Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security

Glibc:

Security:

KDE Applications 15.12.2 Released for KDE Plasma 5.5 with over 30 Bugfixes

Filed under
KDE
Security

Just a few moments ago, February 16, 2016, KDE had the pleasure of announcing the release and general availability of the second maintenance build in the stable KDE Applications 15.12 series.

Read more

Top 5 Best Security-Centric Linux Distributions Of 2016

Filed under
GNU
Linux
Security

Staying anonymous on the Internet might not necessarily mean the same as surfing the web safely but rather keeping yourself safe from prying eyes that may otherwise take advantage of the vulnerability of your system thereby exposing you and your data for whomever might just be up for the grabbing – especially some hacker snooping around for sensitive data to hoard (particularly if you’re being targeted) and use for otherwise evil purposes that can have some serious effects on the violated individual.

Read more

Security Leftovers

Filed under
Security
  • Security updates for Monday
  • Russian cyberspy group uses simple yet effective Linux Trojan

    A cyberespionage group of Russian origin known as Pawn Storm is infecting Linux systems with a simple but effective Trojan program that doesn't require highly privileged access.

  • Security update for Chromium 48

    Google released an update for Chrome/Chromium – their version 48 of the browser is now at “48.0.2564.109“. The chromium sources are still not available six days after the announcement, even though the official Chrome binary distributions were available right from the start. I think that this is inexcusable for a big company like Google, but this is not the first time that their autobots falter and no one cares enough to fix the release process. Notwithstanding some complaints by fellow application packagers.

Security Leftovers

Filed under
Security
  • Friday's security updates
  • Internet Providers to Use Private Routers as Public Hotspots

    The Juniper report highlighted the consumer benefits that the policy offers, such as free or reduced-fee access to the operator’s homespot network.
    At least one in three home routers will be used as public WiFi hotspots by 2017, and the total installed base of such dual-use routers will reach 366 million globally by the end of 2020, according to a report from Juniper Research.

  • Will you be my cryptovalentine?

    Over the last few year Free Software Foundation Europe runs a campaign called "I love Free Software Day". It's an opportunity to share your appreciation (or love) with the developers of your favorite Free Software project. So after you are done reading this post, choose your favorite project and send its developer(s) an appreciation email.

    Last year Zak Rogoff , had a great similar idea. On a post he wrote he suggested we use the Valentine's Day as an opportunity to use Free Software in order to setup secure and private communications with our significant other.

  • Pwn2Own Hacking Contest Returns as Joint HPE-Trend Micro Effort

    Over a half million dollars in prize money is up for grabs as the Zero Day Initiative browser hacking contest continues even as corporate ownership shifts.
    The annual Pwn2Own browser hacking competition that takes place at the CanSecWest conference is one of the premier security events in any given year, as security researchers attempt to demonstrate in real time zero-day exploits against modern Web browsers. This year there was initial concern that the event wouldn't happen, as the Zero Day Initiative (ZDI), which is the primary sponsor of Pwn2Own, is currently in a state of transition.

  • Kaspersky Researcher Shows How He Hacked His Hospital While Sitting In His Car

    When we visit a hospital, we put our complete trust in our doctor and the medical equipment that he/she uses. With advancement in technology, these equipment have become more complex and interconnected. Sadly, ensuring standard cybersecurity measures is not a top priority of the medical professionals. This fact was recently outlined by a Kaspersky security researcher who hacked a hospital while sitting in his car.

  • Amazon Cloud is Prepared for the Zombie Apocalypse

    There are a number of reasons why an Amazon Web Services (AWS) user might need to violate the acceptable terms of use - including the onset of a zombie apocalypse.

    Amazon updated its terms of service this week alongside its Lumberyard gaming development platform, with a new provision about acceptable use in connection with safety-critical systems.

Fysbis: The Linux Backdoor Used by Russian Hackers

Filed under
Linux
Security

Fysbis (or Linux.BackDoor.Fysbis) is a new malware family that targets Linux machines, on which it sets up a backdoor that allows the malware's author to spy on victims and carry out further attacks.

Read more

Security Leftovers

Filed under
Security
  • Security advisories for Thursday
  • These Vigilante Hackers Aim To Hack 200,000 Routers To Make Them More Secure

    Remember the white hat hackers — The White Team — responsible for creating the Linux.Wifatch malware last October? The same hackers are now planning to take over Lizard Squad’s botnet of infected IoT devices in an attempt to shut down their operations.

  • Skimmers Hijack ATM Network Cables

    If you have ever walked up to an ATM to withdraw cash only to decide against it after noticing a telephone or ethernet cord snaking from behind the machine to a jack in the wall, your paranoia may not have been misplaced: ATM maker NCR is warning about skimming attacks that involve keypad overlays, hidden cameras and skimming devices plugged into the ATM network cables to intercept customer card data.

Three nginx Vulnerabilities Closed in Ubuntu OSes

Filed under
Security

Canonical published details in a security notice regarding a few nginx vulnerabilities that have been identified in Ubuntu 15.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems.

Read more

Security Leftovers

Filed under
Security
Syndicate content

More in Tux Machines

Having offended everyone else in the world, Linus Torvalds calls own lawyers a 'nasty festering disease'

Coding curmudgeon Linus Torvalds has gone off on yet another rant: this time against his own lawyers and free software activist Bradley Kuhn. On a mailing list about an upcoming Linux conference, a discussion about whether to include a session on the GPL that protects the open source operating system quickly devolved in an angry rant as its founder piled in. Read more

The Battle of The Budgie Desktops – Budgie-Remix vs SolusOS!

Ladies and gentleman, it’s the moment you have all been waiting for… the main even of the evening! In this corner, wearing Budgie trunks, fighting out of Ireland, created by Ikey Doherty, the man behind Linux Mint Debian Edition — SolusOS! And in this corner, built on the defending champion, also wearing Budgie trunks, aiming to be the next flavor of Ubuntu, Budgie-Remix! Read more

Leftovers: Software

  • 5 Cool Unikernels Projects
    Unikernels are poised to become the next big thing in microservices after Docker containers. Here’s a look at some of the cool things you can do with unikernels. First, though, here’s a quick primer on what unikernels are, for the uninitiated. Unikernels are similar to containers in that they let you run an app inside a portable, software-defined environment. But they go a step further than containers by packaging all of the libraries required to run the app directly into the unikernel.
  • Cedrus Is Making Progress On Open-Source Allwinner Video Encode/Decode
    The developers within the Sunxi camp working on better Allwinner SoC support under Linux have been reverse-engineering Allwinner's "Cedar" video engine. Their project is being called Cedrus with a goal of "100% libre and open-source" video decode/encode for the relevant Cedar hardware. The developers have been making progress and yesterday they published their initial patches that add a V4L2 decoder driver for the VPU found on Allwinner's A13 SoC.
  • Phoronix Test Suite 6.6 Milestone 3 Released For Linux Benchmarking
  • Calibre 2.65.1 eBook Viewer Adds Driver for Kobo Aura One and Aura 2 Readers
    Kovid Goyal released today, August 26, 2016, a new maintenance update of his popular, cross-platform, and open-source Calibre e-book viewer, converter and library management tool. Calibre 2.65 was announced earlier, and it looks like it's both a feature and bugfix release that adds drivers for the Kobo Aura One and Kobo Aura Edition 2 ebook readers, along with a new option to the Kobo driver to allow users to ignore certain collections on their ebook reader. The list of new features continues with support for right-to-left text and tables to the DOCX Input feature, as well as the implementation of a new option to allow users to make searching case-sensitive. This option can be found and enabled in the "Searching" configuration section under Preferences.
  • Calamares 2.4 Universal Installer Framework Polishes Existing Functionality
    A new stable version of the Calamares universal installer framework used by various GNU/Linux distributions as default graphical installer has been released with various improvements and bug fixes. Calamares 2.4 is now the latest build, coming two months after the release of the previous version, Calamares 2.3, which introduced full-disk encryption support. However, Calamares 2.4 is not as big as the previous update as it only polished existing functionality and address various annoying issues reported by users.
  • RcppArmadillo 0.7.400.2.0
    Another Armadillo 7.* release -- now at 7.400. We skipped the 7.300.* serie release as it came too soon after our most recent CRAN release. Releasing RcppArmadillo 0.7.400.2.0 now keeps us at the (roughly monthly) cadence which works as a good compromise between getting updates out at Conrad's sometimes frantic pace, while keeping CRAN (and Debian) uploads to about once per month. So we may continue the pattern of helping Conrad with thorough regression tests by building against all (by now 253 (!!)) CRAN dependencies, but keeping release at the GitHub repo and only uploading to CRAN at most once a month.
  • Spotio Is A Light Skin for Spotify’s Desktop App — And Its Coming To Linux
    Spotify’s dark design is very much of its identity. No-matter the platform you use it on, the dark theme is there staring back at you. Until now. A bunch of ace websites, blogs and people I follow have spent the past 24 hours waxing lyrical over a new Spotify skin called Spotio.