Other Sites

LinuxGizmos.com

Pilet: A Portable Cyber-Deck Powered by Raspberry Pi 5 and Dual 8000mAh Batteries

Pilet is an upcoming open-source portable mini-computer powered by Raspberry Pi 5, offering both versatility and portability. Initially named Consolo, it will be available in two models: a 5-inch and a 7-inch, to suit different needs.

9to5Linux

elementary OS 8 “Circe” Officially Released, Based on Ubuntu 24.04 LTS

Based on Ubuntu 24.04 LTS (Noble Numbat) and powered by Linux kernel 6.8, elementary OS 8 introduces a new Secure Session to ensure apps respect your privacy and require your consent, a brand new dock with productive multitasking and window management features, and PipeWire as the default media server.

Firefox 134 Enters Beta, Promises Support for Touchpad Hold Gestures on Linux

Firefox 134 looks like a very small release promising only support for touchpad hold gestures on Linux, allowing users to interrupt kinetic (momentum) scrolling by placing two fingers on the touchpad. This feature was initially planned for Firefox 133, but it was delayed as it was needed for testing.

KDE Plasma 6.2.4 Re-Enables HDR Mode for Users on NVIDIA 565 and Linux 6.11

One of the most interesting changes in KDE Plasma 6.2.4 is support for enabling the HDR mode on GNU/Linux distributions using the NVIDIA 565.57.1 (beta) or later graphics driver for NVIDIA GPU users and Linux kernel 6.11 or later for Intel GPU users. Using previous versions of the NVIDIA graphics driver and Linux kernel results in an unstable HDR experience.

Mozilla Firefox 133 Is Now Available for Download, Here’s What’s New

Highlights of Mozilla Firefox 133 include the ability to show tabs from other devices in the Tab overview menu, GPU-accelerated Canvas2D enabled by default for Windows users, and Bounce Tracking Protection, a new anti-tracking feature enabled in ETP (Enhanced Tracking Protection)’s Strict mode.

Fwupd 2.0.2 Firmware Updater Adds Support for ASUS ROG Ally, Raspberry Pi Pico

Coming five weeks after fwupd 2.0.1, the fwupd 2.0.2 release adds support for checking AMD hardware configuration MSR (Machine Status Register), support for enumerate-only device emulation to increase test coverage, support for passing a JSON file for emulation instead of ZIP, and new get-version-formats and vercmp commands for fwupdtool.

9to5Linux Weekly Roundup: November 24th, 2024

I want to thank all the people who sent us donations. You guys are awesome and your help is very much appreciated! I also want to thank you all for your continued support by commenting, liking, sharing, and boosting the articles, following us on social media, and last but not least thank you for sending us feedback.

news

Security Leftovers

posted by Roy Schestowitz on Oct 26, 2024

LWN ☛ Security updates for Thursday

Security updates have been issued by AlmaLinux (grafana, NetworkManager-libreswan, python3.11, and python39:3.9 and python39-devel:3.9), Fedora (dotnet6.0, koji, python-fastapi, python-openapi-core, python-platformio, python-starlette, rust-pyo3, rust-pyo3-build-config, rust-pyo3-ffi, rust-pyo3-macros, rust-pyo3-macros-backend, and yarnpkg), Oracle (grafana, kernel, linux-firmware, NetworkManager-libreswan, and python3.11), Slackware (php81), and SUSE (apache2, buildah, cups-filters, go1.21-openssl, podman, postgresql16, python-pyOpenSSL, and webkit2gtk3).
Federal News Network ☛ Four companies face SEC fines for not disclosing they were affected by the SolarWinds hack

In today's Federal Newscast, the Securities and Exchange Commission fines four companies for misleading disclosures about a major cybersecurity hack.
OpenSSF (Linux Foundation) ☛ Case Study: Kusari’s Implementation of OpenSSF Tools and Services

Challenge For many years, the software supply chain has suffered from a lack of transparency and inefficient, unsustainable security management methods such as spreadsheets, emails, and word of mouth.
Science Alert ☛ The Single Biggest Vulnerability in Your Cyber Security Is You

You are the weakest link.
Pen Test Partners ☛ Investigating volatile data with advanced memory forensics tools – part 1

TL;DR Memory forensics enhances investigations by analysing volatile data (in RAM) unavailable in disk forensics.
Silicon Angle ☛ Critical vulnerability in Fortinet’s FortiManager exploited in the wild

A critical vulnerability discovered in Fortinet Inc.’s FortiManager is being exploited in the wild, and users are being advised to implement changes to protect against the threat.
SANS ☛ Development Features Enabled in Production, (Thu, Oct 24th)

We do keep seeing attackers "poking around" looking for enabled development features. Developers often use these features and plugins to aid in debugging web applications.
Scoop News Group ☛ Researchers out new Qilin ransomware-as-a-service variant

The Qilin ransomware operation first emerged in July 2022 after rebranding a previous variant known as Agenda and rewriting the malware in Rust.
Netcraft ☛ Hook’d: How HookBot Malware Impersonates Known Brands to Steal Customer Data

Key data

This article explores Netcraft’s research into the HookBot malware family and associated attacks on Android devices, including examples of: [...]

Other Recent Tux Machines' Posts

Mozilla Firefox 133 Is Now Available for Download, Here’s What’s New: Mozilla Firefox 133 open-source web browser is now available for download with the ability to show tabs from other devices in the Tab Overview menu and other changes.
Fwupd 2.0.2 Firmware Updater Adds Support for ASUS ROG Ally, Raspberry Pi Pico: Fwupd 2.0.2 Linux firmware update utiltiy is now available for download with support for checking AMD hardware configuration MSR and other changes.
Canonical wants Ubuntu 20.04 LTS users to upgrade as End of Life approaches: Canonical has issued a warning to users of Ubuntu 20.04 LTS
KDE: Criticism, KUserFeedback (KUF), and Microsoft Outsources: two KDE picks
Review of "How to Make Your Career Suck Less: A Guide to a Less Painful IT Experience" by Igor Ljubuncic [original]: a concise, edited version of the review
today's leftovers: only 3 more links for now
Programming Leftovers: coding and more
Security Leftovers: Security related picks
Open Hardware/Modding: Raspberry Pi, Arduino, and More: Raspberry Pi in particular
Server: Kubernetes, Istio, and RHEL Clones: Mostly Red Hat
Barry Kauler's Latest Work on EasyOS: 2 new posts
I'm now using i3 as Window Manager: Even though I love Xfce and have been using it for years
Audiocasts/Shows: Destination Linux, Late Night Linux, and LINUX Unplugged: 3 new episodes
Code of Conduct Censorship and Thomas Bonnefille Joins Bootlin: Kernel news mostly
today's howtos: many howtos for today
Celebrate Thanksgiving by switching from Windows 11 to Linux with elementary OS 8: One super cool feature of elementary OS 8 is its new Secure Session
elementary OS 8 “Circe” Officially Released, Based on Ubuntu 24.04 LTS: The elementary OS team released today elementary OS 8 (codename Circe) as the latest stable version of their Ubuntu-based distribution featuring the modern Pantheon desktop environment with new features and enhancements.
Firefox 134 Enters Beta, Promises Support for Touchpad Hold Gestures on Linux: With Firefox 133 out the door today as the latest stable version of the open-source web browser used by default on all GNU/Linux distributions, Mozilla promoted the next major release, Firefox 134, to the beta channel.
Ubuntu, Mozilla, and C: today's leftovers
Windows TCO Leftovers: True cost of Microsoft
Android Leftovers: Circle to Search could finally ditch a design element we hated back in the Android 12 days
After 16 Years, Pidgin 3 Takes Its First Steps: A blast from the past: Pidgin 3's pre-alpha debuts Dec 31
PipeWire 1.2.7 Enhances ALSA Driver Handling and Adds Lazy Scheduling: PipeWire 1.2.7 is a stable bugfix release that adds lazy scheduling, improves the v4l2 plugin, fixes module crashes, and enhances resampling performance
7 Tricks to Make Learning the Linux Command Line Easier: The Linux command line can seem impenetrable, with arcane instructions and a focus on text interfaces
Call for volunteers: Help us with the GNU Press shop: People around the world are eagerly waiting to receive their GNU Press shop orders, and we need a little help sending everything out
Best Free and Open Source Software, howtos and Installations: Only free and open source software is eligible for inclusion
Vendefoul Wolf – distro based on Devuan: Vendefoul Wolf Linux is a distro based on Devuan and uses the Calamares Installer
This Week in KDE Apps: Bugfixing Week: Welcome to a new issue of "This Week in KDE Apps"! Every week we cover as much as possible of what's happening in the world of KDE apps
KDE Plasma 6.2.4 Re-Enables HDR Mode for Users on NVIDIA 565 and Linux 6.11: The KDE Project released today KDE Plasma 6.2.4 as the fourth maintenance update to the latest KDE Plasma 6.2 desktop environment series with more improvements and bug fixes.
5 ways to get the best Linux support, no matter your skill level: Where do you turn if you're new to Linux or looking for a solution to a problem? Here are your options
Games: Proton Experimental, Star Fox 64, and More: Latest 9 from GamingOnLinux
Today in Techrights: Some of the latest articles
today's leftovers: Misc. picks
today's leftovers: GNU/Linux and FOSS picks
Programming and Development Tools: Programming leftovers mostly
Security Leftovers: only 3 for now
Linux Devices and Open Hardware Leftovers: misc. picks
EasyOS Development Updates: EasyOS's latest
Applications: Makulu Tools, Hugin, amd Email Client: 4 picks regarding software
today's howtos: first big batch
10 Reasons To Choose Ubuntu Server Over the Competition: When you think of a server's operating system (OS), what comes to mind?
Android Leftovers: Why the Pixel Tablet's cancellation makes sense in light of a possible Android and Chrome OS merge
today's leftovers: security and more
Audiocasts/Shows: Linux Out Loud, GNU World Order, Open Source Security Podcast, This Week in Linux: 4 new episodes
Open Hardware/Modding/Retro: GNU-like Mobile Linux, Old Amigas, and More: gadgets and hacking
Guix/Hurd on a Thinkpad X60: A lot has happened with respect to the Hurd since our Childhurds and GNU/Hurd Substitutes post
Free and Open Source Software: Magpie is used by the Budgie Desktop as its window manager
Review: Linux Lite 7.2: Linux Lite 7.2 is an update from the 7.0 release in June, and it's based on Ubuntu 24.04.1 LTS and will receive five years of support
KDE: UX Insights (that we cannot get right now): After the criticism in the last post about the limitations of KUserFeedback (KUF) for doing data-driven UX work
9to5Linux Weekly Roundup: November 24th, 2024: The 215th installment of the 9to5Linux Weekly Roundup is here for the week ending on November 24th, 2024.
Today in Techrights: Some of the latest articles

Tux Machines

Other Sites

LinuxGizmos.com

Pilet: A Portable Cyber-Deck Powered by Raspberry Pi 5 and Dual 8000mAh Batteries

9to5Linux

elementary OS 8 “Circe” Officially Released, Based on Ubuntu 24.04 LTS

Firefox 134 Enters Beta, Promises Support for Touchpad Hold Gestures on Linux

KDE Plasma 6.2.4 Re-Enables HDR Mode for Users on NVIDIA 565 and Linux 6.11

Mozilla Firefox 133 Is Now Available for Download, Here’s What’s New

Fwupd 2.0.2 Firmware Updater Adds Support for ASUS ROG Ally, Raspberry Pi Pico

9to5Linux Weekly Roundup: November 24th, 2024

Tor Project blog

The freedom to browse with privacy

New Release: Tor Browser 14.0.3

news

Security Leftovers

LWN ☛ Security updates for Thursday

Federal News Network ☛ Four companies face SEC fines for not disclosing they were affected by the SolarWinds hack

OpenSSF (Linux Foundation) ☛ Case Study: Kusari’s Implementation of OpenSSF Tools and Services

Science Alert ☛ The Single Biggest Vulnerability in Your Cyber Security Is You

Pen Test Partners ☛ Investigating volatile data with advanced memory forensics tools – part 1

Silicon Angle ☛ Critical vulnerability in Fortinet’s FortiManager exploited in the wild

SANS ☛ Development Features Enabled in Production, (Thu, Oct 24th)

Scoop News Group ☛ Researchers out new Qilin ransomware-as-a-service variant

Netcraft ☛ Hook’d: How HookBot Malware Impersonates Known Brands to Steal Customer Data

Key data

Other Recent Tux Machines' Posts