Language Selection

English French German Italian Portuguese Spanish

Security and Integrity

Filed under
Security

  • Security updates for Wednesday

    Security updates have been issued by Debian (libdatetime-timezone-perl and tzdata), openSUSE (kdeconnect-kde and opera), and SUSE (gimp, squid3, and xen). 

  •                

  • Why conferences like CyberEDU are important

                     

                       

    [...] That is cybercriminals adapt to the shifting situation by redeploying known attack techniques to suit the new social and economic contexts. Publications are started to be produced showing the extent of the problem (Lallie et al. 2020, Buil-Gil et al. 2020) and police forces and private actors, especially across western countries are trying to raise the attention to the problem. [...]

  •                

  • Finnish Officials Investigate [Crack] of Lawmakers' Email [iophk: Windows TCO]

                     

                       

    The strike appears to have taken place sometime during the fall and was discovered earlier this month, according to the Finnish Central Criminal Police. Currently, law enforcement officials believe this intrusion is an act of espionage.

  •                

  • [Old] Norway Says Russia-Linked APT28 [Cracked] Parliament

                     

                       

    The Norwegian parliament's investigation into the hacking of email accounts of some elected officials and government employees in August has concluded that a Russia-linked advanced persistent threat group is likely responsible, according to a report issued this week.

  •                

  • Russian [Attack] Group 'Fancy Bear' Accused Of Cyberattack On Norwegian Parliament

                     

                       

    In a December 8 press release announcing the findings of its investigation into the August attack, the PST said there was not enough evidence to press charges relating to damage to Norway's national interests.

                       

    Norwegian officials had previously announced that a "vast" cyberattack on August 24 had gained access to the e-mails of some parliamentarians and parliamentary employees, although the identity of the attackers was not revealed. Norwegian Foreign Minister Ine Eriksen Soreide subsequently accused Russia of being behind the attack against the NATO-member Scandinavian country.

  • New worm turns Windows, Linux servers into Monero miners
    [Ed: Anti-Linux site bashes "Linux" over "hardcoded credentials." This is not a Linux problem, it's FUD. It gives illusion of security parity between platform with NSA back doors and one without them.]

    The worm spreads to other computers by scanning for and brute-forcing MySql, Tomcat, and Jenkins services using password spraying and a list of hardcoded credentials.

  • 2020 in review: Revenge of the Y2K bug as lazy fix takes down software

    The issue now seems to be under control, but 19 January 2038 was set to be the next troublesome date for Linux computers, which count the date in seconds from 1 January 1970. The date is stored as a 32-bit integer, and its storage capacity would be exceeded at this point.

More in Tux Machines

GNOME 40 Alpha Released

GNOME 40 is now available as the first step towards releasing this updated Linux desktop environment in March. GNOME 40 Alpha comes with a ton of changes -- many of which we have been outlining in various Phoronix articles over the past few months. Among the main highlights of GNOME 40 Read more

Kali Linux hands-on: A look at the installation options

Anyone involved in or even significantly interested in cybersecurity has probably heard of Kali Linux. Since its early days as BackTrack, it has been considered the standard in penetration testing and security analysis platforms. In my opinion, it also happens to be one of the best Debian GNU/Linux distributions available. It is based on Debian stable (currently 10/buster), but with a much more current Linux kernel (currently 5.9 in Kali, compared to 4.19 in Debian stable and 5.10 in Debian testing). Read more

Ubuntu Emailing With Thunderbird And Android's K-9

Continuing email beginner's guide, now we Ubuntu users who have Android can read our emails anywhere anytime in both devices. It's a wonderful experience. On computer we use Thunderbird, while on phone we use K-9, both are free software. This tutorial uses Disroot email account as example, thanks to its gratis IMAP feature. Now, let's go! Fortunately, Ubuntu users do not need to install anything anymore. But for Android users, you will install K-9 Email Client, it is available at free software center F-Droid. Read more

Write GIMP scripts to make image processing faster

Some time ago, I wanted to give a blackboard-style look to a typeset equation. I started playing around with the GNU Image Manipulation Program (GIMP) and was satisfied with the result. The problem was that I had to perform several actions on the image, I wanted to use this style again, and I did not want to repeat the steps for all the images. Besides, I was sure that I would forget them in no time. GIMP is a great open source image editor. Although I have been using it for years, I had never investigated its batch-processing abilities nor its Script-Fu menu. This was the perfect chance to explore them. Read more