Language Selection

English French German Italian Portuguese Spanish

Security, FUD, Openwashing and Threats

Filed under
Server
Security
  • Security updates for Tuesday

    Security updates have been issued by Debian (curl and otrs2), Fedora (NetworkManager-ssh and python-psutil), Mageia (ipmitool, libgd, libxml2_2, nextcloud, radare2, and upx), openSUSE (inn and sudo), Oracle (kernel, ksh, python-pillow, and thunderbird), Red Hat (curl, kernel, nodejs:10, nodejs:12, procps-ng, rh-nodejs10-nodejs, ruby, and systemd), SUSE (dpdk, firefox, java-1_7_1-ibm, java-1_8_0-ibm, libexif, libvpx, nodejs10, nodejs8, openssl1, pdsh, slurm_18_08, python-azure-agent, python3, and webkit2gtk3), and Ubuntu (libapache2-mod-auth-mellon, libpam-radius-auth, and rsync).

  • New Critical RCE Bug in OpenBSD SMTP Server Threatens Linux Distros [Ed: Typical FUD associating "Linux" with a package that GNU/Linux distros do not come with]

    Security researchers have discovered a new critical vulnerability in the OpenSMTPD email server. An attacker could exploit it remotely to run shell commands as root on the underlying operating system.

  • New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers [Ed: Again attributing to operating systems bugs in pertinent packages they may not even have]

    OpenSMTPD has been found vulnerable to yet another critical vulnerability that could allow remote attackers to take complete control over email servers running BSD or Linux operating systems.
    OpenSMTPD, also known as OpenBSD SMTP Server, is an open-source implementation of the Simple Mail Transfer Protocol (SMTP) to deliver messages on a local machine or to relay them to other SMTP servers.
    It was initially developed as part of the OpenBSD project but now comes pre-installed on many UNIX-based systems.

  • Y2K bug has a 2020 echo

    The New Scientist reports on problems with software caused by an echo of the Y2K bug that had every excited in the late 1990s.

    It turns out one of the fixes then was to kick various software cans down the road to 2020. In theory that gave people 20 years to find long term answers to the problems. In some cases they might have expected software refreshes to have solved the issue.

    [...]

    This happens because Unix time started on January 1 1970. Time since then is stored as a 32-bit integer. On January 19 2038, that integer will overflow.

    Most modern applications and operating systems have been patched to fix this although there are some compatibility problems. The real issue comes with embedded hardware, think of things like medical devices, which will need replacing some time in the next 18 years.

  • The “Cloud Snooper” malware that sneaks into your Linux servers [Ed: They don't want to mention that people actually need to install this malware on GNU/Linux for dangers to become viable. Typical Sophos FUD/sales.]
  • Cybersecurity alliance launches first open source messaging framework for security tools [Ed: Openwash of proprietary software firms]

    Launched by the Open Cybersecurity Alliance (OCA), a consortium of cybersecurity vendors including IBM, Crowdstrike, and McAfee, on Monday, the OCA said that OpenDXL Ontology is the "first open source language for connecting cybersecurity tools through a common messaging framework."

  • Microsoft uses its expertise in malware to help with fileless attack detection on Linux [Ed: Truly laughable stuff as Microsoft specialises in adding back doors, then abusing those who speak about it]
  • Azure Sphere, Microsoft's Linux-Powered IoT Security Service, Launches [Ed: Microsoft is Googlebombing "Linux" again; you search for Linux news, you get Microsoft Azure (surveillance) and proprietary malware, instead.]

'Security'

Microsoft news disguised as "Linux"

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Games: Estranged: Act II, Helltaker and Soldat

  • First person exploration adventure Estranged: Act II is out

    Acting as a standalone sequel to the free Estranged: Act I, solo developer Alan Edwardes has now released Estranged: Act II. It's a first-person adventure that mixes in plenty of exploration in different environments, a few puzzles and a little action and horror too. A thoroughly mixed bag of genres blended together. You assume the role of a lone fisherman, stranded on a mysterious island during a violent storm.

  • Free to Play Puzzle-Dating Sim Helltaker Now Available on Linux and Steam OS

    Vanripper (Lukasz Piskorz) has announced that free to play puzzle-dating sim Helltaker is now available on Linux, and Steam OS. Launching on May 11th, the game is a fusion of visual novel dating sim and puzzle game. You have entered hell for one purpose- to create a harem from cute demon girls. Play through navigation based puzzles with limited moves, and attempt to reach multiple demon girls at the end. These puzzles can be skipped if you desire.

  • Classic multiplayer action game Soldat is now open source

    Soldat, a side-scrolling multiplayer shooter that was ridiculously popular in the early 2000s is now open source. They're now working on Soldat 2, which will be a much upgraded Unity remake with all sorts of advanced features. To give back to the community though, the classic Soldat has been put up on GitHub under the MIT license. Interestingly, this is not the current live version but an in-progess 1.8 build with some key differences

Android Leftovers

Games: SamRewritten, ShellShock, What Never Was

  • Steam Achievement Manager 'SamRewritten' has a new release

    Need to tweak your Steam Achievements? Perhaps a game doesn't correctly unlock them or you want to start fresh again on a game - SamRewritten can help you do that. It's an open source Steam Achievements Manager for Linux and there's a new release out recently.

  • Strategic multiplayer artillery game ShellShock Live is out now

    ShellShock Live is an awesome tribute to games like Scorched Earth, Pocket Tanks, and Worms and after many years in development it's finally released. If you've never played either of those classics (madness), it's a side-scrolling game of artillery. Each player controls a tank they're able to position anywhere they can reach, and you take it in turns to pick a weapon and fire in the hopes of annihilating the other side. It's simple but ShellShock Live advances the classics in many great ways that makes it genuinely super fun. There's fully destructible terrain, upgrades and it can be played in single-player and online.

  • What Never Was: Chapter II gets a boost from an Epic MegaGrant

    What Never Was, a short story-driven adventure game from Acke Hallgren has been given a funding boost for What Never Was: Chapter II. Not played What Never Was? It's a first-person game focused on exploration and puzzle-solving about Sarah, having to shoulder the arduous task of clearing out her grandfathers attic, and soon finds that not everything about the attic is what it seems. The first part has been well received, showing that on a small budget some great experiences can be made and the developer had been planning a sequel. The developer announced on Steam recently, that Epic Games have approved them to get an Epic MegaGrant to help fund development. Hallgren also confirmed it's not going to be an EGS exclusive.

SHIFT13mi Linux-friendly tablet with replaceable mainboard scheduled for 2021 release

German smartphone maker Shift makes phones that are designed to be modular and easy to repair. And now the company has introduced a tablet with the same design ethos. The SHIFT13mi will be a 2-in-1 tablet with a 13.3 inch touchscreen display, a detachable keyboard, support for Windows 10 or Linux, and upgradeable, replaceable, and repairable components. Read more