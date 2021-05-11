Security Leftovers
Security updates for Thursday
Security updates have been issued by Debian (htmldoc, lasso, and rails), Fedora (exiv2, firefox, and microcode_ctl), openSUSE (python-HyperKitty), Oracle (389-ds-base, qemu-kvm, qt5-qtimageformats, and samba), Red Hat (container-tools:3.0, container-tools:rhel8, postgresql:12, and postgresql:13), Scientific Linux (389-ds-base, hivex, libwebp, qemu-kvm, qt5-qtimageformats, samba, and thunderbird), SUSE (caribou, djvulibre, firefox, gstreamer-plugins-bad, kernel, libopenmpt, libxml2, python-Pillow, qemu, spice, spice-gtk, and ucode-intel), and Ubuntu (rpcbind).
BackdoorDiplomacy: Upgrading from Quarian to Turian | WeLiveSecurity
An APT group that we are calling BackdoorDiplomacy, due to the main vertical of its victims, has been targeting Ministries of Foreign Affairs and telecommunication companies in Africa and the Middle East since at least 2017. For initial infection vectors, the group favors exploiting vulnerable internet-exposed devices such as web servers and management interfaces for networking equipment. Once on a system, its operators make use of open-source tools for scanning the environment and lateral movement. Interactive access is achieved in two ways: (1) via a custom backdoor we are calling Turian that is derived from the Quarian backdoor; and (2) in fewer instances, when more direct and interactive access is required, certain open-source remote access tools are deployed. In several instances, the group has been observed targeting removable media for data collection and exfiltration. Finally, both Windows and Linux operating systems have been targeted.
Announcing Istio 1.10.1
This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.10.0 and Istio 1.10.1.
Audiocasts/Shows: Ubuntu Podcast, BSDNow, and More
PeaZip 8.0
PeaZip is an open source file and archive manager. It's freeware and free of charge for any use. PeaZip can extract most of archive formats both from Windows and Unix worlds, ranging from mainstream 7Z, RAR, TAR and ZIP to experimental ones like PAQ/LPAQ family, currently the most powerful compressor available. Open and extract 180+ archive formats: 001, 7Z, ACE(*), ARC, ARJ, BZ2, CAB, DMG, GZ, ISO, LHA, PAQ, PEA, RAR, TAR, UDF, WIM, XZ, ZIP ZIPX - view full list of supported archive file formats for archiving and for extraction.
Raspberry Digital Signage 15.0 released for all your Raspberry Pis
Raspberry Digital Signage is an operating system designed for digital signage installations on the Raspberry Pi: it displays a full-screen browser view restricted to a specified resource. It shows web resources from Internet, local network or local folders (so you can use the Pi itself as the source webserver). Raspberry Digital Signage comes with the latest Chromium builds (featuring HTML5 capabilities), so you can display more attractive resources, more easily.
Digital Restrictions (DRM) Leftovers
