Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • Security updates for Friday
  • Eight-year-old Linux security flaw finally fixed

    ANOTHER years-old vulnerability in the Linux kernel has been patched - the fourth such ageing security flaw that has been patched recently.

  • Paving with Good Intentions: The Attempt to Rescue the Network Time Protocol

    After the Heartbleed bug revealed in April 2014 how understaffed and under-funded the OpenSSL project was, the Network Time Foundation was discovered to be one of several projects in a similar condition. Unfortunately, thanks to a project fork, the efforts to lend NTP support have only divided the development community and created two projects scrambling for funds where originally there was only one.

  • Mozilla: Everyone's scared of hackers but clueless about fending them off

    According to Firefox maker Mozilla, we're nearly all afraid of hackers, but few of us feel we can protect ourselves from them.

    The non-profit's survey of 30,000 people found internet users' confidence is extremely low when it comes to privacy and security. The survey found that 90 percent of people are unsure how to protect themselves online, while 11.5 percent feel they know nothing about security.

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

  • Security updates for Thursday
  • Dormant Linux kernel vulnerability finally slayed

    A recently resolved vulnerability in the Linux kernel that had the potential to allow an attacker to gain privilege escalation or cause denial of service went undiscovered for seven years.

    Positive Technologies expert, Alexander Popov, found a race condition in the n_hdlc driver that leads to double-freeing of kernel memory. This Linux kernel flaw might be exploited for privilege escalation in the operating system. The (CVE-2017-2636) bug was evaluated as dangerous with a CVSS v3 score of 7.8, towards the higher end of the scale which runs from 1-10.

  • Another Years-Old Flaw Fixed in the Linux Kernel

    The Linux team has patched a "dangerous" vulnerability in the Linux kernel that allowed attackers to elevate their access rights and crash affected systems.

    The security issue, tracked as CVE-2017-2636, existed in the Linux kernel for the past seven years, after being introduced in the code in 2009.

How to Choose the Best Linux Distro for SysAdmin Workstation Security

Filed under
GNU
Linux
Security

If you’re a systems administrator choosing a Linux distribution for your workstation, chances are you’ll stick with a fairly widely used distro such as Fedora, Ubuntu, Arch, Debian, or one of their close spin-offs. Still, there are several security considerations you should weigh when picking which distribution is best for your needs.

Read more

Also: Linux Sucks — The Latest And Last From Bryan Lunduke

Security News

Filed under
Security

Security News

Filed under
Security

Security News

Filed under
Security

Security Leftovers

Filed under
Security

Parrot Security OS 3.5 Improves Linux Security Tools Distribution

Filed under
OS
Linux
Security

There seems to be no shortage of Linux distributions specifically designed and built for security researchers. That list includes the Parrot Security OS Linux distribution, which was updated to version 3.5 on March 8. The Parrot Security OS platform is based on the Debian Linux distribution, with the open-source MATE desktop the default choice for new users. As a platform for security researchers, Parrot Security OS provides a wide array of tools that fit into different categories, including information gathering, vulnerability analysis, database assessment, exploitation tools, password attacks, wireless testing, digital forensics, reverse engineering and reporting tools. One of its more interesting tools is the open-source Kayak car hacking tool that can be used to diagnose a car's CAN (Controller Area Network) bus. In addition, version 3.5 includes the CryptKeeper encrypted folder manager tool, as well as the Metasploit penetration testing framework, which is packed full with 1,627 exploits. For users who want to stay somewhat anonymous while using the system, anonymous web surfing tools are also included in the Linux distribution. In this slide show, eWEEK takes a look at some of the highlights of the Parrot Security OS 3.5 release.

Read more

Syndicate content

More in Tux Machines

AndEX Puts Android Marshmallow 6.0.1 64-Bit on Your PC with GAPPS and Netflix

GNU/Linux developer Arne Exton has released a new build of his Android-x86 fork AndEX that leverages Google's Android Marshmallow 6.0.1 mobile operating system for 64-bit PCs with various updates and improvements. Read more

today's leftovers

  • Future Proof Your SysAdmin Career: Advancing with Open Source
    For today’s system administrators, the future holds tremendous promise. In this ebook, we have covered many technical skills that can be big differentiators for sysadmins looking to advance their careers. But, increasingly, open source skillsets can also open new doors. A decade ago, Red Hat CEO Jim Whitehurst predicted that open source tools and platforms would become pervasive in IT. Today, that prediction has come true, with profound implications for the employment market. Participating in open source projects -- through developing code, submitting a bug report, or contributing to documentation -- is an important way to demonstrate open source skills to hiring managers.
  • FreeType Improvements For The Adobe Engine
    With FreeType 2.8.1 having been released last week, a lot of new code landed in the early hours of today to its Git repository. The code landed includes the work done this summer by Ewald Hew for Google Summer of Code (GSoC 17) adding support for Type 1 fonts to the Adobe CFF engine. Type 1 is an older, less maintained font format.
  • Are You Fond Of HDR Photography? Try Luminance HDR Application In Ubuntu/Linux Mint
    Luminance HDR is an graphical user interface that is used for manipulation and creation of High Dynamic Range(HDR) images. It is based on Qt5 toolkit, it is cross-platform available for Linux, Windows and Mac, and released under the GNU GPL license. It provides a complete workflow for High Dynamic Range(HDR) as well as Low Dynamic Range (LDR) file formats. Prerequisite of HDR photography are several narrow-range digital images with different exposures. Luminance HDR combines these images and calculates a high-contrast image. In order to view this image on a regular computer monitor, Luminance HDR can convert it into a displayable LDR image format using a variety of methods, such as tone mapping.
  • Opera Web Browser Now Has Built-in WhatsApp and FB Messenger, Install in Ubuntu/Linux Mint
  • Enterprise open source comes of age
    In the age of digitalisation and data centre modernisation, open source has come of age. This is demonstrated by the growth that enterprise open source software provider SUSE has enjoyed over the last months. “SUSE is in good shape,” says Nils Brauckmann, CEO of SUSE. “In the last year, revenue grew at 21%, and it was profitable growth.” Business is positive going forward, he adds, with SUSE now part of the larger mothership Micro Focus group following the completion this month of the HPE Software spin merger. “Micro focus is now the seventh-largest pure-play software vendor in the world, with revenues approaching $4,5-billion,” Brauckmann points out.
  • Red Hat, Microsoft Extend Alliance to SQL Server
  • UbuCon Europe 2017
    I’ve been to many Ubuntu related events before, but what surprises me every time about UbuCons is the outstanding work by the community organising these events. Earlier this month, I was in Paris for UbuCon Europe 2017. I had quite high expectations about the event/location and the talks, especially because the French Ubuntu community is known for hosting awesome events several times a year like Ubuntu Party and Ubuntu install parties.
  •  

today's howtos

Korora 26

  • Korora 26 is Here!
  • Linux Releases: “Lightweight” Tiny Core 8.2 And “Heavyweight” Korora 26 Distros Are Here
    Korora Linux distro is a derivative of popular Fedora operating system. It ships with lots of additional packages that are provided by Fedora community and helps the users to get a complete out-of-the-box experience. The developers of Korora Linux distro have just shipped Korora 26 “Bloat.” Bloat codename has been derived from the characters of the movie “Finding Nemo.”
  • Based on Fedora 26, Korora 26 Linux Debuts with GNOME 3.24, Drops 32-Bit Support
    Korora developer Jim Dean announced the release and general availability of the Korora Linux 26 operating system for personal computers, a release based on the latest Fedora Linux version and packed full of goodies. Dubbed "Bloat," Korora Linux 26 comes more than nine months after the release of Korora 25, it's based on Red Hat's Fedora 26 Linux operating system and ships with the latest versions of popular desktop environments, including GNOME 3.24. Also included are the KDE Plasma 5.10, Xfce 4.12, Cinnamon 3.4, and MATE 1.18 desktop environments, all of them shipping pre-loaded with a brand-new backup tool designed to keep your most important files safe and secure from hackers or government agencies.