Check the status of CVEs. Learn More.
We need your knowledge! Complete TuxCare’s annual survey on Linux and open source to be entered to win one of many prizes (up to $500)! Get started here.
Just like the latest innovations, trends, and hot takes in the Linux world, the threats that target Linux-based systems are constantly evolving. How can one possibly keep up with everything?
Welcome to the TuxCare newsletter: an expert-curated bi-weekly guide to all the most recent happenings in Linux security, including professional opinions from seasoned cybersecurity veterans.
We require your email for the delivery of the newsletter. We will review analytical data for performance purposes but will not use your data for any behavioral targeting. If you are based in the EEA, please contact us so we can provide you with the protections afforded to you under EEA protection laws.
Timely, valuable insights and news from the cybersecurity space, actionable security solutions for Linux systems, and developer know-how on vulnerability management
Over 5,000 Linux & open-source professionals that want to keep their systems safe, compliant, and running smoothly
Just twice per month – on the 1st and the 15th
The Cybersecurity Resilience Act: A Global Impact on Digital Products
Focusing on meeting cybersecurity compliance requirements is a good first step, but not more than that.
Linus Torvalds is tired of fixing hardware bugs on the kernel: “it's *THEIR* damn problem.“
You’ve probably read about it – all Linux systems vulnerable to a remote code execution exploit that was recently announced
Are you happy with the results coming from your vulnerability scanner showing no problems?
Live patching has many obvious advantages over traditional methods, but there is one aspect that is not that obvious.
Are you feeling left behind by not moving your systems to the cloud?
What is more dangerous than a widespread malware attack? An update for a security tool.
Are you confident about your organization’s security posture effectiveness? Have you seen the news lately?
What do your critical systems, your television, and your washing machine have in common? They are all likely to be running OpenSSH
Unreliable software is so prevalent that when something “just works” it’s a surprise.
AI Hardware is incredible – and incredibly expensive. If you’re worried about securing your AI hardware and maximizing its output, this article is for you.
ear-in-review reports, like Verizon’s Data Breach Investigation Report, are a common type of publication released by organizations every year.
With the latest Spectre variant, hardware-level vulnerabilities are back in full swing.
Compounded Crisis: Change Healthcare’s Breach Escalates with New Threats
When the news broke on xz being compromised, the open-source world was surprised at how insidious the threat was, and how far it reached.
Ransomware and critical infrastructure go hand in hand like peanut butter and jelly. This time it was healthcare… but there’s a twist you don’t want to miss in this one.
Understanding how “Technical Debt” can over time evolve into “Security Debt” is the starting point for tackling the problem.
Ransomware has been a thorn in the side of organizations worldwide for years now. In a happy turn of events, there was a big win against the operators behind one of the largest ransomware operators.
Startling new Google findings reveal that a significant portion of zero-day exploits trace back to commercial spyware vendors, highlighting the alarming nexus between profit motives and the proliferation of digital vulnerabilities.
Our 2023 Year-in-Review report reveals that 40% of organizations are still using CentOS, with many running versions past their end-of-life date with no support.
Sometimes it's difficult to distinguish intended from unintended consequences. A "prank" gone wrong over the holidays made life more difficult for Node.js developers and showed why we can't have nice things.
Security researchers, known for their inquisitive and unconventional methods, have recently scrutinized UEFI (Unified Extensible Firmware Interface), revealing significant weaknesses called LogoFAIL vulnerabilities.
Beyond the Hyperbole: A Realistic Look at the Financial Payout of Ransomware
Cybercriminals are turning legal systems to their advantage, and executives are facing increased personal risks.
Our latest blog revisits an infamous 2000 Microsoft breach to illustrate a critical ongoing issue in IT security.
Quantum computing threatens to undo today's encryption, heralding a potential 'cryptopocalypse.'
Cybersecurity is back to work – with a vengeance! September and October threw IT teams into a whirlwind of high-impact vulnerabilities, presenting anything but a calm return to work!
Las Vegas giants like MGM Resorts and Caesars Entertainment faced massive losses from recent ransomware attacks.
Regular system updates don't guarantee full protection. Even trusted vendors sometimes overlook critical vulnerabilities.
Are your top-of-the-line processors really giving you the performance you paid for? In our latest blog post, we dive into the hidden world of hardware-level vulnerabilities and their true cost.
Shrinking Time – Everything Speeds Up: In our digital age, the only constant is change, and the pace is ever-accelerating. From rapid advancements in AI to stringent new regulations from the SEC, the world of cybersecurity is facing monumental shifts.
As the summer season ushers in quieter times, we invite you to take a pause from your routine and join us in our latest blog post, "Living in the IT Bubble: The Perils and The Perspective."
In a landmark move, the US Securities and Exchange Commission (SEC) has issued Wells Notices to executives of SolarWinds, signaling potential legal action related to the 2020 cyberattack on its infrastructure.
This real-life case study unveils how a minor code update turned into a 10-hour service disruption, underlining the complex nature of Infrastructure as Code (IaC).
Recent data breaches at Toyota, the world's largest car manufacturer, highlight the critical importance of robust cybersecurity practices and the potential consequences of lapses in this area...
As AI lowers the bar for cybercriminals, exploit code for new vulnerabilities appears within hours of disclosure – leaving security and operations teams overwhelmed...
As AI lowers the bar for cybercriminals, exploit code for new vulnerabilities appears within hours of disclosure – leaving security and operations teams overwhelmed...
"What do you mean having poor cybersec can get me in jail?" ... is what went through the mind of the ex-CEO of a psychotherapy clinic in Finland...
Are you tired of digging through sparse changelogs only to find generic "bugs fixed" or "performance improvements" descriptions? You're not alone...
It is very easy to dismiss claims of “your information can be stolen,” “you’ll lose all your critical data,” or “you can be liable for losing your customers’ confidential information” until you’re actually hit by such an event...
There have been countless articles posted about the new AI chatbots in the past few months, and some interesting takes on new uses for these language models...
Denial of Service (DoS) attacks are a special type of cybersecurity threat. The attacker does not need to hack your systems or find a gap in your security posture...