packetstormsecurity

• newUbuntu Security Notice USN-6540-1
  Ubuntu Security Notice 6540-1 - It was discovered that BlueZ did not properly restrict non-bonded devices from injecting HID events into the input subsystem. This could allow a physically proximate attacker to inject keystrokes and execute arbitrary…
  - 10 hours ago 7 Dec 23, 2:25pm -
• newConQuest Dicom Server 1.5.0d Remote Command Execution
  Conquest Dicom Server version 1.5.0d pre-authentication remote command execution exploit.
  - 10 hours ago 7 Dec 23, 2:23pm -
• newUbuntu Security Notice USN-6539-1
  Ubuntu Security Notice 6539-1 - It was discovered that the python-cryptography Cipher.update_into function would incorrectly accept objects with immutable buffers. This would result in corrupted output, contrary to expectations. This issue only affec…
  - 10 hours ago 7 Dec 23, 2:18pm -
• newUbuntu Security Notice USN-6538-1
  Ubuntu Security Notice 6538-1 - Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. Pedro Gallegos discover…
  - 10 hours ago 7 Dec 23, 2:18pm -
• newWinterCMS 1.2.3 Cross Site Scripting
  WinterCMS version 1.2.3 suffers from a persistent cross site scripting vulnerability.
  - 10 hours ago 7 Dec 23, 2:17pm -
• newUbuntu Security Notice USN-6537-1
  Ubuntu Security Notice 6537-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Lucas Leon…
  - 10 hours ago 7 Dec 23, 2:16pm -
• newUbuntu Security Notice USN-6536-1
  Ubuntu Security Notice 6536-1 - Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose s…
  - 10 hours ago 7 Dec 23, 2:12pm -
• newUbuntu Security Notice USN-6463-2
  Ubuntu Security Notice 6463-2 - USN-6463-1 fixed vulnerabilities in Open VM Tools. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Open VM Tools incorrectly handled SAML tokens. A remot…
  - 10 hours ago 7 Dec 23, 2:11pm -
• newUbuntu Security Notice USN-6535-1
  Ubuntu Security Notice 6535-1 - Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains. Maksymilian…
  - 10 hours ago 7 Dec 23, 2:10pm -
• newDocker cgroups Container Escape
  This Metasploit exploit module takes advantage of a Docker image which has either the privileged flag, or SYS_ADMIN Linux capability. If the host kernel is vulnerable, its possible to escape the Docker image and achieve root on the host operating sys…
  - 10 hours ago 7 Dec 23, 2:03pm -

cPaneladmin

• cPanel 112 Cheat Sheet Now Available
  Our latest cPanel cheat sheet is now available. This one applies to all current versions, specifically 112+. Head over to our Cheat Sheets page to download it!…
  - 14 Jun 23, 6:15pm -
• Elevate: Unable to backup EA4 profile
  When trying to upgrade from CentOS to AlmaLinux, cPanel 110 and earlier might experience the following error: Edit /etc/cpanel/ea4/profiles/pkg-manifest.json and remove the extra comma at the end of any list, for example: Then re-run Elevate and it s…
  - 14 Jun 23, 2:43pm -
• How to Block Emails From the Future Using SpamAssassin In cPanel
  Getting emails from the future is a classic sign of SPAM. Unfortunately, SpamAssassin only bumps the score of these emails by less than 2 points, which isn’t usually enough to get it marked as SPAM. To fix this, you can add a rule to SpamAssassin t…
  - 14 Jun 23, 2:27pm -
• Fixing AutoSSL “provider cannot currently accept incoming requests”
  When using cPanel/Sectigo as the SSL provider for AutoSSL, you may occasionally see this error in the autossl log: The “cPanel (powered by Sectigo)” provider cannot currently accept incoming requests. The system will try again later. This error s…
  - 22 Sep 22, 8:23pm -
• Troubleshooting Website SSL Issues – No Padlock
  Having SSL problems? One of the most common issues our team handles is related to websites not properly displaying over HTTPS, whether it be the website either not loading entirely, or just not showing the green padlock: If you’re sure that the SSL…
  - 18 Mar 19, 6:07pm -
• Safely Removing virtfs on a cPanel Server
  If you’re on a cPanel server, you’ve probably noticed a sizable folder called ‘virtfs’ sitting in /home, which would appear at first to be using a ton of space. Your first inclination might be to delete it, but don’t! Most likely, the files…
  - 14 Jan 19, 7:25pm -
• Custom Exim Filter Examples
  cPanel allows you to easily create custom Exim filters by simply dropping the rules in /usr/local/cpanel/etc/exim/sysfilter/options/ and running: /scripts/buildeximconf service exim restart Here are a couple useful examples of filters we’ve create…
  - 29 Aug 18, 6:08pm -
• How to Set up a Local cPanel FastUpdate Mirror
  If you have more than a few cPanel servers in your network, it may be a good idea to set up your own mirror to serve the files necessary to run cPanel updates. Doing this could save time and bandwidth, as well as prevent problems caused by mirrors be…
  - 17 Feb 16, 5:16pm -
• Installing LetsEncrypt SSL Certificates on CentOS + cPanel Servers
  Update! cPanel supports LetsEncrypt, but you just need to install the plugin for it to work. To do this, run: /scripts/install_lets_encrypt_autossl_provider Once installed, Let’s Encrypt will appear in WHM’s Manage AutoSSL interface (Home >> SSL/…
  - 15 Feb 16, 5:14pm -
• cPanel Update Fails Due to RPM Conflict
  The cPanel update fails due to a problem installing RPMs, but is not specific about what the problem is: [20160203.180007] Testing if the newly downloaded RPMS can be installed without conflict [20160203.180007] Testing RPM transaction [20160203.1800…
  - 3 Feb 16, 6:25pm -

reddit admin

• pam_access with Winbind and Samba failing to authenticate with AD groups.
  Hello. I have a RHEL8.9 system I am trying to lock down to certain AD groups. Due to Corporate reasons, It's connected to Windows AD via Samba/winbind # realm list DOMAIN.COM type: kerberos realm-name: DOMAIN.COM domain-name: domain.com configured: k…
  - 1 day ago 6 Dec 23, 6:31pm -
• DNF-Automatic trigger set to run at unconfigured time?
  I am configuring dnf-automatic to automatically install security updates on some low priority test boxes. Eventually I want to the updates to run every Sunday morning around 4-5AM, but for testing purposes I've configured the boxes to kick off the up…
  - 1 day ago 6 Dec 23, 3:23pm -
• xdg-open shim for remote ssh to headless server (VSCode)
  submitted by /u/YeNerdLifeChoseMe [link] [comments]
  - 1 day ago 6 Dec 23, 2:53pm -
• Samba AD and FreeIPA worth it?
  Hey, So I'm having the same problem on two gigs - One is a small company with a few Windows Computers / Notebooks that I'd like to enroll in an Samba AD - mostly because company is focussed on working with lot's of data on shares and I'd like to hav…
  - 2 days ago 6 Dec 23, 9:44am -
• what is the run directory?
  quick question, what is the run directory? what does it do? why does it exist? when i put this into google i get " This is a directory that stores volatile runtime data since the system was started." what is volatile runtime data? why would you nee…
  - 2 days ago 6 Dec 23, 2:59am -
• Help me to understand the benefit(s) and use of VLAN filtering in bridges
  I'm in the process of building a new KVM server, and I'm trying to understand how best to configure networking. My main goal is to complete a switch from using ifcfg*-type files to nmcli, but I've found myself caught on a detail that's leaving me con…
  - 2 days ago 6 Dec 23, 1:10am -
• Some video courses except chrish geer to get started with protocol analysis with wireshark?
  Any? What can I achieve by sniffing packets in the server? I genuinely don't know it. We've a server that hosts an android application. submitted by /u/Hefty-Entrance-2706 [link] [comments]
  - 2 days ago 5 Dec 23, 2:32pm -
• Non-yaml ansible alternatives
  I know this is either an question thats been asked before or something controversial. Basically my gripe with ansible and a lot of other modern tool is how insanely verbose the config is and how fragile the yaml language is once you have manually ed…
  - 3 days ago 5 Dec 23, 8:08am -
• Most important tools for new sysadmin
  I have been a sysadmin for half a year already. I am getting more and more familiar with the Linux file system structure and know what to expect where, I start being able to see how to pipe together different small utilities to reach my goal, I have…
  - 3 days ago 5 Dec 23, 2:46am -
• mdadm raid 5 issues on reboot
  Let me start by saying i am very new to all of this and i know that i was a large project to begin with. I had created a raid 5 array with mdadm a couple of weeks ago and i thought that it was all going well. It was all working and i was writing data…
  - 3 days ago 4 Dec 23, 10:18pm -

LinuxActionShow

• Transitioning to LINUX Unplugged, wrapping up this Sub.
  Well look at that LINUX Unplugged is now our longest running Linux show. It's about to hit episode 200 in just a few more weeks. We've been debating what to do with a subreddit that was created for LAS. Since the start of LUP this sub has also been c…
  - 9 May 17, 7:18pm -
• [x-post] [Runs Linux] I put Debian on my Kindle! • r/linux
  [link] [comments]
  - 9 May 17, 7:14pm -
• Deepin 15.4 - See What's New
  submitted by /u/Mongaz [link] [comments]
  - 9 May 17, 6:53pm -
• Thunderbird’s Future Home
  submitted by /u/gabriel_3 [link] [comments]
  - 9 May 17, 2:41pm -
• Chuwi LapBook 12.3 is a 2K Ubuntu Laptop for $329.
  submitted by /u/mitcoes [link] [comments]
  - 9 May 17, 9:14am -
• [Suggestion] Dedicated audio and video rss feeds
  If we could get RSS feeds dedicated to audio intended segments and other feeds for video dedicated segments it would be very easy to get one going to our home media solution and the other to the phone. If not it will be nice if it says in the descrip…
  - 9 May 17, 8:40am -
• Prosody IM - Jabber/XMPP server
  submitted by /u/mitcoes [link] [comments]
  - 9 May 17, 7:56am -
• White Noise 2 officially released with Linux support, along with some major updates
  submitted by /u/Khaotic_Kernel [link] [comments]
  - 9 May 17, 6:56am -
• Google’s “Fuchsia” Smartphone OS Dumps Linux, Has A Wild New UI. Taking A Look At Google's Mysterious Third Operating System.
  submitted by /u/NetWiz69 [link] [comments]
  - 9 May 17, 5:11am -
• openSUSE 101: get started with Free Software now!
  submitted by /u/gabriel_3 [link] [comments]
  - 9 May 17, 4:36am -

linuxfoundation

linuxinsider

• The Last Digitally-Free Nation on Earth
  Because of the uniquely strong protection of individual liberties enshrined in the U.S. Constitution and a key legal precedent established by the courts, the United States is the only place I’m aware of in which Linux would remain freely accessible…
  - 28 days ago 9 Nov 23, 3:00pm -
• Wind River Linux Drives New Solutions for Software-Defined Vehicles
  Mainstream consumers typically do not know the Linux operating system powers their email service, favorite websites, television sets, and even their mobile phones and computers in some cases. Now, Wind River Linux is making inroads into the operation…
  - 38 days ago 31 Oct 23, 12:00pm -
• Qualys Discovers Critical Linux Flaw ‘Looney Tunables’
  A key concern with Looney Tunables is the buffer overflow it triggers in the dynamic loader's handling of the GLIBC_TUNABLES environment variable. It leads to full root privileges on major Linux distributions. The post Qualys Discovers Critical Linux…
  - 64 days ago 4 Oct 23, 2:46pm -
• More Linux Malware Means More Linux Monitoring
  TuxCare technical evangelist Joao Correia highlights the perils of delayed system patching in Linux environments, offering vital advice to prevent ransomware attacks and data breaches. The post More Linux Malware Means More Linux Monitoring appeared…
  - 84 days ago 15 Sep 23, 12:00pm -
• Atlas VPN Linux Leak Exposes Users’ IP Addresses
  A Reddit user with the handle 'Educational-Map-8145' published a proof-of-concept exploit last week for a zero-day flaw in the Linux client of Atlas VPN. The exploit code works against the latest version of the client, 1.0.3. The post Atlas VPN Linux…
  - 91 days ago 7 Sep 23, 10:33pm -
• When Betting on Linux Security, Look at the Big Picture
  Exploring the landscape of Linux desktop security, Jonathan Terrasi delves into the vulnerabilities of IoT devices, the focus on Linux servers for attacks, and why Linux remains a more secure albeit less popular operating system. The post When Bettin…
  - 28 Aug 23, 6:45pm -
• Rhino Linux Unleashes First Rolling Release Ubuntu Stable Edition
  Rhino Linux 2023.1 introduces a hybrid-like distribution with rolling releases, merging the reliability of Ubuntu with a sleek design. The post Rhino Linux Unleashes First Rolling Release Ubuntu Stable Edition appeared first on LinuxInsider.
  - 15 Aug 23, 12:00pm -
• More Fintech Players Cashing in on Open-Source Offerings
  The financial industry has historically been conservative when it comes to software development, especially when it comes to picking open-source applications over proprietary code. That caution is softening as more financial companies are now embraci…
  - 10 Aug 23, 12:00pm -
• Rhino Linux Locks Horns With Gnome, Xfce Desktop Design
  Rhino Linux innovatively combines GNOME and Xfce elements, creating a unique hybrid desktop that offers both modern user interface aesthetics and the familiarity of classic Linux. The post Rhino Linux Locks Horns With Gnome, Xfce Desktop Design appea…
  - 17 Jul 23, 4:32pm -
• New MakuluLinux Release Brings AI to the Max
  The first beta release of MakuluLinux Max puts artificial intelligence inside everyday desktop usage. Max's AI entity Electra could well be the start of a new type of innovation adopted by other distribution developers. It raises the bar on what Linu…
  - 30 Jun 23, 1:00pm -

arstechnica

• Coder deletes open source add-on for Chef in protest over ICE contract
  CEO said multiple Chef customers affected; now Chef won't renew contract.
  - 23 Sep 19, 6:59pm -
• Debian 10: Playing catch-up with the rest of the Linux world (that’s a good thing)
  If you skipped the last release, Debian 10 (Buster) should encourage an update into 2019.
  - 11 Sep 19, 11:40am -
• Hack in the box: Hacking into companies with “warshipping”
  For under $100, compact hardware can turn a shipped package into a Trojan horse for attacks.
  - 13 Aug 19, 9:24pm -
• Microsoft publishes first Edge for macOS preview, promises to make it truly “Mac-like”
  Microsoft is making sure to take advantage of the Mac's hardware and design.
  - 20 May 19, 10:40pm -
• Windows dual booting no longer looking likely on Pixelbooks
  Development work appeared to grind to a halt last December.
  - 15 May 19, 10:50pm -
• Microsoft open sources algorithm that gives Bing some of its smarts
  You can ask "How tall is the tower in Paris?" and it knows what you're talking about.
  - 15 May 19, 3:51pm -
• Microsoft: The open source company
  The times, they are a-changin'—even bits of Windows will be open source.
  - 10 May 19, 9:51pm -
• Windows 10 will soon ship with a full, open source, GPLed Linux kernel
  The new Windows Subsystem for Linux will use a real Linux kernel.
  - 6 May 19, 8:20pm -
• Microsoft’s plan for Edge: Integrated IE compatibility, better privacy
  New features will make Edge more than just a reskinned Chrome.
  - 6 May 19, 4:27pm -
• Developers love Python and TypeScript, get paid for Clojure, and aren’t using blockchain
  Visual Basic remains as unpopular as ever.
  - 10 Apr 19, 7:44pm -

technewsworld

• newMonoprice CrystalPro 27″ Monitor Delivers Productivity, Convenience at a Bargain Price
  The Monoprice 27" CrystalPro 4K UHD Monitor is a productivity-enhancing display offering stunning visuals, adjustable ergonomics, and exceptional value. Ideal for both office and home use, it's a top choice for quality and affordability. The post Mon…
  - 11 hours ago 7 Dec 23, 1:00pm -
• GHSA Backs Road Cams To Bolster Traffic Safety
  The Governors Highway Safety Association is urging communities to deploy automated enforcement programs using traffic cameras to address the ever-increasing number of roadway fatalities. The post GHSA Backs Road Cams To Bolster Traffic Safety appeare…
  - 1 day ago 6 Dec 23, 1:00pm -
• Quishing Alert: Experts Advise Caution Before Scanning QR Codes
  Quick Response codes have become a vehicle for bad actors to steal credentials, infect mobile devices, and invade corporate systems. The post Quishing Alert: Experts Advise Caution Before Scanning QR Codes appeared first on TechNewsWorld.
  - 2 days ago 5 Dec 23, 3:14pm -
• The Essential Tech Gift Guide for 2023 Holiday Shoppers
  Whether searching for the perfect gadget for a tech enthusiast or a unique gift to surprise a loved one, this guide has you covered. The post The Essential Tech Gift Guide for 2023 Holiday Shoppers appeared first on TechNewsWorld.
  - 3 days ago 4 Dec 23, 1:00pm -
• Massive Study Discounts Adverse Effects of Internet on Mental Health
  A study of the psychological well-being of two million individuals from 2005 to 2022 in 168 countries found "smaller and less consistent associations than would be expected if the internet were causing widespread psychological harm." The post Massive…
  - 8 days ago 29 Nov 23, 3:35pm -
• Synaptics Pivots To Develop Its Own IoT Compute Solutions
  Synaptics boasts top-notch wireless connectivity and validated AI proficiency. This approach positions the company effectively to provide the framework for the upcoming era of IoT computing. The post Synaptics Pivots To Develop Its Own IoT Compute So…
  - 8 days ago 29 Nov 23, 2:00pm -
• Insider Tips for Buying a New Personal Computer
  Buying a new computer can be a daunting task. This primer will guide you to making an informed decision, saving money, and ensuring a more productive and satisfying computing experience. The post Insider Tips for Buying a New Personal Computer appear…
  - 10 days ago 27 Nov 23, 10:35pm -
• Microsoft’s Copilot Rises From the Ashes of Bob and Clippy
  Copilot technology was still in its infancy only eight months ago. Last week, it went to general availability at top enterprises, and now 70% of users indicate they don’t want to work without this capability. The post Microsoft’s Copilot Rises Fr…
  - 17 days ago 20 Nov 23, 1:00pm -
• Electronic Frontier Foundation Calls for FTC Action on Poisoned Set-Top Boxes
  TV set-top boxes infected with malware are being sold online at Amazon and other resellers, and the EFF wants the Federal Trade Commission to put a stop to it. The post Electronic Frontier Foundation Calls for FTC Action on Poisoned Set-Top Boxes app…
  - 21 days ago 16 Nov 23, 2:00pm -
• Gunnar Tallac Glasses: A Stylish Solution for Blue-Light Protection
  A seldom-considered computing safety feature has nothing to do with protecting your data or preventing online identity theft. Rather, it focuses on providing visual clarity and reducing eye strain. Gunnar Optiks' new Tallac blue-light-blocking comput…
  - 22 days ago 15 Nov 23, 2:00pm -