Language Selection

English French German Italian Portuguese Spanish

Security and Integrity

Submitted by Roy Schestowitz on Thursday 31st of December 2020 05:49:20 AM Filed under
Security

  • Security updates for Wednesday

    Security updates have been issued by Debian (libdatetime-timezone-perl and tzdata), openSUSE (kdeconnect-kde and opera), and SUSE (gimp, squid3, and xen). 

    •                

  • Why conferences like CyberEDU are important

                     

                       

    [...] That is cybercriminals adapt to the shifting situation by redeploying known attack techniques to suit the new social and economic contexts. Publications are started to be produced showing the extent of the problem (Lallie et al. 2020, Buil-Gil et al. 2020) and police forces and private actors, especially across western countries are trying to raise the attention to the problem. [...]

    •                

  • Finnish Officials Investigate [Crack] of Lawmakers' Email [iophk: Windows TCO]

                     

                       

    The strike appears to have taken place sometime during the fall and was discovered earlier this month, according to the Finnish Central Criminal Police. Currently, law enforcement officials believe this intrusion is an act of espionage.

    •                

  • [Old] Norway Says Russia-Linked APT28 [Cracked] Parliament

                     

                       

    The Norwegian parliament's investigation into the hacking of email accounts of some elected officials and government employees in August has concluded that a Russia-linked advanced persistent threat group is likely responsible, according to a report issued this week.

    •                

  • Russian [Attack] Group 'Fancy Bear' Accused Of Cyberattack On Norwegian Parliament

                     

                       

    In a December 8 press release announcing the findings of its investigation into the August attack, the PST said there was not enough evidence to press charges relating to damage to Norway's national interests.

                       

    Norwegian officials had previously announced that a "vast" cyberattack on August 24 had gained access to the e-mails of some parliamentarians and parliamentary employees, although the identity of the attackers was not revealed. Norwegian Foreign Minister Ine Eriksen Soreide subsequently accused Russia of being behind the attack against the NATO-member Scandinavian country.

  • New worm turns Windows, Linux servers into Monero miners
     [Ed: Anti-Linux site bashes "Linux" over "hardcoded credentials." This is not a Linux problem, it's FUD. It gives illusion of security parity between platform with NSA back doors and one without them.]

    The worm spreads to other computers by scanning for and brute-forcing MySql, Tomcat, and Jenkins services using password spraying and a list of hardcoded credentials.

  • 2020 in review: Revenge of the Y2K bug as lazy fix takes down software

    The issue now seems to be under control, but 19 January 2038 was set to be the next troublesome date for Linux computers, which count the date in seconds from 1 January 1970. The date is stored as a 32-bit integer, and its storage capacity would be exceeded at this point.

»

More in Tux Machines

Noise With Blanket

Videos/Audiocasts/Shows: Linux Journal Expats, Linux Experiment, and Krita Artwork

  • You Should Open Source Now, Ask Me How!

    Katherine Druckman chats with Petros Koutoupis and Kyle Rankin about FOSS (Free and Open Source Software), the benefits of contributing to the projects you use, and why you should be a FOSS fan as well.

  • System76 starts their own desktop environment, Arch goes the easy route - Linux & Open Source news

    This time, we have System76 working on their own desktop environment based on GNOME, Arch Linux adding a guided installer, Google winning its court case against Oracle on the use of Java in Android, and Facebook is leaking data online, again. Become a channel member to get access to a weekly patroncast and vote on the next topics I'll cover

  • Timelapse: inking a comic page in Krita (uncommented)

    An uncommented timelapse while inking this page 6 of episode 34 of my webcomic Pepper&Carrot ( https://www.peppercarrot.com/ ). During the process, I thought about activating the recorder and I even put a webcam so you can see what I'm doing on the tablet too. I'm not doing it for everypages; because you can imagine the weight on disk about saving around 10h of videos like this; and also how it is not multi-tasking: when I record, you don't see me open the door to get the mail of the postman, you don't see me cleaning temporary accident of a cat bringing back a mouse at home, you don't see me typing to solve a merge request issue to merge a translation of Pepper&Carrot.

Kernel Leftovers

  • [Intel-gfx] [RFC 00/28] Old platform/gen kconfig options series
  • Patches Resubmitted For Linux With Selectable Intel Graphics Platform Support

    Back in early 2018 were patches proposed for selectable platform support when building Intel's kernel graphics driver so users/distributions if desired could disable extremely old hardware support and/or cater kernel builds for specific Intel graphics generations. Three years later those patches have been re-proposed. The patches then and now are about allowing selectable Intel graphics "Gen" support at kernel configure/build time so that say the i8xx support could be removed or other specific generations of Intel graphics handled by the i915 kernel driver. This disabling could be done if phasing out older hardware support, seeking smaller kernel images, or other similar purposes. The patches don't change any default support levels but leaves things as-is and simply provides the knobs for disabling select generations of hardware.

  • Linux Kernel Runtime Guard 0.9.0 Is Released

    Linux Kernel Runtime Guard (LKRG) is a security module for the Linux kernel developed by Openwall. The latest release adds compatibility with Linux kernels up to soon to be released 5.12, support for building LKRG into kernel images, support for old 32-bit x86 machines and more. Loading the LKRG 0.9.0 module will cause a kernel panic and a complete halt if SELinux is enabled.

  • Hans de Goede: Logitech G15 and Z-10 LCD-screen support under Linux

    A while ago I worked on improving Logitech G15 LCD-screen support under Linux. I recently got an email from someone who wanted to add support for the LCD panel in the Logitech Z-10 speakers to lcdproc, asking me to describe the process I went through to improve G15 support in lcdproc and how I made it work without requiring the unmaintained g15daemon code.

Devuan 4.0 Alpha Builds Begin For Debian 11 Without Systemd

Debian 11 continues inching closer towards release and it looks like the developers maintaining the "Devuan" fork won't be far behind with their re-base of the distribution focused on init system freedom. The Devuan fork of Debian remains focused on providing Debian GNU/Linux without systemd. Devuan Beowulf 3.1 is their latest release based on Debian 10 while Devuan Chimaera is in the works as their re-base for Debian 11. Read more

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6