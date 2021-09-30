Security: Latest Bugs, Microsoft Stealing Passwords From GNU/Linux Users, Implicated in National Security Threats As Well (CISA Blames "Iran" Instead of Microsoft) Security updates for Wednesday Security updates have been issued by CentOS (389-ds-base and libxml2), Debian (atftp, axis, and ntfs-3g), Fedora (digikam, freerdp, guacamole-server, and remmina), openSUSE (java-11-openjdk, kernel, samba, and tomcat), SUSE (firefox, java-11-openjdk, kernel, libarchive, samba, and tomcat), and Ubuntu (accountsservice, hivex, and openexr).

Google launches open source fuzzing tool to tackle SolarWinds-style attacks Google has announced a new open source project designed to assist software developers find vulnerabilities in their code, without much effort, in order to help enhance the security of the software supply chain.

Is Microsoft Stealing People’s Bookmarks? I received email from two people who told me that Microsoft Edge enabled synching without warning or consent, which means that Microsoft sucked up all of their bookmarks. Of course they can turn synching off, but it’s too late. Has this happened to anyone else, or was this user error of some sort? If this is real, can some reporter write about it? [...] It’s actually worse than I thought. Edge urges users to store passwords, ID numbers, and even passport numbers, all of which get uploaded to Microsoft by default when synch is enabled.

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities CISA, the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) have released a joint Cybersecurity Advisory highlighting ongoing malicious cyber activity by an advanced persistent threat (APT) group that FBI, CISA, ACSC, and NCSC assess is associated with the government of Iran. FBI and CISA have observed this Iranian government-sponsored APT exploit Fortinet and Microsoft Exchange ProxyShell vulnerabilities to gain initial access to systems in advance of follow-on operations, which include deploying ransomware.

Linux has a serious security problem that once again enables DNS cache poisoning The sleight of hand worked because DNS at the time relied on a transaction ID to prove the IP number returned came from an authoritative server rather than an imposter server attempting to send people to a malicious site. The transaction number had only 16 bits, which meant that there were only 65,536 possible transaction IDs. Kaminsky realized that hackers could exploit the lack of entropy by bombarding a DNS resolver with off-path responses that included each possible ID. Once the resolver received a response with the correct ID, the server would accept the malicious IP and store the result in cache so that everyone else using the same resolver—which typically belongs to a corporation, organization, or ISP—would also be sent to the same malicious server.

today's howtos Sending logs from syslog-ng store box to Splunk - Blog - syslog-ng Community - syslog-ng Community One of the most popular applications to feed Splunk with syslog messages is syslog-ng. However not everyone is happy to work on the command line anymore. This is where syslog-ng store box (SSB), an appliance built around syslog-ng, can help. The SSB GUI provides you not only with an easyto-use interface to configure most syslog-ng features, but also a search interface and complete log life cycle management. It can forward log messages to several destinations, recently also to Splunk’s HTTP Event Collector (HEC). From this blog you can learn about how SSB fits into your logging infrastructure and how to configure SSB for Splunk.

Clean empty job groups in openQA - openQA bites In this blog post I present you a small script, which can help you to remove empty job groups from your own openQA instance. This is helpful if you have a development instance with a lot of job groups, that you never use. This script can help you to tidy the list of dangling job groups.

How to check if an RHEL system is vulnerable to a CVE Most companies scan infrastructure devices for vulnerability every quarter, but the duration may vary depending on the company’s ITSM policy. After the security scan, if the security team finds vulnerabilities in a specific support group, such as Linux, Windows, Middleware or Network, it will be sent to them. Once assigned, the team will create a CR (Change Request) based on the environment such as TEST, DEV, UAT or PROD and mitigate it to make their systems more secure.

How to Install MariaDB 10.7 on Ubuntu 20.04 - LinuxCapable MariaDB is one of the most popular open-source databases next to its originator MySQL. The original creators of MySQL developed MariaDB in response to fears that MySQL would suddenly become a paid service due to Oracle acquiring it in 2010. With its history of doing similar tactics, the developers behind MariaDB have promised to keep it open source and free from such fears as what has happened to MySQL. MariaDB has become just as popular as MySQL with developers, with features such as advanced clustering with Galera Cluster 4, faster cache/indexes, storage engines, and features/extensions that you won’t find in MySQL. In the following tutorial, you will learn how to install MariaDB 10.7 on Ubuntu 20.04 LTS Focal Fossa.

How to Install PHP 8.1 on Fedora 35 - LinuxCapable PHP 8.1 is a significant update of the PHP language that will be “officially” released on November 25, 2021. This is a standard upgrade going forward from the existing PHP 8.0 release with the new PHP 8.1 is bringing enums, fibers, never return type, final class constants, intersection types, read-only properties amongst the long list of new features and changes. In the following tutorial, you will learn how to import the REMI Module and install PHP 8.1 on your Fedora 35 system.

How to install a full desktop on a Multipass virtual machine for easier Linux development - TechRepublic Multipass is still one of my favorite virtual machine systems. With this command-line tool, I can very quickly spin up a virtual instance of Ubuntu in seconds. These VMs can be used for testing, development and other use cases.