Language Selection

English French German Italian Portuguese Spanish

Proprietary Software and Security Leftovers

Filed under
Security
  • Microsoft a big part of the cyber security problem: Proofpoint exec

    Microsoft's technology plays a big role in facilitating increasingly devastating cyber attacks, a senior official at an email security firm says, accusing the Redmond behemoth of profiting from the existence of vulnerabilities.

  • 5G now means some flights won’t be able to land when pilots can’t see the runway

    Verizon and AT&T are hoping new swaths of C-band cellular radio spectrum will help make the 5G hype closer to reality, but the big mid-band 5G rollout may have a side effect. Airplanes rely on radio altimeters to tell how high they are above the ground to safely land when pilots can’t see, and the FAA is now instructing 6,834 of them to not do that at certain airports because of 5G interference.

    The FAA ruled on Tuesday that those thousands of US planes (and some helicopters) won’t be able to use many of the guided and automatic landing systems that are designed to work in poor visibility conditions, if they’re landing at an airport where there’s deemed to be enough interference that their altimeters aren’t reliable. “Landings during periods of low visibility could be limited due to concerns that the 5G signal could interfere with the accuracy of an airplane’s radio altimeter, without other mitigations in place,” an FAA spokesman tells The Verge.

  • Open source cloud native security analyzer Terrascan embeds security into native DevOps tooling - Help Net Security

    Tenable enhanced Terrascan, an open source cloud native security analyzer that helps developers secure Infrastructure as Code (IaC). The new capabilities enable organizations to embed security into their DevOps tooling, pipelines and supply chains, mitigating risks before infrastructure is provisioned.

  • Google Disrupts Botnet Targeting Windows Machines

    The company has also launched litigation against the Glupteba botnet, marking the first lawsuit against a blockchain-enabled botnet.

  • Pay a Hacker, Save a Life

More in Tux Machines

Security Leftovers

  • Security updates for Thursday [LWN.net]

    Security updates have been issued by Fedora (microcode_ctl, rubygem-nokogiri, and vim), Mageia (htmldoc, python-django, and python-oslo-utils), Red Hat (container-tools:2.0, kernel, kernel-rt, kpatch-patch, and pcs), SUSE (ardana-barbican, grafana, openstack-barbican, openstack-cinder, openstack-heat-gbp, openstack-horizon-plugin-gbp-ui, openstack-ironic, openstack-keystone, openstack-neutron-gbp, python-lxml, release-notes-suse-openstack-cloud, autotrace, curl, firefox, libslirp, php7, poppler, slurm_20_11, and ucode-intel), and Ubuntu (bind9, gnome-control-center, and libxrandr).

  • Apple Safari, Microsoft Windows 11 & Teams, Hacked During $800,000 0-Day Fest [Ed: Microsoft puts back doors in its things, so security is never the goal, nor is it accomplished]
  • Red Hat Kubernetes security report finds people are the problem

    Kubernetes, despite being widely regarded as an important technology by IT leaders, continues to pose problems for those deploying it. And the problem, apparently, is us. The open source container orchestration software, being used or evaluated by 96 per cent of organizations surveyed [PDF] last year by the Cloud Native Computing Foundation, has a reputation for complexity. Witness the sarcasm: "Kubernetes is so easy to use that a company devoted solely to troubleshooting issues with it has raised $67 million," quipped Corey Quinn, chief cloud economist at IT consultancy The Duckbill Group, in a Twitter post on Monday referencing investment in a startup called Komodor. And the consequences of the software's complication can be seen in the difficulties reported by those using it.

  • CISA Releases Analysis of FY21 Risk and Vulnerability Assessments | CISA

    CISA has released an analysis and infographic detailing the findings from the 112 Risk and Vulnerability Assessments (RVAs) conducted across multiple sectors in Fiscal Year 2021 (FY21).

  • ISC Releases Security Advisory for BIND

    The Internet Systems Consortium (ISC) has released a security advisory that addresses a vulnerability affecting version 9.18.0 of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

  • CVE-2022-1183: Destroying a TLS session early causes assertion failure

    An assertion failure can be triggered if a TLS connection to a configured http TLS listener with a defined endpoint is destroyed too early.

Videos/Shows: Red Hat Enterprise Linux 9, The Linux Link Tech Show, Bad Voltage, and BSD Now

today's howtos

  • GNU Linux (distro independent) – how to set fixed ip (brute force overwrite) – temporarily (also possible for DNS)

    this is a quick bash hack, to set an additional fixed ip to the user’s interface, this will (brute force) OVERWRITE all mess done by network managers of various origins: (there should be only one config file to config network settings and it is: /etc/network/interfaces, instead of 10x entities inventing it’s own standard, confusing the heck out of users, just keep the standard that is already there?)

  • How to Enable More Multi-Touch Gestures in Ubuntu 22.04 GNOME 42 | UbuntuHandbook

    This simple tutorial shows how to enable 3-finger & 4-finger multi-touch gestures in Ubuntu 22.04, Fedora 36 and other Linux with GNOME 40+, while the desktop by default supports only few gestures.

  • How to Install Open Source osTicket on Ubuntu 20.04

    A server can contain many important business applications. These applications can help us to deploy even a support ticket system to better manage the technical service of a company. Today, you will learn how to install osTicket on Ubuntu 20.04.

  • How to Install and Use Bitwarden on Linux

    A password manager is an application that lets you generate new passwords and store existing ones securely. It eliminates the need to create and remember strong and complex passwords yourself for all your accounts. Depending on the device and operating system you're using, you can find all kinds of password managers. Bitwarden is a free-to-use password manager that comes with all the essential password management features. Follow along to learn how to install and set up Bitwarden on Linux.

  • How to install Borgmatic for easy Linux server backups | TechRepublic

    Do you have a reliable backup solution running on your Linux servers? If not, what’s your plan for disaster recovery? The word “disaster” alone should be enough to help you realize backups are an absolutely crucial part of your organization. If you’re in the market for a new Linux backup solution, there’s a lesser-known solution that does an outstanding job, and it’s fairly easy to install and configure. That solution is Borgmatic. This simple, configuration-driven backup solution protects your files (and even databases) with client-side encryption and even offers third-party integration for things like monitoring. I want to walk you through the process of installing Borgmatic on Ubuntu Server 22.04. When complete, you should feel confident your important data is regularly being backed up.

  • How to install the Caddy web server on Ubuntu Server 22.04 | TechRepublic

    Caddy is a powerful open-source web server, written in Go, that can be used to host web applications in a production environment. Caddy features built-in automated TLS certificate renewals, OSCP stapling, static file serving, reverse proxy, Kubernetes ingress and much more. Caddy can be run as a stand-alone web server, an app server or even within containers. In this tutorial, I’m going to walk you through the steps of installing Caddy on Ubuntu Server 22.04 and then how to create a simple, static site.

Jive Search is your private self-hosted search engine

Ever wanted your own search engine that you can host, control and make sure your searches are not leaked or recorded?. Then it is time to check Jive Search. Jive Search is a free, open-source search self-hosted search engine that you can run on your machine or server. The app is written using the Go programming language for better performance. Read more Also: MinIO is an open-source multi-cloud object storage for Amazon S3 for enterprise