Security Leftovers
-
Security updates for Monday
Security updates have been issued by Debian (firefox-esr, gnutls28, and libmtp), Fedora (cyrus-sasl, firefox, glibc, squid, and telnet), Gentoo (firefox), Mageia (dcraw, firefox, kernel, kernel-linus, librsvg, and python-nltk), openSUSE (firefox, haproxy, icu, and spamassassin), Red Hat (nodejs:10, openstack-manila, python-django, python-XStatic-jQuery, and telnet), Slackware (firefox), SUSE (bluez, exiv2, and libxslt), and Ubuntu (firefox).
-
Open Source Security Podcast: Episode 191 - Security scanners are all terrible
Josh and Kurt talk about security scanners. They're all pretty bad today, but there are some things we can do to make them better. Step one is to understand the problem. Do you know why you're running the scanner and what the reports mean?
-
Misconfigured Docker API Ports Targeted by Kinsing Malware
Security researchers observed an attack campaign that targeted misconfigured Docker API ports with samples of Kinsing malware.
According to Aqua Security, the campaign began when it capitalized on an unprotected Docker API port to run a Ubuntu container.
The command used for creating the Ubuntu container included a shell script “d.sh.” By means of its 600+ lines of code, the shell script began by disabling security measures, clearing logs and disabling other malware and cryptominer samples. It’s then that the command killed rival malicious Docker containers before loading its Kinsing payload.
-
L1d Cache Flush On Context Switch Moves Forward For Linux In Light Of Vulnerabilities
A new patch series sent out just under one month ago was providing opt-in L1 data cache flushing on context switching. That work has now been revived again and now with documentation added it's clear that this work is being done in response to a recent CVE being made public.
The patches originally sent out by an Amazon engineer characterized the work as for the "paranoid due to the recent snoop assisted data sampling vulnerabilities, to flush their L1D on being switched out. This protects their data from being snooped or leaked via side channels after the task has context switched out."
- Login or register to post comments
- Printer-friendly version
- 4514 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
More on Docker
Docker Users Targeted with Crypto Malware Via Exposed APIs [Ed: People who use things they do not understand can leave holes, but this is not the fault of the software]
Misconfigured Containers Again Targeted by Cryptominer Malware
Misconfigured Containers Again Targeted by Cryptominer Malware
Kinsing Malware Hits Container API Ports With Thousands...
Kinsing Malware Hits Container API Ports With Thousands of Attacks per Day
More on 'Kinsing'
If you don't cover your Docker daemon API port you'll have a hell of a time... because cryptocreeps are hunting for it