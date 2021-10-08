Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Submitted by Roy Schestowitz on Monday 29th of November 2021 08:47:55 PM Filed under
Security
  • A masterclass in responding to vulnerability disclosure: The Buddi app and tracker | Pen Test Partners

    The Buddi tracker https://www.buddi.co.uk/ is used for tracking elderly and vulnerable people. It’s a GPS/GSM-based clip-on device that reports wearer position to an app via a platform. It means that the wearer can easily be found by their carer or the emergency services, should they become lost and unable to make their own way home. The device also features a panic button that automatically calls their carer and allows the wearer to speak to them.

    The device is popular in the care market, allowing the wearer a greater degree of independence and the ability to live independently for longer. The business behind Buddi has recently listed successfully on the UK AIM stock market (AIM:BIG), reflecting significant growth in the tracking markets in both UK and US.

  • Security updates for Monday

    Security updates have been issued by Debian (bluez, icu, libntlm, libvorbis, libvpx, opensc, roundcube, and tar), Fedora (kernel, kernel-headers, kernel-tools, puppet, slurm, stargz-snapshotter, and suricata), openSUSE (netcdf), Oracle (bluez, kernel, kernel-container, krb5, mailman:2.1, openssh, python3, and rpm), Red Hat (samba), and SUSE (xen).

  • Cyber Security Today, Nov. 29, 2021 – Ikea under phishing attack, evasive JavaScript loader discovered and malware found hiding in Linux calendars [Ed: Linux is a kernel, it does not do "calendars"]

    Ikea under phishing attack, evasive JavaScript loader discovered and malware found hiding in Linux calendars.

  • Awesome Linux Tools: Lynis from CISOfy - Invidious

    In this episode of Awesome Linux Tools, the spotlight is on Lynis - a really awesome utility you can use to get a better understanding of the overall security hygiene of your server. In this video, Jay will show you how to install it, and also how to run an audit.

  • CronRat Magecart malware uses 31st February date to remain undetected | IT PRO

    Security researchers have discovered a Linux-based remote access trojan (RAT) that uses an unusual stealth technique to remain out of sight from security products.

    The malware, dubbed CronRat, hides in the calendar subsystem of Linux servers (“cron”) on a non-existent day, 31 February, according to a blog post by security researchers at Sansec.

»

Samsung Bricks Smart TVs

Submitted by Roy Schestowitz on Monday 29th of November 2021 08:48:59 PM.
  • Samsung Bricks Smart TVs

    Earlier this Fall, a Samsung warehouse in South Africa was robbed and the thieves got away with a quantity of smart televisions. Samsung proceeded to implement a little-known feature called “TV Block” which is installed on all of their TV products. The serial numbers of the stolen TV sets are flagged in their servers, and if one of these sets tries to connect the internet in the future, it will recognize that it is stolen and proceed to brick itself, disabling all television functionality.

    So while this real-life scenario makes sense, it is a bit alarming to realize the implication of such a feature — the manufacturer can reach into your TV and disable it from afar. One can assume that Samsung won’t abuse this capability, because acting otherwise would harm their reputation. In a press release, Samsung announced that any consumers whose sets were incorrectly bricked can have their sets un-bricked after demonstrating proper ownership.

How cybercriminals exploit WordPress to distribute malware

Submitted by Roy Schestowitz on Monday 29th of November 2021 08:50:30 PM.
  • The other victims of FluBot: How cybercriminals exploit WordPress to distribute malware

    Netcraft has to date identified nearly 10,000 websites used in the distribution of the FluBot family of Android malware. As detailed in our previous articles on FluBot, these sites are unwittingly hosting a PHP script that acts as a proxy to a further backend server, allowing otherwise legitimate sites to deliver Android malware to victims. When visited by the intended victim, a “lure” is displayed that implores them to download and install the FluBot malware.

    The most common lure themes are parcel delivery and voicemail messages, where the user is told to install the malicious app to track a parcel or listen to a voicemail message. One particularly interesting lure took advantage of FluBot’s infamy, by offering a fake “Android security update” that claimed to protect against the malware family. Users installing this “security update” would instead be infected with FluBot.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

today's howtos

  • So this is why Deepin requires so much disk space for installation – LinuxBSDos.com

    Deepin is a desktop Linux distribution with roots in China. It is based on Debian, but ships with its own graphical interface called Deepin Desktop Environment and a set of Deepin-developed tools to go with it. The last version I installed was from 2015, so since I’m gradually coming back to writing for this blog, I decided to test drive the latest edition – Deepin 20.3, which was released on Nov. 25. For me that means installing it in a virtual environment using VirtualBox. For such installations I typically assign the virtual disk 20GB of disk space. And so it was with Deepin 20.3. But that didn’t end well because at some point the installation failed, with the message shown in Figure 2: “You need at least 64 GB of disk space to install Deepin. To get better performance, 128 GB.”

  • 13 exercises to boost your Linux skills | Enable Sysadmin

    Work through this Linux fundamentals checklist to make sure you're ready for whatever comes your way at home, at work, or on certification exams.

  • BASH 01 - Script Basics | Linux.org

    This article is the first in a series of articles to cover Bash Scripting. More articles will follow which will build on each other, so make sure you look over each article. It is preferable to read the articles in order (which is why I will number them). Scripting is a very useful ability for someone using Linux. Making scripts is especially useful for Administrators. Everyone should benefit from Bash Scripting. Bash is the most common shell interpreter on Linux systems. When you open a Terminal, you are in an interactive shell environment. To verify that your system is using the Bash shell using the command: 'echo "$SHELL"'.

  • What’s the Difference Between Exposing and Publishing a Docker Port? – CloudSavvy IT

    Exposed and Published container ports are two different but related concepts in Docker. Exposed ports are defined in your Dockerfile as simple metadata. You must publish them when your container starts if you want to enable outside access.

  • How to set up high-refresh rate monitors on Linux

    Do you have a high refresh rate monitor? Are you running Linux? Can’t quite figure out how to change the refresh rate? We can help! Follow along with this guide as we go over how to change the refresh rate on popular Linux desktop environments!

  • How to Install pgAdmin 4 on CentOS 8 – NextGenTips

    In this tutorial guide, I will be taking through the installation of pgAdmin 4 version 6.2 on CentOS 8 pgAdmin 4 is a free and open-source management tool for Postgres. Its desktop runtime written in NWjs allows it to run standalone for individual users, or the web applications code may be directly deployed on a web server for use by the web browser. pgAdmin 4 is a complete rewrite of pgAdmin, built using Python and Java.

  • How to Update to MATE Desktop 1.26 on Ubuntu 21.04

    Ubuntu MATE is a more retrospective version of Ubuntu, one that largely lets you continue using Ubuntu in the way it functioned over a decade ago. But despite how things may look, updates do continue to roll out for the MATE desktop environment that is Ubuntu MATE's namesake. The latest iteration is MATE 1.26. Here's how you can update the MATE desktop in Ubuntu 21.04 to the latest version.

  • How to Change a Users Shell in Linux - Unixcop the Unix / Linux the admins deams

    In this tutorial, we will show you how to change the shell of a user in Linux. The shell is a program that accepts and interprets commands. there are several shells such as bash, sh, ksh, zsh, fish and many other lesser known shells available on Linux. Bash is a Unix shell and command language for the GNU Project as a free software replacement for the Bourne shell. First released in 1989,it has been used as the default login shell for most Linux distributions.

  • How to use shutdown command with examples - Unixcop the Unix / Linux the admins deams

    “Shutdown” refers to the process of stopping and shutting down a computer or server. This involves cutting the power to the main components of the system using a controlled process. Applications are closed, active processes and protocols are saved to the hard drive, device drivers are removed, and user settings are saved in the process. There are several options to do so, including scheduling a shutdown at a specific time, shutting down immediately, broadcasting a unique message, and so on.

  • How to Install MySQL Database on Ubuntu 20.04 | RoseHosting

    MySQL is an open-source relational database management system (RDBMS), it’s widely used and part of the popular LAMP/LEMP stacks. The data is organized in one or more tables in which the data types may be related to each other and MySQL uses SQL Structured Query Language to manage its data. Considering its part of the LAMP/LEMP stack it is used by many database-driven web applications such as WordPress, Magento, Drupal, and Joomla. Today we will install MySQL on our server and create a database and user with chosen permissions on this database, let’s get started!

  • How to install deepin 20.3 - Invidious

    In this video, I am going to show how to install deepin 20.3

Dockeye - New Graphical App to Manage Docker Containers / Images in Linux

Running applications via Docker in Ubuntu Linux? Dockeye is a free open-source tool to manage your containers and images via a graphical user interface. Dockeye is written in Rust programming language. It provides a dark UI (light mode is also available) that list Docker containers and images in tabs. For each container, it provides options to control start, stop, pause, and remove operations. User may also check the detailed information about a container, including ID, image, maintainer, labels, environment, network info, CPU, Memory and other system resource usage. And, app running log is available in tab for debugging purpose. Read more

Raspberry Pi CM4-based panel PC offers DAQ inputs and M.2 NVMe

Sensoper’s 7-inch “SC-PC” HMI panel PC runs Linux on a Raspberry Pi CM4 and supplies GbE, M.2 for NVMe, RS-485, 3x USB, 8x digital inputs, 7x transistor outputs, and 8x analog inputs with a choice of 0-10V or 4-20mA ranges. Michigan-based Sensoper Controls has launched a 7-inch, industrial panel-PC in two variants: an SC-PC-AV8-TO7 model with 8x 0-10V analog inputs and an SC-PC-AM8-TO7 with 4-20mA analog inputs. The otherwise identical panel PCs run Raspbian (Raspberry Pi OS) Linux with pre-installed Node-RED on the Raspberry Pi Compute Module 4. Read more

Android Leftovers

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6