Tag: cybersecurity

  • Timeline of the xz Open Source attack

    Timeline of the xz Open Source attack

    Editor’s Note: Linking this very important post-mortem of how a malicious group of hackers created a backdoor on an important OS repository. Full source is at the bottom. Thanks to Kevin G. for sending this to us. Over a period of over two years, an attacker using the name “Jia Tan” worked as a diligent,…

  • Tails 6.1 Fixes More Bugs

    Tails 6.1 Fixes More Bugs

    Tails 6.1 Is Out to Mitigate the RFDS Intel CPU Vulnerabilities, Fix More Bugs.This release ships with Tor Browser 13.0.13 anonymous web browser and Mozilla Thunderbird 115.9.0 email and calendar client. The Tails 6.1 amnesic incognito live system, a portable operating system that protects you against surveillance and censorship, is now available for download as…

  • Ubicloud: An Open Source Alternative to AWS

    Ubicloud: An Open Source Alternative to AWS

    Major cloud providers like AWS (Amazon Web Services), Microsoft Azure, and Google Cloud cannot be denied. Their strong and scalable infrastructure has been a driving force behind the expansion of AI. However, immense authority inevitably leads to a loss of command. Vendor lock-in, unclear pricing structures, and security holes are becoming major business worries. Meet…

  • OSS Use Driven by Cost Cutting

    OSS Use Driven by Cost Cutting

    Saving money, rather than innovation or modernization demands, is now the leading reason why organizations use open source software, according to OpenLogic’s latest report. Innovation and modernizing the technology stack are no longer the top reasons organizations use open source software, according to a new survey. Instead, what is old is new again, as saving…

  • Hackers Use 1-day Flaws for Custom Malware

    Hackers Use 1-day Flaws for Custom Malware

    Magnet Goblin hackers use 1-day flaws to drop custom Linux malware. A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy custom malware on Windows and Linux systems. 1-day flaws refer to publicly disclosed vulnerabilities for which a patch has been released. Threat actors looking to exploit…

  • More Support for Open-Source Devs – US Feds

    More Support for Open-Source Devs – US Feds

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) will start providing more hands-on support to open-source software developers as they work to better secure their projects, the agency said. From a report: CISA hosted a two-day, invite-only summit this week with leaders in the open-source software community and other federal officials. During the private event,…