Linux Today - Security

 EnterprisersProject: Use these strategies to avoid missteps in work with containers and orchestration

eWEEK: Oracle releases its first Critical Patch Update (CPU) of 2019, with vulnerabilities in Fusion Middleware leading the way.

opensource.com: Turn a Raspberry Pi 3B+ into a PriTunl VPN

eWEEK: New version of Coverity Static Application Security Testing provides broader testing capabilities to help organizations find vulnerabilities in code.

eWEEK: The first major milestone update to the open-source Metasploit Framework since 2011 is now available, making it easier for security researchers to test cyber-security defenses against exploits.

eWEEK: Researchers from CyberArk discovered a way to hack the popular Play-with-Docker training site, escaping the confines of the container isolation boundary, revealing misconfigurations that have now been fixed.

ZDnet: Systemd, the popular but controversial Linux system and service manager, has three recently discovered security holes.

The journey to DevSecOps begins with empowerment, enablement, and education.

eSecurityPlanet: Simply deploying containers with a managed service isn't enough. Learn top tips to keep Kubernetes container deployments safe and secure.

To help ensure the security of our digital lives, Mozilla is adding an extra layer of security to the Linux, Android, and macOS platforms by implementing an enhanced stack smashing protection in Firefox 65

NetworkWorld: ASLR is a memory exploitation mitigation technique used on both Linux and Windows systems.

ostechnix: Buttercup is a free, open source, secure and cross-platform password manager written using NodeJS.

Tecmint: Tiger is a free, open source collections of shell scripts for security audit and host intrusion detection, for Unix-like systems such as Linux

LinuxInsider:  Not all Linux distros are created with the same degree of attention to security and privacy control.

eWEEK: Serverless computing offers new opportunities for cloud efficiency, but it also comes with new risks that Protego Labs is looking to help enterprises better understand.

Linuxize: Learn what's important to remember for SSH connections

Even if you encrypt your traffic with HTTPS or even use a VPN, in some cases, your DNS traffic remains open and readily readable to your ISP and the rest of the world.

Tecmint: tmate is a clone of tmux (terminal multiplexer) that provides a secure, instant and easy-to-use terminal sharing solution over an SSH connection.

ITprotoday: Linux servers top the list of victims to a ransomware attack that seems to take advantage of poorly configured IPMI devices.

eWEEK: Hackers post an un-authorized message on vulnerable Google Chromecast devices, revealing a flaw that users can easily remediate.

eWEEK: USB Type-C authentication standard is moving forward in an effort to help protect systems against malicious USB devices.

eWEEK: 2018 was another year of challenges for IT security professionals with no shortage of major vulnerabilities, privacy concerns and data breaches, that will continue to inform decisions and policies into 2019.

eSecurityPlanet: Containers can get applications running quickly, but that convenience comes with a number of security concerns. Here are the container security vendors that can help.

Tecmint: Lightweight Directory Access Protocol (LDAP in short) is an industry standard, lightweight, widely used set of protocols for accessing directory services.

HowToForge: Transport Layer Security (TLS) 1.3 is the latest version of the Transport Layer Security (TLS) protocol, published as an IETF standard in RFC 8446 in August 2018.

Get more out of your password manager by following these best practices.

 Nixcraft: RHEL 8 supports Application-Layer Protocol Negotiation (ALPN) and HTTP/2 out of the box.

eWEEK: At KubeCon + CloudNativeCon NA 2018, Shopify and Google detail a Kubernetes security incident that was reported by a bug bounty security researcher that was quickly remediated before any harm was done.