Security
Headlines
HeadlinesLatestCVEs

Tag

#ssl

Post-quantum cryptography in Red Hat Enterprise Linux 10

In their article on post-quantum cryptography, Emily Fox and Simo Sorce explained how Red Hat is integrating post-quantum cryptography (PQC) into our products. PQC protects confidentiality, integrity and authenticity of communication and data against quantum computers, which will make attacks on existing classic cryptographic algorithms such as RSA and elliptic curves feasible. Cryptographically relevant quantum computers (CRQCs) are not known to exist yet, but continued advances in research point to a future risk of successful attacks. While the migration to algorithms resistant against such

Red Hat Blog
Open in Source
#mac#linux#red_hat#apache#nginx#auth#ssh#rpm#ssl
Coordinated Intelligence: The Next Frontier for Onchain AI Agents

Disciplined, well-trained, and well-equipped, AI agents are digital soldiers. They operate independently to carry out their orders, working…

We 3D-Printed Luigi Mangione’s Ghost Gun. It Was Entirely Legal

In the wake of Luigi Mangione’s alleged killing of a health care CEO with a partially 3D-printed pistol, we built the exact same weapon ourselves—and test-fired it.

Zero trust workload identity manager now available in tech preview

Non-human identities—also known as machine or workload identities—are becoming increasingly critical as organizations adopt cloud-native ecosystems and advanced AI workflows. For workloads spanning multiple cloud platforms, adhering to zero trust principles becomes challenging as they cross identity domains. A unified identity framework provides consistency in automating identity issuance and enforcing access control policies across diverse environments. SPIFFE/SPIRE, an open source identity issuance framework, enables organizations to implement centralized, scalable identity management on

How HashiCorp Vault and Red Hat OpenShift can work together

In hybrid and multicloud environments, proper management of sensitive data-like secrets, credentials and certificates is critical to maintaining a robust security posture across Kubernetes clusters. While Kubernetes provides a Kube-native way to manage secrets, it’s generally understood that Kubernetes secrets are not particularly secret: they are base64 encoded and are accessible to cluster administrators. Additionally, anyone with privileges to create a pod in a specific namespace can access the secrets for that namespace. While at-rest protection can be provided by encrypting sensitive da

HubSpot vs Salesforce: Which CRM Fits Your Business? 

You’ve got an important choice to make: HubSpot or Salesforce?

Fileless Remcos RAT Attack Evades Antivirus Using PowerShell Scripts

A new wave of attacks uses PowerShell and LNK files to secretly install Remcos RAT, enabling full remote…

Securing the Code: Building a Culture of Credential Protection in Dev Teams

Credential protection is key to preventing breaches. Secure APIs, rotate secrets and train devs to handle credentials safely…

Why Cloud Phone Systems are The Future of Business Communication

Over the years, many different technologies have transitioned to Cloud-based solutions, including ERP systems and email management platforms.…

GHSA-cp9r-g575-xc5f: Jenkins DingTalk Plugin Unconditionally Disables SSL/TLS Certificate and Hostname Validation

Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks.