Security Leftovers and TCO of Windows
-
LWN ☛ Security updates for Thursday
Security updates have been issued by AlmaLinux (389-ds, c-ares, container-tools, cups, fontforge, go-toolset, iperf3, less, libreoffice, libuv, nghttp2, openldap, python-idna, python-jinja2, python-pillow, python3, python3.11-PyMySQL, qemu-kvm, and xmlrpc-c), Debian (znc), Fedora (firmitas and libnbd), Mageia (dcmtk, krb5, libcdio, and openssh), Oracle (golang, openssh, pki-core, and qemu-kvm), Red Hat (openssh), SUSE (apache2-mod_auth_openidc, emacs, go1.21, go1.22, krb5, openCryptoki, and openssh), and Ubuntu (linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe,
linux-kvm, linux-oracle, linux, linux-aws, linux-azure, linux-azure-5.4, linux-bluefield,
linux-gcp, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4,
linux-raspi-5.4, linux-xilinx-zynqmp, linux, linux-aws, linux-kvm, linux-lts-xenial, linux, linux-gcp, linux-gcp-6.5, linux-laptop, linux-nvidia-6.5,
linux-raspi, linux, linux-gcp, linux-lowlatency, linux-lowlatency-hwe-5.15,
linux-nvidia, linux-xilinx-zynqmp, linux, linux-ibm, linux-lowlatency, linux-nvidia, linux-raspi, linux-aws, linux-aws-6.5, linux-oem-6.5, linux-oracle, linux-oracle-6.5,
linux-starfive, linux-aws, linux-azure, linux-azure-5.15, linux-azure-fde,
linux-azure-fde-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-ibm,
linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-oracle,
linux-oracle-5.15, linux-azure, linux-azure, linux-azure-6.5, linux-bluefield, linux-iot, linux-gcp, linux-intel, linux-hwe-5.15, and php7.0 and php7.2).
-
Ghostscript Vulnerabilities Patched in Recent Ubuntu Updates
The recent fixes for Ghostscript vulnerabilities in Ubuntu versions emphasize the ongoing need for vigilance against emerging threats. Users and organizations should ensure their systems are updated promptly to protect against potential exploits. By keeping your software updated, you ensure you have the latest security patches in place and minimize the risk of your system being compromised.
Additionally, leveraging techniques like Linux live patching can further enhance security without downtime. Conventionally, patching the Linux kernel would involve a reboot of the system which is often impractical for mission-critical systems. Live patching allows you to apply security updates to a running kernel without having to reboot the system.
TuxCare’s KernelCare Enterprise offers live patching for all popular Linux distributions, including Ubuntu, Debian, RHEL, AlmaLinux, Rocky Linux, CentOS, CloudLinux, Amazon Linux, and more. Furthermore, it automates the patching process ensuring the consistent and prompt deployment of patches on the system. This minimizes the risk of missing or delayed patches that could leave systems vulnerable.
-
Cyber Security News ☛ Mallox Ransomware Attacking Linux Servers In Wild – Decryptor Uncovered [Ed: "it has moved to Linux systems using custom Python scripts", so the issue is not Linux itself]
Linux servers often provide hosting for critical applications, websites, and databases, which makes them a lucrative target for intruders to get unauthorized access to steal data and manipulate services.
-
Windows TCO
-
Silicon Angle ☛ Law enforcement task force disrupts infrastructure used for Cobalt Strike cyberattacks
An international task force has taken down hundreds of IP addresses and domain names that were used by hackers to launch cyberattacks. The task force, which was coordinated by Europol, disclosed the development on Wednesday. The U.K.’s National Crime Agency led the group.
-