Sicurezza – Bollettini Microsoft e Linux

News, Alert e Bollettini di sicurezza Microsoft e Linux

Microsoft (Microsoft Technical Security Notifications, MSRC Blog)
  • June 2018 Security Update Release
    by MSRC Team on 12 giugno 2018 at 5:00 pm

    Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates.  More information about this month’s security updates can be found on the Security Update Guide.   MSRC team&nbs […]

  • May 2018 security update release
    by MSRC Team on 8 maggio 2018 at 5:21 pm

    Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates.  More information about this month’s security updates can be found on the Security Update Guide.   MSRC team&nbs […]

  • Recognizing Q3 Top 5 Bounty Hunters
    by MSRC Team on 20 aprile 2018 at 5:02 pm

    Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and dedication of the following individuals and companies who have contributed to securing Microsoft’s products and services over our third quarter (January-March... […]

  • April 2018 security update release
    by MSRC Team on 10 aprile 2018 at 5:00 pm

    Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide. […]

  • Speculative Execution Bounty Launch
    by MSRC Team on 15 marzo 2018 at 12:00 am

    Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field.  In recognition of that threat environment change, we are launching a bounty program to encourage research into... […]

  • March 2018 security update release
    by MSRC Team on 13 marzo 2018 at 5:00 pm

    Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month's security updates can be found in the Security Update Guide. […]

  • Inside the MSRC– The Monthly Security Update Releases
    by MSRC Team on 15 febbraio 2018 at 12:21 am

    For the second in this series of blog entries we want to look into which vulnerability reports make it into the monthly release cadence. It may help to start with some history.  In September 2003 we made a change from a release anytime approach to a mostly predictable, monthly release cadence.  October 2003 ushered in... […]

  • February 2018 security update release
    by MSRC Team on 13 febbraio 2018 at 6:43 pm

    Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month's security updates can be found in the Security Update Guide. […]

  • Inside the MSRC – How we recognize our researchers
    by MSRC Team on 2 febbraio 2018 at 10:32 pm

    This is the first of a series of blog entries to give some insight into the Microsoft Security Response Center (MSRC) business and how we work with security researchers and vulnerability reports. […]

  • January 2018 security update release
    by MSRC Team on 9 gennaio 2018 at 6:16 pm

    Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month's security updates can be found in the Security Update Guide. &nbs […]

  • 4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 3.0
    on 9 gennaio 2018 at 6:00 pm

    Revision Note: V3.0 (January 9, 2018): Microsoft has released an update for all supported editions of Microsoft Excel that allows users to set the functionality of the DDE protocol based on their environment. For more information and to download the update, see ADV170021.Summary: Microsoft is releasing this security advisory to provide information regarding security settings for Microsoft Office applications. This advisory provides guidance on what users can do to ensure that these applications are properly secured when processing Dynamic Data Exchange (DDE) fields. […]

  • 4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0
    on 12 dicembre 2017 at 6:00 pm

    Revision Note: V1.0 (December 12, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to provide information regarding security settings for the AD DS (Active Directory Domain Services) account used by Azure AD Connect for directory synchronization. This advisory also provides guidance on what on-premises AD administrators can do to ensure that the account is properly secured. […]

  • MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - Version: 1.1
    on 19 ottobre 2017 at 5:00 pm

    Severity Rating: ImportantRevision Note: V1.1 (October 19, 2017): Corrected a typo in the CVE description.Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user browses to a website containing specially crafted JPEG content. An attacker could use this information disclosure vulnerability to gain information about the system that could then be combined with other attacks to compromise the system. The information disclosure vulnerability by itself does not allow arbitrary code execution. However, an attacker could use this information disclosure vulnerability in conjunction with another vulnerability to bypass security features such as Address Space Layout Randomization (ASLR). […]

  • MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 3.0
    on 12 settembre 2017 at 5:00 pm

    Severity Rating: ImportantRevision Note: V3.0 (September 12, 2017): Revised the Affected Software table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3376. Consumers using Windows 10 are automatically protected. Microsoft recommends that enterprise customers running Windows 10 Version 1703 ensure they have update 4038788 installed to be protected from this vulnerability.Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system. […]

  • MS16-JUL - Microsoft Security Bulletin Summary for July 2016 - Version: 2.0
    on 12 settembre 2017 at 5:00 pm

    Revision Note: V2.0 (September 12, 2017): For MS16-087, to address known issues with the 3170455 update for CVE-2016-3238, Microsoft has made available the following updates for currently-supported versions of Microsoft Windows: • Rereleased update 3170455 for Windows Server 2008 • Monthly Rollup 4038777 and Security Update 4038779 for Windows 7 and Windows Server 2008 R2 • Monthly Rollup 4038799 and Security Update 4038786 for Windows Server 2012 • Monthly Rollup 4038792 and Security Update 4038793 for Windows 8.1 and Windows Server 2012 R2 • Cumulative Update 4038781 for Windows 10 • Cumulative Update 4038781 for Windows 10 Version 1511 • Cumulative Update 4038782 for Windows 10 Version 1607 and Windows Server 2016. Microsoft recommends that customers running Windows Server 2008 reinstall update 3170455. Microsoft recommends that customers running other supported versions of Windows install the appropriate update. See Microsoft Knowledge Base Article 3170005 (https://support.microsoft.com/en-us/help/3170005) for more information.Summary: This bulletin summary lists security bulletins released for July 2016. […]

  • MS16-OCT - Microsoft Security Bulletin Summary for October 2016 - Version: 3.0
    on 12 settembre 2017 at 5:00 pm

    Revision Note: V3.0 (September 12, 2017): For MS16-123, revised the Windows Operating System and Components affected software table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3376. Consumers using Windows 10 are automatically protected. Microsoft recommends that enterprise customers running Windows 10 Version 1703 ensure they have update 4038788 installed to be protected from this vulnerability.Summary: This bulletin summary lists security bulletins released for October 2016. […]

  • MS16-APR - Microsoft Security Bulletin Summary for April 2016 - Version: 4.0
    on 12 settembre 2017 at 5:00 pm

    Revision Note: V4.0 (September 12, 2017): For MS16-039, revised the Windows Operating Systems and Components affected software table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-0165. Consumers running Windows 10 are automatically protected. Microsoft recommends that enterprise customers running Windows 10 Version 1703 ensure they have update 4038788 installed to be protected from this vulnerability.Summary: This bulletin summary lists security bulletins released for April 2016. […]

  • MS16-087 - Critical: Security Update for Windows Print Spooler Components (3170005) - Version: 2.0
    on 12 settembre 2017 at 5:00 pm

    Severity Rating: CriticalRevision Note: V2.0 (September 12, 2017): To address known issues with the 3170455 update for CVE-2016-3238, Microsoft has made available the following updates for currently-supported versions of Microsoft Windows: • Rereleased update 3170455 for Windows Server 2008 • Monthly Rollup 4038777 and Security Update 4038779 for Windows 7 and Windows Server 2008 R2 • Monthly Rollup 4038799 and Security Update 4038786 for Windows Server 2012 • Monthly Rollup 4038792 and Security Update 4038793 for Windows 8.1 and Windows Server 2012 R2 • Cumulative Update 4038781 for Windows 10 • Cumulative Update 4038781 for Windows 10 Version 1511 • Cumulative Update 4038782 for Windows 10 Version 1607 and Windows Server 2016. Microsoft recommends that customers running Windows Server 2008 reinstall update 3170455. Microsoft recommends that customers running other supported versions of Windows install the appropriate update. See Microsoft Knowledge Base Article 3170005 (https://support.microsoft.com/en-us/help/3170005) for more information.Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker is able to execute a man-in-the-middle (MiTM) attack on a workstation or print server, or sets up a rogue print server on a target network. […]

  • MS16-AUG - Microsoft Security Bulletin Summary for August 2016 - Version: 3.0
    on 12 settembre 2017 at 5:00 pm

    Revision Note: V3.0 (September 12, 2017): For MS16-095, revised the Windows Operating System and Components Affected Software table to include Internet Explorer 11 installed on Windows 10 Version 1703 for 32-bit Systems and Internet Explorer 11 installed on Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3326. Microsoft recommends that customers running Internet Explorer on Windows 10 Version 1703 install update 4038788 to be protected from this vulnerability.Summary: This bulletin summary lists security bulletins released for August 2016. […]

  • MS16-039 - Critical: Security Update for Microsoft Graphics Component (3148522) - Version: 4.0
    on 12 settembre 2017 at 5:00 pm

    Severity Rating: CriticalRevision Note: V4.0 (September 12, 2017): Revised the Microsoft Windows affected software table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-0165. Consumers running Windows 10 are automatically protected. Microsoft recommends that enterprise customers running Windows 10 Version 1703 ensure they have update 4038788 installed to be protected from this vulnerability.Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Skype for Business, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts. […]

  • MS16-095 - Critical: Cumulative Security Update for Internet Explorer (3177356) - Version: 3.0
    on 12 settembre 2017 at 5:00 pm

    Severity Rating: CriticalRevision Note: V3.0 (September 12, 2017): Revised the Affected Software table to include Internet Explorer 11 installed on Windows 10 Version 1703 for 32-bit Systems and Internet Explorer 11 installed on Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3326. Consumers using Windows 10 are automatically protected. Microsoft recommends that enterprise customers running Internet Explorer on Windows 10 Version 1703 ensure they have update 4038788 installed to be protected from this vulnerability. Customers who are running other versions of Windows 10 and who have installed the June cumulative updates do not need to take any further action.Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. […]

  • MS16-149 - Important: Security Update for Microsoft Windows (3205655) - Version: 1.1
    on 23 agosto 2017 at 5:00 pm

    Severity Rating: ImportantRevision Note: V1.1 (August 23, 2017): Corrected the Updates Replaced for security update 3196726 to None. This is an informational change only. Customers who have already successfully installed the update do not need to take any further action.Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if a locally authenticated attacker runs a specially crafted application. […]

  • MS17-MAR - Microsoft Security Bulletin Summary for March 2017 - Version: 4.0
    on 8 agosto 2017 at 5:00 pm

    Revision Note: V4.0 (August 8, 2017): For MS17-007, to comprehensively address CVE-2017-0071, Microsoft released the July security updates for all versions of Windows 10. Note that Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems have been added to the Affected Products table as they are also affected by this vulnerability. Microsoft recommends that customers who have not already done so install the July 2017 security updates to be fully protected from this vulnerabilitySummary: This bulletin summary lists security bulletins released for March 2017 […]

  • MS17-007 - Critical: Cumulative Security Update for Microsoft Edge (4013071) - Version: 2.0
    on 8 agosto 2017 at 5:00 pm

    Severity Rating: CriticalRevision Note: V2.0 (August 8, 2017): To comprehensively address CVE-2017-0071, Microsoft released the July security updates for all versions of Windows 10. Note that Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems have been added to the Affected Products table as they are also affected by this vulnerability. Microsoft recommends that customers who have not already done so install the July 2017 security updates to be fully protected from this vulnerability.Summary: This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. […]

  • 4038556 - Guidance for securing applications that host the WebBrowser Control - Version: 1.0
    on 8 agosto 2017 at 5:00 pm

    Revision Note: V1.0 (August 8, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to provide information regarding security settings for applications developed with the Microsoft Internet Explorer layout engine, also known as the Trident layout engine. This advisory also provides guidance on what developers and individuals can do to ensure that their applications hosting the WebBrowser Control are properly secured. […]

  • MS16-SEP - Microsoft Security Bulletin Summary for September 2016 - Version: 2.0
    on 11 luglio 2017 at 5:00 pm

    Revision Note: V2.0 (July 11, 2017): Revised Windows Affected Software and Vulnerability Severity Ratings table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3305. Microsoft recommends that customers running Windows 10 Version 1703 should install update 4025342 to be protected from this vulnerability.Summary: This bulletin summary lists security bulletins released for September 2016. […]

  • MS16-111 - Important: Security Update for Windows Kernel (3186973) - Version: 2.0
    on 11 luglio 2017 at 5:00 pm

    Severity Rating: ImportantRevision Note: V2.0 (July 11, 2017): Revised Windows Affected Software and Vulnerability Severity Ratings table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3305. Microsoft recommends that customers running Windows 10 Version 1703 should install update 4025342 to be protected from this vulnerability.Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application on a target system. […]

  • 4033453 - Vulnerability in Azure AD Connect Could Allow Elevation of Privilege - Version: 1.0
    on 27 giugno 2017 at 5:00 pm

    Revision Note: V1.0 (June 27, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to inform customers that a new version of Azure Active Directory (AD) Connect is available that addresses an Important security vulnerability. […]

  • 4025685 - Guidance related to June 2017 security update release - Version: 1.0
    on 13 giugno 2017 at 5:00 pm

    Revision Note: V1.0 (June 13, 2017): Advisory publishedSummary: Microsoft is announcing the availability of additional guidance for critical security updates, that are at heightened risk of exploitation due to past and threatened nation-state attacks and disclosures. Some of the releases are new, and some are for older platforms that we are making publicly available today. […]

  • 4022344 - Security Update for Microsoft Malware Protection Engine - Version: 1.2
    on 12 maggio 2017 at 5:00 pm

    Severity Rating: CriticalRevision Note: V1.2 (May 12, 2017): Added entries into the affected software table. This is an informational change only.Summary: Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft. […]

Linux (Community’s Center for Security)
  • Why open source is good for business, and people
    on 18 giugno 2018 at 10:03 am

    LinuxSecurity.com: Open source is all about freedom. The freedom to share, to collaborate, and ultimately, to innovate. […]

  • Europol Disrupts Rex Mundi Cybercrime Group
    on 18 giugno 2018 at 9:52 am

    LinuxSecurity.com: Europol has taken major steps to disrupting a long-running global cybercrime group after eight arrests in the past year including one in Thailand announced last week. […]

  • Fedora 27: nodejs-JSV Security Update
    on 17 giugno 2018 at 7:45 pm

    LinuxSecurity.com: Update to latest nodejs-uri-js for CVE fix […]

  • Fedora 27: nodejs-uri-js Security Update
    on 17 giugno 2018 at 7:45 pm

    LinuxSecurity.com: Update to latest nodejs-uri-js for CVE fix […]

  • Debian: DSA-4231-1: libgcrypt20 security update
    on 17 giugno 2018 at 6:53 pm

    LinuxSecurity.com: It was discovered that Libgcrypt is prone to a local side-channel attack allowing recovery of ECDSA private keys. For the stable distribution (stretch), this problem has been fixed in […]

  • Debian: DSA-4230-1: redis security update
    on 17 giugno 2018 at 5:47 pm

    LinuxSecurity.com: Multiple vulnerabilities were discovered in the Lua subsystem of Redis, a persistent key-value database, which could result in denial of service. For the stable distribution (stretch), these problems have been fixed in […]

  • US government finds new malware from North Korea
    on 17 giugno 2018 at 8:43 am

    LinuxSecurity.com: Even though Donald Trump is on good terms with North Korea, the Department of Homeland Security is still following that country's ongoing cyberattack campaign (which it's dubbed "Hidden Cobra"). Now CNN reports there's a new variant of North Korean malware to look out for: Typeframe. […]

  • Dixons Carphone Breach Hits 5.9 Million Cards
    on 17 giugno 2018 at 8:35 am

    LinuxSecurity.com: Millions of Dixons Carphone customers have had their financial and personal data illegally accessed after a major breach at the UK company. […]

  • Fedora 28: nodejs-uri-js Security Update
    on 16 giugno 2018 at 8:20 pm

    LinuxSecurity.com: Update to latest nodejs-uri-js for CVE fix […]

  • Fedora 28: webkit2gtk3 Security Update
    on 16 giugno 2018 at 8:20 pm

    LinuxSecurity.com: This update addresses the following vulnerabilities: * [CVE-2018-4190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4190), [CVE-2018-4199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4199), [CVE-2018-4218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4218), [CVE-2018-4222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4222), […]

  • Fedora 28: nodejs-JSV Security Update
    on 16 giugno 2018 at 8:20 pm

    LinuxSecurity.com: Update to latest nodejs-uri-js for CVE fix […]

  • Fedora 28: singularity Security Update
    on 16 giugno 2018 at 8:19 pm

    LinuxSecurity.com: This rebases singularity from 2.2.1 to 2.5.1, which should include all corresponding updates (n.b. a request for rebase permission has been put into FESCo; hence auto-push has been disabled until they approve). Please test for functionality and backward compatibility issues, particularly around the runtime components. […]

  • Fedora 27: singularity Security Update
    on 16 giugno 2018 at 7:34 pm

    LinuxSecurity.com: This rebases singularity from 2.2.1 to 2.5.1, which should include all corresponding updates (n.b. a request for rebase permission has been put into FESCo; hence auto-push has been disabled until they approve). Please test for functionality and backward compatibility issues, particularly around the runtime components. […]

  • openSUSE: 2018:1727-1: moderate: samba
    on 16 giugno 2018 at 3:14 pm

    LinuxSecurity.com: An update that solves one vulnerability and has one errata is now available. […]

  • openSUSE: 2018:1724-1: important: gpg2
    on 16 giugno 2018 at 3:13 pm

    LinuxSecurity.com: An update that fixes one vulnerability is now available. […]

  • openSUSE: 2018:1722-1: moderate: python-python-gnupg
    on 16 giugno 2018 at 3:12 pm

    LinuxSecurity.com: An update that fixes one vulnerability is now available. […]

  • Bank of Chile Suffers $10m Loss
    on 16 giugno 2018 at 9:05 am

    LinuxSecurity.com: Banco de Chile publicly disclosed on 28 May that it had detected a virus, presumably from international networks, that affected thousands of its workstations. Now the bank has learned that the cyber-attack was malware and resulted in attackers transferring approximately $10m via the bank's SWIFT international money transfer systems. […]

  • Trump-Kim Meeting Was a Magnet For Russian Cyberattacks
    on 16 giugno 2018 at 8:46 am

    LinuxSecurity.com: The recent meeting in Singapore between US President Donald Trump and North Korea's Kim Jong Un appears to have attracted an inordinate amount of interest in US activities from threat actors based in Russia. […]

  • DDoS Amped Up: DNS, Memcached Attacks Rise
    on 15 giugno 2018 at 9:02 am

    LinuxSecurity.com: Record-breaking distributed denial-of-service (DDoS) attacks are on a tear this year, and new data shows that DNS amplification attacks have jumped 700% worldwide since 2016. […]

  • 23,000 Compromised in HealthEquity Data Breach
    on 15 giugno 2018 at 8:57 am

    LinuxSecurity.com: Sometimes all it takes is one employee to spark a cybersecurity wildfire, as HealthEquity learned this week. The company, which handles more than 3.4 million health savings accounts, suffered a data breach when an unauthorized person accessed an employee's email account. […]

  • Trial of two men accused of $20m hacked press release fraud begins
    on 14 giugno 2018 at 9:21 am

    LinuxSecurity.com: We didn't know the information that made us rich was stolen from PR agencies! That appears to be the defence proffered by two defendants in the hacked press release trial. […]

  • Cyber threat intelligence versus business risk intelligence: What you need to know
    on 14 giugno 2018 at 9:18 am

    LinuxSecurity.com: Devising a comprehensive strategy to protect your organisation from hackers, data breaches and other cyber security threats is complicated. […]

  • Modern Cybersecurity Demands a Different Corporate Mindset
    on 13 giugno 2018 at 9:19 am

    LinuxSecurity.com: Today, all organizations are digital by default. However, it has never been more difficult for organizations to map the digital environment in which they operate, or their interactions with it. […]

  • Serious Security: How three minor bugs make one major exploit
    on 13 giugno 2018 at 9:14 am

    LinuxSecurity.com: More insecure webcams! Inattention to IoT security! Who would have thought? […]

  • Top Six Advantages of Open Source Development/Products According to Guardian Digital
    on 1 giugno 2018 at 1:06 pm

    LinuxSecurity.com: Open source programs and solutions offer many advantages over proprietary alternatives including better quality, higher levels of security, superior flexibility, lower costs and a thriving community surrounding open source development. […]

  • Security Spotlight: Effective Open Source Email Security Solutions You Can Count On
    on 9 maggio 2018 at 8:05 pm

    LinuxSecurity.com: In this interview, Dave Wreski discusses Guardian Digital's highly effective email security solutions and the myriad advantages of investing in these solutions to secure your email. […]

  • Social Engineering Methods for Penetration Testing
    on 21 ottobre 2016 at 10:18 am

    LinuxSecurity.com: Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited. […]

  • Putting Infosec Principles into Practice
    on 23 settembre 2016 at 10:53 am

    LinuxSecurity.com: When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly. […]

  • Installing an Apache Web Server with TLS
    on 22 agosto 2016 at 3:30 pm

    LinuxSecurity.com: One of the powerful things that Linux on servers allows you to do is to create scalable web applications with little to no software costs. Apache HTTPD, commonly referred to as just Apache, is the number one web server software in the world. […]

  • Essential tools for hardening and securing Unix based Environments
    on 26 maggio 2015 at 7:34 pm

    LinuxSecurity.com: System administrators are aware as how important their systems security is, not just the runtime of their servers. Intruders, spammers, DDOS attack, crackers, are all out there trying to get into people's computers, servers and everywhere they can lay hands on and interrupt the normal runtime of services. […]