Rohan Timalsina

TuxCare

Several vulnerabilities have recently been identified in OpenJDK 8, which could potentially lead to denial of service, information disclosure, arbitrary code execution, or even the bypassing of Java sandbox restrictions. In response, Canonical has released security fixes for multiple versions of OpenJDK, including OpenJDK 21, OpenJDK 17, OpenJDK 11, and ... Read More

Oligo Security’s research team recently uncovered a critical vulnerability dubbed the “0.0.0.0 Day” affecting Chromium, Firefox, and Safari browsers on macOS and Linux systems. This vulnerability allows malicious websites to bypass standard browser security protocols and interact with services running on an organization’s local network. It does not affect Windows ... Read More

Implementing robust Linux security measures is fundamental to achieving IT compliance. Adherence to compliance frameworks and standards is essential for meeting industry requirements. Utilizing appropriate tools and technologies can streamline compliance efforts. In today’s digital landscape, many organizations heavily rely on Linux systems to power their operations. From servers and ... Read More

Combining multiple Linux security tools to protect against various threats is crucial for a robust security posture. Effective use of security tools requires knowledge of their capabilities, configurations, and how to integrate them into a comprehensive security strategy. Implementing modern security practices like live patching helps to apply critical security ... Read More

Several security vulnerabilities were discovered in the Linux kernel. These issues could potentially be exploited by malicious actors to compromise system integrity and steal sensitive data. In this article, we will explore the details of these vulnerabilities, explaining their potential impact and providing guidance to protect your Linux systems without ... Read More

Canonical has released critical security updates to address two vulnerabilities in Python, a popular programming language. These vulnerabilities pose significant risks to systems running Python, and it is crucial to apply the necessary updates to secure your Ubuntu systems.   Python Vulnerabilities 2024   CVE-2024-0397 A memory race condition was ... Read More

Several security issues have recently been discovered in OpenSSL that could result in denial-of-service attacks. OpenSSL is widely used to secure communications across the internet, making these vulnerabilities a significant concern. In response, Canonical has released security updates to address multiple OpenSSL vulnerabilities across different releases, including Ubuntu 24.04 LTS, ... Read More

Apache Tomcat is a widely used open-source web server and servlet container, but like any software, it is not immune to vulnerabilities. Canonical has released security updates to address multiple Tomcat vulnerabilities across different releases, including Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 ESM, and Ubuntu 16.04 ESM. These ... Read More

Several high-severity vulnerabilities have been discovered in BIND, potentially exposing millions of DNS servers to denial-of-service attacks. These issues have prompted urgent security updates from major Linux distributions such as Ubuntu and Debian. In this article, we explore the details of these vulnerabilities, their potential impact, and provide guidance on ... Read More

A critical vulnerability was identified in certain versions of Docker Engine that allows attackers to bypass authorization plugins (AuthZ) under specific circumstances. Docker has recently released security updates to address this vulnerability. This vulnerability, tracked as CVE-2024-41110, was first discovered and patched in Docker Engine v18.09.1, which was released in ... Read More