Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If you want to make Google tongue-tied, search for ‘MDM for Linux.’

Jump to Tutorial Ubuntu, a popular Linux distribution, is known for its robust security features. There is always space for improvement once you install a fresh operating system, so in this article, we will guide you through the advanced techniques and features to enhance the security of the latest Ubuntu 24.04 version. There are multiple layers of security that Ubuntu offers out of the box, but we can implement additional steps that can further protect your system from threats.

eBPF is one of the most widely used technologies in today’s computing ecosystem, starting from the cloud sector up to routing and tracing in companies like Cloudflare. Many companies are basing and transforming their core products to use eBPF as an alternative to kernel modules because of all the benefits it offers both on the business side and technological side. Since this shift is gaining a lot of momentum I wanted to shed some light on eBPF.

This is a Bulletproof Tech Talk article: research from our penetration testing team covering issues, news, and tech that interests them. It’s more technical and in-depth that our usual blog content, but no less interesting. In the complex landscape of Active Directory, ensuring secure and appropriate access is a constant challenge. Recently another "ESC" technique has been released which is known as ESC13.

Security-Enhanced Linux (SELinux), initially known for its perceived complexity in configuration and maintenance, has evolved into an indispensable security architecture across most Linux distributions. It empowers administrators to finely control the actions permitted to individual users, processes, and system daemons, thereby bolstering defense against potential security breaches.

Jump to Tutorial As of June 30, 2024, CentOS 7 will reach its end of life (EOL). That means it will no longer receive updates, bug fixes, critical security patches, or any new features. It is very important to migrate to a supported operating system to maintain the functionality and security of your systems. AlmaLinux is a reliable alternative to CentoOS. It’s a community-driven enterprise distribution that is binary compatible with Red Hat Enterprise Linux (RHEL).

The two new vulnerabilities that the U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added to its list of known exploited vulnerabilities (KEV) are both related to the privilege elevation of the Linux kernel.

Last week, CISA added CVE-2024-1086 to its Known Exploited Vulnerability Catalog. CVE-2024-1086, a use-after-free vulnerability in the Linux kernel’s netfilter, was disclosed on January 31, 2024 and assigned a CVSS of 7.8 (High). If successfully exploited, it could allow threat actors to achieve local privilege escalation. While there was no evidence of active exploitation at the time of disclosure, we have since observed adversaries targeting CVE-2024-1086 in the wild.

The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. Memory forensics is a critical aspect of digital forensics, allowing investigators to analyze the volatile memory of a system to uncover evidence of malicious activity, detect hidden malware, and reconstruct system events.

Linux recently released Ubuntu 24.04, both Desktop and Server. They bring a lot of new features and enhancements but still require proper protection against failure. First, that includes a proper configuration and then a backup and recovery strategy. Regardless of where Ubuntu 24.04 is installed, Hyper-V, VMware, Proxmox, or bare metal, you must protect it against failure.