Language Selection

English French German Italian Portuguese Spanish

Proprietary Software Glory

Filed under

  • Bogus Kaseya VSA patches circulate, booby-trapped with remote-access tool

    This month's Kaseya VSA ransomware attack took a turn for the worse on Wednesday with word that miscreants have launched a phishing campaign to ensnare victims with a remote-control tool disguised as a VSA update.

    Since late last week, instances of VSA – Kaseya's monitoring and management software for fleets of PCs and other IT gear – have been exploited to distribute REvil ransomware, prompting the biz to shut down its Kaseya Cloud service and to tell customers to turn off their on-prem Kaseya VSA servers while it worked on a patch for whatever vulnerability is being abused.

    The malware outbreak, which has yet to be resolved, is said to have affected as many as 1,500 businesses through compromised VSA systems, and has been compounded by Kaseya's decision to delay patch deployment on Wednesday. The company is currently hoping to restore its Cloud Service on the evening of Thursday, July 8.

  • You've patched that critical Sage X3 ERP security hole, yeah? Not exposing the suite to the internet, either, yeah?

    Admins of on-premises Sage X3 ERP deployments should check they're not exposing the enterprise resource planning suite to the public internet in case they fall victim to an unauthenticated command execution vulnerability.

    And said administrators should have installed by now the latest patches for the software, which address a bunch of bugs earlier discovered and reported by Rapid7. The infosec outfit described in detail the flaws, calling them "protocol-related issues involving remote administration of Sage X3."

    The aforementioned command execution vulnerability (CVE-2020-7388) scores a perfect ten out of ten in CVSS severity. Hence, protect and patch: miscreants have everything they need now to exploit the bugs.

  • Report shines light on REvil's depressingly simple tactics: Phishing, credential-stuffing RDP servers... the usual

    Palo Alto Networks' global threat intelligence team, Unit 42, has detailed the tactics ransomware group REvil has employed to great impact so far this year – along with an estimation of the multimillion-dollar payouts it's receiving.

    REvil, also known as "Ransomware Evil" or "Sodinokibi," first hit the cybersecurity scene while working in partnership with a group called GandCrab. Initially it operated like many other ransomware outfits, distributing malicious code through faked adverts and trojan horse downloads – but it soon stepped up its game.

    The group, which provides what security wonks have come to term "Ransomware as a Service" or RAAS, has been fingered in some high-profile attacks: Travelex, an entertainment-focused law firm with an A-lister client base; Apple supplier Quanta Computer; a major meat producer; a nuclear weapons contractor; and fashion giant French Connection UK – among many others.

  • White hats reported key Kaseya VSA flaw months ago. Ransomware outran the patch

    One of the vulnerabilities in Kaseya's IT management software VSA that was exploited by miscreants to infect up to 1,500 businesses with ransomware was reported to the vendor in April – and the patch just wasn't ready in time.

    As we've covered this week, deployments of Kaseya's flagship Virtual System Administrator (VSA) product were hijacked at the start of the month to inject REvil extortionware into networks around the world. Kaspersky Lab said it saw evidence of 5,000 infection attempts in 22 countries in the three days since the first attack was spotted.

    Kaseya pulled the plug on its software-as-a-service offering of VSA, and urged all of its customers to switch off their VSA servers to avoid being hit by the ransomware. Kaseya's customers are primarily managed service providers looking after the IT estates of their own customers, and so by compromising VSA deployments, miscreants can hijack large numbers of downstream systems.

  • Cybersecurity Game Aims to Train 25K Specialists by 2025

    The National Cyber Scholarship Foundation (NCSF) is taking aim at the U.S.’s cybersecurity talent gap, with recently announced plans to turn out 25,000 high-level specialists by 2025 — and it’s relying on a free game to recruit.

    The U.S. would need to create 359,236 more cybersecurity professionals to have enough talent available for it to be possible to secure all organizations’ critical assets, according to (ISC)2’s April-June 2020 Cybersecurity Workforce Study.

  • Oracle files $7m copyright claim against NEC's US limb over 'unreported royalties' from database distribution

    Oracle is seeking more than $7m in damages from long-time software partner NEC Corporation of America (NECAM) – a subsidiary of tech Japan-based tech giant NEC Corp – over a complaint about copyright and breach of contract.

    According to papers lodged yesterday with the US court in the Northern District of California, in December 2019 Oracle carried out an audit of NECAM's use and distribution of its database software.

    Although NECAM has been a member of the Oracle Partner Network (OPN) since 2004, the audit found issues related to "unreported royalties."

    A letter sent by Oracle in October 2020 called on NECAM to "resolve the compliance findings within 30 days."


More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.