Language Selection

English French German Italian Portuguese Spanish

Security and Proprietary Software

Filed under
Security
  • Linux servers are getting a welcome security upgrade

    Cybersecurity firm Sophos has acquired Linux security vendor Capsule8 in a bid to extend its protection cover to Linux servers.

    Capsule8 offers a threat detection platform for securing Linux production environments across bare-metal and virtualized servers, as well as containers, whether deployed on-premise or in the cloud.

    Acquired for an unknown sum, Sophos intends to integrate Capsule8’s protection platform into its Adaptive Cybersecurity Ecosystem (ACE) platform.

  • Critical Juniper Bug Allows DoS, RCE Against Carrier Networks

    Telecom providers, including wireless carriers, are at risk of disruption of network service if the bug in SBR Carrier is exploited.

    [...]

    One of these can also be used for RCE, Juniper said. That bug (CVE-2021-0277, with an 8.8 CVSS rating) is an out-of-bounds read vulnerability afflicting Junos OS (versions 12.3, 15.1, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2, 19.3, 19.4, 20.1, 20.2, 20.3 and 20.4), and Junos OS Evolved (all versions).

    Junos OS and Junos OS Evolved are network operating systems that power Juniper’s enterprise routers and switches. The former runs on FreeBSD, while the latter runs a version of Linux.

    The issue exists in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd). LLDP is the protocol that network devices use to broadcast their identity, capabilities and neighbors on a local area network (usually over wired Ethernet).

    “Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the DoS condition,” Juniper said in its advisory, issued Thursday.

    In addition to the patch, this bug has a few workarounds. For instance, users can configure a device to not load the l2cpd daemon. However, if it’s disabled, certain protocols (RSTP, MSTP, VSTP, ERP, xSTP and ERP, among others) won’t work.

  • What follows Patch Tuesday? Exploit Wednesday. Grab this bumper batch of security updates from Microsoft • The Register

    Microsoft released an XL-sized bundle of security fixes for its products for this month's Patch Tuesday, and other vendors are close behind in issuing updates.

  • SonicWall suggests people unplug their end-of-life gateways under 'active attack' by ransomware crims

    SonicWall has warned that its older Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) gateways are being attacked in the wild by crooks to spread ransomware – and as some of those devices are end-of-life, don't expect any patches to protect them.

    In an emergency alert on Wednesday, the networking biz said miscreants are "actively targeting" the equipment to, as we understand it, steal credentials from them to compromise networks for "an imminent ransomware campaign."

More in Tux Machines

We're not in Ubuntu Anymore: The Linux Distros You've (Probably) Never Heard About Before

Unlike Windows and macOS, there is a world of Linux versions, known as distributions, for users to experience. However, those switching to Linux on the desktop usually get pointed in the direction of Ubuntu due to its popularity and large community. That’s a fair suggestion since Ubuntu is frequently updated and supports a lot of hardware. But when there are so many other Linux distros out there, users may be curious about what else might work for them. Fortunately, there is a quick guide... [...] If you want to get away from Ubuntu entirely, there are a few more options that stand out: The emergence of Manjaro has been a pleasant surprise in the Linux community as it’s closely related to Arch, which is a bleeding-edge distro with tons of new features but can be cumbersome to use, especially for Linux newcomers. It has an easy-to-use interface and is available with a wide variety of desktop environments including Xfce, KDE, and Gnome. Manjaro also offers a version for Arm systems like the Raspberry Pi, Odroid, and Pine products. Read more

NVIDIA Tegra SoCs and NVIDIA's 495.44 Linux Driver

  • Linux Continues To Improve Power Management For Older NVIDIA Tegra SoCs To Avoid Overheating

    While the Tegra 2 and Tegra 3 SoCs are a decade old, the mainline Linux kernel continues working to improve the power management / thermal behavior for them in order to deal with heating issues for devices relying on these SoCs. We've seen improved thermal code for these hot and aging Tegra devices, among other work. Most recently though is now a set of Tegra power management patches revised for a 14th time that are seeking to be included with Linux 5.17 (not to be confused with the Linux 5.16 cycle kicking off in a week or two).

  • NVIDIA 495.44 stable driver is out for Linux, adds in GBM API support | GamingOnLinux

    Following on from the NVIDIA Beta 495.29.05 earlier this month, today NVIDIA has a fresh 495.44 stable driver release that builds upon it with some additional extras. This is the big one for Wayland fans, since it now works with the GBM API. With this API now hooked up, it should mean a better Wayland experience and it's something that the KDE Plasma team are already working on supporting too. You will also find in this release an indicator (on supported desktops) for showing Resizable BAR and the minimum Kernel version got bumped from 2.6.32 to 3.10.

  • NVIDIA 495.44 Linux Driver Released With GBM Support

    Following the NVIDIA 495 beta Linux driver from earlier this month, NVIDIA 495.44 is out today for Linux users as the stable release. The NVIDIA 495.44 Linux driver is the stabilized version of the earlier beta, that most notably introduces Generic Buffer Manager (GBM) support for sharply improving the proprietary driver's Wayland support.

GitHub stale bot considered harmful

One of GitHub’s “recommended” marketplace features is the “stale” bot. The purpose of this bot is to automatically close GitHub issues after a period of inactivity, 60 days by default. You have probably encountered it yourself in the course of your work. This is a terrible, horrible, no good, very bad idea. Read more

Android Leftovers