Security updates for Monday
Security updates have been issued by Debian (containerd, redis, and sqlalchemy), Fedora (kernel, radeontop, rpki-client, and webkit2gtk3), openSUSE (java-1_8_0-openj9, libvirt, mailman, transfig, and webkit2gtk3), Oracle (thunderbird), SUSE (libvirt), and Ubuntu (icu).
Tips to Enhance Linux Security
In recent years, the usage of linux operating systems has increased a bit. Though, not at that impressive rate, there have been more users shifting towards Linux based systems. And around 50% of the internet users are running some sort of Linux flavor on their systems.
There was a time when Linux users would consider themselves as the lucky souls who were not afraid of cyber-attacks or other kinds of vulnerabilities.
But it is no secret that the Linux server has become one of today’s most desirable targets. The past few years have seen emerging malware strains that demonstrate new and dangerous tactics for spreading, remaining undetected on your machine – Cloud Snooper, EvilGnome just to name a couple!
This post is going to elaborate you with some knowledge on how Linux servers are being targeted by malware, rootkits and other malicious attacks. And above all what are the sure shot ways to improve security of Linux systems.
Microsoft's expired cert brings these Windows apps to their knees. - Invidious
Microsoft will now snitch on you at work like never before
I feel sure there are many American workers who have put the whistle in their mouths, like former Facebook employee Frances Haugen, but been too afraid to blow it.
[...]
The first is headlined: "Microsoft 365 compliance center: Insider risk management -- Increased visibility on browsers."
It all sounded wonderful until you those last four words, didn't it? For this is the roadmap for administrators. And when you give a kindly administrator "increased visibility on browsers," you can feel sure this means an elevated level of surveillance of what employees are typing into those browsers.
In this case, Microsoft is targeting "risky activity." Which, presumably, has some sort of definition. It offers a link to its compliance center, where the very first sentence has whistleblower built in: "Web browsers are often used by users to access both sensitive and non-sensitive files within an organization."
And what is the compliance center monitoring? Why, "files copied to personal cloud storage, files printed to local or network devices, files transferred or copied to a network share, files copied to USB devices."
You always assumed this was the case? Perhaps. But now there will be mysteriously increased visibility.
"How might this visibility be increased?," I hear you shudder. Well, there's another little roadmap update that may, just may, offer a clue.
What Can You Do With a Raspberry Pi 400?
Can you really buy a full-fledged personal computer for $70? Yes you can. With an all-in-one design reminiscent of classic 1980s/1990s home computers, Raspberry Pi 400 is built into a keyboard and can be connected to any monitor or TV with an HDMI socket. Based on the same quad-core system-on-chip as the Raspberry Pi 4, it can run a host of desktop applications in the official Raspberry Pi OS based on Debian Linux. Let’s take a closer look at the Pi 400’s capabilities and what you can use it for.
LXD 4.20 has been released
The LXD team is very excited to announce the release of LXD 4.20! This is one very busy release with a lot of new features. VM users will be happy to see the initial implementation of live migration and core scheduling support. Container users are getting new configuration keys to set sysctls. Then the bulk of the new features are all network related with peer network relationships, network zones for auto-generated DNS and SR-IOV accelerated OVN networks. And lastly, on the clustering front, it’s now possible to better control what servers will be receiving new workloads. Also: LXD 4.20 released
