Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Boothole
Bug in widely used bootloader opens Windows, Linux devices to persistent compromise

A vulnerability (CVE-2020-10713) in the widely used GRUB2 bootloader opens most Linux and Windows systems in use today to persistent compromise, Eclypsium researchers have …

Windows Defender ATP
Microsoft releases Defender ATP for Android and Linux

Microsoft has added support for Linux and Android to Microsoft Defender ATP, its unified enterprise endpoint security platform. Microsoft Defender Advanced Threat Protection …

pppd
PPP Daemon flaw opens Linux distros, networking devices to takeover attacks

A vulnerability (CVE-2020-8597) in the Point-to-Point Protocol Daemon (pppd) software, which comes installed on many Linux-based and Unix-like operating systems and networking …

email
Guess what? You should patch Exim again!

Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a denial of service (DoS) condition (CVE-2019-16928) that could also be exploited by …

Intel inside
Intel MDS attack mitigation: An overview

Intel has revealed on Tuesday that some of its CPUs are vulnerable to a number of new speculative execution attacks that may allow attackers to stealing sensitive data and …

Linux
Snapd flaw gives attackers root access on Linux systems

A vulnerability affecting Snapd – a package installed by default in Ubuntu and used by other Linux distributions such as Debian, OpenSUSE, Arch Linux, Fedora and Solus …

container
RunC container escape flaw enables root access to host system

A serious vulnerability in runC, a widely used CLI tool for spawning and running containers, could be exploited to compromise the runC host binary from inside a privileged …

Ubuntu
Ubuntu 17.10 brings enhanced security and productivity for developers

Canonical released Ubuntu 17.10 featuring a new GNOME desktop on Wayland, and new versions of KDE, MATE and Budgie. On the cloud, 17.10 brings Kubernetes 1.8 for hyper-elastic …

Linux
Critical Linux bug opens systems to compromise

Researchers from the Polytechnic University of Valencia have discovered a critical flaw that can allow attackers – both local and remote – to obtain root shell on …

Ubuntu
Ubuntu 16.10 released with hybrid cloud operations and Unity 8 developer preview

Released today, Ubuntu 16.10 comes with hybrid cloud operations, bare-metal cloud performance, the ability to lift-and-shift 80% of Linux VMs to machine containers, Kubernetes …

Ubuntu
Ubuntu Forums hacked again, 2 million users exposed

Canonical’s Ubuntu Forums have been hacked, and the attacker has managed to access and download part of the Forums database, containing usernames, email addresses and …

explode
Exploit for GNU wget RCE flaw revealed

Technical details about a serious vulnerability affecting all but the latest version of the GNU wget software have been released online, along with PoC exploit scenarios. …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools