Other Sites

Security Leftovers

posted by Roy Schestowitz on Oct 15, 2022

TP-Link network equipment hijacks some DNS requests

TP-Link network products — including Wi-Fi routers, repeaters, and access points (AP) — use deep packet inspection (DPI) to intercept specific Domain Name System (DNS) requests. Each product looks for one or two domain names and will hijack the request to issue a local response containing its own internet protocol (IP) address.

TP-Link wants to make it easier for its customers to get into the web administration interfaces of its products. No one wants to remember the IP address needed to access it, right? The IP address can also change over time, depending on your network configuration.
Researchers detail new C2 attack framework targeting Windows, macOS and Linux [Ed: This is a security problem only if the malware gets to the system in the first place]

Researchers have discovered a new Chinese-language single-file command-and-control (C2) attack framework being widely used in attacks targeting Windows, Linux and Mac machines.

The framework called "Alchimist" is a 64-bit Linux executable written in GoLang and loaded with resources for web interface and Inseket RAT payloads compiled for Windows and Linux, according to a new report from Cisco Talos.
iTWire - Woolworths subsidiary MyDeal suffers data breach, 2.2m users affected

The MyDeal site is hosted by Amazon in the US, according to Internet services company Netcraft, and appears to use ASP.NET, technology sold by Microsoft.

As per Microsoft's own site, "ASP.NET is a free, cross-platform, open source framework for building Web apps and services with .NET and C#."

Other Recent Tux Machines' Posts

KDE Frameworks 6.16 Improves Plasma’s Ability to Detect the Most Powerful GPU: The KDE Project released today KDE Frameworks 6.16 as the latest update to this collection of more than 70 add-on libraries for Qt, providing commonly needed functionality to KDE apps and the KDE Plasma desktop.
Calibre 8.6 Open-Source E-Book Manager Improves Database Restore Performance: Calibre developer Kovid Goyal released Calibre 8.6 today as the latest version of this open-source, free, and cross-platform e-book management software for GNU/Linux.
Games: Godot, FEX, and Lossless Scaling Frame Generation: Games-related picks
Red Hat Offers Free RHEL Access for Business Developers: Red Hat’s new dev program, Red Hat Enterprise Linux for Business Developers
today's leftovers: some GNU/Linux and mostly FOSS
Databases: PostgreSQL and European Autonomy: PostgreSQL mostly
BSD Leftovers: BSD picks
Standards and More: XML and more on such matters
Security Leftovers: Security picks
Development and Programming Leftovers: R and more
GNU and Linux Leftovers: including games
Open Hardware/Modding: GNU/Linux, ESP32, and More: Some hardware picks
Red Hat and Fedora Leftovers: Fedora picks and more
This Week in GNOME and Parental Controls in GNOME: GNOME leftovers for today
today's howtos: many howtos
Kernel: Lustre at Google, RDNA 3.5 by AMD: linux news
Operating Systems: Outline of Distros in Use, EasyOS Containers, and MINIX: 3 stories of note
The price of software freedom is eternal politics: The new fork of the X.org X11 server is conservative… and we don't mean just technologically conservative.
Release of Wine 10.12: Wine 10.12
Android Leftovers: Leak reveals Samsung Auto DeX as an alternative to Android Auto for over 8,500 vehicle models
The software we have to use at work must respect our freedom: Many free software supporters worldwide are forced to give up their freedom when they log in or go to work
Lenovo readies WMI driver for gaming handhelds with Linux 6.17: New kernel patch brings native power controls to Legion Go S on Linux
Want to Customise GNOME Shell Notifications? Try This Extension: You may have noticed that Ubuntu (rather, GNOME Shell) doesn’t provide many notification customisation options out of the box
today's leftovers: GNU/Linux and more
Open Hardware/Modding: Raspberry Pi and Weekly GNU-like Mobile Linux: Hardware picks
today's howtos: idroot mostly
Videos About GNU/Linux and Free Software: via Invidious
Best Free and Open Source Software: We recommend the best free and open source alternatives
This Week in Plasma: tablet dials and day/night cycles: Welcome to a new issue of This Week in Plasma
Radxa Fanless Network Router Offers 4 GbE Ports and NVMe Storage Up to 4TB: On the software side, the E24C supports both Debian Linux and Flippy OpenWrt
Games: Fanatical, SuperWEIRD, Steam Deck, and More: 10 latest from GamingOnLinux
Today in Techrights: Some of the latest articles
GNU/Linux Leftovers: 4 more stories regarding GNU/Linux
Hardware: Fairphone, Arduino, and More: some hardware picks
today's leftovers: Events/'Linux' Foundation and pgmoneta 0.18 released
Programming Leftovers: Development with R and more
Security and Windows TCO: mostly the latter, Windows TCO
Ubuntu 24.10 (Oracular Oriole) reached End of Life on 10th July 2025: forced upgrade
Miracle-WM 0.6 Released with Rounded Corners Support: Miracle-WM 0.6.0 tiling Wayland window manager lands with rounded corners
GNU/Linux and BSD Leftovers: mostly GNU/Linux
Free, Libre, and Open Source Software and Sharing: FOSS and more
Programming Leftovers: in games and more
Security Leftovers: Security picks
Applications: E-mail, Karton, and More: software leftovers
Open Hardware/Modding: Raspberry Pi, Bootlin, and More: devices and gadgets
System76’s Adder WS Linux Laptop Gets Intel Core Ultra i9 and NVIDIA 50 Series: System76 informs 9to5Linux.com today about the availability of a new version of their Adder WS Linux-powered notebook that features newer Intel CPUs and NVIDIA graphics.
today's howtos: mostly idroot
Red Hat Leftovers: latest in redhat.com
Linux Magazine: Latest Edition: But paywalled
Wayland 1.24 Is Now Available for Download with New Features and Improvements: Wayland, an open-source replacement for the X11 window system protocol and architecture, has been updated to version 1.24 today with various new features and improvements.
Android Leftovers: Google launches Android Canary program for Pixel users who want to live on the bleeding edge
Ubuntu 24.10 “Oracular Oriole” Reached End of Life, Upgrade to Ubuntu 25.04: This is your friendly reminder that Ubuntu 24.10 “Oracular Oriole” reached end-of-life today, July 10th, 2025, and it is no longer supported by Canonical with software and security updates.
5 Ways I Fight Linux’s App Gap and Use All the Software I Need: Do you want to use Linux but feel worried that your favorite apps won’t work
Wayback Becomes Part of the FreeDesktop.org Ecosystem: The Wayback project, a X11 compatibility layer that allows running X11 desktop environments using Wayland
I Use This 17-Year Old Linux App to Easily Back Up My Files: Looking for an easy-to-use but flexible method of backing up your files on a Linux desktop
Red Hat sweetens the RHEL deal for biz devs – just don't put it in prod: Up to 25 instances for free, but only to play with
I Use Fedora Linux Daily, but These 3 Things Drive Me Nuts: To me, most Linux distros are essentially the same
4 things Linux does better than Windows for the average user: As much as I'd like to see it change, Windows 11 remains a far more popular choice for consumers at large than Linux is
Mozilla VPN Linux App is Now Available on Flathub: Linux users can now install the official Mozilla VPN client from Flathub
Ubuntu 24.04.3 HWE Stack Provides a Major Mesa Upgrade: Existing users of Ubuntu 24.04 LTS will receive an updated hardware enablement (HWE) stack this month
Project Seeks Input on Future of 32-bit ARM: The openSUSE Project is seeking community input to determine whether it should continue supporting 32-bit ARM architectures
Free and Open Source Software: This is free and open source software
Diving into Plasma Bigscreen: I have been a long time Plasma Mobile contributor
Stable kernels: Linux 6.15.6, Linux 6.12.37, Linux 6.6.97, Linux 6.1.144, and Linux 5.15.187: I'm announcing the release of the 6.15.6 kernel
Bluestar Linux: Arch Power, User-Friendly Polish: Think Arch is only for the hardcore? Bluestar Linux rewrites the rules—delivering power, polish, and zero intimidation
ExTiX's new release is an even better Windows 11-like Linux desktop: I find the latest version of ExTiX to be an elegant desktop that any user would feel right at home on
Games: RTS Rush Humble Bundle, Blessed Burden, and More: GamingOnLinux's latest 7 stories
"LLM Coding is a Scam" [original]: From libreplanet-discuss
Politics Inside Free Software [original]: Free Software is about technical things and also the philosophy of sharing, or ethics limited to the idea of sharing
Today in Techrights: Some of the latest articles
Putting Microsoft SLAPPs in the Bin Where They Belong [original]: Attacks on the mere publication of GNU/Linux news won't be tolerated
Security Leftovers: Linux and more
From Open Source User to Fedora Contributor: I started my open-source journey when I got my first laptop
Re-designing signing in Fedora: Over the past few months I’ve spent some time on-and-off working on Sigul and some related tools
Sparky Linux: “Takes the Options Ball and Runs With It!”: Our reviewer dives into Sparky Linux and discovers a distro bursting with choices, flexibility
Amarok 3.3 Open-Source Music Player Is Out as First Release Fully Ported to Qt 6: Today, the Amarok development team released Amarok 3.3, the latest stable version of this open-source music player software that brings various new features and bug fixes.
GNU/Linux Leftovers: Linux-focused picks
Free, Libre, and Open Source Software Leftovers: FOSS and licensing focus
Web Browsers (Slop Nonsense) and Content Management Systems (CMS): Some WWW-centric additions
Programming and Standards: Development centric stuff
Security Leftovers: Security related picks
Open Hardware/Modding: Raspberry Pi, Arduino: retro also
Fedora and Red Hat Leftovers: from the official site mostly
Android Leftovers: This new setting in Android ensures core Google services are always up to date
today's howtos: Instructionals/Technical posts, mostly idroot
Thunderbird ESR: Fresh functions for Mozilla's email client and monthly development update: some Thunderbird news
Krita 5.2.10 Rolls Out with Bug Fixes Ahead of Major Feature Releases: Krita 5.2.10, a free and open-source digital painting app
Pull yourself up by your bootstraps: The way Ubuntu boots on the Raspberry is changing in questing
PANZER-LITE93 Ubuntu 24.04 Box PC puts FRDM-IMX93 development board into a 3D printed case: MayQueen Technologies PANZER-LITE93 is an NXP i.MX 93-powered box PC running a customized Ubuntu 24.04 LTS distribution
The Licensing and Compliance Lab, not just holding it down, but pushing back: Hello, my fellow and soon-to-be fellow free software activists and Free Software Foundation (FSF) associate members
Shotcut 25.07 Beta Added Scrub While Dragging to Timeline trimming: Shotcut, the free open-source Qt-based video editor, released the Beta for next 25.07 few days ago
Free and Open Source Software: This is free and open source software
KWallet to SecretService, a client application: name wanted: Another pain point is the application used to look inside the wallets
Wayland Fedora Gnome vs KDE neon Plasma, plus X11 data!: I showed you Plasma idle desktop figures, two separate articles
This Linux distro makes openSUSE accessible to all - even newbies should take a look: Linux Kamarada 15.6 does an outstanding job of making openSUSE more user-friendly
Security and Windows TCO Leftovers: Security related news
Fedora 43 won't drop 32-bit app support – or adopt Xlibre: Community vetoes plans to axe i686 compatibility and switch X11 forks
Games: Minigalaxy, STEEL HUNTERS, and More: 10 stories from GamingOnLinux
LWN on Injecting Hype Into Linux Kernel and More: Kernel picks
Today in Techrights: Some of the latest articles