Language Selection

English French German Italian Portuguese Spanish

Linux Australia server hacked, personal information may have been stolen

Filed under

A public server belonging to Linux Australia, the umbrella group for Linux user groups in the country, were breached on March 22, and the personal information of members may have been stolen.

Read more

More in Tux Machines

CrowPi L Review - Part 2: Learn programming and electronics with a Raspberry Pi 4 laptop

In the first part of our review of CrowPi L Raspberry Pi 4 laptop for education, we checked the hardware and accessories such as the CrowTail starter kit with various sensors and other electronics modules, and showed how to install or remove the Raspberry Pi 4 SBC from the laptop shell. I’ve now had more time to play with the educational software, so I’ll report my experience with the laptop when learning game design and hardware control with Letscode visual programming IDE, as well as the Python lessons for more advanced students. Read more

today's howtos

  • How to find the IP address of your Raspberry PI - PragmaticLinux

    Planning on running your Raspberry PI as a server on your local network? Excellent idea. They’re cheap, powerful and require little power. The perfect solution for a basic file-, web- or game-server. In order to access the Raspberry PI server from another device on your local network, you need to know its IP address. This article presents several methods on how to find the IP address of your Raspberry PI.

  • How to install Gacha Club Edition Update on a Chromebook

    Today we are looking at how to install Gacha Club Edition Update on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  • How to Check If a File Exists in Linux Bash Scripts

    If a Linux Bash script relies on certain files or directories being present, it can’t just assume they do. It needs to check that they’re definitely present. Here’s how to do that.

  • How to convert images using the Linux terminal

    In this post, you will learn how to convert images using the Linux terminal. This post, which can help us in scripts and many external programs.

  • Fixing “Command Not Found” Error When Using Sudo

    It is a right of passage for almost all Linux users to go through the headaches associated with the error “command not found” whenever you try to execute a script or a file on your Linux terminal as a sudoer user. This error directly implies that the script or file you are trying to execute either does not exist on your system or the PATH variable is unaware of its unspecified location. This article guide will walk us through diagnosing and fixing this “command not found” sudo-associated error.

  • How to Install MongoDB 6.0 on Debian 11 | Mark Ai Code

    We will use the official repository to install MongoDB 6.0 server and client on Debian 11 in order to handle local or distant databases using a command prompt.

  • How to Install MySQL 8.0 on Ubuntu 20.04 LTS

    MySQL is a free, open-source database management system based on SQL or Structured Query Language. It is one of the most widely used database systems for several well-known applications. MySQL is used for data warehousing, e-commerce, and logging applications, and its most notable feature is web-based database storage and management. The ease of use and flexibility of MySQL has made it a popular choice for many web applications. One of the key benefits of MySQL is that it runs on multiple platforms, including Windows, Linux, and macOS. This allows developers to create cross-platform applications deployed on various devices. Another benefit of MySQL is that it supports multiple programming languages, making it easy to integrate into existing applications. Lastly, MySQL is highly scalable, which means it can handle large volumes of data without sacrificing performance. This makes it an ideal choice for businesses looking to manage growing amounts of data. In the latest release of MySQL 8.0, the database management system brings new features and security updates. This new release of MySQL adds support for joins with larger data sets, better performance when importing large files, and various improvements to InnoDB, SQL mode, named ‘strict sql_mode,’ which will make MySQL more compliant with the SQL standard. In addition, there are performance enhancements in this release that include an adaptive query cache, a thread pool for connections, and a faster startup time. Finally, there are multiple security fixes included in this release. Overall, this new release of MySQL provides significant improvements and enhancements that will benefit developers and database administrators alike. The following tutorial will teach you how to install MySQL Community on Ubuntu 20.04 LTS Focal Fossa using the MySQL official APT repository, which will give you the latest version available on your system using the command line terminal.

  • How to Install Apache (HTTPD) on Rocky Linux 9

    Apache, also known as Apache HTTP server, has been one of the most widely used web server applications globally for the past few decades. It is a free, open-source web application software maintained by the Apache Software Foundation. Apache provides some powerful features with dynamically loadable modules, easy integration with other software, and handling of static files, among other popular features. The main reason for its popularity is that it is highly customizable to meet the needs of different users, making it an ideal choice for small and large businesses. Additionally, Apache is constantly updated with new features and security enhancements, making it a reliable and secure option for hosting websites. While many web server options are available today, Apache remains one of the most popular choices thanks to its flexibility, ease of use, and wide range of features. In the following tutorial, you will learn how to install Apache on Rocky Linux 9 using the command line terminal for desktop or server and basic configuration and creating a TLS/SSL certificate with Let’s Encrypt.

  • How to install Monit 5 on Ubuntu 22.04 – NextGenTips

    Monit is a small open source utility for monitoring and managing Unix systems. It performs automatic maintenance whenever there is downtime in your system. From this tutorial, you are going to learn how to install Monit on Ubuntu 22.04.

  • How to integrate Active Directory Federation Services (ADFS) authentication with Red Hat SSO using SAML | Enable Sysadmin [Ed: Red Hat parroting Microsoft talking points]

    Most businesses use Active Directory (AD) as it offers a single source of user management in the organization. Many organizations often incorporate additional authentication programs and protocols, such as Red Hat Single Sign On (RH-SSO), in tandem with AD. RH-SSO is based on Keycloak, an open source identity and access management tool for modern web applications.

Games: ZONERS, Godot Engine, Two Point Campu

Security Leftovers

  • Windows zero day [sic] under attack was first reported in 2019 [iophk: Windows TCO]

    Among those that stands out is CVE-2022-34713.

    That’s both for the fact that Microsoft says exploitation has been detected, meaning a prompt patch or mitigation should be a priority, but because Imre Rad, the Hungarian security researcher who reported the vulnerability (or at least a close variation of it), had reported it to Redmond back in December 2019.

  • Microsoft urges Windows users to run patch for DogWalk zero-day [sic] exploit

    The vulnerability was first reported in January 2020 but at the time, Microsoft said it didn’t consider the exploit to be a security issue. This is the second time in recent months that Microsoft has been forced to change its position on a known exploit, having initially rejected reports that another Windows MSDT zero-day, known as Follina, posed a security threat. A patch for that exploit was released in June’s Patch Tuesday update.

  • The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)

    This is part one of a two-part guest blog post, where first we'll look at the root cause of the CVE-2021-0920 vulnerability. In the second post, we'll dive into the in-the-wild 0-day exploitation of the vulnerability and post-compromise modules.

  • A Linux Zero-Day Was Finally Patched After Half a Decade of Inaction With Help From Google

    Google’s Threat Analysis Group revealed new details today about its efforts to identify and help patch a zero-day exploit impacting Android devices built by a commercial surveillance vendor and dating back to at least 2016. The research, presented at the Black Hat cybersecurity conference in Las Vegas, represents the latest attempt by Google to step up its efforts against a growing private surveillance industry that’s thriving, according to the researchers.

  • Stratus Red Team: Open-source tool for adversary emulation in the cloud - Help Net Security

    In this Help Net Security video, Christophe Tafani-Dereeper, Cloud Security Researcher and Advocate at DataDog, talks about Stratus Red Team, an open-source project for adversary emulation and validation of threat detection in the cloud. The tool supports common AWS and Kubernetes attack techniques. If you’re at Black Hat USA 2022, you can learn more about Stratus Red Team. Christophe will be at the Arsenal, doing demos and answering questions on Wednesday, August 10, starting at 11:30AM.

  • Slack admits to leaking hashed passwords for five years [Ed: Does not surprise me us all. They only admit this because they got caught, hence they need to spin this somehow, belittling the severity, just as LastPass did after several blunders (it had suffered a breach). The way forward is self-hosting and encrypting things (on server one controls, not leasing).]
  • iTWire - Cisco reveals attack on company's network by ransomware group

    Global networking giant Cisco has revealed that its systems have been breached, with the break-in becoming apparent on 24 May and effected through stolen employee credentials obtained from a personal Google account. The company's Talos Intelligence security unit issued a long blog post on Wednesday, providing details of the incident, but not specifying when the actual break-in occurred. The website Bleeping Computer, which reports on numerous ransomware incidents, said it had been emailed a list of files last week, which were claimed to have been stolen during the attack.

  • A marquee week for cybersecurity in Vegas- POLITICO