Other Sites

LinuxGizmos.com

MYC LR3576 SoM with Octa-Core RK3576 for Embedded Applications

The MYC-LR3576 System-On-Module from MYIR is described as a robust platform for AIoT applications. Powered by the Rockchip RK3576, this compact module handles demanding edge computing, multimedia, and AI tasks with high-performance processing and versatile connectivity.

9to5Linux

GIMP 3.0 Release Candidate Is Now Available for Public Testing

Featuring a much-refined interface, GIMP 3.0 introduces massive improvements to color management, a stable public API to allow porting of plug-ins and scripts from the GIMP 2.10 series, support for loading layers from TIFF files saved in the Autodesk Sketchbook format, and support for 64 bits per pixel images for the BMP format.

New Steam Client Update Adds Game Recording, Improves Native Linux Gaming

The biggest new feature in the new Steam Client update is Steam Game Recording, a new built-in system for creating and sharing gameplay footage. Steam Game Recording can run in the background to automatically record your gameplay and can be accessed from the new Recordings & Screenshots option in the View menu.

KDE Plasma 6.2.3 Brings Better Support for HDR Displays, Various Bug Fixes

KDE Plasma 6.2.3 is here two weeks after KDE Plasma 6.2.2 and promises to improve support for HDR (High Dynamic Range) displays by adding a workaround for a quirk that caused certain HDR-capable screens, such as the Acer XV275K P3, to leave the HDR mode whenever the user adjust any other display settings.

LXQt 2.1 Desktop Environment Released with Experimental Wayland Session

Highlights of LXQt 2.1 include an experimental Wayland session through the implementation of a new component called lxqt-wayland-session. The Wayland supports seven Wayland compositors, including Labwc, KWin, Wayfire, Hyprland, Sway, River, and Niri.

Security Leftovers

posted by Roy Schestowitz on Aug 03, 2023

Google AMP Abused in Phishing Attacks Aimed at Enterprise Users

Threat actors are using Google AMP URLs in phishing campaigns as a new detection evasion tactic.
Firefox 116 Patches High-Severity Vulnerabilities [Ed: Microsoft Windows TCO]

Firefox 116 was released with patches for 14 CVEs, including nine high-severity vulnerabilities, some of which can lead to remote code execution or sandbox escapes.
Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack

The recently patched Ivanti EPMM zero-day CVE-2023-35078 has been exploited to hack the Norwegian government since at least April 2023.
Socket Scores $20M as Investors Bet on Software Supply Chain Security Startups

San Francisco startup Socket raises $20 million as investors continue to bet on companies in the open source software security category.
Microsoft says Russia-linked hackers behind dozens of Teams phishing attacks [Ed: Microsoft gets cracked again, tries to blame "Russia", as usual (not its own shoddy products)]

A Russian government-linked hacking group took aim at dozens of global organizations with a campaign to steal login credentials by engaging users in Microsoft Teams chats pretending to be from technical support, Microsoft researchers said on Wednesday.

These "highly targeted" social engineering attacks have affected "fewer than 40 unique global organizations" since late May, Microsoft researchers said in a blog, adding that the company was investigating.
Project Zero on Arm MTE

Google's Project Zero has spent some time studying the Arm memory tagging extension (MTE), support for which was merged into the 5.10 kernel, and posted the results...
Summary: MTE As Implemented

In mid-2022, Project Zero was provided with access to pre-production hardware implementing the ARM MTE specification. This blog post series is based on that review, and includes general conclusions about the effectiveness of MTE as implemented, specifically in the context of preventing the exploitation of memory-safety vulnerabilities.

Despite its limitations, MTE is still by far the most promising path forward for improving C/C++ software security in 2023. The ability of MTE to detect memory corruption exploitation at the first dangerous access provides a significant improvement in diagnostic and potential security effectiveness. In comparison, most other proposed approaches rely on blocking later stages in the exploitation process, for example various hardware-assisted CFI approaches which aim to block invalid control-flow transfers.
Security updates for Wednesday [LWN.net]

Security updates have been issued by Debian (bouncycastle), Fedora (firefox), Red Hat (cjose, curl, iperf3, kernel, kernel-rt, kpatch-patch, libeconf, libxml2, mod_auth_openidc:2.3, openssh, and python-requests), SUSE (firefox, jtidy, libredwg, openssl, salt, SUSE Manager Client Tools, and SUSE Manager Salt Bundle), and Ubuntu (firefox).
Authorities dealt with leak of data for 2 million Egyptian patients: Health minister

Minister of Health and Population Khaled Abdel-Ghaffar confirmed that the security agencies have dealt with the leak of the personal data of 2 million Egyptian patients which are being sold online.

In statements to the local news website Cairo 24, Abdel-Ghaffar said the leak occurred two months ago, stressing that the authorities will take all necessary measures to protect the privacy of patients.

The leak was first reported on 23 July by Falcon Feeds, a cyber security firm that tracks data breaches on the dark web.
NITDA warns of cyber-attack on Nigerian government infrastructure [Ed: In today's Orwellian media "cyber-attack" just means breach, getting cracked. It's a euphemism and symptom of using Microsoft.]

The National Information Technology Development Agency (NIDTA) has alerted the public of the activities of cyber criminals targeting important digital infrastructure in the country.

This was disclosed via a press statement signed by the head of corporate affairs and external relations Mrs. Hadiza Umar this afternoon.

Other Recent Tux Machines' Posts

GIMP 3.0 Release Candidate Is Now Available for Public Testing: The development team behind the popular GIMP open-source image editing software announced today the general availability of the Release Candidate (RC) milestone of the highly anticipated GIMP 3.0 release.
Mass Layoffs at Mozilla Again: 30% of staff
Inkscape Turned 21, Happy Birthday!: Inkscape's 21st anniversary
What’s new for Fedora Atomic Desktops in Fedora 41: So let’s see what arrives with the new releases for the Fedora Atomic Desktops variants (Silverblue, Kinoite, Sway Atomic and Budgie Atomic)
Focusing on Free Software, Political Sites Will Do Politics [original]: We'll try to keep this site politics-free and focus on Free software
LWN Articles on Graphics, OSI's Openwashing, and Rust: outside the paywall as of hours ago
Peropesis 2.8: OpenSSH: Peropesis 2.8 is released
Linux Lite 7.2 Released with Lite Theme Manager, Based on Ubuntu 24.04 LTS: Linux Lite creator Jerry Bezencon announced today the release and general availability of Linux Lite 7.2 as the latest stable version of this Ubuntu-based distribution using the lightweight Xfce desktop environment.
The Bitcoin Mailing List and its history is erased from Linux: Swathes of Bitcoin’s history have been erased from the internet forum that hosted communications between developers for nearly a decade
LXQt 2.1 Desktop Environment Released with Initial Wayland Support: The development team behind the lightweight LXQt desktop environment written in Qt announced today the release and general availability of LXQt 2.1 as a major update bringing exciting new features.
KDE Gear 24.08.3 Released with More Fixes for Your Favorite KDE Applications: The KDE Project released today KDE Gear 24.08.3 as the third and last maintenance update to the KDE Gear 24.08 collection of applications for the KDE Plasma desktop environment and the GNU/Linux ecosystem.
today's howtos: long list of howtos
Android Leftovers: The secret to summarizing notifications on Android
Immich Celebrates 50K Stars on GitHub with v1.120: Immich celebrates 50K GitHub stars with v1.120, which now includes auto-database backups, faster HDR transcoding, and a timeline scroll indicator
Forty years of commitment to software freedom: We're planning a jam-packed anniversary year and we hope you'll join us for the festivities
What happens to Linux when Linus Torvalds dies?: The Linux kernel is at the heart of countless operating systems, powering everything from smartphones to servers
Why we're still waiting for Canonical's immutable Ubuntu Core Desktop: 'First impressions matter' but a KDE flavor is in the making – and more publicly at that
Forlinx launches NXP i.MX 95 SoM and development board with 10GbE, CAN Bus, RS485, and more: Only Linux is supported, and the company says its module targets the automotive, industrial, and commercial IoT markets
Andes QiLai quad-core AX45MP RISC-V SoC with NX27V vector processor powers micro-ATX Voyager Development Platform: Andes explains the NX27V core can cooperate with the AX45MP cluster and make QiLai a heterogeneous software development platform where a Linux SMP system and an RTOS or bare-metal system can run simultaneously
Best Free and Open Source Software: The ratings only relate to the Flickr functionality offered by each program
Little Wayland Things: While I do have a Qt git build on my machine that I use for development
HDR and color management in KWin, part 5: HDR on SDR laptops: This one required a few other features to be implemented first, so let’s jump right in
Kubuntu 24.04, it's been a few months now ...: Rough start. Very much so. A time travel back into the past, but not in a good way, if you will. I was not very happy the first time I tried Kubuntu 24.04
Windows TCO Leftovers: True cost of Microsoft/Windows
Games: Vampire Hunters, Bye Sweet Carole, and More: Latest 7 from GamingOnLinux
today's leftovers: GNU/Linux, howtos, security
Programming: Ruby 3.3.6 Released, Perl, and More: Programming related picks
Today in Techrights: Some of the latest articles
Audiocasts/Shows/Videos About GNU/Linux: Some from days ago
LWN Articles About Linux Kernel: Now outside the paywall
Linuxfx 11.24.04: new version of the operating system based on Kubuntu 24.04.1 LTS
Parted Magic 2024.11.03: This version of Parted Magic updates the kernel to linux-6.11 and adds/updates various program
NethSecurity project milestone 8.3: We are excited to announce the release of NethSecurity project milestone 8.3
Release of Pisi GNU/Linux 2.4: Inspired by the rare flowers of Anatolia, Pisi GNU/Linux delivers the 2.4 version 'Karagül' to its users
BackBox Linux 9 released!: The BackBox Team is happy to announce the updated release of BackBox Linux
Br OS 24.10: Brazilian Linux distribution based on Ubuntu
4MLinux 46.1 STABLE released.: This is a minor (point) release in the 4MLinux STABLE channel
Release of Dr.Parted 24.11: This release is based on the Debian testing repository (2024/November/01).
Open Hardware/Modding: Robot, Arduino, Raspberry Pi, and More: Some hardware picks
Security Leftovers: Security stories
Windows Gets Infected, Media Blames "Linux": Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation
Events: Capitole du Libre, Free Software Directory, and All Thing Open: 3 events in the blogs today
7 Reasons Why NU/Linux Is the Best Tool For Programming: Explore why GNU/Linux is the top choice for developers and programmers
today's leftovers: FOSS and more for now
ScummVM and Games; PicoROM, A DIP-32 8-Bit ROM Emulator: Gaming centric news
Security Leftovers: Security picks
Free Applications and Free Software: FOSS picks
Programming Leftovers: many picks for today
today's howtos: many howtos for now
HowTos, Red Hat, and FSF: today's leftovers
Open Hardware, Raspberry Pi, and Retro: Mostly Raspberry Pi
Windows TCO Leftovers: The true cost of Microsoft reliance
Android Leftovers: The best PSP emulator on Android just got even better
KDE Plasma 6.2.3 Brings Better Support for HDR Displays, Various Bug Fixes: The KDE Project released today KDE Plasma 6.2.3 as the third maintenance update to the latest KDE Plasma 6.2 desktop environment series with more bug fixes and various improvements.
Tor and Tails Team Up for Better Online Privacy Protections: The merger of two popular open-source communities could sharpen the focus on bolstering online privacy and web-surfing anonymity
GIMP 3.0 Release Candidate Arrives with Major Features in Tow: If it feels like the next major release of open source image editor The GIMP has been in the works forever
Best Free and Open Source Software: Only free and open source software is included
Games: Stardew Valley 1.6.9, SuperTuxKart 1.5, and More: Latest from GamingOnLinux
Manjaro Considers Embedding a Telemetry Tool: Manjaro’s new MDD telemetry tool will collect user data for better metrics, yet automatic sharing concerns users
Today in Techrights: Some of the latest articles
Gnome OS is Changing: "I would like to turn GNOME OS, GNOME’s home-grown distro for testing and development of the GNOME Desktop, into a daily-drivable general purpose OS."
today's leftovers: BSD, software, and servers
Free Software, Events, and the Web: Some FOSS centric links
Security and Patches: incidents and updates
Audiocasts/Shows: Destination Linux and LINUX Unplugged: 2 new episodes
Fedora / Red Hat / IBM Leftovers: The RHEL and OpenShift universe
Programming Leftovers: Programming picks for now
Devices, Embedded, and Single-Board Computers: Open hardware mostly
Canonical/Ubuntu: Ubuntu Weekly Newsletter, OEM Event, and Virtual ECUs: Canonical/Ubuntu leftovers
today's howtos: many howtos for the whole day
EA removes Apex Legends from Steam Deck: 8 stories
New Steam Client Update Improves Native Linux Gaming and Fixes Many Bugs: Valve released today a new stable Steam Client update for all supported platforms to fix a bunch of bugs and also improve native Linux gaming.
I Installed Gentoo So You Don't Havtoo: it’s no longer that much harder to run than either of these popular distributions
Open Hardware: Arduino, Raspberry Pi, and More: Hardware related picks
Security and Windows TCO: mostly Windows TCO
Android Leftovers: Xiaomi 14 gets Android 15 stable update
Linux Mint Is Getting a Night Light Feature in Cinnamon, Framework Laptop Support: Linux Mint distribution is getting a Night Light feature for the Cinnamon desktop environment and support for Framework laptops.
Kernel: No Russians, Performance Gains, and VMware Workstation to Switch to KVM: Some kernel level stuff
Best Free and Open Source Software: This is free and open source software
Fedora Linux Flatpak cool apps to try for November: This article introduces projects available in Flathub with installation instructions
Games: SteamOS, Gifts for 'Reviews', and More: 8 new articles from GamingOnLinux
This week in Plasma: moved to KDE infrastructure!: Surprise! This blog post series has now been moved to blogs.kde.org so it’s now open for others to participate and contribute
Raspberry Pi OS Now Enables Wayland by Default on All Raspberry Pi Models: The Debian-based Raspberry Pi OS distribution for Raspberry Pi single-board computers has been updated today with some exciting new features, updated components, bug fixes, and other changes.
Today in Techrights: Some of the latest articles

Tux Machines

Other Sites

Security Leftovers

Firefox 116 Patches High-Severity Vulnerabilities [Ed: Microsoft Windows TCO]

Microsoft says Russia-linked hackers behind dozens of Teams phishing attacks [Ed: Microsoft gets cracked again, tries to blame "Russia", as usual (not its own shoddy products)]

NITDA warns of cyber-attack on Nigerian government infrastructure [Ed: In today's Orwellian media "cyber-attack" just means breach, getting cracked. It's a euphemism and symptom of using Microsoft.]

Other Recent Tux Machines' Posts