Language Selection

English French German Italian Portuguese Spanish

Security and Microsoft FUD

Filed under
Microsoft
Security
  • Security updates for Monday [LWN.net]

    Security updates have been issued by Debian (chromium, firefox-esr, ghostscript, libreswan, prosody, sphinxsearch, thunderbird, and uriparser), Fedora (cryptsetup, flatpak, kernel, mingw-uriparser, python-celery, python-kombu, and uriparser), Mageia (htmldoc, mbedtls, openexr, perl-CPAN, systemd, thunderbird, and vim), openSUSE (chromium and prosody), Red Hat (httpd, kernel, and samba), Scientific Linux (kernel), Slackware (expat), SUSE (ghostscript), and Ubuntu (pillow).

  • Domestic CCTV and audio recording | Pen Test Partners

    Last week, we had BBC Morning Live in to film a piece on the legalities and challenges of domestic CCTV systems. You can watch it on iPlayer here, starting at 10:30.

    It was sparked by a conversation we had with Radio 4 before Xmas, where a journalist had taken an interest in CCTV systems exposed on insecam.org.

    We had helped the journalist identify the homeowner with an exposed CCTV stream & they went to speak to them about it. Unsurprisingly, the homeowner had installed the system & left it exposed with default credentials. Whilst they could review their CCTV footage remotely on a mobile app, so could anyone else…

    It ended well though, as the homeowner took the system offline and secured it. One less exposed CCTV camera! The radio piece is here.

    As a reminder, if you don’t set a good, strong password for your CCTV system that you don’t use elsewhere, you run the risk of it being exposed and/or accessed remotely by nefarious parties.

  • Data & Society — Bounty Everything: Hackers and the Making of the Global Bug Marketplace

    In Bounty Everything: Hackers and the Making of the Global Bug Marketplace, researchers Ryan Ellis and Yuan Stevens provide a window into the working lives of hackers who participate in “bug bounty” programs—programs that hire hackers to discover and report bugs or other vulnerabilities in their systems. This report illuminates the risks and insecurities for hackers as gig workers, and how bounty programs rely on vulnerable workers to fix their vulnerable systems.
    Ellis and Stevens’s research offers a historical overview of bounty programs and an analysis of contemporary bug bounty platforms​​—the new intermediaries that now structure the vast majority of bounty work. The report draws directly from interviews with hackers, who recount that bounty programs seem willing to integrate a diverse workforce in their practices, but only on terms that deny them the job security and access enjoyed by core security workforces. These inequities go far beyond the difference experienced by temporary and permanent employees at companies such as Google and Apple, contend the authors. The global bug bounty workforce is doing piecework—they are paid for each bug, and the conditions under which a bug is paid vary greatly from one company to the next.
    Bounty Everything offers to reimagine how bounty programs can better serve the interests of both computer security and the workers that protect our digital world. Ellis & Stevens argue that if bounty programs are not designed and implemented properly, “this model can ironically perpetuate a world full of bugs that uses a global pool of insecure workers to prop up a business model centered on rapid iteration and perpetual beta.”

  • An Examination of the Bug Bounty Marketplace
  • Freexian’s report about Debian Long Term Support, December 2021

    Every month we review the work funded by Freexian’s Debian LTS offering. Please find the report for December below.

  • Malware targeting Linux systems hit a new high in 2021 [Ed: Microsoft-connected Crowdstrike spreading lots of anti-Linux FUD at the moment to sell its proprietary products and to help Microsoft]
  • New year brings bad news for Linux as 2021 saw up to 10 times more malware samples
  • Linux malware is on the rise. Here are three top threats right now [Ed: Microsoft operatives inside the media use Microsoft-connected Crowdstrike to smear Linux right now; nobody bothers to check their Microsoft connections (words taken at face value)]

Once again, Microsoft-connected firm smears "Linux"

  • Why Linux Saw A Massive Rise In Malware Attacks Last Year

    Crowdstrike actually expects...

  • Linux malware rises

    The number of malware infections targeting Linux devices rose by 35 per cent in 2021, and it looks lie the writers want to recruit IoT devices for DDoS (distributed denial of service) attacks.

    According to a Crowdstrike report in 2021 XorDDoS, Mirai, and Mozi were the most prevalent families, accounting for 22 per cent of Linux-targeting malware attacks observed in 2021.

    Mozi saw an explosive growth in its activity, with ten times more samples circulating in the wild the year that passed compared to the previous one. XorDDoS use increased by123 per cent.

Slashdot is giving a megaphone to Microsofters against Linux

  • Linux Malware Sees 35% Growth During 2021

    The number of malware infections targeting Linux devices rose by 35% in 2021, most commonly to recruit IoT devices for DDoS (distributed denial of service) attacks

Microsofters

More FUD

Bruce Schneier has become megaphone of Microsoft proxy, FUD

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

today's howtos

  • How to Connect Wi-Fi using Nmcli in Linux

    Why use the Network-command-line Manager’s interface? Sometimes Ubuntu Network Manager behaves strangely, and you may be unable to connect to any Wi-Fi Hotspot using the GUI (Graphical user interface). The Network Manager may fail to start, and even after manually restarting the service through the terminal, you may still have difficulties connecting to any Wi-Fi Hotspot, even a previously recognized and stored home network. I encountered same problem on dual boot configurations and standalone Linux installs, and it was quite inconvenient, particularly during the WFH (Work from home) phase that we’re all going through.

  • How to Add Comments to UFW Rules

    In an earlier article we discussed how to add comments to iptables rules for clarity and documentation. In our opinion it is a good practice to comment anything someone else may have to work on in the future. Using comments in scripting is a common practice for good reason. We decided to write a quick tip on how to add a comment to UFW (Uncomplicated Firewall) rules. I am not a huge fan of UFW or Firewalld. In my opinion they make managing netfilter harder, not easier. That is because I started using iptables over 20 years ago. I am very comfortable with it and tend to know the necessary syntax off the top of my head. That being said, adding a comment to UFW rules is much more intuitive than any other iptables front end.

  • How to Install Drupal 9 on Ubuntu 22.04 - LinuxTuto

    Drupal is an open-source and popular content management tool that is the foundation of many websites across the internet. It has great standard features, like easy content authoring, reliable performance, and excellent security. Flexibility and modularity are some of the core principles that set it apart from the rest. In this tutorial, we will show you how to install Drupal 9 on your Ubuntu 22.04 OS.

  • How to migrate from Blogger to WordPress

    Blogger.com, as its name suggest is a blog service. Is very popular and it’s owned by google. You may want to take full control of your blog by setting up a WordPress on your server. But you still need your content: in this entry I’ll show you how to migrate from blogger to wordpress. I’m assuming you already have a brand new WordPress installation. If not, here on unixcop.com we have several articles about wordpress.

  • How to install Inkscape 1.2 on a Chromebook

    Today we are looking at how to install Inkscape 1.2 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  • What is AWS CloudTrail and how to use it

The 10 Best Linux Apps for Musicians

If you're a musician of any kind, from beginner to professional, Linux provides an amazing assortment of free, yet powerful, platforms and applications that will boost your productivity and help you to show off your creativity. Don't let the fact that these apps are free wrongly influence your judgment. They are high-quality, professional-grade applications that rival even the most well-known, high-priced, commercial applications. These are 10 of the best Linux apps for musicians of all levels. Read more

GNOME and KDE: This Week in GNOME, Qt6 and KF6

  • #44 Five Across · This Week in GNOME

    Update on what happened across the GNOME project in the week from May 13 to May 20.

  • Okteta making a small step to Qt6 | Attracted by virtual constructs

    Old, but stable, even more in when it comes to the feature set, and still getting its polishing now and then: your simple editor for the raw data of files, named Okteta. What started in 2003 as a hex editing widget library for KDE3 (and Qt3), of course named KHexEdit (to be confused with the unrelated hex editor program that was part of KDE at that time), it turned into a first dedicated application by the title Okteta during the years 2006 to 2008 for KDE4 (and Qt4). From there on a small set of features was added once in a while, most impressively Alexander Richardson’s Structures tool in 2010,. Until then in 2013 the port to Qt5/KF5 was done (also to a good degree by Alexander). After that things had settled, the program working properly when needed, otherwise just left in the corner of the storage. Now, nearly 2 decades after the first lines were written, the next port is to be done, to Qt6 and KF6. And this time the actual port is just amazingly boring: changing a few “Qt5” to “Qt6” in the buildsystem (and later some “KF5” to “KF6” once KF6 is ready), adding Qt6::Core5Compat as helper library for 1-2 classes that had not yet been substituted, adding a “const” to the argument of an overridden virtual method, adapting some “QStringList” forward declarations… and done.

The 5 best Application Launchers for Ubuntu

Every operating system comes with an application launcher where you have to mouse over the entire menu to launch an application. But, unlike other operating systems, Linux allows us to install other launchers as an alternative. In this post, We came up with the five best application launchers for Ubuntu and their installation process. Ubuntu has a default application launcher, i.e., GNOME Shell application overview. If you are a beginner or a tech professional, browsing the entire menu to launch an application is quite bothersome. Linux community offers a wide variety of application launchers. From a rich UX-based to a bare minimum, Linux has everything to offer. These application launchers offer many themes and come with a lot of customization. Choosing the right application launcher as per your need might be difficult. That’s why we came up with the five best application launchers. Here are the top 5 application launchers for your Ubuntu. Read more