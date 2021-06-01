Security Leftovers and Proprietary Software
-
Free Open Source UChecker Made Available to Detect Vulnerable Libraries on Linux Servers
CloudLinux today announced as part of its TuxCare security services that it is making available free open source software, UChecker, that scans Linux servers for vulnerable libraries that are outdated and being used by other applications. This provides detailed actionable information regarding which application is using which vulnerable library and needs to be updated, which helps improve the security awareness patching process.
-
UChecker tool scans Linux servers for outdated libraries
Security teams running Linux servers now have access to UChecker, a new tool from CloudLinux that runs scans on Linux servers to detect outdated shared libraries on both disk and in memory.
Offered as part of CloudLinux’s TuxCare security services, UChecker works with all modern Linux distributions and has been licensed under the GNU General Public License, Version 2.
According to ZDNet, UChecker tells security pros which application uses which vulnerable library and offers up the relevant process ID and process name. With this new information administrators can see which libraries they need to update.
-
Samsung Galaxy devices were exposed to vulnerabilities that could allow hackers to steal data
-
We've found another reason not to use Microsoft's Paint 3D – researchers
-
Identity management is now mostly about security
-
How Does One Get Hired by a Top Cybercrime Gang?
The U.S. Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot, a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware.
-
Nasty Linux systemd root level security bug revealed and patched
The good news is the seven-year-old security bug in Linux systemd's polkit, used in many Linux distros, has been patched. The bad news is that it was ever there in the first place. Polkit, which systemd uses in place of sudo, enables unauthorized users to run privileged processes they'd otherwise couldn't run. It turned out that you could also abuse polkit to get root access to a system.
-
Apple Watches are mistakenly calling 911, police say
-
Add Microsoft And Another Congressional Staffer To The List Of Entities Targeted In Trump DOJ Leak Investigations
The hits just keep on coming. Gag orders are being lifted or expiring and we're finding out even more about DOJ leak investigations under Trump. Under AGs Jeff Sessions and Bill Barr, the DOJ targeted journalists, Congressional reps... even readers of USA Today.
-
TSA working on additional pipeline security regulations following Colonial Pipeline hack [iophk: Windows TCO]
The new directive will be the second issued by TSA, with the agency rolling out a directive last month that required pipeline owners and operators to report cybersecurity incidents within 12 hours of discovery to the Cybersecurity and Infrastructure Security Agency (CISA). It also increased coordination between pipeline owners and both CISA and TSA.
Proctor said Tuesday that the upcoming second directive would be classified as more sensitive in nature than the first directive due to “the nature of the mitigating measures that are going to be required.”
-
Verizon, water agency targeted in Chinese cyber espionage campaign: report [iophk: Windows TCO]
Meanwhile, the Metropolitan Water District of Southern California said that it had found a compromised Pulse Secure appliance after the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued its April alert announcing that hackers had breached multiple government agencies and other critical organizations using vulnerabilities in Pulse Secure technologies.
-
Apple Surrendered Former White House Counsel Don McGahn's Account Information to Trump DOJ
On Sunday, The New York Times reported that in February 2018 the Department of Justice (DOJ) subpoenaed Apple for the account information of former Trump White House Counsel Don McGahn and his wife. The company complied with the subpoena, according to anonymous sources who spoke with the Times. A nondisclosure order prevented it from notifying the McGahns about the request until May of this year.
This news comes on the heels of revelations last week that the DOJ under former President Donald Trump had subpoenaed Apple and Microsoft for the account information of journalists and Democratic lawmakers as part of a leak investigation.
-
New browser signal could make cookie banners obsolete
Today, noyb and Sustainable Computig Lab ("CSL") published a proposal for a new automatic browser signal to finally eliminate obsolete cookie banners. "Advanced Data Protection Control" (ADPC) aims to demonstrate that a user-friendly European solution for privacy settings can easily be implemented.
-
Microsoft Gets Second Shot at Banning hiQ from Scraping LinkedIn User Data
The court has thrown out a case previously ruled in hiQ Labs’ favor and sent it back down to the lower court for further consideration. The court based its decision on its June 4 ruling in the case Van Buren v. United States that limited the type of conduct that can be prosecuted under the Computer Fraud and Abuse Act of 1986 (CFAA), which is also at the heart of the LinkedIn case.
The decision effectively vacates a 2019 ruling by the San Francisco-based U.S. 9th Circuit Court of Appeals barring LinkedIn from prohibiting hiQ access to publicly available information of LinkedIn’s users, bouncing the case back to the lower court to hear again.
-
- Login or register to post comments
- Printer-friendly version
- 616 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
today's howtos
Metabase: The ultimate Swiss knife open-source for getting insightful answers from databases
Metabase is a no- and low-code open-source (Libre) project that removes all hassle of getting insightful data from databases. It does a lot without having to deal with SQL code or even know any SQL to begin with. It is built for anyone with basic technical skills, as well as data engineers and scientists. That makes it the right tool for marketeers, sales managers, project planners and marketing strategist. Metabase helps user to learn from their data by asking meaningful questions which it translates into a complex SQL queries in the background. Currently, we are using it to work with several databases, and we recommend it to some of our clients.
Purism shows off new features coming to PureOS for the Librem 5 smartphone (camera software, wireless toggles, screen rotation and more)
The next major release of the PureOS operating system that ships with the Librem 5 smartphone will bring a number of new features and improvements. Code-named Byzantium, the new version of PureOS will bring a handful of new applications plus user interface tweaks that let you do things like enable automatic screen rotation, toggle WiFi, Bluetooth, or cellular functionality, or change keyboard styles. And while some of those features are likely tied to the hardware of Purism’s $799 smartphone, it’s likely that some may eventually find their way to other Linux distributions for other phones, because Purism is the lead developer of the Phosh user interface that’s also available for other mobile Linux distributions including postmarketOS, Manjaro, Mobian, Arch, openSUSE, and Fedora.
today's leftovers
Recent comments
1 hour 26 min ago
2 hours 42 min ago
3 hours 5 min ago
3 hours 7 min ago
4 hours 46 min ago
10 hours 39 min ago
22 hours 12 min ago
1 day 3 hours ago
1 day 4 hours ago
1 day 6 hours ago