Navigation

Language Selection

Search

Security: Cracking and Patching

Submitted by Roy Schestowitz on Friday 7th of June 2019 09:12:15 PM Filed under

Security

NYS and IFMIS among government websites hacked

The National Youth Service (NYS) and Integrated Financial Management System (IFMIS) are among host of government websites that were Monday attacked by an Indonesia hacker group, Kurd Electronic Team.

The portals were attacked in the morning with hackers placing their logo on the landing pages, in a clear indication they have taken control of the site.

All the hacked websites are on servers powered by the Unix-based FreeBSD operating system.
Security updates for Friday
Action required! Exim mail servers need urgent patching
VideoLAN releases VLC 3.0.7

The new 3.0.7 release for the VideoLAN multimedia player VLC was tagged in git almost two weeks ago but it took until today to find official tarballs on their web site. By the looks of the git log I can only assume that the VideoLAN developers needed to fix some annoying post-release bugs first.
The ChangeLog documents that the focus of the developers is mostly on the Android, MacOS and Windows platforms, presumably because that is where most of the issues are found? Also – through sponsoring by the European Commission’s EU-FOSSA2 program – more than 35 security bugs were fixed.
So I built new ‘vlc‘ packages for Slackware 14.2 and -current yesterday and uploaded them to my repository. Between the previous 3.0.6 and this 3.0.7 release I updated some of the packages’ internal libraries: bluray, dav1d, dvdnav, ebml, matroska. If you want to know what you can expect from the VLC 3.x releases (as opposed to the 2.x releases which took way too many years to get obsoleted) you can read this older article on my blog.

Login or register to post comments
Printer-friendly version
1697 reads
PDF version

More in Tux Machines

Android Leftovers

ArcticFox 27.9.19 release

Code has been fixed to support newer compilers. On Linux, currently, the highest supported compiler remains gcc 6.5, more recent versions do compile now with this release, but fail to link afterwards with errors on very standard symbols. Help appreciated! On NetBSD gcc 7 now works fine instead.

FreeDOS 1.3 RC2

We are moving toward the FreeDOS 1.3 release. FreeDOS 1.3 Release Candidate 2 is now available for download. Please help us test this new version! A big feature in FreeDOS 1.3 will be booting into a LiveCD version of FreeDOS. You can test this by downloading FD13-LiveCD.zip, which contains FD13LIVE.ISO. This media is similar to the LegacyCD. However instead of relying on the BIOS floppy disk emulation, it uses SYSLINUX and MEMDISK to boot an emulated floppy disk. Along side support to perform a Plain and Full installation FreeDOS, this media is also able to run FreeDOS live from RAM or CD (depending on computer system and hardware) without installation to an internal hard disk drive. You can also download FreeDOS 1.3 RC2 in "Full" and "Lite" versions, and a "Legacy" CDROM version that is set up to let the CDROM boot on older hardware. Most users should try the LiveCD version. Also: FreeDOS 1.3 RC2 Released With "Live CD" Support

Best Linux log file management and monitoring tools

In most Linux distros, system administrators would keep an eye on log files from time to time in production environments, in order to get a glimpse at the health of the system, the running state of applications, potential memory issues, events with high priority…This will help them improve the overall system performance and to proactively avoid future problems which might affect the users and their applications. Viewing and analyzing the log files is no easy task if done without using the appropriate tools and utilities. In this article, we will be looking at some of the best log file monitoring and management applications that are in use today.

Latest News

Rough, tough in-vehicle computer offers PoE and battery backup

The system provides a 9-48V DC power input with automatic recovery short circuit power protection and vehicle power ignition support for a variety of vehicles. There’s also an optional 10-minute backup battery. The 250 x 155 x 55mm computer weighs 1.98 Kg and has wall and VESA mounting. The VBOX-3611-IP65 runs Ubuntu 16.04 or Windows 10 on Intel’s dual-core, 15W TDP 6th Gen U-series processors up to a Core i7-6600U clocked at 2.6GHz (3.4GHz turbo). The system supports up to 32GB DDR4-2133 and has a 2.5-inch SATA bay and an M.2 M-key 2280/2242 slot for SSDs. The product page mentions dual SIM card slots and optional LTE, WLAN, GPS, and Bluetooth, and the front panel image shows four antenna connectors, so there must some be some PCIe/USB enabled M.2 or mini-PCIe slots lurking about.

Latest HowTos and Programming Bits

Install VLC Player on CentOS 8 / CentOS 8 Stream
killersheep – Silly game for Vim version 8.2
Rav1e Achieves Another ~20% Speed-Up For Rust-Based AV1 Video Encoding

Rav1e's weekly-ish pre-releases for this Rust-written AV1 encoder have been focusing a lot on better performance via hand-written x86 Assembly, making use of SIMD extensions, and other fine tuning of their encoder. With this newest pre-release, another ~20% speed-up was obtained. Today's rav1e p20191215 build is around 20% faster thanks to porting more Assembly optimizations from the dav1d AV1 decoder over to rav1e. There is also now forward-transform SIMD support and simplifications/refactoring to the motion estimation and scene change code.
Function-Based Views vs Class-Based Views in Django

When I had just started learning Django. There is always a problem for me to choose from. Which views should I used that is either function-based views or class-based views. I believe this is one of the core reasons why Django is hard to pick up for beginners. Therefore I believe that this article could allow you to understand the basic functionality of these views. To make a choice in your development on which is needed to be based upon your use cases.
Python 3.7.5 : Simple intro in CSRF.

CSRF or Cross-Site Request Forgery is a technique used by cyber-criminals to force users into executing unwanted actions on a web application. To protect against web form CSRF attacks, it's isn't sufficient for web applications to trust authenticated users, must be equipped with a unique identifier called a CSRF token similar to a session identifier.

Raspberry Pi 4 BCM43455 NVRAM Addition Hits Linux-Firmware Git

The Raspberry Pi 4 continues seeing better mainline kernel/software support as we approach 2020. With the forthcoming Linux 5.5 kernel there is Broadcom BCM2711 SoC support and Raspberry Pi 4 DeviceTree in place. With Linux 5.5 due out in late January or early February is the start of that mainline board and SoC support though expect it to continue to be revised over the coming cycles. On the graphics side, the already mainline Broadcom "V3D" driver stack continues to be improved upon especially on the Mesa side with its Gallium3D driver and nearly at OpenGL ES 3.1 support.

Syndication & Social Media

Follow the site via RSS/Twitter.

Full RSS:

RSS feeds for particular topics are also available

Twitter:

Content (where original) is available under CC-BY-SA, copyrighted by original author/s.

Support Tux Machines

Help Support TM
Wall of Appreciation

Softpedia News

Gizmoz

LXer

Linux Today

LinuxSecurity.com Advisories

Debian

It's FOSS

OMG! Ubuntu!

GamingOnLinux

Slashdot

DW Latest Releases

DistroWatch

More on Tux Machines: About ● Gallery ● Forum ● Blogs ● Search ● News ● RSS Feed

Part of Bytes Media ● Sister sites below.

FSF

Ubuntu Buzz

LinuxLinks

Content available under CC-BY-SA