Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently targeting the Linux xz data compression library, XZ Utils. Many believe the attempt to backdoor Linux’s...
"Open-source software's security and reliability aspects have played a significant role in its rise. The availability of source code to a large community of developers allows for thorough code review, which helps promptly identify and address potential security vulnerabilities. With a collective effort to maintain and enhance the software, the open-source approach ensures higher reliability and stability."
Organizations running Linux distributions need to prepare to defend their systems against ransomware attacks. Steps to ensure resiliency and basics such as access control reduce major disruptions.
With the growth of Linux in cloud environments, critical infrastructure, and even mobile platforms, hackers are increasingly targeting the open source system for higher returns.
Researchers at an Israeli security firm on Tuesday revealed how hackers could turn a generative AI’s “hallucinations” into a nightmare for an organization’s software supply chain.
While tech companies are laying off staff claiming that they are cutting costs because of “economic headwinds” they do not seem that keen to let their open saucers go. "The demand for skilled tech talent remains strong, particularly in fast-developing areas, such as cloud and containers, cybersecurity, and artificial and machine intelligence. These are all areas which are heavily dependent on open source and Linux technologies."
Chainguard, the co-creator of Sigstore, has conducted a survey to better understand if and how software supply best practicesare utilized by the industry. We take a look at the findings.
Companies that established open-source program offices over the last few years now need more C-suite oversight to drive education, awareness, and use of open-source software. That sets the stage for an expanded role of open-source program officers.
IceFire has changed up its OS target in recent cyberattacks, emblematic of ransomware actors increasingly targeting Linux enterprise networks, despite the extra work involved.
"Open source security is arguably getting better, thanks to vendors like Chainguard and industry consortia like the Open Source Security Foundation. But we have a ways to go, and in the meantime, security, as well as other factors, mean that “free as in beer” is never truly free."
"Linux-based operating systems are also known for their stability and security. Unlike Windows, which is often targeted by malware and viruses, Linux-based operating systems are less prone to security threats. This is due, in part, to the open-source nature of the operating system, which allows developers to quickly identify and fix security vulnerabilities."
Open-source software and hardware projects are becoming increasingly popular, but their complexity and large supply chains bring new challenges for engineers in terms of cybersecurity. With the growing threat of cyber attacks, it's important to understand the security issues posed by dependencies and how the future of open-source projects can mitigate these risks.
Linux is a popular and powerful operating system, but it is not immune to malware. In fact, malware that targets Linux systems is on the rise. In fact, findings from Atlas VPN based on data from threat intelligence platform AV-ATLAS, claims that in 2022 there were 1.9 million new Linux malware threats, bringing the figure up 50% year-on-year.
Threat actors are evolving to target a wide variety of systems and infrastructure, BlackBerry says in a new report. "In addition, attacks against Linux systems and cloud infrastructure will increase as threat actors look to install backdoors on target systems and gain visibility into organizations for further activities."
For bad actors, the more intelligence they have on their target, the better. Attackers typically gather intelligence by scraping data readily available from public sources, called open source intelligence (OSINT).
