Collaborate Disseminate
jd writes: Linus Torvalds is not a happy camper and is condemning hardware vendors for poor security and the plethora of actual and theoretical attacks, especially as some of the new features being added impact the workarounds. These workarounds are no… Continue reading Linus Torvalds Growing Frustrated By Buggy Hardware, Theoretical CPU Attacks
North Korean hackers target Linux-based payment switches with new FASTCash malware, enabling ATM cashouts. Secure your financial infrastructure… Continue reading North Korean Hackers Deploy Linux FASTCash Malware for ATM Cashouts
I am trying to test this example from StackOverflow (how-can-i-invoke-buffer-overflow), but I am not having success.
I also asked for clarification two weeks ago, directly on the post (through a comment) but there was still no answer (per… Continue reading How do I successfully test this trivial buffer overflow written in C? [migrated]
Perfectl in an impressive piece of malware:
The malware has been circulating since at least 2021. It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua Security said. It can also exploit CVE-2023-33246, a vulnerability with a severity rating of 10 out of 10 that was patched last year in Apache RocketMQ, a messaging and streaming platform that’s found on many Linux machines.
The researchers are calling the malware Perfctl, the name of a malicious component that surreptitiously mines cryptocurrency. The unknown developers of the malware gave the process a name that combines the perf Linux monitoring tool and ctl, an abbreviation commonly used with command line tools. A signature characteristic of Perfctl is its use of process and file names that are identical or similar to those commonly found in Linux environments. The naming convention is one of the many ways the malware attempts to escape notice of infected users…
Canonical released Ubuntu 24.10 Oracular Oriole, which brings notable advancements, including an updated kernel, new toolchains, and the GNOME 47 desktop environment, along with significant enhancements in software security. “Oracular Oriole sets a new… Continue reading Ubuntu 24.10 Oracular Oriole brings tighter security controls
Canonical today announced the immediate availability of Ubuntu 24.10 Oracular Oriole, the latest release of its Linux distribution.
The post Canonical Celebrates 20 Years of Ubuntu with 24.10 Release appeared first on Thurrott.com.
Continue reading Canonical Celebrates 20 Years of Ubuntu with 24.10 Release
We had good discussions about it being safe or not five years ago, and it was defaulted to yes on the kernel way over 3 years ago (with a note calling anyone security conscious who disable it as paranoid)
So, was it exploited after all in … Continue reading Was Unpriviledged User Namespaces exploited since it started to default to YES?
Phoronix’s Michael Larabel reports: Yesterday when announcing the Linux 6.12-rc2 kernel, Linus Torvalds asked that the kernel maintainers do a better job moving forward with their commit messages. In particular, Torvalds is hoping that kernel maintaine… Continue reading Linus Torvalds Asks Kernel Devs To Write Better Git Merge Commit Messages
Thousands of Linux systems are likely infected with the highly elusive and persistent “perfctl” (or “perfcc“) cryptomining malware and many others still could be at risk of getting compromised, Aqua Security researchers revealed… Continue reading Linux systems targeted with stealthy “Perfctl” cryptomining malware
Rspamd is an open-source spam filtering and email processing framework designed to evaluate messages based on a wide range of rules, including regular expressions, statistical analysis, and integrations with custom services like URL blacklists. The sys… Continue reading Rspamd: Open-source spam filtering system