Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Twisted Panda: Chinese APT espionage operation against Russian’s state-owned defense institutes - Check Point Research [Ed: Microsoft Windows TCO]

    In the past two months, we observed multiple APT groups attempting to leverage the Russia and Ukraine war as a lure for espionage operations. It comes as no surprise that Russian entities themselves became an attractive target for spear-phishing campaigns that are exploiting the sanctions imposed on Russia by western countries. These sanctions have put enormous pressure on the Russian economy, and specifically on organizations in multiple Russian industries.

    [...]

    The malware creates a working directory %TEMP%\\OfficeInit and copies to it INIT and cmpbk32.dll files, as well as a legitimate 32-bit Windows executable cmdl32.exe from either System32 or SysWOW64 folder, depending on if the operating system is 32 or 64 bit.

  • Sandworm uses a new version of ArguePatch to attack targets in Ukraine [Ed: Microsoft Windows TCO]

    Filename: eset_ssl_filtered_cert_importer.exe
    SHA-1 hash: 796362BD0304E305AD120576B6A8FB6721108752
    ESET detection name: Win32/Agent.AEGY

  • Malicious Python Repository Package drops Cobalt Strike on Windows, macOS & Linux systems [Ed: It's not an OS issue; it's about people installing malicious software and greater threats are proprietary software's back doors]

    Public repositories of open source code are a critical part of the software supply chain that many organizations use to build applications. They are therefore an attractive target for adversaries seeking to distribute malware to a mass audience.

  • 747 Hackathon | Pen Test Partners

    As is probably clear from our blog and public talks aviation cyber security is an area of huge interest to us. Some of us are also light aircraft pilots, so the crossover of two of our loves makes for some fascinating research.

    Over the last few years we’ve managed to get access to several airplanes that have been recently retired. As the various breakers yards are backed up with planes retired during the pandemic, many fully functional planes are available that will never fly again.

    However, a big problem for us is that the planes get dismantled, often between visits. On several occasions we’ve gone to an airframe to figure out the on board systems, go back to the lab to prepare custom connectors and tools, then come back a month later to find out that it’s been taken apart into many many pieces.

More in Tux Machines

RHEL 9 delivers latest container technologies for development and production

Three years ago, with the release of Red Hat Enterprise Linux 8 (RHEL 8), we delivered a new set of container tools with a new concept called Application Streams. These new container tools enabled RHEL users to find, run, build and share containers. For more information on why RHEL moved from Docker to Podman (and the journey it took us to get there) see RHEL 8 enables containers with the tools of software craftsmanship.  In our previous release, What's new in Red Hat Enterprise Linux 8.5 Container Tools?, we introduced a lot of the foundational features and capabilities needed to get to RHEL 9. Read more

Complete Upgrade Guide to Linux Mint 21 (Vanessa) from 20.3

A complete tutorial on how to upgrade to Linux Mint 21 (Vanessa) from Linux Mint 20.3 with the graphical method. Read more

Red Hat Leftovers

  • SSH from RHEL 9 to RHEL 5 or RHEL 6 | Richard WM Jones

    RHEL 9 no longer lets you ssh to RHEL ≤ 6 hosts out of the box. You can weaken security of the whole system but there’s no easy way to set security policy per remote host.

  • IT leadership: You gotta have H.E.A.R.T.

    Humility, Empathy, Adaptability, Resilience, and Transparency: H.E.A.R.T.

  • Artificial Intelligence: 3 ways the pandemic accelerated its adoption

    The need for organizations to quickly create new business models and marketing channels has accelerated AI adoption throughout the past couple of years. This is especially true in healthcare, where data analytics accelerated the development of COVID-19 vaccines. In consumer-packaged goods, Harvard Business Review reported that Frito-Lay created an e-commerce platform, Snacks.com, in just 30 days.

  • How open organizations can harness energy disruptions

    Many people talk a lot about the values of Open Organization Principles, but in many ways, they require people to change how they do things, which can be difficult. That is true for businesses and industries as well. Disruption in many sectors is coming. How do we use Open Principles to address them? This article looks at what's happening in industries related to energy and transportation when it comes to drastic costing changes that will lead to industrial disruption. Business disruption is happening through new technology or methods, which will slash costs. This is forcing industrial change. Consider the oil, coal, natural gas, nuclear, petroleum, biofuels, and charcoal (the primary energy in many developing countries) industries. All these industries are grouped in the fossil fuel-burning energy-generating industry. Imagine them all becoming obsolete and totally replaced by the solar and wind industries in the next decade or so because of costs. That is industrial disruption.

  • OpenTelemetry: A Quarkus Superheroes demo of observability

    Are you building microservices? Do you struggle with observability and with capturing telemetry data between distributed services? This article shows how to quickly and easily introduce OpenTelemetry into a distributed system built on Java with Quarkus. This combination allows you to visualize the interactions between all the microservices within an overall system. The article introduces the official Quarkus sample application, Quarkus Superheroes, deploys it on the free Developer Sandbox for Red Hat OpenShift, and demonstrates how to collect and visualize telemetry data in order to observe microservices' behavior.

today's leftovers