Language Selection

English French German Italian Portuguese Spanish

Security: Cracking and Patching

Filed under
Security
  • NYS and IFMIS among government websites hacked

    The National Youth Service (NYS) and Integrated Financial Management System (IFMIS) are among host of government websites that were Monday attacked by an Indonesia hacker group, Kurd Electronic Team.

    The portals were attacked in the morning with hackers placing their logo on the landing pages, in a clear indication they have taken control of the site.

    All the hacked websites are on servers powered by the Unix-based FreeBSD operating system.

  • Security updates for Friday
  • Action required! Exim mail servers need urgent patching
  • VideoLAN releases VLC 3.0.7

    The new 3.0.7 release for the VideoLAN multimedia player VLC was tagged in git almost two weeks ago but it took until today to find official tarballs on their web site. By the looks of the git log I can only assume that the VideoLAN developers needed to fix some annoying post-release bugs first.
    The ChangeLog documents that the focus of the developers is mostly on the Android, MacOS and Windows platforms, presumably because that is where most of the issues are found? Also – through sponsoring by the European Commission’s EU-FOSSA2 program – more than 35 security bugs were fixed.
    So I built new ‘vlc‘ packages for Slackware 14.2 and -current yesterday and uploaded them to my repository. Between the previous 3.0.6 and this 3.0.7 release I updated some of the packages’ internal libraries: bluray, dav1d, dvdnav, ebml, matroska. If you want to know what you can expect from the VLC 3.x releases (as opposed to the 2.x releases which took way too many years to get obsoleted) you can read this older article on my blog.

More in Tux Machines

Android Leftovers

OPNsense 19.7 "Jazzy Jaguar" released

For four and a half years now, OPNsense is driving innovation through
modularising and hardening the open source firewall, with simple
and reliable firmware upgrades, multi-language support, HardenedBSD
security, fast adoption of upstream software updates as well as clear
and stable 2-Clause BSD licensing.

19.7, nicknamed "Jazzy Jaguar", embodies an iteration of what should be
considered enjoyable user experience for firewalls in general: improved
statistics and visibility of rules, reliable and consistent live logging
and alias utility improvements.  Apart from the usual upgrades of third
party software to up-to-date releases, OPNsense now also offers built-in
remote system logging through Syslog-ng, route-based IPsec, updated
translations with Spanish as a brand new and already fully translated
language and newer Netmap code with VirtIO, VLAN child and vmxnet support.

Last but not least we would like to thank m.a.x. it for their sponsorship
of the default gateway priority switching feature and their continued work
of writing and maintaining plenty of community plugins.  This time around,
Maltrail, Netdata and WireGuard VPN have been freshly added to the mix.


Read more

From Linux to cloud, why Red Hat matters for every enterprise

In 1994, if you wanted to make money from Linux, you were selling Linux CDs for $39.95. By 2016, Red Hat became the first $2 billion Linux company. But, in the same year, Red Hat was shifting its long-term focus from Linux to the cloud. Here's how Red Hat got from mail-order CDs to the top Linux company and a major cloud player. And, now that Red Hat is owned by IBM, where it will go from here. Read more

When Choosing Your Commercial Linux, Choose Wisely!

“Linux is Linux is Linux,” is a direct quote I heard in a meeting I had recently with a major multi-national, critical-infrastructure company. Surprisingly and correctly, there was one intelligent and brave engineering executive who replied to this statement, made by one of his team members, with a resounding, “That’s not true.” Let’s be clear, selecting a commercial Linux is not like selecting corn flakes. This is especially true when you are targeting embedded systems. You must be considering key questions regarding the supplier of the distribution, the criticality of the target application, security and life-cycle support for your product. Read more