[sf-lug] Ransomware threat to Linux servers
Akkana Peck
akkana at shallowsky.com
Tue Nov 10 08:05:22 PST 2020
Michael Paoli writes:
> A lot of overblown "security reports" in the "news" are much more
> hype than substance ... often because some "security company" put
> out some press release (there's generally a major conflict of interest
Yes, that's been my exactly frustration with nearly all news
articles about security holes.
> The particularly bad stuff has serious to grave exploitability,
> typically significant to huge installed based, and significant
> to huge exposure. It's typically covered on security
> advisories/notifications from reputable sources, e.g. software
> vendors giving security notifications/announcements to
> update/patch the software (and/or apply work-arounds) to
Reading that made me realize that I need to find some of those
reputable sources and follow them. I pref an RSS feed so it will
show up in my daily news reader, so that's mainly what I looked for.
For Ubuntu, I found
https://ubuntu.com/security/notices/atom.xml
plus a search page, but you have to agree to their annoying
cookie tracking settings before using it,
https://ubuntu.com/security/notices
For Debian I found,
https://www.debian.org/security/dsa-long
plus the mailing list
https://lists.debian.org/debian-security-announce/
I also found
https://linuxsecurity.com/linuxsecurity-rss-feeds
which has sub-feeds for all the major distros, but is that a
trustworthy source? I'm guessing that going straight to the distro
might be better.
Anyone have any other websites, mailing lists or RSS feeds they
recommend for keeping informed about Linux security issues -- the
stuff we actually need to know, not the irrelevant scare tactics we
see in the news?
...Akkana
More information about the sf-lug
mailing list