Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Wednesday
  • Illumos-Powered OmniOS Gets Updated Against MDS / ZombieLoad Vulnerabilities

    While it was just earlier this month that the OpenSolaris/Illumos-based OmniOS saw a big LTS release, it's already been succeeded by a new release given the recent Intel MDS / Zombieload CPU vulnerabilities coming to light.

    There are new spins of OmniOS for all supported releases. These new OmniOS Community Edition releases mitigate against the Multiarchitectural Data Sampling (MDS) vulnerabilities and also bundle in the updated Intel CPU microcode.

  • Hackers Hack A Forum For Hacked Accounts: Here’s How

    A group of hackers failed to deploy security mechanisms to secure the storage where they store hacked accounts and another hacker group hacked it.

    The story is indeed funny and real. Infamous forum named OGUSERS which is popular amongst hackers for obtaining “OG” Instagram, Twitter usernames, hacked accounts of Domino’s Pizza, Steam, PlayStation Network, and other online accounts was hacked by a hacker group and its data was published in another hacker forum.

  • Security Announcement: Disabling SMT by default on affected Intel processors

    This is an important announcement with an upcoming change in the next Core Update of IPFire.

    Because of the recent vulnerabilities in Intel processors, the IPFire team has decided, that - to keep systems as secure as possible - Simultaneous Multi-Processing (SMT) is automatically disabled if the processor is vulnerable to one of the attacks.

    SMT is also called Intel(R) Hyper-Threading Technology and simulates more virtual cores than the system has. This allows to perform faster processing when applications benefit from it. Unfortunately with networking, we benefit from that. Therefore the effect of disabling SMT will be a very signifiant performance impact of around 30% or more. Applications that will be affected in IPFire are the firewall throughput itself as well as other CPU and memory-bound tasks like the web proxy and the Intrusion Prevention System. On systems that are not vulnerable for this attack, SMT is being left enabled. If you still want to disable it, please do so in the BIOS of your firewall.

More in Tux Machines

today's howtos

Best free Linux firewalls of 2019: go beyond Iptables for desktops and servers

Linux distros will often come with at least a basic firewall bundled with it. Often this won't be active by default so will need to be activated. Additionally this will likely be the standard Iptables supplied, even though less experienced users may struggle with it. UFW - Uncomplicated Firewall is also bundled with some distros, and aims to make the process simpler. However, there are distros and applications out there that can cater for the more advanced user and the less experienced one, making it easier to setup and configure a firewall that works for your needs. Some, like ClearOS build it directly into the operating system as part of its security focus, but most other options would be applications that aim to block rogue IPs, monitor ports, and prevent otherwise prevent bad packets from interfering with your machine. For most home users there are few actual settings that need to be customized, so simple apps can be popular, but for those looking to manage their machine as a server, additional controls and advanced command options will tend to be the more welcome. Read more

GNU Parallel 20190922 ('Stallman') released

GNU Parallel 20190922 ('Stallman') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/ GNU Parallel is 10 years old next year on 2020-04-22. You are here by invited to a reception on Friday 2020-04-17. Read more

Top 20 Best NodeJs Frameworks For Developers in 2019

Over the past few years, the use of web applications has increased to a vast extent. Developers have been looking for such a platform that is both advanced and provides flexibility to develop a variety of web applications. NodeJs Frameworks have earned the credit to be the top selection by the developers. You wanna know why? It is because of the capability to build smart, scalable server-side network-based applications. Read more