MS17-010 was released in March and it closes a number of holes in Windows SMB Server exploited by the NSA. Exploits such as EternalBlue, EternalChampion, EternalSynergy and EternalRomance that are part of the Fuzzbunch exploit platform all drop DoublePulsar onto compromised hosts. DoublePulsar is a sophisticated memory-based kernel payload that hooks onto x86 and 64-bit systems and allows an attacker to execute any raw shellcode payload they wish.
Hackers have unleashed a new malware strain that targets Linux-based systems.
The Linux/Shishiga malware uses four different protocols (SSH, Telnet, HTTP and BitTorrent) and Lua scripts for modularity, according to an analysis of the nasty by security researchers at ESET.
Shishiga relies on the use of weak, default credentials in its attempts to plant itself on insecure systems through a bruteforcing attack, a common hacker tactic. A built-in password list allows the malware to try a variety of different passwords to see if any allow it in.
The Free Software Foundation of Europe has just completed the process of electing a new fellowship representative to the General Assembly (GA) and I was surprised to find that out of seven very deserving candidates, members of the fellowship have selected me to represent them on the GA.
I'd like to thank all those who voted, the other candidates and Erik Albers for his efforts to administer this annual process.
The open sourcing of "cregit," the underlying tool used at cregit.linuxsources.org, provided by The Linux Foundation. cregit enables easy access to and improves the visibility of details in the history of changes in source code files.
With the death of yet another open source/free software/Linux-based mobile platform, Ubuntu Touch, clearly it is time for us to sit down and have a frank discussion about what we in the free software world can reasonably accomplish in a mobile platform.
One of the biggest issues—if not THE biggest issue—with Ubuntu Touch was that it simply had goals that were far too aggressive to reasonably achieve. It suffered from the all-too-common malady known in software development as feature creep.
City Cloud gets Ubuntu Certified
European Infrastructure as a Service (IaaS) provider City Network, has joined the Ubuntu Certified Public Cloud (CPC) programme. This is the second very big European win for Ubuntu after it signed up OVH earlier this month. As an Ubuntu CPC partner, City Cloud will no longer need to create, curate, patch and maintain Ubuntu images. This will all be done by Ubuntu who will then provide them to City Network.