Displaying items by tag: Linux

If I have said it once, I have said it a thousand times; attackers are cunning. The adage that attackers are lazy has nothing to do with strategic, tactical, or technical knowledge. They understand the landscape and, in many cases, better than the organizations they are attacking do. Because of this deep understanding of their target environment, they also know to be on the lookout for special purpose entities. In this case we are talking about Security Researchers. Security researchers are a special target for attackers and when they can leverage an existing opportunity to target and potentially compromise them, they are going to take it.

Published in News

Linux, often thought of as a more secure alternative to Microsoft, has not had an easy year. We have seen vulnerabilities that affect the iSCSI subsystem, the Extended Berkeley Packet Filter, the Polkit pkexec component bug and now two Kernel bugs. The latest one, dubbed “dirty pipe” It is a method that could allow a “local” user to overwrite read-only files including SUID flies.

Published in Security Talk

Linux has always had something of a mystique about it. Regardless of the distro (flavor) of Linux there simply certain misconception around Linux that are both entertaining and concerning. One of my all-time favorites was/is that it is a “hacker” OS. This fun little misunderstand was so bad at one point that it was part of a parent’s guide on how to tell if your child is a hacker. Nothing says out of touch like labelling an entire OS line as a “hacker” OS. The other side of the coin is the belief that it is secure out of the box. In simple terms, no OS is secure out of the box, all of them have vulnerabilities including serious ones that allow for complete compromise.

Published in Security Talk

The shift to services like AWS, GCP and more have meant that many organizations are also making a shift away from the Microsoft Windows platform and moving to a Linux centric environment and while this is a good move for the most part, it has left many open to exploit due to improper configurations and a lack of proper security tools to protect their environments.

Published in Security Talk

A newly released CVE (common vulnerabilities and exposures) CVE-2021-4034 for Linux has identified a vulnerability in PolKit’s (formerly PolicyKit) pkexe that exists in very major release of Linux. The vulnerability known as PwnKit can be exploited to gain full root on a target system. The flaw, according to researchers has also been present for more than 12 years.

Published in Security Talk

WikiLeaks is at it again with their "Vault 7" releases. This time part of the dump features a nice little took kit for continued exploitation of some Linux systems. The tool kit is called OutlawCountry and is, to be perfectly honest, not much more than a remote management, monitoring and exfiltration tool. It is intended to run in the background on a system after a vulnerability has been exploited to allow the payload to be pushed. It looks very similar to a tool that the NSA used for years and has now become the commercial product Kaseya.

Published in Editorials

The team behind the popular miniature platform Raspberry Pi boasted on its Website with a new product. It is a new version of the Raspberry Pi , which aims to make the whole system more transparent and easier, it is called the Raspberry Pi Compute Module. It is essentially a motherboard with a dimensions 67,6x30 millimeters at which they managed to compress the basic hardware to which users are accustomed with the old Raspberry, but without ports for peripherals.

Published in News

When Microsoft announced Windows 8 there were many consumers and people in the industry that raise their eyebrows. Here was an OS designed to integrate with Microsoft cloud services and gaming products. It seemed like a bad move for Microsoft as it put them in competition with many companies that developed games and software for the PC. Still some held out that even though Windows 8 would be more integrated into the Microsoft Eco system than ever it would not mean they could not use whatever software or application they wanted. Microsoft even seemed to confirm this in a few of their building Windows 8 blog posts.

Published in News
Friday, 14 February 2014 21:44

Unity 8 launch delayed by Canonical

Plan of Canonical, which is behind the popular Linux distribution Ubuntu, to provide customers with multiplatform applications, based on the principle that they code it once, and the application can then smoothly run on the desktop and mobile devices has been temporarily postponed.

Published in News
Wednesday, 15 January 2014 13:38

Steam Machines are not a competition for Xbox One

Microsoft's Marc Whitten is not worried by recent arrival of Steam Machines on the market, primarily because he believes that it is not a classic home console, which is why they will not pose a direct competition.

Published in News
Page 1 of 5