Joao Correia

TuxCare

Computex 2024 is in full swing, and AI is everywhere. Hardware makers are embracing it as the best thing since sliced bread. However, if you’re planning your AI hardware deployments, there are several architectural aspects to consider to maximize your return on investment. The latest AI equipment is now packing ... Read More

One of the most critical yet often overlooked aspects of cybersecurity is the timely patching of vulnerabilities. While much attention is given to sophisticated phishing attacks and the menace of password brute-forcing, the importance of addressing unpatched vulnerabilities cannot be overstated. These vulnerabilities represent low-hanging fruit for cybercriminals, offering a ... Read More

In August of last year, I examined several CPU bugs that posed serious security threats. The mitigations for these vulnerabilities generally involved either incorporating additional instructions or opting for alternative CPU instructions – strategies that lead to diminished system performance overall. My argument was that such vulnerabilities effectively revert your ... Read More

Two months ago, Change Healthcare, a linchpin in the U.S. healthcare system, fell victim to a sophisticated cyberattack by the infamous BlackCat/ALPHV ransomware group. The breach not only paralyzed numerous healthcare services but also exposed the company to extortion demands, underlining severe vulnerabilities in the healthcare sector’s cybersecurity framework.  This ... Read More

PHP Extended Lifecycle Support (ELS) allows you to continue using older versions of PHP while still receiving security updates for the language, without introducing breaking changes to your application. The first and obvious question might be, “Why would I want to do that instead of simply updating PHP?” Assuming your ... Read More

In an unexpected move, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced an initiative aimed at bolstering the security posture of open-source software developers. This initiative, as reported by Axios, marks a significant pivot in the federal government’s approach to cybersecurity, acknowledging the critical role that open-source projects ... Read More

Update April 8th, 2024: Updated ETA for CloudLinux 6h and CloudLinux 7. The KernelCare team is working on deploying a live patch for CVE-2024-1086 for CloudLinux users. A patch has already been released for CloudLinux 6h and CloudLinux 7, and users can manually update without a live patch. Instructions for ... Read More

Handling end of life (EOL) for operating systems is a relatively common, if cumbersome, task that IT teams have to grapple with as part of their activity. Yet, operating systems aren’t the sole components of our digital infrastructure facing this inevitable sunset. The end of support for critical software components, ... Read More

The KernelCare team is working on deploying a live patch for CVE-2024-1086 for AlmaLinux 8 and AlmaLinux 9 users. As of April 3, the patches for CVE-2024-1086 are now available in production repos. Instructions for updating AlmaLinux 8 and AlmaLinux 9 can be found here. More details on the status ... Read More

The KernelCare team is working on deploying a live patch for CVE-2024-1086 for CloudLinux users. A patch has already been released for CloudLinux 7h and CloudLinux 8, and users can manually update without a live patch. Instructions for doing so can be found here. More details on the status of ... Read More