Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

Blog posts tagged
"Security"

Rajan Patel
27 June 2025

How is Livepatch safeguarded against bad actors?

Security Article

What safeguards the Livepatch security patching solution against bad actors and malicious code masquerading as an update? Learn about Secure Boot and module signing. ...

ebarretto
18 June 2025

Fixes available for local privilege escalation vulnerability in libblockdev using udisks

Ubuntu Article

Qualys discovered two vulnerabilities in various Linux distributions which allow local attackers to escalate privileges. The first vulnerability (CVE-2025-6018) was found in the PAM configuration. This CVE does not impact default Ubuntu installations because of how the pam_systemd.so and pam_env.so modules are invoked. The second vulnerab ...

Giulia Lanzafame
10 June 2025

Apache Spark security: start with a solid foundation

Data Platform Article

Everyone agrees security matters – yet when it comes to big data analytics with Apache Spark, it’s not just another checkbox. Spark’s open source Java architecture introduces special security concerns that, if neglected, can quietly reveal sensitive information and interrupt vital functions. Unlike standard software, Spark design permits ...

Rawand Benour
5 June 2025

What if your container images were security-maintained at the source?

Ubuntu Article

Software supply chain security has become a top concern for developers, DevOps engineers, and IT leaders. High-profile breaches and dependency compromises have shown that open source components can introduce risk if not properly vetted and maintained. Although containerization has become commonplace in contemporary development and deploym ...

Octavio Galland
30 May 2025

Apport local information disclosure vulnerability fixes available

Ubuntu Article

Qualys discovered two vulnerabilities in various Linux distributions which allow a local attacker with permission to create user namespaces to leak core dumps for processes of suid executables. These affect both apport, the Ubuntu default core dump handler (CVE-2025-5054), and systemd-coredump, the default core dump handler in Red Hat Ent ...

Benjamin Ryzman
9 April 2025

SONiC: The open source network operating system for modern data centers

Networking Networking

Software for Open Networking in the Cloud (SONiC) is an open-source network operating system that has revolutionized data center networking. Originating as a Microsoft-led initiative in the Open Compute Project (OCP) in 2016, SONiC has rapidly gained traction among hyperscalers and switch hardware vendors, including Broadcom, Cisco, and N ...

Stephanie Domas
24 March 2025

What is Application Security (AppSec)?

Hardening Article

Application security (or AppSec, for short) is a broad term that refers to all of the tools, actions, and processes that an organization uses to protect its applications against vulnerabilities across the entirety of its life cycle. Application security has one objective: to find weaknesses in your applications and systems that could be a ...

Henry Coggill
14 March 2025

What is System Hardening? Essential Checklists from OS to Applications

CIS Benchmarks Article

Hardening a system aims to decrease its exposure to make it difficult to hack, and to lessen the potential collateral damage in the event of a compromise. ...

Luci Stanescu
28 February 2025

How to conduct a vulnerability assessment

Security Article

The realm of information security is fraught with jargon, as anyone who has come across vulnerability-related terms can tell you. To complicate matters further, some of these terms are used interchangeably or in contexts outside of computing. This can muddy the waters for people looking to learn about vulnerability assessments – so in thi ...

Canonical
6 February 2025

Canonical achieves ISO/SAE 21434 certification, strengthening automotive cybersecurity standards

Automotive Article

Certified cybersecurity processes to help safeguard next-generation connected vehicles Canonical is proud to announce it has achieved the ISO/SAE 21434 certification for its Security Management System, following an extensive assessment by TÜV SÜD, a globally respected certification provider. This milestone highlights Canonical’s leadershi ...

João Hellmeister
20 January 2025

A comprehensive guide to NIS2 Compliance: Part 3 – Setting the roadmap and demonstrating NIS2 compliance.

Ubuntu Article

In this third and final part of the series, I’ll provide some tips on how to set up your roadmap and effectively demonstrate compliance without overburdening your teams.  If you’re just joining the fun now, in our two previous editions we covered who NIS2 applies to and what requirements it sets out. Be sure to ...

  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page