CVE-2021-28651 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

Is the Ghost bug still haunting your servers?

Forgotten vulnerabilities can come back to haunt you. It’s just too easy to assume that you’ve patched or upgraded thoroughly enough so that a dangerous,...

KernelCare agent update – version 2.49-2 available

We are pleased to announce that a new updated KernelCare agent version 2.49-2 is now...

Why your servers can still suffer from (a) Heartbleed – and what to do

It’s now more than seven years since the discovery of Heartbleed, a dangerous OpenSSL exploit that affected millions of systems when it was discovered. That’s...

KernelCare ePortal updated – version1.26-1 is available

We are pleased to announce that a new updated ePortal version 1.26-1 is now...

What does the Ideal Vulnerability Management Tool Look Like?

Vulnerability management tools are a broad and wide category, but all have the same goal: helping organizations to minimize the risk posed by everyday IT...

CentOS 6 ELS: sudo package with the fix for the CVE-2021-23240 rollout completed

A new updated sudo package with the fix for the CVE-2021-23240 within CentOS 6 ELS has been rolled out from our production...

Spectre, Yet Again. Because We Know You Missed It…

Spectre and its cousin Meltdown have been with us since 2018, and one would think that we’ve heard everything there is to hear about these...

KernelCare agent update – version 2.48-1 available

We are pleased to announce that a new updated KernelCare agent version 2.48-1 is now...

Understanding MySQL High Availability: Good and Bad Reasons to Use It

The cost of downtime in the enterprise environment rapidly adds up. In one survey, 40% of respondents suggested that just one hour of downtime cost...

CentOS 6 ELS: sudo package with the fix for the CVE-2021-23240 gradual rollout

A new updated sudo package with the fix for the CVE-2021-23240 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: sudo package with the fix for the CVE-2021-23240 released

A new updated sudo package with the fix for the CVE-2021-23240 within OracleLinux 6 ELS is now available for download from our production...

Ubuntu 16.04 ELS: sudo package with the fix for the CVE-2021-23240 released

A new updated sudo package with the fix for the CVE-2021-23240 within Ubuntu 16.04 ELS is now available for download from our production...

CentOS 6 ELS: curl package with the fix for the CVE-2021-22898 gradual rollout completed

A new updated curl package with the fix for the CVE-2021-22898 within CentOS 6 ELS has been rolled out to 100% and is now available for download...

CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.5 gradual rollout completed

A new updated CentOS 6 kernel v.2.6.32-754.35.5 within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...

Monthly TuxCare Update – June 2021

As a trusted partner for providing maintenance services to the Enterprise Linux industry, our goal is to make system administration more manageable. In this monthly...

A comprehensive guide to QEMU patching

When it comes to patching, thoroughness is a critical aspect – it takes just one unpatched service to open the doors to a damaging intrusion....

CentOS 6 ELS: hivex package with the fix for the CVE-2021-3504 rollout completed

A new updated hivex package with the fix for the CVE-2021-3504 within CentOS 6 ELS has been rolled out to 100% and is now available for download...

Ubuntu 16.04 ELS: curl package with the fix for the CVE-2021-22898 released

A new updated curl package with the fix for the CVE-2021-22898 within Ubuntu 16.04 ELS is now available for download from our production...

OracleLinux 6 ELS: curl package with the fix for the CVE-2021-22898 released

A new updated curl package with the fix for the CVE-2021-22898 within OracleLinux OS 6 ELS is now available for download from our production...

CentOS 6 ELS: curl package with the fix for the CVE-2021-22898 gradual rollout

A new updated curl package with the fix for the CVE-2021-22898 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

KernelCare ePortal updated – version 1.25-1 is available

We are pleased to announce that a new updated ePortal version 1.25-1 is now...

KernelCare agent updated – version 2.47-1 is available

We are pleased to announce that a new updated KernelCare agent version 2.47-1 is now...

CentOS 6 ELS: OpenSSL package with the fix for the CVE-2021-23840 has been rolled out to 100%

A new updated OpenSSL package with the fix for the CVE-2021-23840 within CentOS 6 ELS has been rolled out to 100% and is now available for download...

CentOS 6 ELS: Nginx package with the fix for the CVE-2021-23017 has been rolled out to 100%

A new updated nginx package with the fix for the CVE-2021-23017 within CentOS 6 ELS has been rolled out to 100% and is now available for download...

RHEL 7 to CentOS 7 conversion script

We’ve received requests for assistance with converting systems running RHEL 7 to CentOS 7. There are several reasons for this, from wanting to standardize the...

Multiple recently disclosed Apache vulnerabilities patched

Earlier this month, another set of vulnerabilities were publicly disclosed, this time in Apache code. Because Apache is, and has been for quite some time,...

UBUNTU 16.04 ELS: apache2 package with the fixes for CVE-2021-30641, CVE-2021-26691, CVE-2021-26690, CVE-2020-35452 released

A new updated apache2 package with the fixes for CVE-2021-30641, CVE-2021-26691, CVE-2021-26690, CVE-2020-35452 within Ubuntu 16.04 ELS is now available for download from our production...

CentOS 6 ELS: CentOS 6 kernel v.2.6.32-754.35.5 gradual rollout

A new updated CentOS 6 kernel v.2.6.32-754.35.5 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: hivex package with the fix for the CVE-2021-3504 gradual rollout

A new updated hivex package with the fix for the CVE-2021-3504 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: OpenSSL package with the fix for the CVE-2021-23840 released

A new updated OpenSSL package with the fix for the CVE-2021-23840 within OracleLinux OS 6 ELS is now available for download from our production...

CENTOS 6 ELS: OpenSSL PACKAGE WITH THE FIX FOR THE CVE-2021-23840 GRADUAL ROLLOUT

A new updated OpenSSL package with the fix for the CVE-2021-23840 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

CentOS 6 ELS: NGINX PACKAGE WITH THE FIX FOR THE CVE-2021-23017 GRADUAL ROLLOUT

A new updated nginx package with the fix for the CVE-2021-23017 within CentOS 6 ELS has been scheduled for gradual rollout from our production...

OracleLinux 6 ELS: NGINX PACKAGE WITH THE FIX FOR THE CVE-2021-23017 RELEASED

A new updated nginx package with the fix for the CVE-2021-23017 within OracleLinux 6 ELS is now available for download from our production...

Ubuntu 16.04 ELS: Nginx package with the fix for the CVE-2021-23017 released

A new updated nginx package with the fix for the CVE-2021-23017 within Ubuntu 16.04 ELS is now available for download from our production...

Concepts You’re Using Without Even Knowing: Role-Based Access Control

Welcome to our new series about technical concepts and features that you’re probably using every day without even knowing about it. We are running this...

Your Backup Solution: How Long Does It Live, And When Is Its Time Up?

Backups are there to protect your operations and to ensure redundancy. You must be able to depend on your backup solution when disaster strikes but...

GRADUAL ROLLOUT COMPLETED: GLIB2 PACKAGE WITH THE FIX FOR CVE-2021-28153 AND CVE-2021-27219 WITHIN CentOS 6 ELS

A new glib2 package with the fix for the CVE-2021-28153 and the CVE-2021-27219 within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available...

KernelCare agent updated – version 2.46-1is available

We are pleased to announce that a new updated KernelCare agent version 2.46-1 is now...

Oracle Linux Extended Support: Overview of Linux Support Services

Full, comprehensive support from software vendors almost always have an end date. At some point, vendors need to focus their resources on supporting newer releases...

CVE-2021-25217 – DHCP(d) remotely exploitable vulnerability

Are you running DHCP on your network? There is a good chance that you are. Make sure you’re protected against the exploit in...

Monthly TuxCare Update – May 2021

The Enterprise Linux industry has become more complex to maintain, which raises the need for a trusted partner for Linux maintenance. In this monthly overview...

Patching of nginx CVE-2021-23017 for EOL systems is being deployed

Nginx is a critical part of the infrastructure of many organizations. It is used as a web server, a load balancer, a (reverse) proxy server,...

TuxCare – Testing all vulnerabilities so that you don’t have to

As a part of TuxCare, we make sure that any and all new vulnerabilities are analyzed and tested against all the distributions and products we...

On the Ethics of Open Source Security Research

Security research is an important aspect of cybersecurity, but it is not particularly easy to carry out cybersecurity research or to do so scientifically. It...

The 2021 Deep Dive to Linux Kernel Updates

Reliable, efficient IT depends on repeatable processes that run like clockwork – it doesn’t make sense to change practices all the time, but key policies...

Open-source code is public, but are the right people looking at it?

Perceptions around the inherent security of open-source code and open-source software vary – but these perceptions matter. On the one hand, some view open-source code...

The Risks of Running an End Of Life OS – And How To Manage It

Today’s technology world moves rapidly, with continuous updates to the software companies depend on. This is true for operating systems too – vendors regularly release...

Why improving SecOps can save you money

Security operations is a critical element of the enterprise technology environment – but it can sometimes be left behind as organizations focus on adopting the...

KernelCare ePortal 1.22-1 released

The KernelCare Team is proud to announce the latest update to ePortal, its centralized management interface for KernelCare clients. It’s now at version 1.22-1, and...

PostgreSQL Database: A Black Hole for You, A Goldmine for Someone Else

Cyberattacks come in all shapes in sizes. At times, the attacker’s express intent is to disrupt, or to steal something valuable. At other times, an...

Open Source: Enterprise-Grade Security with Open Code?

Organizations rely more and more on open source code solutions, even if they are not aware of it. But is open source code security handled...

And now, for something completely different… TuxCare!

CloudLinux Enterprise services have been growing steadily for years now. KernelCare, for example, was launched around 6 years ago as a live patching tool for...

Monthly KernelCare Update – April 2021

Our April 2021 blog post is out. We’ve got lots to tell you about, so let’s get started. First up, we highlight UChecker, a tool...

KernelCare 2.43-2 released

The KernelCare team is proud to announce the release of KernelCare 2.43-2, bringing new features and bug fixes to the enterprise’s live patching tool of...

KernelCare for IoT adds support for Raspbian

So, you have your shiny new Raspberry Pi, a great idea to use it, and the technical skill to pull it off successfully. It doesn’t...

KernelCare ePortal 1.21-1 update and UI improvements

ePortal is KernelCare Enterprise’s solution for deployments where the machines that need to receive the updates have restricted internet access, serving as a central staging...

BPF code can allow local privilege escalation (CVE-2021-29154)

...

UChecker – are you sure your libraries are up to date?

When you see so many vulnerabilities being reported and so many security-related issues being exploited, you may think to yourself “I’m lucky not to be...

Monthly KernelCare Update – March 2021

In this month’s update, we highlight CVEs that just won’t die. We’ve also published some critical information regarding live patching the Microsoft Azure IoT Hub...

20 year old vulnerability in libcurl publicly disclosed CVE-2021-22876

At what point does an old vulnerability go from being a bug to becoming a feature? That is the question probably going through the mind...

Two more vulnerabilities uncovered in OpenSSL

  OpenSSL, the widely used cryptography toolkit and library, has been the target of security researchers’ audits more than almost any other project, perhaps only...

How to Upgrade An Unsupported OS: An In-depth Checklist

Updating an OS seems like a trivial task. The type of activity a sysadmin instinctively knows how to perform. But have you ever actually considered...

Spectre just won’t remain dead

Shortly after exploit code was found in a public repository, two new vulnerabilities (CVE-2020-27170 and CVE-2020-27171) have been found in the Linux Kernel code that...

Three more zombie kernel bugs prove why you must patch consistently

Very recently, a long-known vulnerability called Spectre re-emerged due to an exploit that was made available publicly, and a lack of patching meant that this...

KernelCare Live IoT Patching integrates with Microsoft Azure IoT Hub

Billions of IoT devices are transforming the capabilities of industrial control systems (ICS): delivering low cost, low power computing to achieve efficiency and automation. But...

Thought Spectre is history? It’s still alive, and kicking

Cyber threats come and go, but some threats leave a lasting imprint due to their impact. Think of Spectre and the closely related Meltdown, for...

Extended Lifecycle Support service providing updated OpenSSL to address CVE-2021-23841

A flaw in the way OpenSSL API function X509_issuer_and_serial_hash() has been disclosed that may lead applications using it to crash, causing a potential denial-of-service (DoS)...

Monthly KernelCare Update – February 2021

This February we did a diligent work to keep your Linux kernels and shared libraries updated. For instance, you’ll find detailed updates regarding the latest...

Mmap kernel vulnerability is relisted

We’ve covered brand new Linux kernel vulnerabilities in a few of our past articles, but in this article we’ll take a look at a vulnerability...

KernelCare supports AlmaLinux OS

KernelCare added support for AlmaLinux OS. This new linux distribution is a community driven project that intends to fill the gap left by the change...

How to migrate your KernelCare license to a new server

    KernelCare is a solution to the problem of applying patches in a timely manner and keeping your system running without disruption, but sometimes...

Identify, mitigate & prevent buffer overflow attacks on your systems

Buffer overflow vulnerabilities remain a common way in which cyber criminals gain illegal entry into computer systems. According to the National Vulnerability Database, there has...

Understanding the new AF_VSOCK Linux kernel vulnerability

The discovery of a new Linux kernel vulnerability is not a major surprise in its own right. It happens all the time. However, sometimes it...

Patches for CVE-2021-26708 are being delivered

  A new week, a new vulnerability announced. This time, it affects kernels starting from version 5.5-rc1 (November 2019) up 5.10.13 (February 2021). This vulnerability...

Yet Another Futex Vulnerability Found in the Kernel (CVE-2021-3347)

Linux vulnerabilities pile up. Year in, year out. You could say it’s inevitable really, given today’s complex computing environment. It is nonetheless frustrating when the...

Monthly KernelCare Update – January 2021

It’s hard to believe the first month of 2021 has come and gone. In this issue of KernelCare monthly blog, you’ll find useful information that...

Patches for CVE-2021-3347 are being delivered

Very recently a new vulnerability of the Linux Kernel was announced. It has been assigned CVE-2021-3347, and is (yet another) futex-related...

Patch Raspberry Pi systems without a reboot for free with KernelCare

Your Raspberry Pi might be a hobby or a critical part of your home network, but regardless of its purpose it can be a target...

How to Negotiate the Purchase of a New IT Tool – 5 Steps to Success

  The new year is finally upon us and with that comes the task of taking a careful examination of our IT practices over the...

Remote code execution attack: what it is, how to protect your systems

Cybercriminals use a range of strategies to target vulnerable systems – and remote code execution (RCE) attacks are one of the most common strategies. Indeed,...

The Best Practices for Cyber-resiliency in an Enterprise World

In the face of adversity, your enterprise’s ability to continue with business, even in a degraded mode, heavily depends on the resiliency of its cyber...

Presenting New Design Of The KernelCare Blog

New Look, Better KernelCare You may have noticed that things look a little different around the KernelCare blog recently. And you’d be absolutely right! We’ve...

Increasing Security of MySQL Databases While Eliminating Downtime

Open-source software (OSS) has quickly transformed how modern applications are built and their underlying code. Access to high-quality and robust open-source software projects has allowed...

The Hidden Costs of a Data Breach That Could Last Years

Software bugs and vulnerabilities often lead the way to massive security breaches via exploitation. These breaches spawn heavy costs to the organization in well-known monetary...

Take Part In The KernelCare Survey To Win A CKA Certification

Participate in the KernelCare Survey to share your thoughts on the state of Enterprise vulnerability detection and patch management operations in your organization for a...

AlmaLinux is born!!

Alma means “soul” in many Latin languages, including Spanish and Italian. The word comes from the Latin word almus, which means “nourishing,...

How KernelCare Helps You To Keep Your Containerized Workloads Secure

OS virtualization was a huge step forward for the delivery of large-scale enterprise computing applications. But virtual machines were just the start. Containers take virtualization...

Monthly KernelCare Update – December 2020

We have finally wrapped up 2020! This past month has been intense and we’ve done our best to address all the news and changes that...

KernelCare Patches for Cross-layer Attack Have Been Released

A new vulnerability (CVE-2020-16166) in pseudo random number generator (PRNG) was found by Amit Klein, vice president of security research at SafeBreach and a security...

Meet The IoT Cybersecurity Improvement Act Terms With KernelCare

Last week, the US Congress officially signed a bipartisan law, The Internet of Things Cybersecurity Improvement Act of 2020, or the IoT Cybersecurity Improvement Act...

Amazon Kernel Live Patching: Overview of Live Patching for Enterprise

We know that frequently updating Linux kernels is critical to the safety of cloud environments – kernels are, after all, a cybersecurity blind spot. But...

Keeping Your Medical Device Security Compliant with Live Patching

Today, the security of medical devices is becoming extremely important to assure customers and patients who interact with your devices that their health and personal...

Open-sourced & Community-driven RHEL Fork by CloudLinux OS Creators

CentOS is a fork of Red Hat Enterprise Linux (RHEL) and undoubtedly a popular choice to deploy on production servers because of its rock-solid stability...

KernelCare+ Patches For CVE-2020-1971 Are Here

Big news from the OpenSSL team – they issued the fix for a new CVE-2020-1971 that causes servers’ disruptions via x509v3 certificate fields. The good...

The IoT Surge And Live Patching At The Edge

The Internet of Things (IoT) has been adopted by an increasing number of enterprises recently, and it has become an essential part of edge computing....

Cloud Servers Need Updating Too

Cloud provisioning has steadily replaced locally hosted servers. It’s simply much faster, and often cheaper, to fire up cloud-hosted Linux VMs to handle workloads and...

Securing ARM-based Linux IoT Devices Requires Live-Patching the Kernel

The IoT is an integral part of many network infrastructures and a feature of everyday life for consumers. On the enterprise level, there are smart...

Live Patching In the DevOps Workflow

DevOps is a combination of software development and IT operations that aims to improve and evolve products at a faster than normal pace in order...

Monthly KernelCare Update – November 2020

The KernelCare team strives to make sure you never miss a critical patch. In November, we worked to boost our products’ capacity and provide early...

IT Compliance tools for the Enterprise (Banks, Insurance, Healthcare)

Organizations that operate in the enterprise space – healthcare, insurance, banks, etc. – have unique and challenging cybersecurity compliance obligations. Enterprise data is, after all,...

KernelCare ePortal 1.17-1 Mandatory Upgrade

The new ePortal version being released today. We strongly emphasise our ePortal based customers to upgrade to ePortal...

kpatch: Overview of Enterprise Live Patching Services

There are currently a whole host of live patching tools on the market. Such options vary significantly in cost, with some significantly more affordable or...

Keeping Your Company Data Safe From Ransomware on Linux

In this article, we explore ransomware, specifically the unique way it attacks Linux-based systems. “It was called a tribute before a battle, and a ransom...

KernelCare Patches for SAD DNS Are Here

Sad DNS (Side-channel AttackeD DNS) is a vulnerability that was disclosed by academics from the University of California and Tsinghua University, at the ACM Conference...

How KernelCare Works to Keep You FedRAMP Compliant

Keeping servers safe and keeping them secure and compliant, becomes a full-time job, one that can’t be left to chance, one that must be fully...

KernelCare ePortal 1.16-1 release is here

Upcoming ePortal 1.16-1 release candidate will...

To Reboot or Not to Reboot? That is the Question for Many Sysadmins

A server reboot cycle is a generic name given to the process of rebooting a fleet of servers in an organization. This can be due...

Linux Live Patching vs. Server Reboot Cycles: Pros and Cons

Ever heard of a pipe-freeze kit? A pipe-freeze kit forms a plug of ice inside a water pipe, allowing a plumber to make repairs without...

Mitigate PLATYPUS Attack Without A Reboot

On November 10, 2020, a team of academic researchers found a bug in Intel CPU architecture that allowed them to extract sensitive information from the...

Keep Cloud Services FedRAMP Compliant and Avoid Hefty Fines

Bad actors continue targeting government organizations these days. Along with increases in targeting technology, attacks focused on government targets nearly doubled in 2019 from 2017....

Reminder to upgrade old KernelCare agent

If you are running kcarectl versions from 2.10-1 to 2.11-3, please upgrade to the latest version by...

Protecting Servers from HeartBleed. Yes, HeartBleed.

HeartBleed… kind of sounds like a love song from the 1970s. It’s not. HeartBleed is a serious vulnerability (CVE-2014-0160) affecting the OpenSSL shared library. It’s...

Canonical Livepatch: Overview of Enterprise Live Patching Services

Server live patching is an essential tool that reduces system downtime, lowers maintenance expenses, and enhances security. Initially introduced in 2008, live patching is an...

Ksplice: Overview of Enterprise Live Patching Services

  Before 2008, the only way to install new patches to Linux kernels was the yum update kernel command. It quickly became clear that those...

Best Practices for Compliance in IoT: The Role of Live Patching

The Industrial Internet of Things (IIoT or “IoT” for short) consists of billions of devices deployed across industrial facilities and public infrastructure. While a boon...

Monthly KernelCare Update – October 2020

The KernelCare team strives to help make sure you never miss a critical patch. In October, we worked to provide you with simple instructions on...

Case Study: University of Zagreb eliminated downtime with KernelCare

Educational institutions are being hacked on a regular basis, and this trend shows no signs of improvement: over half (54%) of UK universities reported a...

8 Tools to Keep Linux Servers Secure

Keeping Linux servers updated and patched isn’t the job of just one tool. You need several tools to ensure your servers are configured properly and...

Strategies for Managing End-of-Life Operating System

The end of life (EOL) for software means that the software has reached the end of its predefined support period and will be retired. Beyond...

Behind the Scenes at KernelCare: How We Test Patches Before Release

Testing is essential for any software update including patches, but it’s even more essential when changes are made to critical infrastructure that powers revenue-impacting services....

Linux Server Security Best Practices in 2020

Whether your system is running in a local office or remotely in a data center, security is vital to any environment. Unfortunately, there are often...

A Guide to Memory Vulnerabilities in the Linux Kernel

Most cyber-attacks are financially motivated, so attackers constantly come up with new ways to breach data. While the amount and sophistication of such attacks are...

Tools for Meeting and Maintaining SOC 2 Compliance

Meeting System and Organization Controls (SOC) 2 compliance is more than just a simple process implemented once to pass an audit. Permanent procedural changes are...

Rebootless Patches for ‘BleedingTooth’ are on the Way

Google security researchers recently found a flaw in the way the Linux kernel’s Bluetooth implementation handled L2CAP packets with A2MP CID.  A remote attacker in...

Rebootless Patches for ‘BleedingTooth’ are on the Way

Google security researchers recently found a flaw in the way the Linux kernel’s Bluetooth implementation handled L2CAP packets with A2MP CID.  A remote attacker in...

KernelCare+ Beta Has Completed – Purchase The Production Version

No downtime or non-compliant? That is the question for companies that do not use automated patch services. There is no middle ground when it comes...

Test image

How to Try or Purchase KernelCare+ (2 Different Ways)

Since the beginning of KernelCare+ Beta testing, we’ve been working hard on the automation of the trial and purchase of live patching for shared libraries....

Linux Kernel Vulnerabilities to Know (and Mitigate Without Reboot)

With the Linux open-source community, you have the power of developers adding to its codebase improving features and performance. The downside to this approach is...

Rebootless patches for RHSA-2020:3861 are on the way

Last year, a CVE-2019-19126 vulnerability was discovered in glibc, where the LD_PREFER_MAP_32BIT_EXEC environment variable is not ignored when running binaries with the setuid flag on...

Monthly KernelCare Update – September 2020

Every month, the KernelCare team strives to help you never miss a critical patch. This September, we worked extremely hard to swiftly release CVE–2020-14386 patches...

Patch CVE-2020-14386 Without Reboot With KernelCare

CVE-2020-14386 is a new kernel vulnerability that can be exploited to gain root privileges from unprivileged processes. It corrupts the memory in kernels newer than...

Find Unpatched Libraries In Memory With UChecker by KernelCare

To help administrators manage hundreds of servers with open-source libraries, KernelCare released UChecker – a scanner that checks network Linux servers and detects out-of-date libraries...

5 Ways to Reduce Server Downtime (And 1 Way To Eliminate It)

Rebooting servers hurts you and your customers. It’s often done during off-peak hours (usually at night) when servers process fewer transactions, but even rebooting at...

Vulnerability Scan Reports: Tired of Marking False Positives?

The dreaded false positive exhaustion experienced by analysts brings with it numerous issues. Analysts begin ignoring reports, reviewing a false positive takes time and money,...

The Ultimate Guide to Updating Linux Kernel

Within any IT organization, there exist processes so routine and well-established that they become practically a given—with little concern for whether such processes and practices...

The Ultimate Guide to Linux Patch Management

Administrators responsible for patching Linux know that it’s practically a full-time job in a large enterprise environment. To patch just one system, the administrator must...

Monthly KernelCare Update – August 2020

August was a busy month for us, as always. We added more distributions to the KernelCare+ Beta testing. You can be part of it. If...

Best Embedded Linux Development Tools

Most developers are used to a graphical interface for development, so when diving into the world of IoT and embedded Linux development, it’s a new...

Unknown Kernel Error While Using KernelCare: Troubleshooting Guide

What to do if you see the “Unknown kernel” error while using...

Monthly KernelCare Update – July 2020

Every month we do a lot of under-the-hood improvements to KernelCare which you may not notice, but trust us, it makes your KernelCare experience better....

Developer Tutorial: Live Patching Oracle Enterprise Linux 7 with Kpatch

Live patching allows you to update Linux kernel without rebooting your system. This approach is definitely a perfect solution for huge enterprises with interruption-sensitive services...

How KernelCare Helped WebSliceEU Improve Its Hosting Operations

A Managed Services provider from Amsterdam, Webslice, was spending a lot of time and effort patching Linux kernel vulnerabilities. When it began using KernelCare, its...

KernelCare+ and KernelCare Enterprise Now Include DataDog Integration

KernelCare is pleased to announce that our premium live patching editions – KernelCare+ and KernelCare Enterprise – are now integrated with the DataDog cloud infrastructure...

Security Updates of Shared Libraries Without Restarts With KernelCare+

At 10 am EST on Thursday, 3 September 2020, we’ll be conducting a live webinar on how to update shared libraries without restarts, using KernelCare+....

KernelCare agent updated – version 2.32 is available

...

KernelCare agent updated – version 2.31 is available

...

Buy KernelCare with a Discount in CentOS® 6 ELS Bundle

KernelCare is now available with a 15% discount as part of a package with CloudLinux’s extended lifecycle support (ELS)* for CentOS® 6. This KernelCare &...

Monthly KernelCare Update – May 2020

We can not imagine how busy you are taking care of the infrastructure during these challenging times and we thought it would be nice to...

Monthly KernelCare Update – June 2020

Every month we do a lot of under-the-hood improvements to KernelCare which you may not notice, but trust us, it makes your KernelCare experience better....

New Kernel Vulnerability Found by Virtuozzo Live-Patched by KernelCare

A month ago, Virtuozzo‘s Team discovered the new security vulnerability in the kernel – CVE-2020-14305. It corrupts the memory in kernels from v3.5 to v4.10...

Benefits and Future of Working from Home [Podcast]

In this podcast episode, KernelCare CEO Igor Seletskiy talks with Gaper.io’s Mark Allen about CloudLinux, and why it’s a fully remote company. In this article...

Why Rebootless Updates are Important for Servers [Podcast]

On 18 June, KernelCare CEO Igor Seletskiy was interviewed by Adam Torres on his Mission Matters Innovation podcast. The topic was rebootless updates, and why...

Updating Linux Kernel Without Reboots [Live Patching Tools Overview]

Updating Linux kernels is a routine – as dull as taxes and only slightly less inconvenient than death. New security vulnerabilities in the Linux kernel...

Stack unwinding in AArch64 processors: what is it and how it works

For the past nine months, KernelCare’s Linux kernel live patching software has supported ARMv8 (AArch64) in addition to x86_64 (Intel IA32/AMD AMD64). To get KernelCare...

Developer Tutorial: Live patching Ubuntu 20.04 LTS Focal Fossa Linux kernel with Kpatch

Live patching is a way of updating a Linux kernel without interruption. Because kernel updates don’t take effect until the system is rebooted, Linux kernel...

KernelCare Patches Against Spectre Vulnerability Are On The Way

On 9 June, Anthony Steinhauser, an engineer at Google, made some urgent posts to the Linux kernel mailing list. In them, he pointed out that...

Live Patching Linux On AWS EC2

CloudL