Security Leftovers
Security updates for Wednesday
Security updates have been issued by Debian (mosquitto and php7.0), Fedora (python-django-filter and qt), Mageia (fossil, opencryptoki, and qtbase5), openSUSE (apache2, busybox, dnsmasq, ffmpeg, pcre, and wireguard-tools), Red Hat (kpatch-patch), SUSE (apache2, busybox, dnsmasq, ffmpeg, java-11-openjdk, libvirt, open-lldp, pcre, python, qemu, util-linux, and wireguard-tools), and Ubuntu (apport and libslirp).
Linux Foundation: confidential computing market to reach $54 billion in 2026 [Ed: ZDNet writing more Linux Foundation 'spam' today. They're paid to do this. They paint surveillance as "security" and "confidential".]
Kali Linux Wordlist: What you need to know
wordlist can be referred to as a password dictionary since it is a collection of passwords stored as plain text. Kali Linux is the most advanced penetration testing distribution. It is primarily designed for penetration testing and digital forensics hence funded and maintained by Offensive Security.
Most Kali Linux wordlists can be downloaded online, including those provided in this article. In addition, there are a collection of common and uncommon passwords that are still or were once used by real people. Remember, you can also create your wordlist if you prefer to or stick to the ones already compiled. Wordlists are derived from data breaches such as circumstances where the company gets hacked. Data stolen from the hacked companies are leaked on websites such as Pastebin or sold on the dark web.
FBI Releases Indicators of Compromise Associated with Ranzy Locker Ransomware
The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with attacks using Ranzy Locker, a ransomware variant first identified targeting victims in the United States in late 2020.
Warehouse belonging to Chinese payment terminal manufacturer raided by FBI
US feds were spotted raiding a warehouse belonging to Chinese payment terminal manufacturer PAX Technology in Jacksonville, Florida, on Tuesday, with speculation abounding that the machines contained preinstalled malware.
PAX Technology is headquartered in Shenzhen, China, and is one of the largest electronic payment providers in the world. It operates around 60 million point-of-sale (PoS) payment terminals in more than 120 countries.
Tired of spam? A burner email account could be the answer.
Have you ever been in that situation where you need to give your email address over, but you don’t want to? There could be a security reason. Can you trust who you’re sharing with not to spam your inbox? Are you certain they won’t expose you to data breaches due to lax security on their part? Can you protect your email from being sold in lists, used for ad tracking and targeting or even be uploaded to platforms like Facebook to track and target you there? Or it could be a case of inbox fatigue. Or maybe you just don’t want your email associated with some entities and in their database? Enter the burner email account.
Kernel: Bootlin/Yocto and Linux 5.16 Additions
Best Linux desktop for 2021: Which one should you buy?
Linux on the desktop is a thing to behold. It's not only incredibly powerful and secure, but it's also flexible enough to become exactly what the user needs. And although you can successfully run Linux on just about any type of desktop machine (running lightweight Linux distributions on older hardware), to really get the most out of modern-day variants, it's best to have hardware up to the task. Linux doesn't require nearly the hardware needed to run Windows 11 or macOS, but why not give the open-source operating system extra power, so you can run more applications and services. So, why not send your money to companies that support open source in return? Which desktops are best suited for the task? Let's take a look at the five best options you have for 2021.
ESP32 and Arduino for Weather
Tiny SBC runs Linux on new RAM-equipped Allwinner RISC-V SoC
MangoPi is prepping a tiny “MangoPi-MQ1” SBC with the new Allwinner F133-A (D1s), a spin-down of Allwinner’s D1 that adds 64MB RAM. Both SoCs use the XuanTie C906, one of several RISC-V cores that Alibaba T-Head is now open sourcing. A MangoPi project from Beijing Wadora Technology Co. has announced a Linux-driven MangoPi-MQ1 SBC equipped with a new Allwinner F133-A (D1s) SoC. Allwinner’s F133-A is a slightly scaled down version of the Allwinner D1 SoC, which powers Sipeed’s Nezha SBC. Both SoCs are equipped with a RISC-V architecture XuanTie C906 core, which last week Alibaba’s T-Head subsidiary announced is being open sourced along with several other cores (see farther below).
