Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Wednesday

    Security updates have been issued by Debian (rsync, rsyslog, and uriparser), Fedora (containerd, freeipa, golang-github-containerd-ttrpc, libdxfrw, libldb, librecad, mingw-speex, moby-engine, samba, and xen), Red Hat (kernel, kernel-rt, kpatch-patch, and samba), and Ubuntu (linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-oracle, linux-oracle-5.11, linux-raspi, linux, linux-aws, linux-aws-5.4, linux-azure, linux-gcp, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem-5.13, linux-oracle, linux-raspi, and linux-oem-5.14).

  • CISA Adds Five Known Exploited Vulnerabilities to Catalog

    CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.

  • Cybersecurity: Increase your protection by using the open-source tool YARA - TechRepublic

    A plethora of different tools exist to detect threats to the corporate network. Some of these detections are based on network signatures, while some others are based on files or behavior on the endpoints or on the servers of the company. Most of these solutions use existing rules to detect danger, which hopefully are updated often. But what happens when the security staff wants to add custom rules for detection or do their own incident response on endpoints using specific rules? This is where YARA comes into play.

  • Making Transparency Easy: Lumen Is Pleased To Announce a New Feature for Notice Submitters

    We’re thrilled to be rolling out the Lumen Submitter Widget, a tool that allows any online service provider (OSP) to automate reception of content removal requests in a coherent form and to facilitate transparency and research regarding those requests.

    The tool comes out of the many conversations we’ve had with potential data partners about obstacles that OSPs (and users) face in sending, receiving, and making sense of the takedown requests they receive.We hope that making sharing data with Lumen effortless and uncomplicated will encourage more OSPs to join Lumen in providing transparency and supporting analysis of the Web’s takedown landscape.

More in Tux Machines

Programming Leftovers

  • C: sigprocmask Function Usage

    You may have heard about socket programming in C. One of the socket functions is the “sigprocmask” function. This function has been usually utilized in the code to inspect or alter the signal mask of the calling function. The signal mask is a term used for a group of signals that are presently blocked and cannot be conveyed for the calling function. Such kind of signal is known as “Blocked Signals.” You can say that a process can still receive the blocked signals, but it will not be used until they are unblocked and released, i.e., raised. Until then, it will be pending. Therefore, within today’s guide, we will be discussing the use of the sigprocmask function in C programming. Let’s have a start. After the Ubuntu 20.04 successful login, you need to launch the shell of the Ubuntu 20.04 system first after the login. So, try out the “Ctrl+Alt+T” shortcut simply on the desktop screen. It will launch the terminal shell for you in some seconds. Make sure to update your system using the apt package of your system. After that, you have to execute the “touch” instruction along with the file name you want to generate, i.e., to create the C file via the shell. This newly created file can be found in the “home” folder of your system’s file explorer. You can try opening it with the “text” editor to create code in it. Another way to open it in the shell is using the “GNU Nano” editor using the “nano” keyword with a file name as demonstrated beneath.

  • C: sigaction function usage

    A sigaction() is a function that allows to call/observe or examine a specific action associated with a particular signal. It is thought to consider a signal and sigaction function on the same page. But in reality, it has not occurred. The signal() function does not block other signals when the current handler’s execution is under process. At the same time, the sigaction function can block other signals until the current handler has returned.

  • delegation of authority from the systems programming perspective – Ariadne's Space

    As I have been griping on Twitter lately, about how I dislike the design of modern UNIX operating systems, an interesting conversation about object capabilities came up with the author of musl-libc. This conversation caused me to realize that systems programmers don’t really have a understanding of object capabilities, and how they can be used to achieve environments that are aligned with the principle of least authority. In general, I think this is largely because we’ve failed to effectively disseminate the research output in this area to the software engineering community at large — for various reasons, people complete their distributed systems degrees and go to work in decentralized finance, as unfortunately, Coinbase pays better. An unfortunate reality is that the security properties guaranteed by Web3 platforms are built around object capabilities, by necessity – the output of a transaction, which then gets consumed for another transaction, is a form of object capability. And while Web3 is largely a planet-incinerating Ponzi scheme run by grifters, object capabilities are a useful concept for building practical security into real-world systems. Most literature on this topic try to describe these concepts in the framing of, say, driving a car: by default, nobody has permission to drive a given car, so it is compliant with the principle of least authority, meanwhile the car’s key can interface with the ignition, and allow the car to be driven. In this example, the car’s key is an object capability: it is an opaque object, that can be used to acquire the right to drive the car. Afterwards, they usually go on to describe the various aspects of their system without actually discussing why anybody would want this.

  • Pip Install: Install and Remove Python Packages
  • A dog-cat-horse-turtle problem

    Sometimes the text-processing problems posted on Stack Exchange have so many solutions, it's hard to decide which is best. A problem like that was posted in the "Unix & Linux" section in December 2021...

Istio / Announcing Istio 1.12.2

This release fixes the security vulnerability described in our January 18th post, ISTIO-SECURITY-2022-001 as well as a few minor bug fixes to improve robustness. This release note describes what’s different between Istio 1.12.1 and Istio 1.12.2. Read more Also: ISTIO-SECURITY-2022-001

Android Leftovers

Redis vs. MongoDB: What you need to know

Databases are garnering a lot of popularity every day and are used by many organizations for a wide variety of use cases. Many organizations are employing innovative techniques to handle their data storage. These companies often shift between databases to optimize their storage and data mapping according to their business needs. Companies with growing data requirements utilize databases with dynamic functionalities. However, deciding which database is perfect for each of these companies can be very subjective. When it comes to database management, choosing between Redis and MongoDB can be relatively challenging. Read more