Tag: Linux distributions
Demystifying Screen Readers: Accessible Forms & Best Practices
This is the 3rd post in a small series we are doing on form accessibility. If you missed the 2nd post, check out Managing...
Breaking News
FritzFrog Botnet Exploits Log4Shell on Overlooked Internal Hosts
A new variant of an advanced botnet called "FritzFrog" has been spreading via Log4Shell.It's been more than two years since the critical vulnerability in...
5 Ways to Remove Pages from PDFs
As we navigate through the intricacies of document management, it's not uncommon to encounter scenarios where a leaner, more focused PDF is desired. Perhaps...
Remove Pages from PDFs in 5 Different Ways
As we navigate through the intricacies of document management, it's not uncommon to encounter scenarios where a leaner, more focused PDF is desired. Perhaps...
New One-Click Exploit Is a Supply Chain Risk for Linux OSes
Researchers have uncovered a vulnerability in a library within the GNOME desktop environment for Linux systems. If embedded in a malicious link, it could...
‘Looney Tunables’ Linux Flaw Sees Snowballing Proof-of-Concept Exploits
Proof-of-concept (PoC) exploits for the security flaw CVE-2023-4911, dubbed Looney Tunables, have already been developed, following last week's disclosure of the critical buffer overflow...
Protecting SSH keys with TPM 2.0, now available on Debian | Ledger
In this protocol, users are required to be authenticated. They can do this with passwords, files containing private RSA keys, hardware devices such as...
BlackLotus UEFI bootkit: Myth confirmed
The first in-the-wild UEFI bootkit bypassing UEFI Secure Boot on fully updated UEFI systems is now a reality The number of UEFI...
OpenSSH fixes double-free memory bug that’s pokable over the network
by Paul Ducklin The open source operating system distribution OpenBSD is well-known amongst sysadmins, especially those who manage servers, for...
Researchers Warn of Linux Kernel ‘Dirty Pipe’ Arbitrary File Overwrite Vulnerability
Linux distributions are in the process of issuing patches to address a newly disclosed security vulnerability in the kernel that could allow an attacker to overwrite arbitrary data into any read-only files and allow for a complete takeover of affected systems.
Dubbed "Dirty Pipe" (CVE-2022-0847, CVSS score: 7.8) by IONOS software developer Max Kellermann, the flaw "leads to privilege escalation
Over 28,000 Vulnerabilities Disclosed in 2021: Report
Risk Based Security on Monday released its vulnerability report for 2021 and revealed that a record-breaking 28,695 flaws were disclosed last year, which represents a significant increase from the 23,269 disclosed in 2020.
Disclosure, Panic, Patch: Can We Do Better?
Companies struggle to understand the extent to which they are affected by vulnerabilities in open source software, but security specialists and maintainers are striving to secure the ecosystem.
New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root
Samba has issued software updates to address multiple security vulnerabilities that, if successfully exploited, could allow remote attackers to execute arbitrary code with the highest privileges on affected installations.
Chief among them is CVE-2021-44142, which impacts all versions of Samba before 4.13.17 and concerns an out-of-bounds heap read/write vulnerability in the VFS module "vfs_fruit"