Enterprise Linux Security Episode 21 – Dirty Pipe & Nvidia’s Breach

In the 21st episode of Enterprise Linux Security, Jay and Joao discuss the recent “Dirty Pipe” vulnerability, as well as Nvidia’s recent breach.

YouTube player

Download

Relevant links:

The Log4Shell Vulnerability, and CrowdSec’s Community Response

TheLog4Shell vulnerability is taking the Internet by storm, and it’s already being used for real-world attacks. In this video, Jay discusses the details around Log4Shell vulnerability in Log4j, and also CrowdSec’s community-based response to the situation.

YouTube player

Relevant links:

Enterprise Linux Security Episode 8 – Trojan Source, & CISA’s Directive

Recently, some interesting security news has occurred, and two specific developments are the main discussion in this episode. Trojan Source is a newly discovered tactic that can be used to hide malicious code and execute something completely unexpected, even when the source code appears to be syntactically correct. In addition, CISA recently mandated a large number of CVE’s to be patched in the very near future, which will likely have ramifications even outside of the United States. Also, Jay and Joao also discuss the recently released Fedora 35, which is a distribution that has a large presence on the workstations that administrators use.

YouTube player

Episode downloads

Episode-specific Links

Enterprise Linux Security Episode 3 – Linux Distro Migrations

Migrating your servers from one Linux distribution to another can be a daunting task, even moreso if it’s a migration you’re doing because of unforeseen events or changes within the ecosystem. In this video, Jay and Joao discuss the challenges when it comes to migrating Linux distributions, and the effect this has on security.

YouTube player

Ogg version

MP3 version

MP3 version (low)

OS Migration Checklist