Other Sites

LinuxGizmos.com

Compulab’s UCM-iMX95 with NXP i.MX 95 Processor, Real-Time Cortex-M7, and eIQ Neutron NPU

The UCM-iMX95, a compact System-on-Module by Compulab, is built around the NXP i.MX 95 processor, leveraging ARM Cortex-A55 cores clocked at up to 2.0 GHz. Optimized for industrial applications, it delivers robust performance in graphics, image processing, and artificial intelligence workloads.

Milk-V Launches MILK-V Megrez PC, Starting at $199.00

The Milk-V Megrez incorporates the ESWIN EIC7700X system-on-chip. This device features a quad-core SiFive P550 CPU based on the RISC-V RV64GBCH architecture, operating at a clock speed of up to 1.8 GHz.

invisCAM A Compact 2MP Camera for Low Light and Low Power Applications

This month, Arducam introduced the invisCAM, a compact imaging solution that integrates advanced functionality and precise engineering within a small form factor. The camera is designed to address the challenges of achieving high-quality imaging, functional versatility, and cost efficiency in a portable USB device.

Coin-sized ESP32-H2-WROOM-07 RISC-V Module with BLE, Thread, and Zigbee Support for $2.13

The ESP32-H2-WROOM-07 is a compact module featuring a RISC-V single-core 32-bit microprocessor and support for Bluetooth Low Energy. It can be configured with up to 4 MB of flash memory and is designed for applications such as smart home systems, industrial automation, and consumer electronics.

news

Security Leftovers

posted by Roy Schestowitz on Sep 11, 2024

Bruce Schneier ☛ New Chrome Zero-Day

According to Abusive Monopolist Microsoft researchers, North Korean hackers have been using a Chrome zero-day exploit to steal cryptocurrency.
OpenSSF (Linux Foundation) ☛ What’s in the SOSS? Podcast #14 – CoSAI, OpenSSF and the Interesting Intersection of Secure Hey Hi (AI) and Open Source
Ubuntu Fixes a High-Severity PostgreSQL Vulnerability

PostgreSQL is an open-source, widely used object relational SQL database. However, like any other software, it is not immune to vulnerabilities. A new high-severity vulnerability has been discovered in PostgreSQL versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20.

Canonical has released security updates to address this vulnerability in different releases, including Ubuntu 24.04 LTS, Ubuntu 22.04, LTS, and Ubuntu 20.04 LTS. Users are strongly recommended to update to the latest patched version of PostgreSQL.
Sedexp Malware: The Stealthy Linux Threat Evading Detection [Ed: It is not what they say]

A new, sophisticated Linux malware named “sedexp” has been discovered, quietly evading detection since 2022. Its unique persistence technique, leveraging udev rules, has allowed it to operate under the radar, making it a particularly dangerous threat. This article explores how this malware operates, its unique evasion strategies, and the implications for Linux security.
Security Affairs ☛ U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog

CVE-2017-1000253 flaw was discovered by researchers with Qualys Research Labs and affects all Linux distributions that have not fixed their kernels after a commit released on April 14, 2015. Attackers can exploit the vulnerability to escalate privileges. The issue resides in the way the kernel loads ELF executables and is triggered by applications that have been built as Position Independent Executables (PIEs).
Windows TCO
- Silicon Angle ☛ Palo Alto Networks details new ‘Repellent Scorpius’ group distributing Cicada3301 ransomware
  
  A new report out today from Palo Alto Networks Inc.’s Unit 42 details a new ransomware-as-a-service group with a multi-extortion operation that’s actively recruiting new affiliates. Called “Repellent Scorpius,” the RaaS group first emerged in May and distributed Cicada3301 ransomware.
- Dark Reading ☛ 'Ancient' MSFT Word Bug Anchors Taiwanese Drone-Maker Attacks
  
  An attack dubbed 'WordDrone' that uses an old flaw to install a backdoor could be related to previously reported cyber-incidents against Taiwan's military and satellite industrial supply chain.

Other Recent Tux Machines' Posts

AlmaLinux OS 9.5 Is Here as a Free Alternative to Red Hat Enterprise Linux 9.5: The AlmaLinux OS Foundation announced today the release and general availability of AlmaLinux OS 9.5 (codename Teal Serval), as the latest stable version of this free Red Hat Enterprise Linux (RHEL) fork.
Fedora / IBM / Oracle Linux / IBM Leftovers: the Red Hat universe in blogs and news sites
Linux Kernel 6.12 Officially Released, This Is What’s New: Linus Torvalds announced today the release and general availability of Linux kernel 6.12, the latest stable version of the Linux kernel that introduces several new features and improvements.
Canonical/Ubuntu: Warehouse, EdgeIQ and Ubuntu Core: Canonical/Ubuntu news
mesa 24.3.0: This release has seen the continuing trend of OpenGL work slowing down
Games: Age of Empires II: The Conquerers, Microsoft Failing Badly: Some gaming picks
Android Leftovers: Your next Android phone could swap out Google Fit for this alternative
Canonical/Ubuntu Leftovers: security and commercial bits
RELIANOID Load Balancer Community Edition v7.5 Release Notes: We are thrilled to announce the release of RELIANOID 7.5.0 (Community Edition)
GhostBSD 24.10.1 Is Now Available: We’re excited to announce the release of GhostBSD 24.10.1
KaOS 2024.11: More application are now ready to use Qt6 and Frameworks 6 including Freecad, Sqlitebrowser, Cantor, Kalzium, Webacmoid and Liquidshell
Today in Techrights: Some of the latest articles
Wine 9.22 Released with Display Mode Virtualization Support: Wine 9.22 is now available with Wayland driver enabled by default, DirectPlay network boosts, Unicode CLDR 46 updates, and display virtualization
Archinstall 3.0.1: Improved Partition Management and System Stability: Archinstall 3.0.1, a guided installer for Arch Linux, is a patch update that fixes partition issues, improves code quality, and enhances user experience
today's leftovers: GNU/Linux and FOSS news
OpenSUSE: Tumbleweed Review and Hackweek: Some openSUSE updates
Open Hardware/Modding: Raspberry Pi, Pine64, Fairphone, and More: Gadgets and more
Milk-V Launches MILK-V Megrez PC, Starting at $199.00: The Milk-V Megrez, first announced in August this year, is recognized as one of the first RISC-V hardware hypervisors available in the market
Firefox Woes and Firefox DevTools Newsletter: Mozilla/Firefox picks
Programming Leftovers: Development bits
Free and Open Source Software: Only free and open source software is featured here
Security Leftovers: Security bits and pieces
today's howtos: more howtos
Compulab’s UCM-iMX95 with NXP i.MX 95 Processor, Real-Time Cortex-M7, and eIQ Neutron NPU: The UCM-iMX95 supports mainline Linux and the Yocto Project, with a comprehensive Board Support Package
today's howtos: many howtos, esp. idroo
Windows TCO Leftovers: The full cost of Microsoft deployments
Games: Unreal and Unreal Tournament on Internet Archive, More Picks Mostly From GamingOnLinux: gamers' news
today's leftovers: Mozilla, BSD, and more
Programming Leftovers: Development related picks
Open Hardware: Raspberry Pi, Arduino, and More: Some hardware picks
Google Demotes GNU/Linux to Linux (Android), Linux Foundation Gets Misleading Puff Piece From SJVN: setbacks?
Fedora / Red Hat / IBM Leftovers: mostly Red Hat stuff
today's howtos: this weekend's first batch
Security Leftovers: Inc. bugfix releases
FreeCAD 1.0 Released After 22 Years in Development: Good things come to those who wait, and for 3D modelling professionals with a preference for open-source software
Best Free and Open Source Software: Only free and open source software is eligible for inclusion here
This Week in Plasma: Battery Charge Cycles in Info Center: This week we of course continued the customary bug-fixing, but got some nice new features and UI improvements too
This Week in GNOME: #175 Magic: Update on what happened across the GNOME project in the week from November 15 to November 22
Today in Techrights: Some of the latest articles
Linux Code of Conduct Board and CoC Supremacy Over Code/Function: CoC strikes
Android Leftovers: Android finally getting ability to restore credentials in phone move
Blender 4.3 Open-Source 3D Graphics App Introduces Experimental Vulkan Backend: The Blender Foundation announced today the release and general availability of Blender 4.3 as a major update to this powerful, free, cross-platform, and open-source 3D graphics and modeling software.
ReiserFS Reaches Its Final Chapter: Linux kernel 6.13 says goodbye to ReiserFS
Stable kernels: Linux 6.12.1, Linux 6.11.10, Linux 6.6.63, and Linux 6.1.119: All users of the 6.12 kernel series must upgrade
Cybershow News Autumn 2024: The sad reality is that beyond SE-Linux and Apparmor Free and Open Source offerings for effective application whitelisting is still quite thin on the ground and difficult to use. We need some better UX around that.
Khronos Group takes over cross-platform Slang shading language from NVIDIA: Interesting industry news here for you, especially for developers
Programming Leftovers: Development picks
Security and Windows TCO Leftovers: news about patches and incidents
today's howtos: many howtos for now
IBM and Red Hat Leftovers: IBM stuff and mostly RedHat.com
Android Leftovers: Android will soon instantly log you in to your apps on new devices
Proxmox VE 8.3 Released with Enhanced Features: Proxmox Virtual Environment 8.3 is here with faster backups, SDN-firewall integration, webhook notifications, and improved hypervisor migration
Anti-Cheat: A Thorny Problem For Linux Gamers: The anti-cheat situation on Linux is getting worse. Let's see what you can do about it
Rhino Linux: The Unique Distro That Combines Ubuntu and Rolling Releases Needs Your Support!: The ambitious project is now asking for help. Let's try helping them
Huion Kamvas Pro 19 - review on GNU/Linux: This blog post here is a list of my installation method, scripts and tweaks to install the device under a GNU/Linux operating system
Free and Open Source Software, howtos and Installations: This is free and open source software
PINE64’s New Smart Camera Runs Linux: Pine64 shared some information about new products and updates in its latest community announcement
How RHEL and Fedora Shape Red Hat’s Linux Offerings: Not all Linux distributions provide platforms for enterprise and non-business adopters
Games: Dungeon Clawler, Steam Deck, and More: Latest from GamingOnLinux
Security Leftovers: Security related picks
Distributions and Operating Systems: Kali Linux, BSD, SUSE, and More: BSD and GNU/Linux leftovers
OSI Openwashing (Funded by Microsoft) and Free, Libre, and Open Source Software Leftovers: Some FOSS and fake FOSS picks
POSETTE and PGConf.dev 2025 Preparations (Postgres Events): Postgres news
Programming Leftovers: Development related news picks
Open Hardware/Modding: Arduino, Raspberry Pi, ESP32, and More: some devices and more
Red Hat / CentOS / IBM / Oracle Linux / Alma Leftovers: RHEL camp and IBM
Games: Proton Experimental and Bug in CS2: a pair of gaming picks
today's howtos: long batch for Friday
Media Unable to Tell the Difference Between Proprietary VMware and "Linux": FUD tactics
Today in Techrights: Some of the latest articles
FreeCAD 1.0 Open-Source 3D Parametric Modeler Released, Here’s What’s New: FreeCAD 1.0 has been released today as a major milestone for this open-source, free, and cross-platform parametric 3D computer-aided design (CAD) modeler software for GNU/Linux, macOS, and Windows systems.
Rocky Linux 9.5 Released, Here’s What’s New: Rocky Linux 9.5 is now available for download, packed with updates like Podman 5.0, GCC 11.5, Node.js 22, and more
11 Reasons Why You Should Switch from Windows to Linux: Here are a number of reasons why you should consider GNU/Linux as your next operating system
libtool-2.5.4 released: The Libtool Team is pleased to announce the release of libtool 2.5.4

Tux Machines

Other Sites

LinuxGizmos.com

Compulab’s UCM-iMX95 with NXP i.MX 95 Processor, Real-Time Cortex-M7, and eIQ Neutron NPU

Milk-V Launches MILK-V Megrez PC, Starting at $199.00

invisCAM A Compact 2MP Camera for Low Light and Low Power Applications

Coin-sized ESP32-H2-WROOM-07 RISC-V Module with BLE, Thread, and Zigbee Support for $2.13

news

Security Leftovers

Bruce Schneier ☛ New Chrome Zero-Day

OpenSSF (Linux Foundation) ☛ What’s in the SOSS? Podcast #14 – CoSAI, OpenSSF and the Interesting Intersection of Secure Hey Hi (AI) and Open Source

Ubuntu Fixes a High-Severity PostgreSQL Vulnerability

Sedexp Malware: The Stealthy Linux Threat Evading Detection [Ed: It is not what they say]

Security Affairs ☛ U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog

Windows TCO

Silicon Angle ☛ Palo Alto Networks details new ‘Repellent Scorpius’ group distributing Cicada3301 ransomware

Dark Reading ☛ 'Ancient' MSFT Word Bug Anchors Taiwanese Drone-Maker Attacks

Other Recent Tux Machines' Posts