packetstormsecurity

• newVMware vCenter vScalation Privilege Escalation
  This Metasploit module exploits a privilege escalation in vSphere/vCenter due to improper permissions on the /usr/lib/vmware-vmon/java-wrapper-vmon file. It is possible for anyone in the cis group to write to the file, which will execute as root on v…
  - 19 hours ago 6 Dec 22, 4:23pm -
• newGNUnet P2P Framework 0.19.0
  GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic i…
  - 19 hours ago 6 Dec 22, 4:16pm -
• newFaraday 4.3.0
  Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security a…
  - 19 hours ago 6 Dec 22, 4:16pm -
• newEvernote Web Clipper Same-Origin Policy Bypass
  Evernote Web Clipper suffered from a same-origin policy bypass vulnerability. The link to the demo exploit was a 403 at the time of addition and has not been included in this post.
  - 19 hours ago 6 Dec 22, 4:09pm -
• newUbuntu Security Notice USN-5764-1
  Ubuntu Security Notice 5764-1 - It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary…
  - 19 hours ago 6 Dec 22, 4:06pm -
• newUbuntu Security Notice USN-5761-2
  Ubuntu Security Notice 5761-2 - USN-5761-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Due to security concerns, the TrustCor certificate authority has been marked as distrusted in…
  - 19 hours ago 6 Dec 22, 4:06pm -
• newRed Hat Security Advisory 2022-8799-01
  Red Hat Security Advisory 2022-8799-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
  - 19 hours ago 6 Dec 22, 4:06pm -
• newRed Hat Security Advisory 2022-8806-01
  Red Hat Security Advisory 2022-8806-01 - The USBGuard software framework provides system protection against intrusive USB devices by implementing basic whitelisting and blacklisting capabilities based on device attributes. To enforce a user-defined p…
  - 19 hours ago 6 Dec 22, 4:06pm -
• newRed Hat Security Advisory 2022-8809-01
  Red Hat Security Advisory 2022-8809-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.
  - 19 hours ago 6 Dec 22, 4:05pm -
• newRed Hat Security Advisory 2022-8800-01
  Red Hat Security Advisory 2022-8800-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file syste…
  - 19 hours ago 6 Dec 22, 4:05pm -

cPaneladmin

• Fixing AutoSSL “provider cannot currently accept incoming requests”
  When using cPanel/Sectigo as the SSL provider for AutoSSL, you may occasionally see this error in the autossl log: The “cPanel (powered by Sectigo)” provider cannot currently accept incoming requests. The system will try again later. This error s…
  - 76 days ago 22 Sep 22, 8:23pm -
• Troubleshooting Website SSL Issues – No Padlock
  5 / 5 ( 4 votes ) Having SSL problems? One of the most common issues our team handles is related to websites not properly displaying over HTTPS, whether it be the website either not loading entirely, or just not showing the green padlock: If you’re…
  - 18 Mar 19, 6:07pm -
• Safely Removing virtfs on a cPanel Server
  2.8 / 5 ( 40 votes ) If you’re on a cPanel server, you’ve probably noticed a sizable folder called ‘virtfs’ sitting in /home, which would appear at first to be using a ton of space. Your first inclination might be to delete it, but don’t! M…
  - 14 Jan 19, 7:25pm -
• Custom Exim Filter Examples
  3.9 / 5 ( 10 votes ) cPanel allows you to easily create custom Exim filters by simply dropping the rules in /usr/local/cpanel/etc/exim/sysfilter/options/ and running: /scripts/buildeximconf service exim restart Here are a couple useful examples of f…
  - 29 Aug 18, 6:08pm -
• How to Set up a Local cPanel FastUpdate Mirror
  4 / 5 ( 26 votes ) If you have more than a few cPanel servers in your network, it may be a good idea to set up your own mirror to serve the files necessary to run cPanel updates. Doing this could save time and bandwidth, as well as prevent problems c…
  - 17 Feb 16, 5:16pm -
• Installing LetsEncrypt SSL Certificates on CentOS + cPanel Servers
  4.9 / 5 ( 19 votes ) Update! cPanel supports LetsEncrypt, but you just need to install the plugin for it to work. To do this, run: /scripts/install_lets_encrypt_autossl_provider Once installed, Let’s Encrypt will appear in WHM’s Manage AutoSSL in…
  - 15 Feb 16, 5:14pm -
• cPanel Update Fails Due to RPM Conflict
  3.7 / 5 ( 3 votes ) The cPanel update fails due to a problem installing RPMs, but is not specific about what the problem is: [20160203.180007] Testing if the newly downloaded RPMS can be installed without conflict [20160203.180007] Testing RPM transa…
  - 3 Feb 16, 6:25pm -
• This system already has a database owner named X
  3.5 / 5 ( 2 votes ) When attempting to create a user or restore a backup you may see this error: This system already has a database owner named___ To fix this, edit the following files on the system and remove entries for the user in question: /var/c…
  - 28 Jan 16, 9:19pm -
• Changing the Public IP in a NAT setup
  3 / 5 ( 2 votes ) If your server is using a NAT setup and for some reason isn’t properly showing the correct public IP that should be mapped to the private IP on your server, you can easily fix this by creating a script to tell cPanel what the publ…
  - 20 Dec 15, 12:27am -
• Upgrading OpenSSH on CentOS 5 or 6
  4.3 / 5 ( 24 votes ) Note: This is an update from our 2011 post. If you’ve taken a peek at your PCI scan results lately, you may have noticed that your scan provider is now requiring OpenSSH 6.6 or higher due to CVE-2014-2532 – a version that…
  - 26 Jun 15, 4:57pm -

reddit admin

• newLet's Encrypt Certbot HTTP 418
  Hey everyone, I recently inherited a very small web server from another developer that recently left my team. He left instructions to renew the cert via letsencrypt. It is an extremely simple setup to drive wiki.js, it doesn't even use nginx, or apa…
  - 13 hours ago 6 Dec 22, 10:06pm -
• newchange UID on a postfix/dovecot server with NFS shares
  hey, big noob & pretty shitty situation here: i have a DC running samba and another MX that is running postfix/dovecot... now there is a python script from previous admins that i run on the MX to create a user after i created them on the DC through R…
  - 21 hours ago 6 Dec 22, 1:44pm -
• newCannot connect to my XFCE desktop with X2GO after reboot
  It was working beautifully until I rebooted. Can no longer connect - status is changing to connecting, then to finished after 10 seconds or so. The only thing I found suspicious so far was that it said display 50 after disconnect, I think it used to…
  - 22 hours ago 6 Dec 22, 1:05pm -
• newpurchased a linux foundation voucher
  ive been off and on with linux for awhile now but just getting back serious with it. Ive watched sander vans rhcsa video but never the lfcs since it's from 2019. I dont wanna watch the 2019 LFCS video if its outdated. Im wondering if i watch the rhcs…
  - 23 hours ago 6 Dec 22, 11:43am -
• Seeking the firewalld equivalent to iptables' -j SNAT --to <addr>
  I'm trying to migrate away from iptables. I like the simplicity of firewalld, so I'm trying that before nftables. However, one of my requirements is to be able to choose the proper source IP address for SNAT where a given interface has multiple IP ad…
  - 2 days ago 5 Dec 22, 9:30pm -
• Allow password auth in sshd for more than one network
  I want to allow password auth via sshd only if the user is coming from one of two local networks that I have in my home lab. I know that I can use a match statement in sshd_config like: Match 192.168.0.0/24 PasswordAuthentication yes but I'd also li…
  - 2 days ago 5 Dec 22, 5:29pm -
• Distributed syslog servers
  Hi fellow admins, I have a syslog server ( just basic rsyslogd ) that receives syslog messages from all my systems at the main site. It stores all received messages to /var/log/collected/<remote\_ip>/syslog.log At a remote site, I have recently insta…
  - 2 days ago 5 Dec 22, 1:19pm -
• Resizing an existing mdadm mirror array
  I have two drives which I had with different partitions as such: sd[a,b]1 sd[a,b]2 sd[a,b]3 (mirrored) I want to now remove the 2nd partition and have the 3rd one gain that space as part of the mirror. Is there a straight forward way of doing this w…
  - 2 days ago 5 Dec 22, 6:23am -
• How to force HTTPS access to a Linux instance.
  I have setup a Graylog server to be accessed via the web with a Public IP to its interface. I reach it via http, but I need to access it via HTTPS. However, when I enable ufw I fail to connect to it. Is there any better way to achieve this?? sub…
  - 2 days ago 5 Dec 22, 6:04am -
• Force password change after every specific period?
  Hello, we are using Ubuntu 20.04 LTS as our OS for end users. Is there a way to force the users to reset their passwords every specific period of time? Say, something like after every 6 weeks. While I am at it, I would also like to know if there's a…
  - 2 days ago 5 Dec 22, 2:53am -

LinuxActionShow

• Matrix.org | An open network for secure, decentralized communication.
  submitted by /u/mitcoes [link] [comments]
  - 10 May 17, 10:01am -
• Transitioning to LINUX Unplugged, wrapping up this Sub.
  Well look at that LINUX Unplugged is now our longest running Linux show. It's about to hit episode 200 in just a few more weeks. We've been debating what to do with a subreddit that was created for LAS. Since the start of LUP this sub has also been c…
  - 9 May 17, 7:18pm -
• [x-post] [Runs Linux] I put Debian on my Kindle! • r/linux
  [link] [comments]
  - 9 May 17, 7:14pm -
• Deepin 15.4 - See What's New
  submitted by /u/Mongaz [link] [comments]
  - 9 May 17, 6:53pm -
• Thunderbird’s Future Home
  submitted by /u/gabriel_3 [link] [comments]
  - 9 May 17, 2:41pm -
• Chuwi LapBook 12.3 is a 2K Ubuntu Laptop for $329.
  submitted by /u/mitcoes [link] [comments]
  - 9 May 17, 9:14am -
• [Suggestion] Dedicated audio and video rss feeds
  If we could get RSS feeds dedicated to audio intended segments and other feeds for video dedicated segments it would be very easy to get one going to our home media solution and the other to the phone. If not it will be nice if it says in the descrip…
  - 9 May 17, 8:40am -
• Prosody IM - Jabber/XMPP server
  submitted by /u/mitcoes [link] [comments]
  - 9 May 17, 7:56am -
• White Noise 2 officially released with Linux support, along with some major updates
  submitted by /u/Khaotic_Kernel [link] [comments]
  - 9 May 17, 6:56am -
• Google’s “Fuchsia” Smartphone OS Dumps Linux, Has A Wild New UI. Taking A Look At Google's Mysterious Third Operating System.
  submitted by /u/NetWiz69 [link] [comments]
  - 9 May 17, 5:11am -

linuxfoundation

linuxinsider

• GitHub Hides Code Flaw Reports, New RHEL and AlmaLinux, Amazon Deploys DentOS
  November put a shining spotlight on the progress open-source technology offers with significant announcements from industry leaders. The post GitHub Hides Code Flaw Reports, New RHEL and AlmaLinux, Amazon Deploys DentOS appeared first on LinuxInsider…
  - 9 days ago 28 Nov 22, 12:45pm -
• A New SBOM Tool, OpenSSL Fixes, GitHub Flaw, Software Supply Chain Help
  Troubles with software supply chain safety have recently grabbed a chunk of negative headline space. That, plus the latest open-source industry news. The post A New SBOM Tool, OpenSSL Fixes, GitHub Flaw, Software Supply Chain Help appeared first on L…
  - 28 days ago 9 Nov 22, 1:00pm -
• New ‘Tux’ Desktop Release Dresses Up Linux’s Distro Closet
  Previously, you could only get Tuxedo OS pre-installed on the company's line of computers. Now anyone can try it as a separate distro, making good on its mission statement to have Linux accessible to the general public. The post New ‘Tux’ Desktop…
  - 40 days ago 28 Oct 22, 12:28am -
• Free Ubuntu Subscriptions, Some Pause Open Source, New ‘Undistro’
  Ubuntu Linux users can now grab some free security help to make keeping up with patches and maintenance easier, data scientists express open-source security concerns, and Chainguard has launched the first Linux OS developed for supply chain security.…
  - 61 days ago 7 Oct 22, 7:25pm -
• Unix Basics It Pays To Know
  It pays to know these Unix basics considering there is often a Unix/Unix-like OS somewhere in the abstraction hierarchy. If that layer is unsound, the whole edifice risks collapse. The post Unix Basics It Pays To Know appeared first on LinuxInsider.
  - 64 days ago 4 Oct 22, 12:00pm -
• New Cyber Bill Aims To Fix Open-Source Security in Government
  Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, introduced the legislation that seeks to address open source software risks in government. The proposed Bill, S. 4913, now awaits action by the Committee on Homeland Security and Governmental Affai…
  - 68 days ago 30 Sep 22, 12:00pm -
• Google Debugs, JFrog Jumps Code, Confidential Kubernetes, Meta-PyTorch
  As the open-source model continues to prove its sustainability in the enterprise, the software community is ramping up its security mindedness. That concern was evident in recent weeks as leading Linux groups led the way for better code security. The…
  - 78 days ago 20 Sep 22, 11:30am -
• Linux Mint 21 Release Brings Reviewer a Welcome Reunion
  My Linux reviewing wanderlust got the best of me with the release of Linux Mint 21, as I was curious about what I might be missing. I discovered quite a few features that my current Cinnamon edition does not offer. The post Linux Mint 21 Release Bri…
  - 85 days ago 13 Sep 22, 11:00am -
• License Change May Spark New Pricing Trend for Open-Source Projects
  Cloud-native microservices platform Lightbend wants open-source licensing to better meet developers’ needs and is doing something to make that happen. However, the replacement fix is not a traditional open-source license. Rather, it transitions the…
  - 91 days ago 7 Sep 22, 11:15am -
• Coding Vulnerabilities, Linux Growth, FOSS Friction Cap Summer Highlights
  Canonical and Microsoft reached a new agreement to make their two cloud platforms play nicer together. Meanwhile, Microsoft apologized to open-source software devs. But no apology was rendered for BitLocker locking out Linux users. Get caught up on t…
  - 23 Aug 22, 11:00am -

arstechnica

• Coder deletes open source add-on for Chef in protest over ICE contract
  CEO said multiple Chef customers affected; now Chef won't renew contract.
  - 23 Sep 19, 6:59pm -
• Debian 10: Playing catch-up with the rest of the Linux world (that’s a good thing)
  If you skipped the last release, Debian 10 (Buster) should encourage an update into 2019.
  - 11 Sep 19, 11:40am -
• Hack in the box: Hacking into companies with “warshipping”
  For under $100, compact hardware can turn a shipped package into a Trojan horse for attacks.
  - 13 Aug 19, 9:24pm -
• Microsoft publishes first Edge for macOS preview, promises to make it truly “Mac-like”
  Microsoft is making sure to take advantage of the Mac's hardware and design.
  - 20 May 19, 10:40pm -
• Windows dual booting no longer looking likely on Pixelbooks
  Development work appeared to grind to a halt last December.
  - 15 May 19, 10:50pm -
• Microsoft open sources algorithm that gives Bing some of its smarts
  You can ask "How tall is the tower in Paris?" and it knows what you're talking about.
  - 15 May 19, 3:51pm -
• Microsoft: The open source company
  The times, they are a-changin'—even bits of Windows will be open source.
  - 10 May 19, 9:51pm -
• Windows 10 will soon ship with a full, open source, GPLed Linux kernel
  The new Windows Subsystem for Linux will use a real Linux kernel.
  - 6 May 19, 8:20pm -
• Microsoft’s plan for Edge: Integrated IE compatibility, better privacy
  New features will make Edge more than just a reskinned Chrome.
  - 6 May 19, 4:27pm -
• Developers love Python and TypeScript, get paid for Clojure, and aren’t using blockchain
  Visual Basic remains as unpopular as ever.
  - 10 Apr 19, 7:44pm -

technewsworld

• newReport Calls for Crackdown on Advertising by Digital Pill Mills
  Loopholes in the rules governing advertising for stimulant medications should be closed, according to a report released Monday by the Center for Data Innovation. The post Report Calls for Crackdown on Advertising by Digital Pill Mills appeared first…
  - 22 hours ago 6 Dec 22, 1:00pm -
• Gift Ideas That Will Have Recipients Thinking Fondly of You
  I’ll break down each gift by cost for this guide, but the overall theme will be things that people will look at and recall you kindly when they do. The post Gift Ideas That Will Have Recipients Thinking Fondly of You appeared first on TechNewsWorld…
  - 2 days ago 5 Dec 22, 12:00pm -
• Calix Expands Managed Service Capability to SMB, MDU Markets
  Calix has good reason to believe that its managed Wi-Fi strategy, which has enjoyed strong appeal in the single-family home market, will experience significant traction in the SMB and MDU markets. The post Calix Expands Managed Service Capability to…
  - 7 days ago 30 Nov 22, 1:00pm -
• Blurring Boundaries: How Amazon Manages Category Crossover
  At its most recent device launch, Amazon demonstrated three approaches to redefining tech category boundaries, each of which has implications for its marketplace prospects. The post Blurring Boundaries: How Amazon Manages Category Crossover appeared…
  - 8 days ago 29 Nov 22, 1:00pm -
• China’s Woes Could Take a Bite Out of Apple’s Bottom Line
  Worker unrest at the Zhengzhou Foxconn factory could result in a production shortfall of six million iPhones, just as the holiday season is about to enter the home stretch. The post China’s Woes Could Take a Bite Out of Apple’s Bottom Line appear…
  - 8 days ago 29 Nov 22, 12:00pm -
• GPU Wars: Assessing the Contrasting Strategies of the Market Leaders
  AMD, Nvidia, and Intel are in this highly competitive space, and all three have come to market lately with distinctive strategies, each with unique benefits, risks, and opportunities. The post GPU Wars: Assessing the Contrasting Strategies of the Ma…
  - 9 days ago 28 Nov 22, 12:00pm -
• Piracy Expert Sees Weaponization of Legit Video Providers on the Rise
  Streaming video content from non-mainstream providers might make you an unwitting target of content piracy. If you get a bargain pricing offer, you risk becoming the victim of scammers and hackers, losing personal data, and having your financial ass…
  - 14 days ago 23 Nov 22, 1:00pm -
• Moving to the Cloud? Avoid These Strategic Errors
  Running a business without some cloud support is a rarity these days. Still, when formulating a cloud strategy, companies seem to make some common mistakes. Here are several of them. The post Moving to the Cloud? Avoid These Strategic Errors appeared…
  - 15 days ago 22 Nov 22, 1:00pm -
• Anticipating the Evolution of AI-Enhanced Smartphones and Laptops
  Qualcomm last week announced its Snapdragon 8 Gen 2 processor. The significant improvement is enhanced AI that will operate behind the scenes to improve the user experience significantly on phones. The post Anticipating the Evolution of AI-Enhanced S…
  - 16 days ago 21 Nov 22, 12:00pm -
• MediaTek Ups Its Mobile Game With the Dimensity 9200 SoC
  MediaTek's brand is often associated with affordable, budgeted, Android phones. However, the company has made incremental inroads into the more premium, high-performance models. The launch of the MediaTek Dimensity 9200 chip is a potent step in that…
  - 19 days ago 18 Nov 22, 1:00pm -