Tux Machines
Posted by Roy Schestowitz on Jun 25, 2023
=> Programming Leftovers | firewalld 2.0.0 release
=> ↺ How supply chain cyberattacks work — and why they're so difficult to thwart
A pair of recent high-profile cyberattacks are putting a spotlight back on a hacking tactic that's growing in popularity.
The big picture: A number of supply chain attacks have already impacted organizations this year — and despite the name, the attacks have nothing to do with better-known trade supply chains.
How it works: Supply chain attacks often start with hackers targeting a single entity — typically a software provider — in the hopes of accessing information from that organization's customers.
=> ↺ NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections
The National Security Agency (NSA) has released mitigation guidance to help organizations stave off BlackLotus UEFI bootkit infections.
=> ↺ Reproducible Builds (diffoscope): diffoscope 243 released
The diffoscope maintainers are pleased to announce the release of diffoscope version 243. This version includes the following changes:
There are scripts in EasyOS that have first two lines like this (for example, /usr/sbin/bootmanager):
The 'sudo -A' means to run an app to ask for a password. The file /etc/sudo.conf has this:
/usr/sbin/askpass is a shell script that brings up a little GUI asking for the root password, which is then passed via stdin to 'sudo', and the script, 'bootmanager' for example, will then run as the root user.
This is a mechanism that I developed in 2015 for Quicky Linux. However, 'sudo' no longer works. Easy uses busybox utilities for password management. For example, to set the root password in the 'init' script in the initrd:
=> ↺ 2.5M Genworth Policyholders and 769K Retired California Workers and Beneficiaries Affected by Hack
MOVEit hack: Personal information of about 769,000 retired California employees and 2.5 million Genworth Financial policyholders were exposed.
=> ↺ Remotely Exploitable Bind DoS Bugs Fixed
Several remotely exploitable security issues were found in the Bind Internet Domain Name Server. It was discovered that Bind incorrectly handled the cache size limit (CVE-2023-2828) and the recursive-clients quota (CVE-2023-2911). With a low attack complexity and a high availability impact, these bugs have received a National Vulnerability Database severity rating of ''High''.
=> ↺ How to AI-proof the cybersecurity workforce
Generative AI can enhance digital security, but it can’t — and shouldn’t — replace humans that are essential to fight malicious hackers.
Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of June 19, 2023.
=> ↺ CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws
The US government's cybersecurity agency adds VMware and Roundcube server flaws to its Known Exploited Vulnerabilities (KEV) catalog.
=> ↺ VMware Patches Code Execution Vulnerabilities in vCenter Server
VMware published software updates to address multiple memory corruption vulnerabilities in vCenter Server that could lead to remote code execution.
=> ↺ UPS Data Harvested for SMS Phishing Attacks
I get UPS phishing spam on my phone all the time. I never click on it, because it’s so obviously spam. Turns out that hackers have been harvesting actual UPS delivery data from a Canadian tracking tool for its phishing SMSs.
=> ↺ harvesting
=> ↺ harvesting
=> ↺ Install Passbolt on Debian 12
In this tutorial, you will learn how to install Passbolt on Debian 12.
=> gemini.tuxmachines.org This content has been proxied by September (ba2dc).Proxy Information
text/gemini;lang=en-GB