enterprise linux

Enterprise Linux Security Episode 73 – TruffleHog and CVSS version 4.0

by
Play

Podcast: Play in new window | Download (Duration: 43:19 — 79.4MB)

Subscribe: Apple Podcasts | Spotify | RSS

In this episode, Jay and Joao will discuss a recent discovery by Truffle Security that has found 4,500 websites that have exposed a very critical directory. In addition, the upcoming Common Vulnerability Scoring System (CVSS) update, which will bring to version 4.0 – along with some important changes you’ll need to understand.

Relevant Articles

Download Links

Enterprise Linux Security Episode 68 – The Barracuda Vulnerability

by
Play

Podcast: Play in new window | Download (Duration: 43:12 — 79.2MB)

Subscribe: Apple Podcasts | Spotify | RSS

Don’t you just love e-mail? It’s the gift that keeps on giving, and this time managing e-mail is even more annoying for Barracuda’s customers, with CVE-2023-2868. This isn’t just any CVE, this is a complete system own by the threat actors. In fact, it’s so bad that the situation isn’t as simple as installing a patch. In this episode, Jay and Joao discuss this vulnerability and just how big of a deal it is.

Download Links

Relevant articles

Enterprise Linux Security Episode 59 – AlmaLinux OS

by
Play

Podcast: Play in new window | Download (Duration: 51:12 — 94.1MB)

Subscribe: Apple Podcasts | Spotify | RSS

AlmaLinux OS was created around the time of “that big CentOS” announcement, and has been a worthy solution for enterprises that wish to continue with Enterprise Linux, but without the fear of the distribution being changed into something else entirely. As a drop-in replacement for Red Hat, AlmaLinux OS continues to tackle new ground and builds a strong community. In this video, Jay and Joao are joined by Atalay Kelestemur who works on the project to discuss this distribution – and there may even be some surprises in store.

Download Links

Relevant Articles

Enterprise Linux Security Episode 57 – Record Breaking DDoS Attacks

by
Play

Podcast: Play in new window | Download (Duration: 41:47 — 76.9MB)

Subscribe: Apple Podcasts | Spotify | RSS

DDoS (Denial of Service) attacks are incredibly common, and apparently, are breaking records. In this episode, Jay and Joao discuss a recent blog post from Cloudflare regarding how popular this attack vector is becoming nowadays, as well as a quick refresher on Denial of Service attacks in general.

Download Links

Relevant Articles

Enterprise Linux Security Episode 56 – Undercover Crypto Leaking

by
Play

Podcast: Play in new window | Download (Duration: 42:40 — 78.5MB)

Subscribe: Apple Podcasts | Spotify | RSS

Ransomware is one of the absolute worst things that can happen to your organization, often resulting in weeks of downtime. We discussed Ransomware recently, and now we have an interesting and time-appropriate story – a popular ransomware group apparently had an imposter within their ranks.

Download links

Relevant Articles

Enterprise Linux Security Episode 51 – Samba in the Kernel, What Could Possibly Go Wrong?!

by
Play

Podcast: Play in new window | Download (Duration: 42:31 — 78.2MB)

Subscribe: Apple Podcasts | Spotify | RSS

Adding unnecessary components to the Kernel is generally a bad idea, as it increases its threat surface. In this episode, Jay and Joao discuss a recent story that’s a perfect example of why it’s important to keep this under control. A vulnerability was recently discovered in the Linux kernel that scored the highest possible rating, and it all started when ksmbd was added.

Download Links

Relevant Articles

Enterprise Linux Security Episode 50 – The Many Faces of Patching

by
Play

Podcast: Play in new window | Download (Duration: 35:32 — 65.4MB)

Subscribe: Apple Podcasts | Spotify | RSS

When it comes to patching, were you aware that there’s more than one type of patch? In this episode of Enterprise Linux Security, Jay and Joao discuss the various types of patching that’s performed today.

Download Links

Relevant Articles

Enterprise Linux Security Episode 48 – New Malware, Old Vulnerabilities

by
Play

Podcast: Play in new window | Download (Duration: 35:59 — 66.2MB)

Subscribe: Apple Podcasts | Spotify | RSS

While it’s certainly never a good thing to become the victim of a cyber-attack, it can be even more embarrassing if the CVE the threat actor used to get a foothold into your systems was patched a long time ago. In this episode, Jay and Joao discuss malware that’s currently taking advantage of vulnerabilities that were patched over a year ago! As important as software updates happen to be, why are so many organizations unable to keep up with them?

Download Links

Relevant Articles

Enterprise Linux Security Episode 46 – Monitoring

by
Play

Podcast: Play in new window | Download (Duration: 45:08 — 83.0MB)

Subscribe: Apple Podcasts | Spotify | RSS

If you’re in charge of maintaining servers and related equipment, what should you monitor? While monitoring is something that will grow and expand over time, Jay and Joao will give you some tips in this episode to get you started. Check out this episode for some tips on some of the baseline checks you should implement with your monitoring solution of choice.

Download Links

Enterprise Linux Security Episode 44 – Is Linux less of a Target?

by
Play

Podcast: Play in new window | Download (Duration: 52:44 — 96.9MB)

Subscribe: Apple Podcasts | Spotify | RSS

In this episode, Jay and Joao discuss how much of a target Linux is, as well as some myths surrounding Linux and security. Also, there will be some news updates as well.

Relevant Articles

Download Links