The Log4Shell vulnerability is making its rounds all over security news sites, and with good reason – it’s quite easy to execute. In this episode, Jay and Joao discuss the vulnerability that exists within log4j, as well as some ways to keep your server safe.
This year, we’ve had a number of interesting security breaches. In this episode of the Enterprise Linux Security podcast, Joao and Jay talk about the worst healthcare breaches of 2021, and some lessons that can be learned from these events. Specifically, this article is discussed.
In this episode of Awesome Linux Tools, the spotlight is on Lynis – a really awesome utility you can use to get a better understanding of the overall security hygiene of your server. In this video, Jay will show you how to install it, and also how to run an audit.
Recently, some interesting security news has occurred, and two specific developments are the main discussion in this episode. Trojan Source is a newly discovered tactic that can be used to hide malicious code and execute something completely unexpected, even when the source code appears to be syntactically correct. In addition, CISA recently mandated a large number of CVE’s to be patched in the very near future, which will likely have ramifications even outside of the United States. Also, Jay and Joao also discuss the recently released Fedora 35, which is a distribution that has a large presence on the workstations that administrators use.
Remaining on legacy Linux distributions can lead to additional security risks as time goes on, and migrating to a newer and better supported distribution can be a very difficult endeavor for most administrators. In this episode, Jay and Joao are joined by Jack from AlmaLinux, and we talk about ELevate – a tool that can be used to migrate from a distribution in the Enterprise Linux family to another Enterprise Linux distribution. This helps alleviate some of the burden of distro migration, and as a community project it’s also a great project to get started with contributing to an open-source project.