In the 21st episode of Enterprise Linux Security, Jay and Joao discuss the recent “Dirty Pipe” vulnerability, as well as Nvidia’s recent breach.
patch
The Log4Shell Vulnerability, and CrowdSec’s Community Response
TheLog4Shell vulnerability is taking the Internet by storm, and it’s already being used for real-world attacks. In this video, Jay discusses the details around Log4Shell vulnerability in Log4j, and also CrowdSec’s community-based response to the situation.
Relevant links:
Enterprise Linux Security Episode 8 – Trojan Source, & CISA’s Directive
Recently, some interesting security news has occurred, and two specific developments are the main discussion in this episode. Trojan Source is a newly discovered tactic that can be used to hide malicious code and execute something completely unexpected, even when the source code appears to be syntactically correct. In addition, CISA recently mandated a large number of CVE’s to be patched in the very near future, which will likely have ramifications even outside of the United States. Also, Jay and Joao also discuss the recently released Fedora 35, which is a distribution that has a large presence on the workstations that administrators use.
Episode downloads
Episode-specific Links
The Homelab Show Episode 32 – Linux Patch Management
In episode 32 of The Homelab Show, Tom & Jay discuss Patch Management, including (but not limited to) unattended upgrades, live patching, and more!
Enterprise Linux Security Episode 3 – Linux Distro Migrations
Migrating your servers from one Linux distribution to another can be a daunting task, even moreso if it’s a migration you’re doing because of unforeseen events or changes within the ecosystem. In this video, Jay and Joao discuss the challenges when it comes to migrating Linux distributions, and the effect this has on security.