Showing headlines posted by abennett

Attackers can locally exploit the privilege escalation vulnerability to gain root access over Linux, Solaris and BSD machines. This is bad news for Unix-based servers, and even more so for multi-tenant environments.

Windows 10 can now run (many) Linux binaries. Yes, really. Here’s what you need to know to make the most of the Windows Subsystem for Linux.

Dell's drive into open networking accelerated on Monday with the announcement of the first switches to ship with OS10, the company's network operating system that's based on open source.

The RISC-V open-source architecture, created by researchers at the University of California, Berkeley, in 2010, is open to all who want to use it. The RISC-V design can be modified for PCs, servers, smartphones, wearables, and other devices.

Big data's poster child is selling itself to investors as a machine learning company, but is really still in the Hadoop business just like Hortonworks, the competitor it would like to ignore.

A new open source framework is a major step in bringing IoT into mainstream interoperability.

Your developers are using open source — even if you don't know about it. Here's how to take control and why you need to.

Docker is offering enterprises an easier on-ramp to using containers with a new consulting program aimed at taking a legacy application and migrating it to a container in five days.

An unpatched vulnerability in the Magento e-commerce platform could allow hackers to upload and execute malicious code on web servers that host online shops.

After 40 critical vulnerabilities on Samsung's Tizen -- used in smart TVs and smartwatches -- were exposed this week by Israeli researcher Amihai Neiderman, the company is scrambling to patch them. But Samsung still doesn't know many of the bugs that need to be patched.

Attackers are exploiting a vulnerability patched last month in the Apache Struts web development framework to install ransomware on servers. The flaw is located in the Jakarta Multipart parser in Apache Struts 2 and allows attackers to execute system commands with the privileges of the user running the web server process.

A critical vulnerability in the widely used Xen hypervisor allows attackers to break out of a guest operating system running inside a virtual machine and access the host system's entire memory.

For the past few months, developers who publish their code on GitHub have been targeted in an attack campaign that uses a little-known but potent cyberespionage malware.

By the end of 2016, about half of Android devices -- 735 million -- had received a security patch issued during the year, according to the report. That means another half hasn’t, leaving the vulnerabilities in those phones unfixed.

What steps you need to take – and what mistakes you need to avoid – if you want to launch an open source software startup.

Attackers are widely exploiting a recently patched vulnerability in Apache Struts, open-source web development framework for Java web applications, that allows them to remotely execute malicious code on web servers.

A five-month-old flaw in Android's SSL cryptographic libraries is among the 35 critical vulnerabilities Google fixed in its March security patches for the mobile OS.

WikiLeaks has released more than 8,700 documents it says come from the CIA's Center for Cyber Intelligence, with some of the leaks saying the agency had 24 "weaponized" and previously undisclosed exploits for the Android operating system as of 2016.

HackerOne, the company behind one of the most popular vulnerability coordination and bug bounty platforms, has decided to make its professional service available to open-source projects for free.

The WebKit repository was corrupted after someone committed two colliding PDF files to it.