Language Selection

English French German Italian Portuguese Spanish

Security, Fear, Uncertainty, and Doubt

Filed under
Security

  • How IBM i Fits Into a Zero-Trust Security Framework [Ed: Authored by IBM shill funded by IBM]

    One of the hot new trends in cybersecurity these days is the zero-trust security model. Instead of implicitly trusting network traffic behind the firewall, zero-trust demands that traffic have explicit permission to be there. But how does that model work with the strange beast known as IBM i? IT Jungle recently sat down with PJ Kirner, the CTO and co-founder of zero-trust software provider Illumio, to find out.

    Illumio is an eight-year-old venture-backed startup based in Sunnyvale, California, that is working in the field of zero-trust security. It develops an offering, called Illumio Core, that allows companies to begin implementing the zero-trust security model in their own data centers.

    It’s a fairly radical shift in philosophy, Kirner says. “There’s a mentality change from ‘I trust everything’ to . . . ‘I need a policy enforcement point of some sort everywhere, not just in the one place at the boundary of two things,'” he says.

    When fully built out, an IT estate with an active zero-trust security model will resemble a party where only invited guests are allowed in. Building from a whitelist, or “allow list,” is starkly different than starting with a blacklist, or an “exclude list,” Kirner says. “If you start by saying just these two things are not allowed to talk, well, that’s a whole bunch of implicit trust around everything else,” he says.

    Illumio, which recently added support for IBM i systems, begins every zero-trust security engagement by making a map of network traffic behind the firewall. Illumio develops software that does this mapping, which can be quite illuminating in its own right.

  • New Windows 10 vulnerability allows anyone to get admin privileges
  • The virus rears its ugly head....

    There is a virus going around. We thought we were winning the battle against it, but powerful forces and events have allowed it to raise its ugly head and cause unforeseen additional hardship.
    People thought that it was not so bad, they did not listen to reason and take the precautionary measures necessary to protect themselves. In letting down their guard they were unprepared and unprotected.
    After months of machines being turned off, software licenses (with their expiration dates never “dormant”) are up for renewal.
    Many companies, educational institutions and public buildings (like libraries) are turning on their Wintel PCs for the first time in over a year and finding that they need to renew their licenses, not only for what is called an operating system on their computer, but also for many of the closed source, proprietary add-on software packages that owners purchased in a wild attempt to make their hardware somewhat useful.

    [...]

    This variant is called “Windows 11”, and the creator of it seems to be unable to tell you how much havoc it will create for you. Does it run on your otherwise great hardware? You have a decent processor, a lot of RAM, and you bought it just two or three years ago….but it might not run Windows 11.

  • UK.gov's Huawei watchdog says firm made 'no overall improvement' on firmware security but won't say why

    Huawei has made "no overall improvement" in software engineering processes for its UK telecoms equipment's firmware, its GCHQ overseers have warned.

    The Huawei Cyber Security Evaluation Cell (HCSEC) oversight board's annual report for 2020 was noticeably less critical than in previous years – but still says Huawei is dragging its feet in key areas.

  • Northern Train's ticketing system out to lunch as ransomware attack shuts down servers

    Publicly owned rail operator Northern Trains has an excuse somewhat more technical than "leaves on the line" for its latest service disruption: a ransomware attack that has left its self-service ticketing booths out for the count.

    "Last week we experienced technical difficulties with our self-service ticket machines, which meant all have had to be taken offline," a spokesperson for Northern Trains confirmed to the The Register.

  • Fortinet's security appliances hit by remote code execution vulnerability

    Security appliance slinger Fortinet has warned of a critical vulnerability in its products that can be exploited to allow unauthenticated attackers full control over the target system - providing a particular daemon is enabled.

    The vulnerability, discovered by Orange Group security researcher Cyrille Chatras and sent to Fortinet privately for responsible disclosure, lies in the FortiManager and FortiAnalyzer software running atop selected models in the company's FortiGate security appliance family. Should a particular daemon be enabled, the company admitted, a remote attacker can gain full control.

  • Romanian Linux Cryptojacking Cybercriminals Spotted [Ed: This is classic FUD as it's not a Linux issue but a weak password issue]

    Since at least 2020, an active threat organization based in Romania has been running a cryptojacking operation against Linux-based machines using the Golang-based SSH brute force, according to The Hacker News. The campaign's objective is to infect Linux systems with Monero mining applications.

More in Tux Machines

Security: Updates and National Targets

  • Security updates for Friday

    Security updates have been issued by Arch Linux (apache, chromium, nodejs, nodejs-lts-erbium, nodejs-lts-fermium, and virtualbox), Fedora (vsftpd and watchdog), Oracle (java-1.8.0-openjdk, java-11-openjdk, and redis:6), and Ubuntu (libcaca, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-azure-5.8, and mailman).

  • This Week In Security: Argentina, MysterySnail, And L0phtcrack | Hackaday

    The government of Argentina has a national ID card system, and as a result maintains a database containing data on every citizen in the country. What could possibly go wrong? Predictably, an attacker has managed to gain access to the database, and is offering the entire dataset for sale. The Argentinian government has claimed that this wasn’t a mass breach, and only a handful of credentials were accessed. This seems to be incorrect, as the seller was able to provide the details of an arbitrary citizen to the journalists investigating the story.

  • Nation-State Attacker of Telecommunications Networks

    LightBasin (aka UNC1945) is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications network architectures.

  • Eswatini Government's gov.sz website is running a cryptojacker | Netcraft News

    The Government of Eswatini’s website, www.gov.sz, is running a cryptojacker. Cryptojackers use website visitors' CPU power to mine cryptocurrency, most often without their knowledge or permission. Data from archive.org suggests the JavaScript snippet was added to the site’s HTML source between 28th September and 6th October.

Videos/Shows: Feren OS 2021.10, Hackaday Podcast, and More

today's howtos

  • How To Install Icinga 2 on Debian 11 - idroot

    In this tutorial, we will show you how to install Icinga 2 on Debian 11. For those of you who didn’t know, Icinga 2 is an open-source monitoring solution that is used to monitor the availability of various network resources including host metrics such as system uptime, load, memory, disk space, running processes, network, and many more. Icinga 2 has a user-friendly web interface, but it also comes with a command-line interface that can be used to monitor networks, servers, and services with specific commands. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Icinga open-source network monitoring on a Debian 11 (Bullseye).

  • How and Why to Install Latte Dock From Source Code

    Latte Dock is one of the most popular and versatile panel and menu replacements for the KDE Plasma desktop. When you install it from source code, you get the very latest features and functions that are unavailable in most distro package repositories. No matter which Linux distribution you use, you probably install most if not all of your software through your distro’s package management system. Since the package manager generally handles all of the necessary dependencies and updates for whatever program you want, it’s usually the safest and most efficient choice. Sometimes, though, even if a program is available in your distro’s software repositories, you’ll end up with a much better final product if you download, compile, and install the program from source code. This is the case with Latte Dock.

  • How to install Apache, MariaDB and PHP (LAMP) on Debian 11 – VITUX - TechStony

    The LAMP stack is a collection of open-source software products that are frequently used in conjunction. The acronym LAMP is used to describe a computer system that has the following components: Linux, Apache HTTP Server (or just server), MySQL and PHP/Perl/Python. A user can install all of these components separately on a single computer or, more commonly, on separate computers connected by a network; however, some components are dependent upon other components – for instance, it is not possible to install Apache without first installing Linux – hence the standard installation practice is to install all components on a single computer system. The LAMP stack is the combination of open-source software to form a server environment most commonly used in web development. Open source refers to something, especially an application or operating system, whose source code is made available for free use or distribution, although certain user restrictions may apply. This allows users to create copies of any product and make whatever changes they like. Installing the LAMP stack on Debian 11 will be shown in this article. Once complete, you’ll have a web server that serves your sites and applications with ease. Here we show how to install them manually from the terminal if you want full control over your system settings like editing config files yourself.

  • How to install Chromium Browser on Debian 11 (Bullseye) – VITUX - TechStony

    Google’s Chromium browser is a Google project. It is an open-source web browser whose major objective is to make online browsing safer and quicker for all users. This browser is not designed for end-users, but rather for developers or programmers, because Google makes changes to its source code practically every day. As a result, it is critical to obtain the most recent version of this web program. The Chromium browser is available for nearly every Linux distribution, including Ubuntu, Debian, CentOS, and Fedora, as well as Windows, Android, and macOS. In this tutorial, we will demonstrate how to install the Chromium browser on the Debian 11 bullseye distribution. The instructions for installing the Chromium browser will also work for other Linux distributions such as Debian 10 buster, Ubuntu, LinuxMint, and others.

  • How to install Java 17 in Ubuntu 20.04 – Citizix

    In this guide we are going to explore how to install Java Runtime Environment (JRE) and the Java Developer Kit (JDK) in Ubuntu 20.04. Java and the JVM (Java’s virtual machine) are required for many kinds of software, including Tomcat, Jetty, Glassfish, Cassandra and Jenkins. Java is a high-level, class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible. Java was developed by Sun Microsystems (which is now the subsidiary of Oracle) in the year 1995. James Gosling is known as the father of Java.

  • How to install ONLYOFFICE Desktop Editors on Linux Mint

    ONLYOFFICE desktop app is an open-source office suite pack that comprises editors for text documents, spreadsheets, and presentations. Along with offline work, it’s possible to connect the application to the cloud (ONLYOFFICE, Nextcloud, ownCloud, Seafile) for online document collaboration. The source code of the suite is available on GitHub under the AGPL v.3.0 license.

  • How to install third-party modules on Webmin

    Do you want to install third-party modules in your Webmin installation? Don’t know how to set them up? We can help! Follow along as we go over how to install Webmin third-party modules.

  • How to record your Linux desktop with Kooha

    If you’ve ever wanted to record your Linux desktop but don’t like how the existing screen recorder apps on Linux are ugly and confusing to use, you’ll like Kooha. It is an elegant screen recorder app that is designed around user-friendliness and ease of use. Here’s how to use it to record your desktop on Linux.

  • How to stream Steam games to your Linux desktop

    Valve has a stand-alone Steam Link game streaming client for Linux, Mac OS, Windows, and mobile. With it, you can stream games running on a gaming PC via Steam to the Steam Link app. It’s an excellent option for Linux gamers looking to play desktop PC games on their laptops. Here’s how to set it up. Note: you must have a Linux gaming PC running Steam, along with another computer running the Steam Link application on Linux for remote play to work.

  • Install Ambiance (or Radiance) Theme on Ubuntu 20.04 LTS - Linux Shout

    Do you want to switch to the old Ambiance app theme on Ubuntu 20.04 LTS Focal Fossa? Then via this article, we let you know how to do that in a very easy way. Well, earlier in the old versions of Ubuntu we were getting Ambiance or Radiance as the default theme. However, this got changed with the release of Ubuntu 19.10 because since then we have had Yaru as the default one. Nevertheless, that doesn’t mean we cannot switch back to the old days (themes) on the newer versions of Ubuntu. After all, it is just a theme but may give some a familiar feeling. And the best thing is the package to install the Ambiance theme is available in the default official repo of Ubuntu, hence just follow the given steps.

  • Install Sails.js Framework with Nginx on CentOS 8

    Sails.js is a Javascript framework for Node.js. It is used for developing real-time applications very quickly. It allows you to resemble the MVC architecture from frameworks like Ruby on Rails. It comes with blueprints that help jumpstart your app's backend without writing any code. It is compatible with other front-end including, Angular, React, iOS, Android, Windows Phone, custom hardware, or something else entirely. In this post, we will show you how to install Sails.js with Nginx on CentOS 8

  • How to create a Security Group (SG) and Network Access Control List (NACL) in AWS

    Security Groups (SGs) and Network Access Control Lists(NACLs) are the features that come with Virtual Private Cloud (VPC) in Amazon Web Services(AWS). SG acts as a firewall for our instance to control or restrict inbound and outbound traffic. When we launch an instance in a VPC, we can assign up to five security groups to the instance. Security groups act at the instance level and not the subnet level. If we don't specify a particular group at launch time, the instance is automatically assigned to the default security group of the VPC. We can add rules in the SG that control the inbound traffic to instances, and a separate set of rules that control the outbound traffic.

  • Jenkins: Create a freestyle job - Anto ./ Online

    This guide will show you how to set up your first freestyle job in Jenkins. You will use Jenkins to download Java source code from GitHub, compile the code using Maven, and view the build output.

  • How to create MX Linux 21 bootable USB Drive - Linux Shout

    If you already have MX Linux 21 ISO file, then here are the steps to create a bootable USB Drive using it, for its installation on a PC or laptop. MX Linux 21 is the latest Linux operating system from its developer based on Debian 11 while writing this article. To boost speed and productivity, new features and customization have been done. Hence, users who have 32-bit or 64-bit PC or laptops can easily start with this.

  • How to change the MAC address on Ubuntu 20.04 using Macchanger – VITUX - TechStony

    Macchanger is an amazing Linux utility that can be used to view as well as to change the MAC address of any desired networking device. This utility can be conveniently installed on any Linux distribution and then you can use it just the way you like. In this article, we will begin with the installation of this utility on a Ubuntu 20.04 or Linux Mint 20 system and then we will teach you how you can change the MAC address with the help of this utility.

  • How to Use Xpra to Run Linux Applications Remotely - ByteXD

    Xpra (X Persistent Remote Applications) or commonly known as “Screen for X”, is a utility that allows users to run X11 programs on the remote hosts and direct their display on the local machine. Xpra enables you to connect and disconnect these programs on your device or another PC without losing the current state. That is the main difference between Xpra and X-Forwarding. With the latter, when you disconnect from a particular program, you lose the current state. Additionally, Xpra is rootless. That means any applications forwarded from the remote hosts to the local machine appear as normal windows managed by the window manager and not confined in a box. To better understand the rootless feature, let’s look at how Xpra differs from other remote access/control applications.

  • How to Upgrade to KDE Plasma 5.23 from 5.22 [Easy Steps] - TechStony

    The KDE team announced the stable release of KDE Plasma 5.23 with new features, improvements, and bug fixes. Here, in this quick guide, we give you the steps to upgrade to KDE Plasma 5.23 from 5.22. This release is the 25th-anniversary edition of KDE. Hence, it is a significant and emotional release for the team. Hence, you can expect several new features and updates. You get a brand new Breeze Ocean Theme, new wallpaper, desktop-wide tweaks, and productivity boost across KWin, Plasma desktop, Wayland improvements. You can check out the feature highlights of KDE Plasma 5.22 here.

  • How to Upgrade Synology NAS from DSM 6 to DSM 7

    DSM is also known as Disk Station Manager. It is a web-based management interface software for the Synology NAS devices. You can use the DSM software to manage your Synology NAS devices from a web browser. Synology recently released DSM 7 – a new version of the Disk Station Manager software for the Synology NAS devices. In this article, I am going to show you how to upgrade the DSM software of your Synology NAS from DSM 6 to DSM 7. So, let’s get started.

  • How to Install and Use croc to Securely Transfer Files on Linux

    Transferring files between computers is a relatively straightforward act if you have the right tool. While most file transfer tools work the same and share a similar feature set, a few stand out with their distinctive features. Croc is one such tool. It works via the command line and lets you transfer files and folders between computers quickly and securely. Follow along as we discuss croc and list down the instructions to use it for transferring files between Linux and any other device.

  • How to Install Zirkula CMS on Ubuntu 20.04 – VITUX - TechStony

    ZIkula means “plus” in Swahili language, so it translates as “more than” or “something more”. The name embodies what this project provides – an extension beyond common web technologies with tools like templates that help you create simple one-page websites all the way up to complex applications powered by Node JS modules & MVC architecture. You can create anything from basic one-page websites to sophisticated and powerful online apps with Zikula’s user-friendly interface. It is very simple to set up, so you will have no trouble making your vision come alive.

  • How to Install ZSH Shell and Oh-My-Zsh on Ubuntu 20.04 – VITUX

    The Z shell is one of the most powerful shells ever developed, and it’s also one of the fastest. It includes features that you won’t find anywhere else like built-in spell checking, syntax highlighting for code, and more. You can even configure your prompt to show useful information about your system status without typing anything.

  • How to Install Virtualmin on Ubuntu 20.04 – VITUX - TechStony

    Virtualmin is a web hosting control panel that allows you to manage your virtual private servers through an easy-to-use interface. You can use this software to create and delete websites, install and update server applications, and monitor resource usage. Virtualmin features a number of scripts that can simplify the process of installing and maintaining software on your servers. It comes with a script installer for popular applications like Drupal, Joomla, bbPress, Django… and many others. Virtualmin also provides an updater tool to help you update all aspects of your server software in a single operation. It even allows you to check for security updates and clone your entire Virtualmin installation with one click of a button. Virtualmin provides extensive configuration options, which can be accessed through its web interface or by using command-line tools. For example, you can use this software to set up a blacklist that prevents certain websites from being accessed. You can also create an access control list and store it in your database as custom variables. Virtualmin offers support for MySQL, PostgreSQL, MongoDB and other databases through their respective command-line tools or web interfaces.

  • How to Install PostgreSQL and pgAdmin4 on Ubuntu 20.04 – VITUX - TechStony

    If you’re looking for a quick and easy way to install PostgreSQL and pgAdmin4 in Ubuntu 20.04, this post is for you! We’ll walk you through the whole process step-by-step, so it’s easy for anyone to do. Postgres is an open-source, powerful relational database system that lets users create, edit, share, and store data quickly and flexibly. It supports all of SQL:2003 standards, which makes it great for storing any type of data. pgAdmin4 is a graphical user interface tool that allows users to manage their PostgreSQL databases from one place without having to use complicated command-line instructions or terminal commands like many other similar tools on the market offer.

  • How to Install GCC Compiler Collection on CentOS 8 and Rocky Linux 8 – VITUX - TechStony

    The GNU Compiler Collection (GCC) is a compiler software package with a collection of compilers for several languages. It is free and open-source software, which means that everyone has the opportunity to contribute or modify the application according to their own needs. GCC supports various programming languages, including C, C++, Objective-C, Fortran, Java and Ada. It also provides libraries such as libstdc++ for C++ and libgcj for Java. GCC uses a technology called “Recursive Descent Parsing”, which is very effective at finding errors in the code. GCC also provides a rich set of warnings that can be used to spot possible problems or bugs that may not have been detectable by the compiler itself. GCC performs some optimizations on both the intermediate code and the final machine code, but it does not perform as many optimizations as a commercial compiler would.

  • This Extension Adds MacBook Style Notch in GNOME 40 in Ubuntu 21.10

    Sounds ridiculous, but it’s true! GNOME now has an extension to add Apple iPhone & MacBook look like but USELESS notch in your screen. I’m not an Apple fan and don’t know why to add an ugly notch on laptop screen. Though an extension “iNotch” is available to add it in GNOME 40. It does nothing buts add a blank area in top-center, with a camera lens icon as well as tally light. As Apple’s hardware notch does, it however covers the clock and the cursor disappears when it enters the notch. Though, the drop down calendar menu still works when you click on the area in top-bar.

MAKE MORE with Inkscape – Papercraft et al.

Inkscape, the most used and loved tool of Fedora’s Design Team is not just a program for doing nice vector graphics. With vector graphics (in our case SVG) a lot more can be done. Many programs can import this format. Also, Inkscape can do a lot more than just graphics. The last article of this series showed how to use Stroke or Hershey Fonts for engraving and other such methods with Inkscape. This article will look at several Inkscape extensions for making Papercraft or that otherwise help to flatten out three-dimensional (3D) objects. Rapid Prototyping is an oft-mentioned word (even more so since the advent of 3D-Printing). Sure, you can easily 3D-print computer designed objects. But the downsides are the cost and the amount of extra work you have to put into the 3D printed objects to get a clean surface. Read more