Security Leftovers
-
QSB-090: Zenbleed (CVE-2023-20593, XSA-433)
We have published Qubes Security Bulletin 090: Zenbleed (CVE-2023-20593, XSA-433). The text of this QSB and its accompanying cryptographic signatures are reproduced below. For an explanation of this announcement and instructions for authenticating this QSB, please see the end of this announcement.
-
Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government [Ed: Microsoft Windows]
An Ivanti EPMM product zero-day vulnerability tracked as CVE-2023-35078 has been exploited in an attack aimed at the Norwegian government.
/blockquote> -
Nubeva’s Ransomware Key Interception and Decryption Technology Validated in Third-Party Lab
100% key capture rate and successful ransomware decryption shows progress in ransomware defense capabilities.
-
MOVEit Hack Could Earn Cybercriminals $100M as Number of Confirmed Victims Grows
Experts believe the Cl0p ransomware gang could earn as much as $100 million from the MOVEit hack, with the number of confirmed victims approaching 400.
-
Over 20,000 Citrix Appliances Vulnerable to New Exploit
Over 20,000 appliances are vulnerable to a new exploit technique targeting a recent Citrix ADC zero-day vulnerability CVE-2023-3519.
-
Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo
Atlassian patches high-severity remote code execution vulnerabilities in Confluence and Bamboo products.
-
Unlocking the Secrets of Linux Security: An Expert Analysis
Linux security is anything but stagnant. It's no secret that cybercriminals are exploiting the growing popularity of the OS and the high-value servers and devices it powers worldwide with new and evolving attacks such as malware and rootkits. Despite the reputation Linux has earned of being an exceptionally secure and stable OS , Linux malware is on the rise, and the number of new Linux malware variants reached a record high in the first half of 2022 , as researchers discovered nearly 1.7 million samples during this period.
-
New Reptile Rootkit Malware Attacking Linux Systems Using Port Knocking [Ed: This is not Linux, this is malware that Microsoft is distributing. This article probably wants to distract from Microsoft's clown computing getting totally cracked/breached.]
A new kernel module rootkit malware was released recently on GitHub, dubbed Reptile. It's an open-source rootkit that has the ability to hide itself, other malicious codes, files, directories, and network traffic.
-
Perimeter81 Vulnerability Disclosed After Botched Disclosure Process
Cybersecurity firm Perimeter81 appears to have botched the responsible disclosure process for a privilege escalation vulnerability found in its macOS application.
-
How to add more privacy to the U.S. Cyber Trust Mark
This story was originally published in my weekly newsletter on Friday July 21, 2023. You can sign up for my newsletter here. This week, the Biden administration shared its plans for a label for consumer connected devices that would indicate a device had passed certain cybersecurity criteria.
-
How to install Nagios on Ubuntu 22.04
As any system administrator knows, effectively monitoring your IT infrastructure is crucial to ensure smooth operation. Nagios is a highly regarded, open-source software that provides comprehensive monitoring of systems, networks, and infrastructure. With Nagios, you can keep track of server performance, spot potential issues before they become major problems, and even automate fixes for common issues.
-
How to install and set up headless Linux server
A headless server, as the name suggests, is a server that is operated without a monitor, keyboard, or mouse. These servers are typically managed remotely, making them an efficient and cost-effective choice for businesses, developers, and home users alike. Whether you're setting up a web server, a file server, or a game server, a headless Linux server can be a powerful tool.
-
How to install Tor Browser in Ubuntu
In a world of increasing online surveillance and data breaches, maintaining privacy on the internet is paramount. That's where Tor Browser comes into play. As an open-source browser, Tor allows you to browse the internet anonymously, protecting your online identity and sensitive data. By routing your connection through several servers, it shields your online activity from prying eyes, making it a top choice for those concerned with privacy and security.
-
How to integrate ONLYOFFICE Docs with Odoo
ONLYOFFICE Docs is an open-source office suite that comprises collaborative editors for text documents, spreadsheets, presentations, and digital forms, along with a PDF viewer and converter. In this tutorial, we’ll learn how to connect the instances of ONLYOFFICE Docs and Odoo using an integration app.
-
How to set up automatic background updates in Ubuntu
In this guide, I explain how to set up a bash script that can be run at login on Ubuntu. It automatically checks for any new updates and installs them to make sure you're running the latest software.
-
How to Easily Block IP Addresses From Accessing a Desktop or Server
In this How to Make Tech Work tutorial, Jack Wallen shows how to add another layer of security to your Linux machines with just two files.
-
How to Easily Block IP Addresses From Accessing a Desktop or Server
In this How to Make Tech Work tutorial, Jack Wallen shows how to add another layer of security to your Linux machines with just two files.
-
JQ: Another Tool We Thought We Knew, (Mon, Jul 24th)