Updating Ubuntu
How can I make sure in the terminal that my Ubuntu updates are from the real source?
I am asking because I know that one download was fake. It was rkhunter. The update was malware. Done from Bangkok. I think it was DNS hijacking.
Category Archives: Updates
How does Burp update XSS/vulnerability scanning rules/payloads?
The first point, that it updates with new release. So if somebody discovered new payload for popular frameworks, it will be in burp only with new release. Does Burp app load payloads from Internet sources?
P.S. Except plugins =)
Continue reading How does Burp update XSS/vulnerability scanning rules/payloads?
Adobe fixes critical flaws in Media Encoder and After Effects
After fixing a pile of critical security flaws as part of last week’s Patch Tuesday, Adobe has raised two more needing urgent attention. Continue reading Adobe fixes critical flaws in Media Encoder and After Effects
Upgrading Software Version: risk of an unknown vs known vulnerabilities
Is there any evidence or research into the likelihood, as well as damage, via vulnerabilities in previous versions compared to following iterations of software?
For example, with every software version, there is the likelihood of new sec… Continue reading Upgrading Software Version: risk of an unknown vs known vulnerabilities
BIOS/UEFI update and BitLocker suspension [migrated]
I can read on many pages that when you update your BIOS/UEFI, you need to suspend BitLocker (for information, mine is configured to ask for a password at startup, no TPM in my machine).
But none of these pages tell on which devices you ha… Continue reading BIOS/UEFI update and BitLocker suspension [migrated]
How to ensure Windows 10 is safe from critical security hole reported by NSA on 2020-01-14?
All over the news today (2020-01-14) is the story that the NSA and Microsoft have reported a critical security vulnerability in Windows 10.
But I haven’t been able to find clear instructions about how to ensure that Windows Update has wor… Continue reading How to ensure Windows 10 is safe from critical security hole reported by NSA on 2020-01-14?
Why is a fully-patched OS less important than AV?
How to explain to traditional people why they should upgrade their old Windows XP device? <- The interesting point made in the highest upvoted answer to this Q is that a fully patched OS is largely insignificant for the se… Continue reading Why is a fully-patched OS less important than AV?
How can I make sure that my web servers are patched 24/7? [on hold]
I have a few servers that have the following stack:
ubuntu server / nginx / django / django extensions
Is there any tool that can run in the background and check the versions of evey element in each stack? (eg check… Continue reading How can I make sure that my web servers are patched 24/7? [on hold]
How to explain to traditional people why they should upgrade their old Windows XP device?
This is an issue I’m recurringly facing: older people from my family (or people who my family members know) can be surprisingly reluctant to apply most basic security measures when they’re using their PCs. The particular issu… Continue reading How to explain to traditional people why they should upgrade their old Windows XP device?
Centralised and maintained list of OS’s and devices patched for KRACK [on hold]
Is there such a list?
Google is only showing me news articles from that era Oct-2017, which are mostly as useless as they are breathless.
A maintained list is also important since I believe some patches such as those issue… Continue reading Centralised and maintained list of OS’s and devices patched for KRACK [on hold]