Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If you’ve been managing Red Hat-based systems as long as I have, yum install is likely hardcoded into your muscle memory. For decades, YUM (Yellowdog Updater, Modified) served as the backbone of RPM Linux-based distributions, getting us through countless server setups and late-night patches. But the era of YUM is officially over. With RHEL 9, Fedora, and Rocky Linux fully embracing DNF, YUM has moved from “reliable veteran” to “legacy technical debt.”

Local Oracle Linux installations do not support CIS Oracle Linux benchmarks or hardened images. When you implement CIS Benchmarks on an Oracle server, you are on your own. We wrote this post to help you.

Linux patch management is the disciplined process of identifying, testing, and applying security patches and updates to Linux-based systems. It’s essential for fixing vulnerabilities, improving performance, and maintaining compliance—ensuring your infrastructure remains resilient in the face of evolving threats.

Linux kernel v6.17 is on the horizon (expected release by the end of September 2025 – Canonical said to release 25.10 with the new kernel in early October), and it brings some interesting security-focused improvements. This release continues Linux’s trend of hardening the kernel against both hardware-level vulnerabilities and general attack vectors, while refining security subsystems for better performance and maintainability.

Running servers on virtual machines provides you with a list of advantages such as scalability, rational resource usage, high availability, load balancing, convenient management, data protection features, etc. For this reason, you may want to migrate some of your physical servers to virtual machines. This process is also known as physical to virtual conversion, and referred to by the acronym P2V.

We are thrilled to announce that Syteca’s account discovery feature now supports Linux systems, expanding its capabilities to provide comprehensive visibility across hybrid IT environments.

Linux distributions, such as Red Hat Enterprise Linux (RHEL), dominate the enterprise and cloud computing sectors. One of the many reasons for the success and popularity of Linux is its support of convenient and straightforward remote access protocols, such as Secure Shell (SSH). In the right hands, SSH’s ability to securely access remote servers enables access to any Linux server, regardless of the environment. The problem is that, in the wrong hands, SSH can be a security nightmare.

ARMO researchers reveal a major blind spot in Linux runtime security tools caused by the io_uring interface—an asynchronous I/O mechanism that bypasses traditional system calls. Most tools, including Falco, Tetragon, and Microsoft Defender fail to detect rootkits using io_uring because they rely on syscall monitoring. ARMO’s proof-of-concept rootkit, Curing, operates fully via io_uring to demonstrate the threat.