Cisco's security team has discovered that hundreds of its networking devices contain a vulnerability that could allow attackers to remotely executive malicious code and take control of the affected device.
"We are committed to responsible disclosure, protecting our customers, and building the strongest security architecture and products that are designed through our Trustworthy Systems initiatives," said a Cisco spokesperson in an email to CRN regarding the vulnerability.
Some channel partners of the San Jose, Calif.-based networking giant are already advising customers on how to bypass the critical security flaw. Here are 10 important items that Cisco channel partners should know about the security vulnerability.
One of the key advantages of Open sauce software is that it is supposed to be easier to spot and fix software flaws, however Linux has had a local privilege escalation flaw for 11 years and no-one has noticed.
The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely introduced in 2005 when the Linux kernel gained support for the Datagram Congestion Control Protocol (DCCP). It was discovered last week and was patched by the kernel developers on Friday.
However, despite these improvements in code cleanness and security technologies, it hasn’t quite proven itself when faced with experienced hackers at contests such as Pwn2Own. At last year’s edition of Pwn2Own, Edge proved to be a little better than Internet Explorer and Safari, but it still ended up getting hacked twice, while Chrome was only partially hacked once.
Things seem to have gotten worse, rather than better, for Edge. At this year’s Pwn2Own, Microsoft’s browser was hacked no less than five times.
And for every hack perpetrated against Edge, there was a corresponding attack against the Windows 10 kernel, indicating that it has a way to go in terms of security, according to Tom's Hardware.
The 90-day deadline is the same that Google's own Project Zero security group provides to companies when it uncovers flaws in their software. If a company has failed to patch its software accordingly, Project Zero publishes details of the flaw whether the vendor likes it or not.
If you’re an Android developer who prefers to use a Debian machine for home or work, then you may be interested in a guide published by the official Debian blog on how to build Android applications using ONLY Debian packages. At this time, you can build applications only if it targets API Level 23 with build-tools-24 as these are the only versions that are completely Debian at the time of this writing.
VAIO, freed from the Sony yoke, made one ropey-looking Android phone all on its own. Then, learning several lessons, it made a gorgeous, machined slab of aluminum that, unfortunately, ran Windows Phone 10. Now, like practically all other phone makers, its changing tack, introducing the VAIO Phone A: an identical phone that's running Android 6.0.
Sony sold off its PC-focused VAIO division back in 2014, but the brand lived on under new management. Now, it’s come back to haunt the tech giant in the mobile market, with a new Android-powered VAIO handset announced today — the VAIO Phone A.
Kali Linux for Android: Kali Linux is best operating system for Ethical hackers. It is used by white hat hackers, security researchers and pentesters. Kali Linux come up with the advance features which is beneficial for security purposes . Kali Linux is high software and cannot run in all devices. It is available for limited devices only. But now you can install Kali Linux in Android device, Because of developers of Linux Deploy it is possible to get Linux distributions installed in a chroot using GUI builder. let’s start and learn how to install kali linux on any android.
There was a time a few years ago when the first Android phones made it to market, that they seemed full of promise as general purpose computers. Android is sort of Linux, right, or so the story went, so of course you must be able to run Linux on an Android phone and do all sorts of cool stuff with it.
As anyone who tried to root an Android phone from 2010 will tell you, it was a painful and unrewarding process. There was normally a convoluted rooting process followed by somehow squeezing your own Linux filesystem tree onto the device, then chroot-ing into it. You’d then have to set up a VNC server and VNC into it, and eventually you’d feel immensely proud of your very slow tiny-screen Linux desktop that you’d slaved over creating. It was one of those things that’s simple in theory, but extremely convoluted in practice.
The Android O developer preview just dropped, and we’ve been poking around to see what’s new with the latest version. So far, it’s hard to judge the new features on Android O since most require app developers to update their code, but some digging does show tons of interesting settings that hint at what’s to come.
I'm announcing the release of the 4.10.5 kernel.
All users of the 4.10 kernel series must upgrade.
The updated 4.10.y git tree can be found at:
and can be browsed at the normal kernel.org git web browser:
Also: Linux 4.9.17
February And March Linux Articles
I am aware that it is a while since I added any content to this site. To be honest I have been inundated with work and so I have had little opportunity to write anything worthwhile on this blog.
I am learning new programming techniques for my day job and this has meant watching lots of Pluralsight videos and trying out what I have learned.
This doesn't mean that I have been completely idle when it comes to writing but most of the content I have written has been for Lifewire.com and I wanted to point you in the direction of these articles because I'm sure many of them will be useful to the readers of this site.