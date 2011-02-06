Security Leftovers Time is running out for CentOS 8 It came as a shock when RedHat announced that CentOS 8 support would end this year. Organisations who thought they had eight years to plan for its replacement now have less than four months.

Hacker-made Linux Cobalt Strike beacon used in ongoing attacks An unofficial Cobalt Strike Beacon Linux version made by unknown threat actors from scratch has been spotted by security researchers while actively used in attacks targeting organizations worldwide. [...] However, Cobalt Strike has always had a weakness — it only supports Windows devices and does not include Linux beacons.

Hackers port Cobalt Strike attack tool to Linux [Ed: Do malicious tools only become "news" when you can badmouth "Linux" somehow? And that says nothing about how such tools get there in the first place? Windows has back doors.] Security experts say the Cobalt Strike Beacon tool has been adapted by hackers to work against Linux machines. Designed for use by penetration testers and other security professionals, Beacon is the automated attack component of the $3,500 per-year Cobalt Strike security testing suite that enables attacks like keylogging and file theft. Because it is so effective at automatically compromising machines, the software has also become effective with cybercriminals looking to remotely break into a network.

NSO Group iMessage Zero-Click Exploit Captured in the Wild In March 2021, we examined the phone of a Saudi activist who has chosen to remain anonymous, and determined that they had been hacked with NSO Group’s Pegasus spyware. During the course of the analysis we obtained an iTunes backup of the device.

Apple Releases Security Updates, iOS 14.8 and iPadOS 14.8 Apple has released security updates to address vulnerabilities—CVE-2021-30860, CVE-2021-30858—in iOS and iPadOS. An attacker could exploit these vulnerabilities to take control of an affected device. CISA is aware of public reporting that these vulnerabilities may have been exploited in the wild.

Bored of Flat UIs? Check Out Skeuos GTK Theme Ever find yourself wishing your GTK theme had a bit more depth to it? If so, check out the Skeuos GTK theme by Daniel Ruiz de Alegría. His sumptuous skin skewers modern expectations by embracing the bevels, drop-shadows, and gradients most modern themes actively avoid. The result is a confident look with real visible visual hierarchy to it. Buttons look like buttons, toggles look like toggles, and focused elements have clear presence — you won’t mistake a label for an action while using this theme. Although it is still fairly flat (as themes go), in this era of ever-flatter UIs I’m surprised at how refreshing the theme’s “ornamentation” feels. It’s like a mix of Adwaita and elementary themes, with a splash of Layan for colour.