Google uncovers severe security flaws in Samsung’s Exynos chips
Google’s Project Zero has discovered 18 zero-day vulnerabilities in Samsung’s Exynos chips, which attackers could use to completely compromise a phone without the user’s knowledge....
Check the status of CVEs. Learn More.
📢 TuxCare KernelCare Enterprise Wins Gold in 2023 Cybersecurity Excellence Awards Read More
Google’s Project Zero has discovered 18 zero-day vulnerabilities in Samsung’s Exynos chips, which attackers could use to completely compromise a phone without the user’s knowledge....
A new variant of IceFire ransomware has been discovered that targets Linux systems. In the past, it has been found to target Windows only. This...
Cybersecurity threats are ever present and government organizations face unique challenges in securing the sensitive information of citizens. As workers with limited technology training become...
ReliaQuest has discovered a security incident caused by the QBot banking trojan in a client’s environment. A threat actor gained access to the network via...
Docker is a popular open-source containerization platform that helps to create, deploy, and manage applications in a containerized environment. Recently, concerns have been raised in...
Sometimes getting 101’s right comes down to how seriously you take the issue – whether it’s given the right level of priority. Take health 101’s:...
Offensive Security has announced the release of Kali Linux 2023.1, marking the 10th anniversary of the project. The latest version of the distribution includes a...
The sanctions imposed on the Russian government and its defense industry have caused some interesting issues in the open-source community. The conflict between Russia and...
IoT in manufacturing and production industries enables higher levels of automation, data collection, and efficiency, so it’s no surprise that IoT empowers manufacturers tremendously. In...
Cybercriminals have found a new way to distribute info-stealing malware to unsuspecting users by abusing Adobe Acrobat Sign, a popular online document signing service. Avast...
A new Ubuntu Desktop is in development that provides the usual Ubuntu experience with the addition of Flatpak preinstalled. Since Canonical announced it to not...
“No plan survives contact with the enemy” is one of the truisms of conflict. It’s somewhat (un)surprising how accurately this describes the cybersecurity posture of...
Btrfs, the short form for “B-Tree File System,” is a Linux kernel-based, state-of-the-art file system that seeks to replace the current standard ext4 file system...
Reaching an acceptable level of cyber hygiene is a challenge for all healthcare providers, hospitals, and pharmaceutical companies. Many security breaches occur with legacy systems...
Cybersecurity researchers from SentinelLabs discovered a new variant of the Icefire ransomware, with a specific focus on Linux enterprise systems. SentinelLabs was the first to...
Vanilla OS 2.0 had been using Ubuntu from its early development stages, but now it is all set to shift to Debian Sid. Vanilla OS...
The core reason why organizations utilize CI/CD is that they’re supremely beneficial for system administration, live patching, or patch management, as well as testing code...
A former TikTok risk manager has met with congressional investigators to express his concerns that the company’s plan for protecting user data in the United...
In the current scenario where almost all software uses open-source code, at least one known open-source vulnerability was detected in 84% of them. The researchers...
It’s been about a decade since the discovery of Heartbleed, a dangerous OpenSSL exploit that affected millions of systems – and a vulnerability that made...
Palo Alto Networks’ Unit42 researchers have discovered a new GoBruteforcer malware that targets phpMyAdmin, MySQL, FTP, and Postgres. The newly discovered Golang-based botnet malware seeks...
Several critical vulnerabilities were detected in the Linux kernel that could cause a denial of service (DoS), possibly execute arbitrary code, and leak sensitive information....
Buffer overflow vulnerabilities are still a common route by which cyber criminals get illegal access to computer systems. It’s a growing problem too as there...
According to cybersecurity firm Mandiant, a North Korean espionage group known as UNC2970 has been carrying out spear-phishing attacks against media and technology organizations in...
Linux Torvalds announced the first release candidate for Linux Kernel 6.3 on March 14, 2023. This kernel release candidate officially starts the testing phase for...
We need an opportunity to achieve our cybersecurity goals. The tighter this window, the harder it becomes to do our cybersecurity jobs. Recent reports stating...
PALO ALTO, Calif. – March 21, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it received top honors in this...
Mandiant researchers have discovered a malware campaign that targets SonicWall SMA 100 Series appliances and is thought to have originated in China. The malware was...
You don’t need to be a Linux mastermind to recover lost and deleted data in Linux. With the right know-how, you can recover both, and...
Two buffer overflow vulnerabilities in the Trusted Platform Module (TPM) 2.0 specification could allow attackers to access or replace sensitive data such as cryptographic keys....
Canonical has released new Linux kernel security updates that address 17 vulnerabilities affecting Ubuntu 22.10, Ubuntu 22.04 LTS, and Ubuntu 20.04 LTS systems running Linux...
Lucky Mouse, a cyber threat group, has created a Linux version of the malware called SysUpdate, increasing its ability to attack devices that use the...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a free and open-source tool called Decider to assist defenders in mapping adversary behavior to...
It’s crucial for organizations to adopt patch management best practices to keep their systems as secure as possible. I’ll be walking you through the importance...
Brave Search now includes Summarizer, an AI-powered tool that provides a summarized answer to an inputted question before the rest of the search results. It...
Recently, Canonical announced that all Ubuntu Flavors would not include Flatpak by default. Flatpak was introduced to Ubuntu several years ago with the goal of...
Cybercriminals use a range of strategies to target vulnerable systems – and remote code execution (RCE) attacks are one of the most common strategies. Indeed,...
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a warning about a new ransomware gang known as Royal ransomware. The ransomware...
Security researchers have discovered 700+ malicious open-source packages in npm and PyPI. npm and PyPI are among the most widely used software repositories globally by...
Freshen up with something new and improved – if it’s as simple as applying a software update…. well, why not? That’s a tempting argument to...
In an effort to shift the burden of defending U.S. cyberspace away from small organizations and individuals, the Biden Administration is pushing for new regulations...
There have been countless articles posted about the new AI chat bots in the past few months, and, since those bots became available to the...
The Trellix Advanced Research Center (TARC) has discovered a new type of privilege escalation bug on MacOS and iOS. These bugs could potentially allow attackers...
Elektrobit and Canonical announced the partnership on October 27, 2022, to lead the path toward a new era of software-defined vehicles. After some months of...
It’s impossible to avoid change in technology – by definition, technology always moves forward. And that’s generally great news, but keeping up with the changes...
Microsoft recently issued a new security advisory urging Exchange Server administrators to remove certain antivirus software exclusions that could expose systems to attacks. According to...
KDE Plasma is a popular desktop environment that allows users to interact with their computers through a graphical interface. It is widely used on Linux-based...
Infrastructure is at the core of any business – whether it’s a pipeline for liquids, a data center, or the development process you’ve taken years...
Google has uncovered a critical Remote Code Execution (RCE) vulnerability in Chrome that could allow attackers to take control of affected systems. Users who are...
Real-time Ubuntu offers secure and reliable solutions for time-sensitive workloads in modern enterprises. By including real-time computing support, Canonical showcases its dedication to providing the...
Cybercriminals are exploiting unpatched vulnerabilities in Fortinet and Zoho products, leaving many organizations vulnerable. According to a Check Point Research report, attackers have been exploiting...
Linux 6.2 is the major kernel update of the year 2023 with some new exciting features. It undergoes a range of updates and improvements, such...
Cybercriminals are now delivering stealthy malware onto Macs using pirated versions of the video editing software Final Cut Pro. This is a concerning trend because...
If you have limited resources, what should you do first: make your systems more tamper proof by patching where and when you can, or ensure...
Unit 42 researchers discovered “Mirai v3g4”, a new variant of the Mirai botnet that targets 13 unpatched vulnerabilities in Internet of Things (IoT) devices. The...
Proxmox VE is an open-source platform for server virtualization that offers robust capabilities for managing both KVM (Kernel-based Virtual Machine) hypervisors and Linux Containers (LXC)....
Threat actors are actively exploiting two zero-day vulnerabilities in Windows and iOS, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The first flaw,...
KernelCare Enterprise’s Linux kernel live patching software has supported ARMv8 (AArch64) in addition to x86_64 (Intel IA32/AMD AMD64) for some time now. However, to get...
Group-IB recently discovered a new phishing campaign believed to be the work of the notorious Chinese state-sponsored hacking group, Sidewinder. The attacks, which began in...
No matter which tech stack you depend on, you can be sure it’s composed of plenty of building blocks – lots of moving parts stacked...
A critical Remote Code Execution (RCE) vulnerability in a popular software library used by a wide range of applications has been discovered by researchers. The...
Denial of Service (DoS) attacks are a special type of cybersecurity threat. The attacker does not need to hack your systems or find a gap...
Forescout researchers discovered two new vulnerabilities in Schneider Electric’s Modicon programmable logic controllers (PLCs), which could allow for authentication bypass and remote code execution. The...
KernelCare Enterprise enables organizations to rapidly patch Linux kernel and critical userspace library vulnerabilities on enterprise Linux environments without requiring kernel restarts or system downtime....
According to Blackberry researchers, a new phishing campaign dubbed “NewsPenguin” has been targeting Pakistan’s military-industrial complex for months, using an advanced malware tool to steal...
Managed services providers (MSPs) face several challenges that can affect their ability to deliver high-quality service. Keeping up with rapidly evolving technology is one challenge...
Microsoft has announced that its support diagnostic tool, MSDT, will be phased out by 2025. The Windows Diagnostic Data Viewer (DDV) application will replace the...
Patches for recently discovered OpenSSL vulnerabilities are already available through TuxCare’s KernelCare Enterprise, which, for some distributions, we’ve released before the vendor-supplied updates have been...
A game mode in Dota 2 exploited a high-severity vulnerability, allowing attackers to remotely execute code on the targeted system. The flaw was discovered in...
Keeping databases patched with the latest security updates is essential for organizations to protect their data. Unpatched database systems can lead to exploits against core...
Proofpoint Threat Research researchers have discovered a new phishing campaign that employs screenshots to deliver malware payload to unsuspecting victims. The attacker sends an email...
TuxCare was there with you right at the start of the CentOS crisis, just as Red Hat suddenly pulled the rug from one of the...
Researchers have discovered a new type of obfuscated malware that is specifically designed to steal sensitive data from victims’ computers. Malware is distributed through phishing...
With Centos-8 EOL, open-source communities of enterprise users and web hosts now face a great amount of risk. But, extended lifecycle support solutions can buy...
Abnormal Security discovered a new business email attack threat actor known as “Firebrick Ostrich” performing Business email compromise (BEC) on a near-industrial scale. It also...
We first reported on W4SP Stealer in November in response to widespread news of a new Python supply chain attack. Unfortunately, as it so often...
Censys, a security firm, has warned that up to 29,000 network storage devices manufactured by Taiwan-based QNAP are vulnerable to easily executed SQL injection attacks,...
Agile methodologies, cloud computing, and automation tools allow software development teams to work faster and more efficiently. They emphasize fast iteration and continuous delivery, enabling...
A Lazarus Group cyberattack is targeting the medical research and energy industries, and their supply chain partners, through exploiting known vulnerabilities found in unpatched Zimbra...
Ever been in a position where you needed to validate an important technical purchase to a group of executives who just didn’t understand what value...
Atlassian has addressed a serious security vulnerability in its Jira Service Management Server and Data Center that could have allowed an attacker to impersonate another...
FIPS 140-3 is a standard issued by the National Institute of Standards and Technology (NIST) that aims to provide a consistent and secure method for...
Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) have warned of a new ransomware attack named ESXiArgs that is targeting VMware ESXi...
Organizations will often try to patch their systems “on time” in order to be secure from new threats. In this context, “on time” will mean...
Threat actors are targeting Bitwarden through Google ads phishing campaigns in order to steal users’ password vault credentials. A spoof version of Bitwarden was expertly...
In the world of Linux distributions, or “distros,” the lifecycle of a distribution refers to the period during which the distribution receives security updates and...
DDoS attacks on German airports, banks, and government agencies have been blamed on Killnet, a self-proclaimed Russian hacktivist group. DDoS is a distributed denial-of-service (DDoS)...
PALO ALTO, Calif. – February 8, 2023 – TuxCare,, a division of CloudLinux Inc, the main sponsoring company of the AlmaLinux OS Project, today announced...
According to the Trellix research team, they patched nearly 62,000 open-source projects that were vulnerable to a 15-year-old path traversal vulnerability in the Python programming...
There is one vulnerability exploited every 2 hours and attackers can cause significant disruption, downtime, and revenue loss. Before divulging into the cloud patching know-how,...
Palo Alto Networks Unit 42 security researchers investigated a PlugX malware variant that can hide malicious files on removable USB devices and then infect the...
Akamai researchers have published a proof-of-concept (PoC) for a vulnerability in a Microsoft tool that enables the Windows application development interface to deal with cryptography....
PALO ALTO, Calif. – February 3, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced that its KernelCare Enterprise Live Patching...
Ermetic researchers discovered EmojiDeploy, a cross-site request forgery (CSRF) bug in Microsoft Azure services that could allow attackers to remotely execute code on affected systems....
Chinese hackers were discovered using a recently discovered flaw in Fortinet’s FortiOS software as a zero-day vulnerability to distribute malware. CVE-2022-42475 (CVSS score of 9.8)...
Kaspersky has discovered a new malicious app known as Wroba.o that uses DNS hijacking to steal victims’ personal and financial information. The app, discovered in...
ThreatFabric cybersecurity researchers have discovered a new type of Android malware known as ‘Hook.’ Hackers can use the malware to gain remote control of an...
End-of-life software is just a fact of our fast-paced technology life. Tech teams know that they need to manage the software lifecycle. Teams also know...
According to CyberArk researchers, GPT-based models like ChatGPT can be used to create polymorphic malware because they can generate large amounts of unique and varied...
Live patching is a method of updating a Linux kernel without restarting the kernel – and therefore without the need to reboot the machine. Live...
Malicious hackers have started exploiting a critical vulnerability CVE-2022-44877 in unpatched versions of the Control Web Panel, a popular free, closed-source web-hosting interface. The vulnerability...
Regulations and standards guide companies toward a consistent cybersecurity response. Even if it sets just a minimal baseline, rulebooks still serve as an improvement on...
Deep Instinct researchers reported that RATs like StrRAT and Ratty were used in a 2022 campaign via polyglot and JAR files. Both threats appear to...
On a fictional tv show that started airing last year, a spy fell out of grace by forgetting some classified intelligence papers on a public...
According to CircleCI’s CTO, Rob Zuber, CircleCI is working with Amazon Web Services to notify customers who have AWS tokens that may have been impacted...
Anyone that’s committed to a five-nines mandate will dread the idea of a cybersecurity breach. It’s a fast way to lose service continuity and it...
A remote attacker could exploit multiple vulnerabilities in four Cisco small business routers to bypass authentication or execute arbitrary commands on an affected device. The...
Linux kernel updates are a fact of life. They are as dull as taxes and about as fun as going to the dentist. But sysadmins...
In a notable IcedID malware attack, the assailant impacted the Active Directory domain of the victim in less than 24 hours, transiting from initial infection...
System administrators that work in enterprise environments know that patching is practically a full-time job. Consider the effort involved in patching just one system: a...
Bitdefender experts have created a universal decryptor for victims of the MegaCortex ransomware family. MegaCortex has been in use since at least January 2019, and...
PALO ALTO, Calif. – January 19, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced the launch of its TuxCare OEM...
The Cybernews research team observed that the AI-powered chatbot ChatGPT can provide step-by-step directions on how to hack websites. When the researchers asked the AI...
Colleges and universities are heavily targeted by cybercriminals that seek to exploit vulnerabilities and trick staff members to infect systems with malware, spyware, and ransomware....
Zoho says it has patched several ManageEngine products for a newly disclosed high-severity SQL injection flaw. CVE-2022-47523 is a SQL injection (SQLi) vulnerability in ManageEngine...
Look, everyone knows that it’s a tough act. Thousands of CVEs are added to the list every month – all in the context of a...
Qualcomm and Lenovo have issued patches to address a number of security flaws in their chipsets, some of which could result in data leakage and...
The public sector, including state and federal agencies, are at just as much risk of cyberattacks as the private sector. Yet, in terms of technology...
Dridex, a Windows-focused banking trojan that has since expanded its capabilities to include information theft and botnet capabilities, is now targeting Macs via email attachments...
According to ARMO researchers, The Kyverno admission controller for container images has a high-severity security vulnerability. Using a malicious image repository or MITM proxy, the...
Hackers frequently target payment card industry (PCI) data. To help protect against this, compliance regimes like the PCI Data Security Standard (PCI DSS) were put...
Researchers at Cyble Research & Intelligence Labs (CRIL) have discovered GodFather malware, a new version of the Android banking Trojan. This malware has infiltrated over...
Cybersecurity insurance policies are considered by many to be a last resort safety net that, when things go wrong in a terrible way, provides at...
The United States Cybersecurity and Infrastructure Security Agency (CISA) has added two-year-old security flaws, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9),...
It’s the making of a horror film: a cyberattack that tampers with the water supply of a city and poisons the residents. It nearly happened...
According to a Guardio Labs report, “MasquerAds” malware targets organizations, GPUs, and Crypto Wallets by using the Google Ads platform to spread malware to users...
As expected, 2022 was a tough year for cybersecurity, with one headline-grabbing cyberattack after another – and there are no signs that 2023 will go...
Dr. Web has discovered Linux.BackDoor.WordPressExploit.1, a website hacking tool based on the WordPress CMS. It takes advantage of 30 vulnerabilities in various plugins and themes...
To meet organizational requirements, compliance mandates, and regulatory requirements, Managed Security Service Providers (MSSPs) have a vulnerability patching approach available to them that they may...
SentinelOne researchers discovered that the Vice Society group has released PolyVice, a custom ransomware that employs a reliable encryption scheme based on the NTRUEncrypt and...
As one of the most popular scripting languages for a variety of applications, Python also offers incredibly valuable functionality when it comes to automated live...
Okta has revealed that a malicious users hacked and replicated its source code repositories on GitHub earlier this month, after previously reporting a compromise carried...
The National Institute of Standards and Technology (NIST) advised organizations, including healthcare, federal/state government, and financial services providers, to deploy software updates through enterprise patch...
According to Microsoft, Zerobot, a one-of-a-kind botnet written in Go and distributed via IoT and web application vulnerabilities, has added new features and infection mechanisms....
This is part three of our five-part blog series exploring the code bugs that lead to the vulnerabilities showing up every day. In this part,...
According to Cisco Talos, two vulnerabilities in the Ghost CMS newsletter subscription system, CVE-2022-41654, and CVE-2022-41697, exist in the newsletter subscription functionality of Ghost Foundation...
Retention rates, NPS, customer score… if you work in the IT department of a telecoms company or any client-facing team, you’ll know all about the...
In an extensive two-factor authentication bypass campaign, multiple Comcast Xfinity email accounts were hacked, and the disrupted accounts were used to reset passwords for other...
Did you know that 75% of cybersecurity threats occur due to the vulnerabilities present in third-party applications? In this blog, we’ll be discussing how patch...
Understanding the relationship between development operations (DevOps) and the agile software development (Scrum) framework is critical for organizations to create a secure, rapid application development...
Eufy, an Anker security camera brand, has been under fire for quite some time due to security concerns about uploaded footage, which it recently admitted....
The Linux Kernel has grown in scope and functionality over the years. New schedulers, new drivers, new filesystems, new communication protocols, new security holes… oh,...
Talos researchers recently uncovered a phishing campaign that uses Scalable Vector Graphics (SVG) images embedded in HTML email attachments to distribute QBot malware. Basically, when...
Frameworks are an effective tool in cybersecurity because of the complexity of cybersecurity challenges and because so many organizations have so little structure to their...
Google has launched OSV-Scanner, a free tool for open-source developers to easily access vulnerability information. It is said to include an interface to the OSV...
VMware has released patches for a number of vulnerabilities, including a virtual machine escape flaw, CVE-2022-31705, which was exploited during the GeekPwn 2022 hacking challenge,...
The U.S. National Security Agency has warned that a Chinese state-sponsored group is exploiting an unauthenticated remote code execution flaw (CVE-2022-27518) to compromise Citrix Application...
Eclypsium Research has identified and reported three vulnerabilities in American Megatrends, Inc. (AMI) MegaRAC Baseboard Management Controller (BMC) software. This is used by AMD, Ampere, Asrock,...
As part of developing and testing new patches, the KernelCare team has reevaluated the impact of the Retbleed patches. We have serious concerns that the...
Google’s Threat Analysis Group discovered APT37, also known as Scarcruft or Reaper, a North Korean-linked hacking group, exploiting a zero-day vulnerability in Internet Explorer’s JScript...
PALO ALTO, Calif. – December 21, 2022 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it now offers a new CentOS...
Patching to protect systems against security vulnerabilities is at the top of the SecOps agenda. However, despite the focus on patching, it’s something that has...
According to Secureworks Counter Threat Unit researchers, the Drokbk malware has been targeting the networks of several local governments in the United States since February....
Critical infrastructure is at the core of a functional society, supplying key utilities such as water, energy, and transport to the nation. It makes infrastructure...
ThreatFabric researchers have discovered the Zombinder service, which allows cybercriminals to easily embed malware into legitimate apps and steal data while also wreaking havoc on...
Deep Instincts researchers have uncovered a hacker group known as MuddyWater, which has been linked to Iran’s Ministry of Intelligence and Security and typically engages...
Eufy denies claims that its cameras can be live streamed without encryption. Eufy stated that it does not upload identifiable footage to the cloud from...
A number of digital certificates used by vendors such as Samsung, LG, and MediaTek have been discovered to be compromised in order to stamp approval...
PALO ALTO, Calif. – December 14, 2022 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, announced it expanded its award-winning KernelCare Enterprise live...
Vedere Labs researchers recently discovered three new security flaws in a long list of flaws collectively tracked as OT:ICEFALL. The flaws are said to affect...
MySQL high availability allows companies to run databases that meet higher uptime requirements and zero data loss tolerance, which are highly sought-after goals that every...
Wiz security researchers discovered Hell’s Keychain, a first-of-its-kind cloud service provider supply-chain vulnerability, in IBM Cloud Databases for PostgreSQL. This occurred while researchers were conducting...
“We are in the process of digging ourselves into an anachronism by preserving practices that have no rational basis beyond their historical roots in an...
Aqua Nautilus, a cloud security firm, discovered new Go-based malware that targets Redis (remote dictionary server), an open source in-memory database and cache. The attack...
ESET researchers discovered an ongoing campaign by the Bahamut APT group, a notorious cyber-mercenary group that has been active since 2016, that targets Android users...
A digital twin (DT) is a virtualized representation of an actual device, and is often used in relation to operational technology (OT), industrial control system...
A memory leak bug on Local Security Authority Subsystem Service (LSASS), a service that allows users to manage local security, user logins, and permissions, is...
After discovering malicious behaviors in 1,652 of 250,000 unverified Linux images publicly available on Docker Hub, security researchers have warned developers of the risks of...
Despite fixes released by the chipmaker, a set of five medium-severity security flaws in Arm’s Mali GPU driver have remained unpatched on Android devices such...
Continuous integration (CI) refers to testing code changes before deployment to production. Continuous delivery (CD) is where code changes are automatically deployed to production systems...
The APT group DefrayX has launched a new version of its RansomExx malware known as RansomExx2, a variant for Linux rewritten in the Rust programming...
When it comes to the Industrial Internet of Things (IIoT), the legacy Purdue model no longer provides adequate levels of security projection – as newer...
DuckDuckGo, a privacy-focused search engine, has added an App Tracking Protection tool to its Android app, allowing users to see what personal data trackers are...
If your organization deploys IoT solutions, you know that development of embedded systems is a bit different from standard desktop development. Linux’s low cost is...
A few days after Microsoft acknowledged problems with Kerberos authentication that affected Windows Servers with the Domain Controller role, causing domain user sign and Remote...
Thousands of databases hosted on Amazon Web Services Relational Database Service (RDS) have been discovered to be leaking personally identifiable information, potentially providing a gold...
Security researchers from Checkmarx have uncovered an ongoing supply chain attack that involves spreading the malware identified as W4SP Stealer. W4SP Stealer is a discord...
Keeping your systems up to date can be done in many different ways, each with its own pros and cons. Some so-called “patching” methods are...
Attackers are using phishing tactics to spread QBot, a Windows malware that started as a banking trojan but evolved into a full-featured malware dropper. According...
Gone are the days of Operational Technology (OT) being distinctly separated from IT. With the need of constant monitoring and tracking of the physical assets,...
Apple has released security updates for iOS, iPadOS, and macOS Ventura to fix two remote code execution (RCE) vulnerabilities that allow remote or Internet attackers...
Cybersecurity professionals need to be aware of new threats and take action immediately so that we can minimize the risk of future incidents occurring. Much...
Worok malware makes the rounds by deploying multi-level malware designed to steal data and compromise high-profile victims such as government entities in the Middle East,...
Breakthroughs don’t often happen in cybersecurity, but when one does, it can be a real magic bullet. Linux kernel live patching, which is the ability...
IceXLoader, an updated version of a malware loader, is suspected of infecting thousands of personal and enterprise Windows machines around the world. IceXLoader is a...
Operational technology (OT) is equipment and computer software used for analyzing utility control processes for critical infrastructure, while Industrial Control System (ICS) assets are the...
A security researcher, David Schütz has received a $70,000 bug bounty after he accidentally discovered a Google Pixel lock-screen bypass hack that solved a serious...
Operational Technology (OT) and Industrial Control Systems (ICS) technologies help ensure safety by monitoring and controlling critical operations. OT includes Supervisory Controls And Data Acquisition...
Microsoft has fixed six actively exploited Windows vulnerabilities and 68 vulnerabilities in its November 2022 Patch Tuesday. Eleven of the 68 vulnerabilities fixed are classified...
There are many different ways to improve upon traditional patching, so it’s easy to get confused about how each patching approach works. In the past,...
The long-awaited OpenSSL bug fixes to fix a critical severity security hole are available now. New OpenSSL patches have reduced the severity of the bug...
Threat actors are distributing malicious Python packages to the popular Python Package Index (PyPI) service, using authentic-sounding file names, and hidden imports to deceive developers...
RomCom, a threat actor, is said to be conducting a series of new attack campaigns using the brand power of SolarWinds, KeePass and PDF Technologies....
Cisco has released security updates to address two vulnerabilities that are classified as “high”: CVE-2022-20961 and CVE-2022-20956. The vulnerabilities affect the Cisco Identity Services Engine...
We continue to look at the code issues that cause the vulnerabilities impacting the IT world. In this installment of our five-part blog series exploring...
According to security researchers from SentinelOne, the relatively new ransomware gang called Black Basta shares tooling and possibly personnel with the notorious FIN7 hacking group....
Not all Linux live patching solutions are created equal. In fact, many live patching solutions are quite limited. Oracle’s Ksplice is an example of a...
Researchers from the Leiden Institute of Advanced Computer Science have discovered thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for vulnerabilities and...
Last year, CISA created a list of vulnerabilities being actively exploited and a list of applications directly affected by those vulnerabilities. Over time, the list...
Microsoft Internet Information Services (IIS), a web server that enables hosting of websites and web applications, is being exploited by the Cranefly hacking group to...
What Is an Embedded System? Before diving into embedded Linux, let’s first discuss what it’s used for: embedded systems. There are embedded systems in everything:...
The cloud has never been about reducing costs. In fact, even staunch cloud advocates admit it – crunching the numbers just doesn’t make sense financially...
A hacker group that is identified simply as DEV-0950 is using CIop ransomware to encrypt the network of organizations that were previously infected with the...
Major operating system vendors, software publishers, email providers and technology companies that integrate OpenSSL into their products have been asked to prepare for a possible...
Researchers from the Checkmarx Supply Chain Security team have discovered a “high-severity” vulnerability in GitHub. Using a technique known as Repo jacking, attackers could take...
Researchers from the cybersecurity company Fortinet have uncovered a malicious campaign in which attackers exploit a critical vulnerability in the VMware Workspace One Access to...
The CIS Critical Security Controls, known widely as CIS Controls, are a series of actionable cybersecurity recommendations designed to prevent common and not-so-common attacks against...
Researchers from Singapore-based Numen Cyber Labs have discovered and shared details on a vulnerability in the Move virtual machine responsible for powering the Aptos blockchain...
Content giant Patreon recently laid off its entire internal cybersecurity team. While it’s publicly known that five employees from the team were let go, the...
A relatively new ransomware operation, identified as Venus is hacking into publicly exposed Remote Desktop services to encrypt Windows devices. According to researchers, Venus ransomware...
The technology world is full of big promises, including in cybersecurity. Just think about it: how many times have you heard the promise of a...
Hackers are using the Emotet botnet to exploit password-protected archive files to drop CoinMiner and Quasar RAT on vulnerable devices. Based on one of the...
It’s common to hear about new vulnerabilities and exploits, some of which even get fancy names of their own, but sometimes the details of how...
Wordfence, a WordPress security company, has uncovered attempts by hackers to exploit the new Text4Shell vulnerability. Tracked as CVE-2022-42889 the flaw was discovered in Apache...
Notorious cyber espionage group Budworm has launched deliberate attacks against a number of high-profile targets, including a U.S. state legislature, a Middle Eastern country and...
Security company Cloudflare recently ended a 2.5 Tbps distributed denial-of-service (DDoS) attack launched by a Mirai botnet. The company announced the incident while pointing to...
Hackers are exploiting a vulnerability tracked as CVE-2022-41352 in the Zimbra Collaboration Suite (ZCS). Already, threat actors were able to hack into almost 900 servers....
Attackers are using a Windows malware called Ducktail to steal Facebook accounts, browsing data and crypto wallets. Ducktail is associated with Vietnamese hackers and relies...
Hackers compromised Binance’s BNB Smart Chain (BSC) and stole an estimated USD 110 million. Hackers were able to get their hands on as much as...
A malicious campaign uncovered by security firm Armorblox shows that attackers manipulate Zoom to compromise Microsoft user data. In one of the incidents analyzed, more...
A Fortinet vulnerability in FortiGate firewalls and FortiProxy web proxies could allow a threat actor to perform unauthorized actions on vulnerable devices. The bug, a...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the NSA have issued a joint report describing an intrusion into the network of...
According to Trend Micro researchers, a threat actor identified as ‘Water Labbu’ is hacking into cryptocurrency scam sites to inject malicious JavaScript with the aim...
ESET researchers have uncovered the malicious activities of Lazarus, a North Korean hacking group that exploits a Dell hardware driver flaw for Bring Your Own...
The software security company Checkmarx has uncovered the malicious activities of the threat actor LofyGang, which distributes trojanized and typosquatted packages on the NPM open...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Bitbucket Server RCE and two Microsoft Exchange zero-days to its list of exploited vulnerabilities....
While many were away enjoying some well-deserved R&R, security researchers, hackers wearing hats of all different colors, and intelligence agents from all over the world...
Sometimes organizations must embrace evolution in the way things are done, whether it’s because a new approach has become standard practice or because of some...
According to researchers from Lumen-based Black Lotus Lab, a new Chaos malware is targeting multiple architectures to spread DDoS, cryptocurrency miners, and install backdoors. The...
Cisco Talos researchers have uncovered a social engineering malware campaign that exploits a remote code execution flaw in Microsoft Office to apply a Cobalt Strike...
Microsoft has announced that two critical vulnerabilities in its Exchange application are being exploited by attackers. The company also explained that more than 22,000 servers...
A new malware, identified as Metador, is being used by attackers to target telecommunications, internet service providers and universities on multiple continents, according to security...
GitHub warns that cyber attackers are compromising user accounts through a sophisticated phishing campaign. The malicious messages notify users that their CircleCI session has expired...
TuxCare is pleased to announce it was honored in this year’s inaugural Merit Awards for Technology. Recognized with a silver win in the information security...
Threat actors are now updating the data exfiltration tool Exmatter with a unique data corruption feature, which attackers could switch to perform ransomware attacks in...
Sophos has warned that attackers are exploiting a critical code injection security vulnerability in the company’s Firewall product. The attackers are exploiting the flaw in...
Microsoft SQL servers are being targeted with FARGO ransomware according to AhbLab Security Emergency Response Center (ASEC) researchers. MS-SQL servers are considered database management systems...
A threat actor identified as Webworm is using Windows-based remote access trojans for cyber espionage. The Symantec Threat Hunter team identified cases where the attacker...
Bitdefender has published a free decryptor, which is supposed to help LockerGoga ransomware victims to restore their files without having to pay a ransom. The...
According to security researchers from AdvIntel, ransomware gangs such as Quantum and BlackCat are now using the Emotet malware in attacks. Emotet started as a...
A hacker gained access to Rockstar Games’ internal servers and stole 3 GB worth of early GTA 6 footage, photo and source code for the...
Security researchers at Malwarebytes have uncovered an ongoing malvertising campaign that injects ads into Microsoft’s Edge News Feed, redirecting potential victims to websites that promote...
Python has grown tremendously, and its impact has been remarkable. It has become one of the most popular programming languages among developers and researchers. Python...
Cybersecurity company Trend Micro has uncovered a malware campaign in which threat actors exploit security vulnerabilities in the Oracle WebLogic Server to deliver cryptocurrency mining...
Supply chain attacks come in all forms and shapes. One example is taking over legitimate accounts to deploy malicious code into widely used libraries. Another...
Chainalysis, a U.S. company, said it had worked with the FBI to recover more than $30 million in cryptocurrency stolen from online video game maker...
TuxCare’s KernelCare Enterprise provides live patches for various enterprise-grade Linux distributions. Preparing patches for each new CVE has to account for each of those distributions’...
A new version of the Bumblebee malware loader has been discovered by researchers. The new strain of malware offers a new chain of infection, including...
Wordfence, a WordPress security company, has warned of a zero-day WordPress vulnerability that is now being exploited by attackers. The bug is in a WordPress...
Ransomware has become such a common threat over the last few years that companies anticipate coming face to face with an attack at some point....
A China-based threat actor dubbed APT TA423 is carrying out waterhole attacks on domestic Australian organizations and offshore energy companies in the South China Sea...
A new ‘GIFShell” attack technique exploits bugs and vulnerabilities in Microsoft Teams to abuse legitimate Microsoft infrastructure, execute malicious files, execute commands, and exfiltrate data....
A backdoor in information stealing malware, Prynt Stealer is used to steal data that is exfiltrated by other cyberattackers, according to Zscaler ThreatLabz researchers. Already,...
Python is a language that has experienced explosive growth since its release and is now used extensively across industries by developers with different experience levels....
Google has released an emergency patch to fix a zero-day vulnerability exploited in the wild. Tracked as CVE-2022-3075, the zero-day flaw was discovered and reported...
Extended Lifecycle Support (ELS) for Python enables continued use of Python 2 applications, with timely security updates, without requiring any code refactoring or migration to...
A ransomware attack that began on Thursday, August 25, involved Windows and Linux systems operated by the Chilean government agency, and the incident was verified...
Being faced with the prospect of having to delve into old code to get it running against a new language version is one of the...
Cybersecurity researchers at Trend Micro have identified a 75% leap year-over-year in the number of ransomware attacks targeting Linux users. Apart from ransomware groups, there...
Samsung has confirmed a cyberattack on the company which led to attackers accessing some vital information belonging to attackers. The company stated in its data...
Mozilla is promoting the upcoming Firefox 105 with amazing features and the new version is now available to the beta channel for public testing, early...
Kai-Heng Feng released a patch on Tuesday that allows users’ laptops to switch their external monitor connections to be routed via a laptop’s discrete GPU...
Openbox is the default window manager in LXDE and LXQt and is used in various Linux distributions. Many consider Openbox to be a free, stackable...
The Kubuntu Focus team has unveiled the new Kubuntu Focus NX Mini Linux PC, which will expand the Linux hardware offering to more users. Kubuntu...
Linux Kernel 6.1 one of the latest updates to the Linux operating system provides users with a new logging system that will enable them to...
Losing files can generally be a painful experience, especially when it comes to a lot of vital information and Linux users are not exempted. Often,...
Security remains a top priority for Linux users worldwide. Apart from security, users are interested in browsers that can guarantee privacy. especially in a world...
Although Linux is the most private and secure operating system, according to AtlasVPN, it has seen an increase in malware samples. The results showed that...
Researchers be have uncovered at least 241 malicious Npm and PyPI packages that drop cryptominers after infecting Linux machines. These malicious packages are largely typosquats...
Linux Torvalds, the main developer of the Linux kernel used by the Linux distribution and other operating systems such as Android, has revealed the latest...
BlackBerry threat researchers have shared common tactics and strategies to better protect Linux systems from cyberattacks. To create a viable way to security, researchers investigated...
A malicious PyPI package identified as secretslib is used by Monero cryptominer on Linux systems. The malicious package activity was uncovered by security researchers at...
According to an advisory published by Trend Micro, the Luckymouse threat actor is said to have compromised the cross-platform messaging app MiMi to install backdoors...
Zhenpeng Lin, a PhD student, and other researchers have uncovered a new Linux Kernel exploitation called Dirty Cred. The flaw tracked as CVE-2022-2588 was unveiled...
Linux is an operating system just like Windows, iOS and MacOS. Android is powered by Linux OS. Operating system is basically software that controls the...
After the Equifax data breach, which highlighted the consequences of unpatched software, administrators have the delicate task of ensuring that the latest patches are applied...
PHP is used to power a vast number of websites on the Internet, some of which will be hosted side-by-side on the same system. When...
PHP Extended Lifecycle Support provides security updates and versions if you’re interested in maintaining compatibility with existing PHP code while remaining secure against the latest...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a path traversal bug in the UnRAR utility for Linux and Unix systems to its...
If you’re reading this blog regularly, you’ll already know that unremedied security vulnerabilities open the door to cyberattacks. You’ll also know how tough it is...
Threat hunters at Fortinet have uncovered a new botnet called “RapperBot.” The malware, which has been in use since mid-June 2022, has targeted Linux SSH...
With more than 4 billion social media users around the world, cybercriminals are more inclined than ever to target these users to make money or...
Catastrophic risks such as natural disasters and indeed cyberattacks require insurance. Insurers can afford large payouts when one insured party is hit – by pooling...
The TuxCare team has improved the accessibility of our KernelCare Enterprise changelog. It is easier to navigate and has now been updated to provide a...
In a symphony orchestra, instruments harmonize to create one pleasing sound. Similarly, enterprise IT procedures orchestrate to introduce new systems to production, monitoring, and maintenance...
We are pleased to announce that a new updated ePortal version 1.37-1 is now...
We are pleased to announce that a new updated KernelCare agent version 2.64-1 is now...
We are pleased to announce that a new updated ePortal version 1.36-1 is now...
IT environments are different everywhere you look. No two companies have precisely the same needs or requirements, so it follows that no two companies will...
We are pleased to announce that a new updated KernelCare agent version 2.63-1 is now...
We are pleased to announce that a new updated ePortal version 1.35-1 is now...
We are pleased to announce that a new updated KernelCare agent version 2.62-2 is now...
We are pleased to announce that a new updated ePortal version 1.34-1 is now...
Welcome to the March instalment of our monthly news round-up, bought to you by TuxCare. We’re honoured to be the Enterprise Linux industry’s trusted maintenance...
As regulations around cyber security tighten and the risks increase, have you ever wondered how your company’s IT processes rank compared to others? Are you...
We are pleased to announce that a new updated ePortal version 1.33-1 is now...
A few years ago, a vulnerability dubbed “Dirty Cow” (CVE-2016-5195) was in the spotlight for a while. It was a trivially exploitable privilege escalation path...
Proof of value (POV) is a key step in the buying process. It allows tech teams to test a product or service to find out...
The University of Zagreb’s Croatian Academic and Research Network (CARNet) faced a significant threat: like other educational institutions, its networks were under constant attack from...
We are pleased to announce that a new updated ePortal version 1.32-1 is now...
Welcome to the February instalment of our monthly news round-up, bought to you by TuxCare. We’re proud to be a trusted maintenance service provider for...
We are pleased to announce that a new updated KernelCare agent version 2.61-1 is now...
Many high-level technologies in the IT industry, in fact most of them, are built on top of existing features. Containers are a prime example of...
The TuxCare Team is always looking for new ways to improve the experience provided by our products. A pain point we identified was the amount...
Samba, the widely used file sharing tool, has a well-established presence, especially in mixed system environments, where file shares have to be accessed from different...
We are pleased to announce that a new updated ePortal version 1.31-1 is now...
We are pleased to announce that a new updated KernelCare agent version 2.60-2 is now...
Delivering solutions in complex technology environments means balancing many competing priorities, both internal and external. There’s always a risk that the customer experience takes a...
Welcome to the January instalment of our monthly news round-up, bought to you by TuxCare. Proud to be a trusted maintenance service provider for the...
Death, taxes, and new CVEs… those are all things we can be very certain about in life. For users of CentOS 8, the inevitable has...
We are pleased to announce that a new updated ePortal version 1.30-2 is now...
Still using CentOS 8 even though it’s now unsupported, and in spite of the obvious risks? Well, in a way it’s understandable. Red Hat took...
It looks like IT teams have no respite. Following all the hassles caused by log4j (and its variants), there is a new high profile, high-risk...
Just over a year ago Red Hat announced that the company is changing gears on CentOS, dropping support for the stable release of CentOS that’s...
SentinelOne researchers discovered that the Vice Society group has released PolyVice, a custom ransomware that employs a reliable encryption scheme based on the NTRUEncrypt and...
In cybersecurity, metrics provide a way to measure cybersecurity performance and point to how successfully you’re defending your technology assets. Mean time to patch, or...
Welcome to the December installment of our monthly news round-up, bought to you by TuxCare. We’re proud to be the Enterprise Linux industry’s trusted maintenance...
A new updated vim package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated binutils package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
GNU Binutils is one of the fundamental packages in a development environment – it includes several different tools for manipulating ELF files, object files, and...
While backporting fixes for the binutils package for older Linux distributions covered by Extended Lifecycle Support, the team identified a vulnerability in the way CVE-2018-12699...
A new updated exim package within Ubuntu 16.04 ELS is now available for download from our production...
We are pleased to announce that a new updated ePortal version 1.29-1 is now...
A new updated nss package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
If you ask a sysadmin what annoys him or her the most about their job, chances are pretty high that you’ll get, in no particular...
A new updated binutils package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated binutils package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated nss package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
If you’re interested in Linux security, kernel vulnerabilities or simply have some spare time to run some tests, this article is for you. In it,...
In some of our previous articles, we’ve covered the closely integrated relationship between open-source software – which is essentially free – and the commercial organizations...
A new updated nss package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated python3.5 package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated openssh package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated busybox package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated nss package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated vim package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated openldap package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated binutils package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
We are pleased to announce that a new updated ePortal version 1.28-1 is now...
Welcome to the November installment of our monthly news round-up, bought to you by TuxCare. We are the Enterprise Linux industry’s trusted maintenance services provider....
A new Ubuntu 16.04 kernel within ELS is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.59-1 is now...
A new updated binutils package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated binutils package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated openldap package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated openldap package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated php package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated vim package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated glibc package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
The server environment is complex and if you’re managing thousands of Linux servers, the last thing you want is for an operating system vendor to...
Let’s face it – everyone’s had just about enough. Exploits are everywhere, and it’s almost impossible to deal with the problem to a watertight degree....
A new updated bind package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.58-1 is now...
A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated php package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated php7.0 package within Ubuntu 16.04 ELS is now available for download from our production...
Iconv is a library used to convert between different character encodings and is part of a core group of tools and libraries used to perform...
A new updated glibc package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated glibc package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated glibc package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated bind package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated nginx package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated bind package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated bind package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated mysql package within Ubuntu 16.04 ELS is now available for download from our production...
Welcome to the next installment of our monthly news round-up, brought to you by TuxCare. We have developed live patching solutions that minimise maintenance workload...
If you’re a systems administrator responsible for thousands of servers, even a small slowdown can cause serious technical problems for your enterprise, and cost it...
A new updated gd package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated nginx package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated nginx package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated nginx package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated python3.5 package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated mysql package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated systemd package within Ubuntu 16.04 ELS is now available for download from our production...
TuxCare’s KernelCare team is preparing a large batch of patches for Ubuntu 20.04 HWE and AWS Hirsute variants, running the ubuntu-focal-hwe-5.11 and ubuntu-focal-aws-5.11 kernels. All...
We are pleased to announce that a new updated KernelCare agent version 2.57-1 is now...
Some time ago, we announced the availability of the CVE Dashboard for the Extended Lifecycle Support service. It provides an up-to-date view of CVE information...
A new updated httpd package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated binutils package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated gd package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated gd package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated gd package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated dovecot package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
TuxCare has recently introduced QEMUCare, the live patching solution for when you need to deploy patches to a QEMU-based infrastructure, but the logistics around the...
A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated httpd package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated vim package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated vim package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated httpd package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated curl package within Ubuntu 16.04 ELS is now available for download from our production...
A new updated apache2 package within Ubuntu 16.04 ELS is now available for download from our production...
Welcome to our monthly news round-up, bought to you by TuxCare, the trusted maintenance services provider for the Enterprise Linux industry. Our services maximise system...
A new updated dovecot package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated dovecot package within OracleLinux OS 6 ELS is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.56-1 is now...
A new updated httpd package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.55-2 is now...
A new updated ntp package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated openssl package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated python package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated binutils package with the fix for the CVE-2021-3487 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
The expiration of a root certificate in the Let’s Encrypt certification chain causes multiple issues, especially when coupled with older versions of OpenSSL like those...
Let’s Encrypt is a practical way of obtaining certificates and implementing TLS encryption across a wide range of applications. Looking at the number of issued...
A new updated ntp package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated ntp package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated openssl package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated openssl package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated httpd package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated httpd package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated python package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated python package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated binutils package with the fix for the CVE-2021-3487 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated binutils package with the fix for the CVE-2021-3487 within OracleLinux OS 6 ELS is now available for download from our production repository....
A new updated binutils package with the fix for the CVE-2021-3487 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
Open-source code is at the core of many of the critical software solutions that large companies, governments, and even home users depend on. You would...
A new CentOS 6 kernel within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
A new updated openssl package with the fix for several CVEs within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated microcode_ctl package with the fix for several CVEs within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated xterm package with the fix for the CVE-2021-27135 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
Major progress is usually made step by step – building capabilities, layer by layer. That’s the case for free and open-source (FOSS) software too, with...
We are pleased to announce that a new updated KernelCare agent version 2.54-1 is now...
We are pleased to announce that a new updated ePortal version 1.27-1 is now...
A new updated openssl package with the fix for several CVEs within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated openssl package with the fix for the CVE-2021-3712 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated openssl package with the fix for the CVE-2021-3712 and CVE-2021-23841 within OracleLinux OS 6 ELS is now available for download from our production...
A new updated intel-microcode package with the fix for several CVEs within Ubuntu 16.04 ELS is now available for download from our production...
A new updated microcode_ctl package with the fix for several CVEs within OracleLinux OS 6 ELS is now available for download from our production...
A new CentOS 6 kernel within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated xterm package with the fix for the CVE-2021-27135 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated curl package with the fix for the CVE-2021-22924 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
Today TuxCare opens a survey on Patch Management of QEMU/KVM-based systems, which has a goal to create a better understanding of current practices and methodologies...
A new updated microcode_ctl package with the fix for several CVEs within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated squid package with the fix for the CVE-2020-14058 and CVE-2020-15049 within CentOS 6 ELS has been rolled out to 100% and is now available...
A new updated curl package with the fix for the CVE-2021-22924 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated curl package with the fix for the CVE-2021-22924 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated curl package with the fix for the CVE-2021-22924 within OracleLinux OS 6 ELS is now available for download from our production...
New updated glibc and java-1.8.0-openjdk packages within CentOS 6 ELS have been rolled out to 100% and are now available for download from our production...
The TuxCare Team is proud to announce QEMUCare, the live patching solution for your QEMU virtualization host systems. Now you can keep these systems updated...
Here at TuxCare, we pride ourselves on being the trusted provider of maintenance services for the Enterprise Linux industry. Our services improve system administration manageability...
The TuxCare Team is proud to announce that it is adding support for CentOS 8 under its Extended Lifecycle Support service. With this service, TuxCare...
Binary compatibility is one of those important tech concepts that hides in the background – but that is a critical element in making things work....
Qualys provides visibility into the IT infrastructure, with comprehensive reporting on the state of systems and vulnerabilities that may be present in them. TuxCare’s KernelCare...
A new updated squid34 package with the fix for several CVEs within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated squid34 package with the fix for several CVEs within OracleLinux OS 6 ELS is now available for download from our production...
A new updated squid package with the fix for the CVE-2020-14058 and CVE-2020-15049 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated squid package with the fix for the CVE-2020-14058 and CVE-2020-15049 within OracleLinux OS 6 ELS is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.53-2 is now...
Few libraries are in widespread use as OpenSSL. It has a ubiquitous presence across hardware platforms and operating systems, userland applications and IoT. The chances...
A new updated openjdk-9 package with the fix for the CVE-2021-2388 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated openjdk-8 package with the fix for the CVE-2021-2388 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated glibc package with the fix for several CVEs within Ubuntu 16.04 ELS is now available for download from our production...
A new updated squid package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
As you may have seen, TuxCare’s Live Patching service, KernelCare Enterprise, now supports Rocky Linux. The first 5 CVEs fixed are already being delivered through...
New updated glibc and java-1.8.0-openjdk packages within CentOS 6 ELS have been scheduled for gradual rollout from our production...
New updated glibc and java-1.8.0-openjdk packages within OracleLinux OS 6 ELS are now available for download from our production...
This is our second article in our “concepts you’re using without even knowing” series. This time, we’re discussing identity management, and specifically centralized identity management....
A growing threat landscape rapidly made the CISO role one of the most influential C-level positions. It’s no surprise that the remit of CISOs keeps...
A new updated OracleLinus 6 kernel v.2.6.32-754.35.2 within OracleLinux 6 ELS is now available for download from our production...
TuxCare services already cover over 40 Linux distributions commonly found in Enterprise environments. These range from CentOS to Debian, and over the years, the list...
The TuxCare Team is responsible for performing in-depth analyses of new CVEs. This is done for every new CVE that pops up, which affects, directly...
A new updated squid package within OracleLinux OS 6 ELS is now available for download from our production...
A new updated squid package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated perl package within CentOS 6 ELS with the fix for the CVE-2020-10878 and the CVE-2020-10543 has been rolled out to 100% and is now...
A new updated glibc package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
An updated Ubuntu 16.04 ELS with the fix for the CVE-2021-33909 is now available for download from our production...
We are pleased to announce that a new updated KernelCare agent version 2.52-1 is now...
One request we often receive is about the status of a particular fix or if we are already working on a vulnerability that has just...
One request we often receive is about the status of a particular fix or if we are already working on a vulnerability that has just...
A new updated squid package with the fix for the CVE-2021-28651 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated curl package with the fix for the CVE-2021-22925 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated perl package with the fix for the CVE-2020-10543 was updated in the current rollout within CentOS 6...
A new updated perl package with the fix for the CVE-2020-10543 within OracleLinux 6 ELS is now available for download from our production...
We are a trusted partner to the Enterprise Linux industry when it comes to delivering maintenance services. Our goal is to improve the manageability of...
We are pleased to announce that a new updated KernelCare agent version 2.51-1 is now...
A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been rolled out to 100% and is now...
The last Friday of July is System Administrator Appreciation Day. It’s the one day when Sysadmins like you who have been putting out users’ fires...
A new updated perl package within CentOS 6 ELS with the fix for the CVE-2020-10878 has been scheduled for gradual rollout from our production...
A new updated perl package with the fix for the CVE-2020-10878 within OracleLinux 6 ELS is now available for download from our production...
A new updated glibc package within CentOS 6 ELS has been scheduled for gradual rollout from our production...
We are pleased to announce that a new updated KernelCare agent version 2.50-1 is now...
Continuing our trend of testing all the CVEs that come out that may affect the Linux distributions covered by our Extended Lifecycle Support, the team...
A new updated CentOS 6 kernel v.2.6.32-754.35.7 with the fix for the CVE-2021-33909 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
Some weeks ago, CVE-2021-22898 was published. It affects curl/libcurl from version 7.7, dating from the 22nd of March 2001. It consisted of a flaw in...
A new updated imagemagick package within Ubuntu 16.04 ELS is now available for download from our production...
Having a centralised identity management system is the current best practice to consolidate and enforce secure login and authorisation policies over a wide range of...
A new updated curl package with the fix for the CVE-2021-22925 within OracleLinux 6 ELS is now available for download from our production...
A new updated curl package with the fix for the CVE-2021-22925 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated curl package with the fix for the CVE-2021-22925 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
CVE-2021-33909 was disclosed on the 20th of July. It describes a vulnerability in the Linux filesystem layer that can lead to local privilege elevation when...
A new updated CentOS 6 kernel v.2.6.32-754.35.6 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated systemd package with the fix for the CVE-2021-33910 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated squid package with the fix for the CVE-2021-28651 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated squid package with the fix for the CVE-2021-28651 within OracleLinux 6 ELS is now available for download from our production...
A new updated squid package with the fix for the CVE-2021-28651 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
Forgotten vulnerabilities can come back to haunt you. It’s just too easy to assume that you’ve patched or upgraded thoroughly enough so that a dangerous,...
We are pleased to announce that a new updated KernelCare agent version 2.49-2 is now...
We are pleased to announce that a new updated ePortal version 1.26-1 is now...
Vulnerability management tools are a broad and wide category, but all have the same goal: helping organizations to minimize the risk posed by everyday IT...
A new updated sudo package with the fix for the CVE-2021-23240 within CentOS 6 ELS has been rolled out from our production...
Spectre and its cousin Meltdown have been with us since 2018, and one would think that we’ve heard everything there is to hear about these...
We are pleased to announce that a new updated KernelCare agent version 2.48-1 is now...
We have updated this blog post due to high demand. Our new blog post can be found here: https://tuxcare.com/ensuring-uptime-with-mysql-high-availability/ The cost of downtime in the...
A new updated sudo package with the fix for the CVE-2021-23240 within CentOS 6 ELS has been scheduled for gradual rollout from our production...
A new updated sudo package with the fix for the CVE-2021-23240 within OracleLinux 6 ELS is now available for download from our production...
A new updated sudo package with the fix for the CVE-2021-23240 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated curl package with the fix for the CVE-2021-22898 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated CentOS 6 kernel v.2.6.32-754.35.5 within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production...
As a trusted partner for providing maintenance services to the Enterprise Linux industry, our goal is to make system administration more manageable. In this monthly...
When it comes to patching, thoroughness is a critical aspect – it takes just one unpatched service to open the doors to a damaging intrusion....
A new updated hivex package with the fix for the CVE-2021-3504 within CentOS 6 ELS has been rolled out to 100% and is now available for download...
A new updated curl package with the fix for the CVE-2021-22898 within Ubuntu 16.04 ELS is now available for download from our production...
A new updated curl package with the fix for the CVE-2021-22898 within OracleLinux OS 6 ELS is now available for download from our production...