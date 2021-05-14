Security Leftovers
GoodWill Ransomware Requires Victims to Do Good Deeds
Zero Day Initiative’s Pwn2Own Vancouver 2022 – Keith Yeo Vs. Ubuntu Desktop
This zero-day Windows flaw opens a backdoor to hackers via Microsoft Word. Here's how to fix it
Microsoft has detailed a workaround for admins to protect their networks from a zero-day flaw in a Windows tool that hackers have been exploiting via malicious Word documents. Over the weekend, security researchers discovered a malicious Word document that was uploaded to Google-owned VirusTotal on 25 May from an IP address in Belarus.
Attackers Continue to Target Critical WSO2 Flaw | Decipher
Weeks after the disclosure of the vulnerability (CVE-2022-29464) in WSO2 products, attackers are leveraging the flaw to install Linux-compatible Cobalt Strike beacons, cryptocurrency miners and more.
Follina 0day exploit. Malicious code execution in Office docs
It exists in Microsoft Windows Support Diagnostic Tool (MSDT), enabling remote code execution. It’ll be assigned a CVE in due course, currently it’s Reserved. Microsoft provide all the details here CVE-2022-30190.
Put more simply; it makes Arbitrary Code Execution attacks possible when previewing or opening documents.
today's howtos
IBM/Red Hat Leftovers
Release notes for the Genode OS Framework 22.05
The Genode release 22.05 stays true to this year's roadmap. According to the plan, we continue our tradition of revising the framework's documentation as part of the May release. Since last year, the Genode Foundations book is accompanied with the Genode Platforms document that covers low-level topics. The second revision has just doubled in size (Section Updated and new documentation). Functionality-wise, the added support for WireGuard-based virtual private networks is certainly the flagship feature of the release. Section WireGuard briefly introduces the new component while leaving in-depth information to a dedicated article. Among the other topics of the release, our continued work on device drivers stands out. We managed to bring Genode's lineup of PC drivers ported from the Linux kernel up to the kernel version 5.14.21 using Genode's unique DDE-Linux porting approach. As described by Section New generation of DDE-Linux-based PC drivers, this work comprises complex drivers like the wireless LAN stack including Intel's Wifi driver and the latest Intel display driver. At the framework's side, the modernization of Genode's platform driver for PC hardware is in full swing. Even though not yet used by default, the new driver has reached feature parity with the original PC-specific platform driver while sharing much of its code base with the growing number of ARM platform drivers such as the FPGA-aware platform-driver for Xilinx Zynq (Section Xilinx Zynq). Regarding the PinePhone, Genode 22.05 introduces the basic ability to issue and receive phone calls, which entails the proper routing of audio signals and controlling the LTE modem. Furthermore, in anticipation of implementing advanced energy-management strategies, the release features a custom developed firmware for the PinePhone's system-control processor. Both topics are outlined in Section PinePhone while further details and examples are given in dedicated articles. The release is wrapped up by usability improvements of the framework's light-weight event-tracing mechanism, low-level optimizations, and API refinements.
11 Best Xfce Themes to Give Your Linux Desktop a Modern Look
Xfce is known for being one of the most lightweight desktop environments yet flexible enough to carry out heavy loads easily. One major issue with Xfce is that its default interface may look old and outdated to many users. This could be offputting for some new users who prefer beautiful-looking Linux distributions.
