Language Selection

English French German Italian Portuguese Spanish

Security: Patches, Firefox and Webmin

Filed under
Security
  • Security updates for Thursday

    Security updates have been issued by Fedora (oniguruma and thunderbird-enigmail), openSUSE (chromium, ghostscript, and slurm), Oracle (kernel), Red Hat (kpatch-patch), Slackware (bind), SUSE (python-ecdsa), and Ubuntu (bind9 and mariadb).

  • Princesses make terrible passwords

    When the Disney+ streaming service rolled out, millions of people flocked to set up accounts. And within a week, thousands of poor unfortunate souls reported that their Disney passwords were hacked. According to media reports, some Disney+ account holders have lost their account access while hackers have sold their logins online.

    [...]
    When setting up accounts, Lockwise can help you select something complex and unique that you never would have thought of on your own. Then you can save that tricky password straight into your browser and use it directly from the app, secured behind a master password or fingerprint login protected in the most delightful way for when you need it.

    We can’t guarantee that various services and platforms you use won’t ever be compromised, but we can help you create complex unique passwords to minimize your exposure should it occur. And with Firefox Monitor, we can alert you when breaches happen.

  • Two ways Firefox protects your holiday shopping

    We’re entering another holiday shopping season, and while you’re browsing around on the internet looking for thoughtful presents for friends and loved ones, it’s also a good time to give yourself the gift of privacy. Your research and shopping behavior has the potential to be a huge gift to the advertisers collecting data about your habits. If you’re not using Firefox, every weird search for every weird gift could get packaged up in a marketplace where companies and advertisers will be buying, selling and trading this data about you in their own holiday shopping bonanza. Using Firefox is the preventative measure you need during the holiday season (but really anytime you’re shopping online) to protect you from two potential problems...

  • Linux Webmin Servers Under Attack by Roboto P2P Botnet

    A newly-discovered peer-to-peer (P2P) botnet has been found targeting a remote code execution vulnerability in Linux Webmin servers.

    Vulnerable Linux Webmin servers are under active attack by a newly-discovered peer-to-peer (P2P) botnet, dubbed Roboto by researchers.

Monero

  • Monero attackers used Linux, Windows binaries to steal currency: Report

    On 19 November, a Reddit user warned the Monero community about CLI binaries being compromised. Soon after it was brought to light, the issue escalated and the official Monero website acknowledged having been hacked. The hack was intended to deliver currency-stealing malware to users who were downloading wallet software, according to a blog released by officials.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Linux Foundation: ACT Program, Dent and Delta Lake

  • Google, VMware Headline Linux Foundation's ACT Program
  • Amazon is joining a project that could upend network chipmakers such as Broadcom

    Amazon is contributing to a new piece of open-source software that could give it a leg up in its physical stores. The Linux Foundation, a nonprofit organization that maintains the Linux operating system and open-source software, announced the new networking operating system, called Dent, in a statement on Friday. Dent is a proposed operating system for switches, which are pieces of hardware used to route data around networks, usually within companies or between companies and the internet. The market has traditionally been dominated by big companies such as Broadcom, which provides a lot of the underlying silicon chips, and Cisco, which sells finished assembled product.

  • Calmer waters promised in the data lake through Linux Foundation Delta Lake Project

    Delta Lake (wait for it… the clue is in the name) is a project focusing on improving the reliability and performance of data lakes. Delta Lake was actually announced by unified analytics company Databricks earlier this year before this autumn becoming a Linux Foundation project with an open governance model. The team points out that organisations in every vertical aspire to get more value from data through data science, machine learning and analytics, but they are hindered by the lack of data reliability within data lakes.

Latest Openwashing in the News

Programming/Admin: Rootconf, Awk, UNIX, Wireguard and Python

  • Rootconf Hyderbad, 2019

    Rootconf is the conference on sysadmins, DevOps, SRE, Network engineers. Rootconf started its journey in 2012 in Bangalore, 2019 was the 7th edition of Rootconf. In these years, through all the Rootconfs, there is a community that has developed around Rootconf. Now people do come to attend Rootconf not just to attend the conference but also to attend friends and peers to discuss projects and ideas.

  • A bit of fun with awk

    I learned a few tidbits in awk this week. awk is a language I have, at best, looked at only very superficially, even though I use it frequently if very basically: to chop a line into fields. I tend to use it more than cut(1) because I can print additional data to that which I’ve cut out (without having to add sed(1) so awk just is more versatile for me.

  • How Unix Works: Become a Better Software Engineer

    I’ll put just enough commands for us to play along, assuming you’re starting from scratch. We’ll explore concepts, see them in practice in a shell, and then scream “I GET THIS!”. Along the way, we’ll also figure out what a shell really is.

    But we can’t begin without getting into the minds of the creators: exploring Unix’s philosophy.

    For now, we can assume Linux is Unix. If you want to know why that’s not really the case, you can skip to the bottom and come back. We’ll end the Unix vs linux confusion once and for all.

  • wireguard

    wireguard (wg) is a modern vpn protocol, using the latest class of encryption algorithms while at the same time promising speed and a small code base.

    modern crypto and lean code are also tenants of openbsd, thus it was a no brainer to migrate my router from openvpn over to wireguard.

  • Python Software Foundation: Mozilla and Chan Zuckerberg Initiative are funding pip with $407,000

    The Mozilla Corporation and the Chan Zuckerberg Initiative are funding the Python package installer pip with $407,000 USD to support work that is planned for 2020. Where is pip headed next year? The roadmap has been laid out, so let’s have a look at what the future holds. As the Python Software Foundation (PSF) announced in a blog post, it is receiving $207,000 USD from Mozilla via the Mozilla Open Source Support Award and $200,000 USD from the Chan Zuckerberg Initiative (CZI) as Essential Open Source Software for Science grant. The funds are designated to support a three-phased working plan for pip in 2020 to make the package installer “easier for people to use and troubleshoot”, and here’s what’s going to happen.

  • A Tiny Python Exception Oddity

    If you go back to the first case I discussed, with the unmatched parenthesis, in Friendly-traceback, I rely on the location of the error shown by Python to indicate where the problem arose and, when appropriate, I look *back* to also show where the potential problem started. Unfortunately, I cannot do that in this case with CPython.

today's howtos