Security and Proprietary Software
American cyber security company FireEye says it has identified a killswitch which will stop malware that was planted in the Orion network monitoring software, made by the Texas firm SolarWinds, from operating under certain conditions.
Half a year after the last major update, Arch Linux released BlackArch Linux in early December. All the basic components of the proud 15GB live system were brought to the level of Arch Linux installation media 2020.12.01.
Updated kernel for everyday Linux applications and especially newer program versions is a small thing in the case of BlackArch. In addition to its minimalist window manager with indispensable hacker aesthetics, the delivery also features a set of tools provided to support security professionals and ambitious security hobbies looking for infiltration tests and vulnerabilities. During the upgrade, it was significantly expanded again: more than 100 new tools have been added, now there are a total of 2621.
Bloomberg News reported that at least three state governments were [cracked]. That was followed by reports of other breaches: the city network in Austin, Texas, and the U.S. nuclear weapons agency. Late in the day software giant Microsoft Corp. said its systems were exposed.
Reuters reported earlier that Microsoft was [cracked] and that its systems were used to attack other entities, citing people familiar with the matter.
Microsoft president Brad Smith warned that the wide-ranging [crack] of the SolarWinds’ Orion IT software is “ongoing,” and that investigations reveal “an attack that is remarkable for its scope, sophistication and impact.” The breach targeted several US government agencies and is believed to have been carried out by Russian nation-state [attackers].
Smith characterized the [attack] as “a moment of reckoning” and laid out in no uncertain terms just how large and how dangerous Microsoft believes the [attack] to be. It “represents an act of recklessness that created a serious technological vulnerability for the United States and the world,” Smith argues.
The Cybersecurity and Infrastructure Protection Agency (CISA) put out an alert detailing the attack, widely reported to be carried out by a Russian military [cracking] group, on IT company SolarWinds.
By infiltrating a vulnerability in the company’s Orion software, the group was able to access federal networks, with DHS, the Commerce, State and Treasury departments, and branches of the Pentagon among the agencies reportedly breached, with the [attackers] potentially having had access to the networks since March.
Earlier this week, it was revealed that foreign [crackers] breached a Texas-based third-party IT provider, SolarWinds, which has various clients across government and the private sector. The [attackers] are said to have breached some government agencies, including the Treasury, Homeland Security and Commerce departments.
New reports Thursday said the U.S. Department of Energy and Microsoft were among places affected by the [attack]. The U.S. Treasury and Commerce departments were the first to be identified.
Software behemoth Microsoft has been compromised in the ongoing cyber attacks, Reuters reports. US Government departments, including the Energy Department and the National Nuclear Security Administration, were also reportedly attacked.
In October, news broke that Vastaamo’s internal systems had been accessed and the data of its 400 employees and approximately 40,000 patients stolen. Addresses, contact details, and unique, government-issued Finnish identity numbers were taken in the breach – leaving victims exposed to fraud and identity theft. The tranche of stolen data also included therapy notes and diagnoses.
The data had been accessed through a security flaw in Vastaamo’s bespoke IT systems, which the company's co-founder and CEO, Ville Tapio, a trained product developer with an education in marketing, commissioned a team of in-house software developers to create.
The attackers gained access to SolarWinds software before updates of that software were made available to its customers. Unsuspecting customers then downloaded a corrupted version of the software, which included a hidden back door that gave hackers access to the victim’s network.
This is what is called a supply-chain attack, meaning the pathway into the target networks relies on access to a supplier. Supply-chain attacks require significant resources and sometimes years to execute. They are almost always the product of a nation-state. Evidence in the SolarWinds attack points to the Russian intelligence agency known as the S.V.R., whose tradecraft is among the most advanced in the world.
According to SolarWinds S.E.C. filings, the malware was on the software from March to June. The number of organizations that downloaded the corrupted update could be as many as 18,000, which includes most federal government unclassified networks and more than 425 Fortune 500 companies.
Video: Librem 5 vs. PinePhone Manjaro Edition, Battery Life, Stalonetray
Just a quick video this week on an issue I've only recently solved for myself. How to improve your laptop's battery life when you are running Linux.
Sometimes you want to run a status bar that doesn't come with a built in system tray but you still want access to one, that's where a standalone system tray like stalonetray comes in handy.
today's howtos
I got myself a TECLAST F7 Plus laptop. It comes preinstalled with Windows 10 but I planned to use it as my daily driver. So I installed OpenBSD 6.8 on it.
Many new Linux users feel intimidated by the classical Linux text editors, i.e. mainly VIM and EMACS since they require a prior knowledge of basic shortcuts and some Linux basics knowhow. Fortunately for beginners there is a simple yet powerful newbie friendly text editor called NANO. NANO comes pre-installed with Ubuntu and other similar distros. It is a versatile and reliable text editor that offers all the basic functionalities a user would expect like editing operations (search, replace, cut and paste), syntax highlighting as well as spell checking and many more features. In this article we will take you through the steps of using the NANO text editor. Let’s get started.
The arping command is one of the lesser known commands that works much like the ping command.
The name stands for “arp ping” and it’s a tool that allows you to perform limited ping requests in that it collects information on local systems only. The reason for this is that it uses a Layer 2 network protocol and is, therefore, non-routable. The arping command is used for discovering and probing hosts on your local network.
In this tutorial, we will show you how to install GIMP on Linux Mint 20. For those of you who didn’t know, GIMP is a free and open-source image editor used for retouching and editing images. From retouching to restoring to creative composites, the only limit is your imagination. GIMP is used for producing icons, graphical design elements, and art for user interface components and mockups. GIMP provides top-notch color management features to ensure high-fidelity color reproduction across digital and printed media.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step by step installation of the GIMP image editor on a Linux Mint 20 (Ulyana).
In this tutorial, we will show you how to install Chromium on Linux Mint 20. For those of you who didn’t know, The Chromium project covers two utilities such as Chromium and Chromium OS, which are the open-source projects of the Google Chrome browser and Google Chrome OS. Chromium has been developed as an open-source browser project whose critical mission is to offer a more secure, faster, and more stable way to navigate the web where threats are constant at every minute.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step by step installation of Chromium web browser on a Linux Mint 20 (Ulyana).
Are you a Linux Mint user who's been putting off upgrading to Mint 20?
Upgrading can be fraught with issues, from bugs to losing files and reconfiguring settings. Fortunately, the Mint team provides a handy tool for upgrading without having to completely reinstall Mint.
Many of the bugs and glitches inevitable with any new release have been fixed in Mint 20, and its speed and efficiency are greater than ever.
Zabbix is an open-source monitoring tool, and with it, you can monitor your servers, virtual machines, networks, cloud services, and many more. It is a very useful tool for small, medium, and large IT organizations.
In this article, I will show you how to install Zabbix 5 on Raspberry Pi 4. So, let’s get started!
MPEG-4 video file format, commonly known as MP4, is one of the most common media formats used for video files. It’s a highly versatile video extension that supports audio, images, and subtitles all together in one file.
Once in a while, you might want to convert your MP4 video files to MP3 audio files. MP3, which stands for “MPEG Audio Layer-3,” is one of the most common audio formats used for music playback.
Spotify is the popular medium to listen to various songs and podcasts using an internet connection. We can use the client applications provided by Spotify to stream music on all major platforms such as Windows, Linux, macOS, Android, and iOS.
So, if you are a Kali Linux user and want to install Spotify on it so that besides working on stressful full network security and penetration testing you can enjoy your favorite music as well.
Spotify is available in the form of Debian and SNAP packages, thus we can use both to install the client of this music streaming service. However, the easiest one is the repo.
The bashtop is an impressive Linux resource monitor that shows usage and stats for processor, memory, disks, and network. However, it suffers from bash itself, and cross-platform support is a nightmare. Now we have the Python port of bashtop. We can use a resource monitor that shows usage and stats for CPU, RAM, SSD (hard disk), network, and processes information in a lovely format.
Linux chmod command is used to change access permissions of files and directories. In this article, you will learn how to change permissions of any file or directory with chmod command. We have already described the Linux file permissions.
What IP is a graphical-based simple network information tool which provides information about IP address and listening ports. It is written in Python and GTK3. It is released under GPL3 license and the source code is available in GitLab.
In Linux, all tasks done through the command line require users to access adequate directories. There are different types of directories in a computer system with Linux or Ubuntu OS. Users can access each directory through the terminal, and interact with them. There are multiple options, and each time users interact with the command prompt of the current directory they are working.
The Linux system responds by providing information against each input request. The achieved output is standard and printed to the shell prompt. In this tutorial, we will dig deep into the ways of accessing the current working directory and how users can switch from one directory or location to another, followed by relevant examples. The command used for accessing the current working directory will help them access any location in their system anytime, as per their requirements.
systemd is the initialization system for Linux that replaced the aging collection of startup scripts, often called System V. Those individual scripts were responsible for starting various functions for the system and were controlled by a “superscript.” One of the biggest problems with this init system is that if the init daemon couldn’t start, none of the necessary processes could then be initialized, which stopped a system at the kernel panic stage.
How you can get the most out of your study time as you approach the Red Hat Certified System Administrator (RHCSA) and Red Hat Certified Engineer (RHCE) exams.
The “apt-get” and “apt-cache” commands are very frequently used commands in the Linux environment. The former command mainly allows you to install, update, and remove packages, whereas the latter lets you search for packages and their related information. Both of these commands have their specific use cases, however, most of the users are not aware of their exact capabilities except for their basic usage. Therefore, today we have decided to share with you the twenty-three different examples where you can use “apt-get” and “apt-cache” commands to manage your system.
This article shows the reader how easy it is to get started using pods with Podman on Fedora. But what is Podman? Well, we will start by saying that Podman is a container engine developed by Red Hat, and yes, if you thought about Docker when reading container engine, you are on the right track. A whole new revolution of containerization started with Docker, and Kubernetes added the concept of pods in the area of container orchestration when dealing with containers that share some common resources. But hold on! Do you really think it is worth sticking with Docker alone by assuming it’s the only effective way of containerization? Podman can also manage pods on Fedora as well as the containers used in those pods.
So, systemd-resolved is enabled by default in Fedora 33. Most users won’t notice the difference, but if you use VPNs — or depend on DNSSEC, more on that at the bottom of this post — then systemd-resolved might be big deal for you. When testing Fedora 33, we found one bug report where a user discovered that systemd-resolved broke his VPN configuration. After this bug was fixed, and nobody reported any further issues, I was pretty confident that migration to systemd-resolved would go smoothly. Then Fedora 33 was released, and I noticed a significant number of users on Ask Fedora and Reddit asking for help with broken VPNs, problems that Fedora 33 beta testers had failed to detect. This was especially surprising to me because Ubuntu has enabled systemd-resolved by default since Ubuntu 16.10, so we were four full years behind Ubuntu here, which should have been plenty of time for any problems to be ironed out. So what went wrong?
First, let’s talk about how things worked before systemd-resolved, so we can see what was wrong and why we needed change. We’ll see how split DNS with systemd-resolved is different than traditional DNS. Finally, we’ll learn how custom VPN software must configure systemd-resolved to avoid problems that result in broken DNS.
I want to note that, although I wrote the Fedora change proposal and have done some evangelism on behalf of systemd-resolved, I’m not a systemd developer and haven’t contributed any code to systemd-resolved.
Domain Name Systems, or DNS, is an essential part of configuring networks, websites, and servers.
When you learn how DNS works and how you can apply its use to real-life networks, diagnosing network problems becomes a breeze. Moreover, mastering the ins and outs of working with DNS will also give you a deep understanding of what goes on behind the scenes of DNS lookup and validations.
This tutorial will help you learn fundamental DNS concepts that will help you get started with DNS configuration. After reading this guide, you should be able to modify DNS on your local system or even set up a personal DNS server.
Before we dive into how to setup DNS servers and resolve domains, let’s go over some basic DNS concepts that’ll help you understand what DNS is and how it works.
espanso – smart and efficient text expander
Linux offers a vast collection of open source small utilities that perform functions ranging from the obvious to the bizarre. It’s the quality and selection of these tools that help Linux stand out as a productive environment. A good utility cooperates with other applications, integrating seamlessly.
It has often been said that information confers power, and that the most important currency in our culture today is information. Keeping track of bits and pieces of information is a minefield.
In part, this is because of passable short term memory, coupled with what can only be described as ‘brain fog’. To combat this, we arm myself with open source software that helps us efficiently capture a lot of information. We generally prefer to keep our information local and cloud-free, primarily for security reasons. And we primarily advance software which doesn’t tie itself to any specific company or service, whether it’s Evernote, Google, or Microsoft.
espanso is a text expander, software that detects when you type a specific keyword and replaces it with something else. espanso is free and open source written in Rust.
