Language Selection

English French German Italian Portuguese Spanish

Security: Updates, Flaws and Chromium Update on Slackware

Filed under
Security
  • Security updates for Monday
  • Lessons From Global Cybersecurity Breaches For Your Next M&A
  • Cryptocurrency attack thwarted by npm team

    Cryptocurrency users narrowly escaped losing all their funds last week after an attacker poisoned a digital wallet with malicious code that stole their blockchain access details.

    The attacker injected malicious code into Agama, a cryptocurrency wallet created by Komodo. If successful, they could have stolen around $13m of Komodo’s KMD cryptocurrency, which is a privacy-centric coin. Luckily, they were thwarted by quick action from both Komodo and software repository npm.

  • Firefox fires blocks at trackers, Exim tackles 7-day remote flaw, and RDP pops up yet again

    Are you running the latest version (4.9.2) of Exim on your Linux box? If so, you can go ahead and skip down to the next item, because you're already clear of danger.

    Everyone else may want to consider updating, because older versions of the Linux mail server have been found to contain a command execution vulnerability that has now been confirmed to be remotely exploitable.

    The bug, initially thought only to be locally exploitable, was first addressed in February of this year when the latest Exim build was released. At the time, it was not considered to be a major security issue, but rather a minor bug that wouldn't need to be addressed in older versions.

  • Chromium 75 available as Slackware packages (32bit and 64bit)

    The Chromium 75 sources were released last week by Google, and this new major release contains 42 fixes for security issues. A couple of them are serious enough that you are encouraged to update to the new 75 release ASAP.

    In terms of functionality, not much changed in Chromium 75, but there is one interesting addition that you may want to try if you read a lot of content online. It’s called “Reader Mode” and is still disabled by default, You can enable it through the Chrome flag “chrome://flags/#enable-reader-mode“. The reader mode strips away page clutter like buttons, background images and changes the page layout for better readability.

More in Tux Machines

Linux commands to display your hardware information

There are many reasons you might need to find out details about your computer hardware. For example, if you need help fixing something and post a plea in an online forum, people will immediately ask you for specifics about your computer. Or, if you want to upgrade your computer, you'll need to know what you have and what you can have. You need to interrogate your computer to discover its specifications. Alternatively, you could open up the box and read the labels on the disks, memory, and other devices. Or you could enter the boot-time panels—the so-called UEFI or BIOS panels. Just hit the proper program function key during the boot process to access them. These two methods give you hardware details but omit software information. Or, you could issue a Linux line command. Wait a minute… that sounds difficult. Why would you do this? Read more

Android Leftovers

BlackWeb 1.2

BlackWeb is a penetration and security testing distribution based on Debian. The project's website presents the distribution's features as follows: BlackWeb is a Linux distribution aimed at advanced penetration testing and security auditing. BlackWeb contains several hundred tools which are geared towards various information security tasks, such as penetration testing, security research, computer forensics and reverse engineering. Starting from an appropriately configured LXDE desktop manager it offers stability and speed. BlackWeb has been designed with the aim of achieving the maximum performance and minimum consumption of resources. There are 32-bit (x86) and 64-bit (x86_64) builds of BlackWeb available on the distribution's website. I downloaded the 64-bit build which is 2.6GB in size. Booting from the media brings up a menu asking if we would like to try BlackWeb's live desktop, run the installer or run the graphical installer. Taking the live desktop options presents us with a graphical login screen where we can sign in with the username "root" and the password "blackweb". Read more

Feh is a light-weight command-line image viewer for Linux

The default image viewer in most Linux distros is a fine option for many users, but if you want a distraction free alternative, Feh is a good option. Feh's interface is as barebones as it gets as it does not have any toolbars or buttons but is a command line interface application; because of that, it is very light on resources and still easy enough to use even for users who shy away from using the command line whenever possible. Read more