Language Selection

English French German Italian Portuguese Spanish

Security: Red Teaming, Zero-day Vulnerabilities and Trump Campaign Website

Filed under
Security
  • Best open-source tools for Red Teaming

    A good starting point for building a Red Team toolkit is downloading and installing Kali Linux, as many of the tools mentioned here are included in the default distribution. From there, additional tools can be acquired and added to address specific use cases. When building a toolkit, it’s important not to focus on the network side of the assessment to the exclusion of the physical aspects. A Red Team is also likely expected to try physical attack vectors against the customer’s security and needs to have the appropriate tools for that part of the work as well.

  • What is a zero-day vulnerability?

    Chances are pretty good you've heard the term zero-day vulnerability. The term conjures up images of post-apocalyptic landscapes, where technology has either hit a singularity-level madness, or has reverted back to the days of CRT monitors and green screens. Max Headroom has returned and sand is the new currency.

    Or not.

    Truth be told, zero day is not even remotely as ominous. It is, however, quite serious. In fact, of all the known vulnerabilities, zero day can often pose the most risk. Why? The reason is in the very definition.

  • Trump Campaign Website Left Open to Email Server Hijack

    “The problem is that many developers fail to disable the debug mode after going live, exposing back-end website details like database locations, passwords, secret keys and other sensitive info,” they said.

More in Tux Machines

today's howtos

Thermostats, Locks and Extension Add-ons – WebThings Gateway 0.10

Happy Things Thursday! Today we are releasing WebThings Gateway 0.10. If you have a gateway using our Raspberry Pi builds then it should already have automatically updated itself. This new release comes with support for thermostats and smart locks, as well as an updated add-ons system including extension add-ons, which enable developers to extend the gateway user interface. We’ve also added localisation settings so that you can choose your country, language, time zone and unit preferences. From today you’ll be able to use the gateway in American English or Italian, but we’re already receiving contributions of translations in different languages! Read more

A technical comparison between the snap and the Flatpak formats

Since we’ve already discussed the snap layout and architecture in greater details in the previous weeks, let’s start with a quick overview of Flatpak. Much like snaps, Flatpak packages come with necessary components contained inside standalone archives, so they can be deployed and maintained with simplicity on a range of Linux distributions. Runtime and image components are bundled into a single file using the OCI format. In general, Flatpak applications are built against runtimes, but they can also contain additional libraries inside their own bundles. A Linux system with the Flatpak binary (primary command) installed and configured can then run Flatpak applications. At the moment, there are 21 distributions that offer Flatpak support. Furthermore, applications are sandboxed using Bubblewrap, which utilises kernel security and namespace features to set up unprivileged containers. Communication outside the sandbox is possible through a mechanism of portals, which allows granular access to system resources. Flatpak packages are available to end users primarily through Flathub, an app store and build service that is (semi)-officially associated with the Flatpak project. Submissions to Flathub are done as pull requests through GitHub, and require approval from the store admins. Similarly, publishers of proprietary software have to manually request inclusion of their applications. Flatpak applications are also sometimes available as manual download links. There is no automatic update mechanism available by default. Read more

Zorin OS vs Linux Mint

There are some specific linux distros out there that specially target the new and casual Linux users, most notably, Linux Mint and Zorin OS. In this article we will compare them.

Zorin OS vs Linux Mint

Both of these distros have earned a solid reputation from the community for being two of the most user-friendly distros of all. Both of them use Ubuntu as the core. Thus, both of them offer similar functionality at the core. However, the real magic is how each of them builds up on top of it. Both Linux Mint and Zorin OS comes up with different feel and vibe. While both of them are extremely user-friendly and robust, there are some key differences between them. That’s the beauty of Linux. Read more