Willkommen auf der Seite mit Neuigkeiten und Informationen des aktuellen Monates rund um die Thematik der IT, IT-Sicherheit und meinem eigenen kleinen Webprojekt.
Hier finden Sie eine kleine Auswahl an externen Feeds wieder mit denen sich nicht nur Administratoren aus den Welten von Microsoft® und Linux® beschäftigen sollten, zudem spezifisch zu Ubuntu und Kubuntu.
Ebenfalls haben Sie die Möglichkeit die aktuellen Nachrichten über die Veröffentlichung neuer Artikel unter HowTo's, ... zu meiner Webseite mittels einem Feedreader zu abonieren im Format RSS 2.0 und im Nachrichtenarchiv in den Listen der News herum zu stöbern.
Die Bundesregierung sieht Vorteile in der "Tokenisierung von Assets". Auch für digitale Identitäten sollen Einsatzmöglichkeiten der Blockchain-Technik geprüft werden. (Blockchain, Sicherheitslücke)
Die Essener Polizei hat Fotos einer Demonstration auf Facebook und Twitter veröffentlicht. Dagegen hatten zwei Demonstrationsteilnehmer geklagt, die auf den Bildern zu erkennen waren. Das Oberverwaltungsgericht Münster hat nun zugunsten der Versammlungsfreiheit entschieden. (Polizei, Soziales Netz)
Eine Optimierung bei Dateisystemoperationen im Linux-Kernel führt zu blockierten Bootvorgängen auf manchen Systemen. Schuld daran sind Userspace-Programme, die zuverlässige Zufallsdaten wollen, bevor diese bereitstehen. (Linux-Kernel, Virtualisierung)
Brustkrebsscreenings, Wirbelsäulenbilder und Röntgenaufnahmen: 16 Millionen Patientendatensätze konnte ein Sicherheitsforscher auf ungeschützten Servern im Internet entdecken. Auch Tausende Patienten aus Deutschland sind betroffen. (Datenleck, Datenschutz)
Über eine Sicherheitslücke im Passwortmanager Lastpass konnten Webseiten auf die zuletzt verwendeten Zugangsdaten zugreifen - von einer anderen Webseite. (Passwort, Sicherheitslücke)
Neben Kryptohandys dürfen Behördenmitarbeiter nun auch auf iPhones Vertrauliches miteinander besprechen - vorausgesetzt, sie verwenden eine App der Telekom. (Telekom, VoIP)
Der Sperrbildschirm in iOS 13 kann mit einem einfachen Trick umgangen werden. So kann auf das Adressbuch des Besitzers zugegriffen werden. iOS 13 soll am 19. September veröffentlicht werden - die Lücke möchte Apple bis dahin nicht schließen. (Apple, Instant Messenger)
Die großen Browser-Hersteller wollen im kommenden Frühjahr die alten TLS-Versionen 1.0 und 1.1 komplett deaktivieren. Die Firefox-Entwickler werden das in ihrer Nightly-Version testen. (Firefox, Browser)
Eine Sicherheitsfirma will eine Schadsoftware entdeckt haben, die ohne Nutzerinteraktion Daten aus dem Mobiltelefon auslesen kann. Die Schadsoftware komme per SMS und laufe auf der SIM-Karte. Das funktioniert allerdings nicht immer. (SIM-Karte, Malware)
Datenschutzbehörden können von Fanpage-Betreibern die Deaktivierung des Angebots verlangen. Das Bundesverwaltungsgericht sieht die Anbieter als "Türöffner" für Facebooks Datensammelei. (Datenschutz, Soziales Netz)
Mozilla legt das Test-Pilot-Programm des Firefox neu auf und startet mit einem Experiment für einen privaten Netzwerk-Proxy für den Browser. Diesen soll der Netz-Dienstleister Cloudflare betreiben. (Firefox, Browser)
Mitarbeiter von Protonmail haben in OpenDMARC eine Sicherheitslücke entdeckt, mit der sich die Signaturprüfung austricksen lässt. Angreifer haben die Lücke bereits für Phishingangriffe gegen Journalisten genutzt. OpenDMARC wird offenbar nicht weiterentwickelt und es gibt kein Update. (DMARC, Spam)
Mit Telegram können aus Versehen gesendete Nachrichten unkompliziert auch beim Empfänger gelöscht werden. Das hat jedoch nicht zuverlässig funktioniert und die peinlichen Bilder verblieben auf dem Smartphone. (Telegram, Datenschutz)
Nur die wenigsten Cookie-Banner entsprechen den Vorschriften der DSGVO, wie eine Studie feststellt. Die Datenschutzbehörden halten sich mit Sanktionen aber noch zurück. (Tracking, Spam)
Im Mailserver Exim wurde eine Sicherheitslücke gefunden, die Angreifern das Ausführen von Code ermöglicht. Ein Update steht bereit. (E-Mail, Server-Applikationen)
Mit Hilfe des Prinzips Differential Privacy sollen sich sensible Daten statistisch auswerten lassen, ohne Rückschlüsse auf die eigentlichen Daten zu ermöglichen. Google stellt dafür eine C++-Bibliothek als Open Source bereit. (Google, Datenschutz)
Um das Internet als Einheit zu erhalten und damit Nutzer weiterhin das notwendige Vertrauen in die Technik haben können, formuliert das Internet Architecture Board nun klare Richtlinien, denen Gesetzgeber folgen sollten. (Internet, DNS)
Mit einem einfachen Trick kann ein Sicherheitsupdate von Logitech umgangen werden. Damit lassen sich weiterhin Eingaben von kabellosen Tastaturen abgreifen - oder Schadcode eintippen. Dabei hatte Logitech nicht einmal alle Sicherheitslücken behoben. (Logitech, Eingabegerät)
Hat der Münchner Hersteller von Überwachungssoftware, Finfisher, illegal ein Spähprogramm an die Türkei verkauft? Nach einer Anzeige von vier Organisationen ermittelt die Staatsanwaltschaft. (Überwachung, Datenschutz)
Facebook hatte bereits im vergangenen Jahr eingeräumt, dass die Funktion zur Freunde-Suche zum Datenabgriff missbraucht wurde. Im Internet ist nun eine Datenbank mit Einträgen zu Hunderten Millionen Nutzern entdeckt worden. (Facebook, Soziales Netz)
Weil Google auf Youtube auch die Daten von Kindern gesammelt und für personenbezogene Werbung genutzt hat, zahlt Google eine Rekordstrafe - die allerdings im Verhältnis zum Gewinn sehr gering ausfällt. (Youtube, Google)
Eine Reihe von Fehlern und Unachtsamkeiten hat dafür gesorgt, dass ein Spectre-Fix im Linux-Kernel keine Wirkung hat. Darauf weist das Grsecurity-Team hin, das die Gelegenheit für Eigenwerbung nutzt. (Linux-Kernel, Linux)
Über mehrere Sicherheitslücken in den BMCs von Supermicro können Angreifer virtuelle USB-Sticks an die Server anschließen. Mit ihnen lassen sich Daten auslesen, Schadsoftware installieren oder das Betriebssystem austauschen. (Server, Computer)
Die Bundesrechtsanwaltskammer erhofft sich vom neuen Betreiber des besonderen elektronischen Anwaltspostfachs einen zuverlässigen und sicheren Weiterbetrieb. Atos ist damit zum Ende des Jahres raus. (BeA, Verschlüsselung)
GitHub erweitert seine Plattform um weitere Sicherheitsfeatures. Das Unternehmen will Entwicklern damit die Arbeit erleichtern und Software sicherer machen.
Weil Tausende Nutzer ihre Google-Kalender zu leichtsinnig konfigurieren, sind diese öffentlich zugänglich. Ein Sicherheitsexperte fand viele private Termine.
Eine offene Datenbank einer Privatfirma gibt Informationen zu Millionen Bürgern Ecuadors preis. Darunter sind auch Kinder, der Präsident – und Julian Assange.
Vorsicht: Derzeit sind wieder gefälschte Bewerbungen mit gefährlichem Dateianhang in Umlauf. Wer darauf reinfällt, steht vor einem digitalen Scherbenhaufen.
Über eine Schwachstelle in vielen SIM-Karten könnten Angreifer Mobiltelefon-Besitzer ausspionieren. Bisher geschah dies aber anscheinend nur in Einzelfällen.
Während der viermonatigen "Operation reWired" gegen E-Mail-Betrüger klickten vor allem in Nigeria, aber auch in zahlreichen anderen Ländern die Handschellen.
Web-Radios von Telestar-Digital, die hierzulande in vielen Elektronikmärkten verkauft werden, weisen zwei schwere Lücken auf. Ein Firmware-Update behebt sie.
Desinfec't 2019/20 ist das Rettungssystem bei Virenbefall. Das E-Paper kann man schon jetzt kaufen. Die Print-Ausgabe ist vorbestellbar - der USB-Stick folgt.
Intels Xeon-Prozessoren lassen sich über die Netzwerkfunktionen DDIO und RDMA angreifen, um zum Beispiel über SSH-Sitzungen Tastatureingaben auszulesen.
Google will DNS-over-HTTPS (DoH) in seinem Chrome-Browser testen. Der verwendete DNS-Provider soll bleiben, nur das Protokoll ändert sich. Auch Mozilla testet.
Mozilla reaktiviert sein Testprogramm: Firefox-Nutzer in den USA dürfen einen VPN-Dienst testen. "Firefox Private Network" schützt die Privatsphäre im WLAN.
Millionen von Android-Geräten können mit gefälschten OMA-CP-Nachrichten in Wanzen verwandelt werden – allerdings nur, wenn der Benutzer nicht aufpasst.
Google hat auf ein Apple-Statement reagiert, in dem ein Angriff auf tausende Uiguren in China als "eng fokussiert" bezeichnet wird. Man stehe zu seinem Bericht.
IoT-Geräte dürften einen DDOS-Angriff auf Wikimedia ermöglicht haben. Zunächst in Deutschland und dann überall war auch Wikipedia zeitweise unerreichbar.
Exim-Mail-Server weisen eine Sicherheitslücke auf, über die sich Angreifer von außen Root-Rechte auf dem System verschaffen können. Ein Update schafft Abhilfe.
Das Content Management System Wordpress ist in einer abgesicherten Version erschienen. Keine Lücke gilt als kritisch. Aktualisieren sollte man trotzdem.
Die Entwickler des freien Programmpakets Samba haben eine kritische Lücke geschlossen, die Angreifern unter Umständen unbefugte Verzeichniszugriffe erlaubte.
Firefox 69, Firefox ESR 60.9 und 68.1 sowie Version 8.5.5 des Tor Browsers beseitigen zahlreiche Schwachstellen aus früheren Versionen – auch eine kritische.
Zwei Händler für ausnutzbare Lücken behaupten, dass derzeit besonders viele iPhone-Exploits durch die Szene geistern. Einer passte deshalb gar die Preise an.
Die US-Luftwaffe karrt einen F35-Simulator zur DEF CON, BMW kooperiert mit chinesischen Security-Forschern auf der Black Hat. Andere Unternehmen fremdeln noch.
Den neuen Schutz zur Absicherung der Funktastaturen und -mäuse kann man leicht austricksen, wie Security-Experte Marcus Mengs gegenüber heise Security erklärt.
Das Forum der Webcomic-Site xkcd ist vorerst offline: In ihm klafft(e) ein Datenleck. Mindestens in einigen Fällen wurden MD5-Hashes von Passwörtern geleakt.
Ein Oberstleutnant kommt in einer Analyse des Wissenschaftlichen Dienst des Bundestags zum Schluss, dass Hackbacks nicht abschrecken und zu Anarchie führen.
Der Netzwerkausrüster Cisco hat vier Guides für verschiedene Software veröffentlicht, die helfen sollen, Hinweise auf mögliche Kompromittierungen zu finden.
"Transfer...money...now"? Die gefälschte (Computer-) Stimme eines Vorgesetzten klang offenbar echt genug, um am Telefon einen hohen Geldbetrag zu ergaunern.
Die Entwickler von Kali Linux haben in der neuen Ausgabe unter der Haube geschraubt und unter anderem Tools aktualisiert. Der Download soll nun flinker sein.
In dem eintägigen Workshop demonstriert Tobias Glemser, Chapterlead des German Chapters des OWASP, die zehn häufigsten Sicherheitsrisiken bei Webanwendungen.
Eine von Google entdeckte Hack-Kampagne, die iOS-Zerodays nutzte, richtete sich angeblich gegen Personen in der chinesischen Provinz Xinjiang, so ein US-Medium.
In the past year we invested a lot of time making Hyper-V research more accessible to everyone. Our first blog post, “First Steps in Hyper-V Research”, describes the tools and setup for debugging the hypervisor and examines the interesting attack surfaces of the virtualization stack components. We then published “Fuzzing para-virtualized devices in Hyper-V”, which …
We have released the September security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of …
2019 has seen a phenomenal BlueHatIL in February followed by a wildly successful BlueHat Shanghai in May… now it’s time to come back home for BlueHat Seattle! 2 days of hands-on technical training (October 22-23, 2019) 2 days of conference talks from industry-leading security researchers and cyber defenders (October 24-25, 2019) great creative spaces ready …
In a previous post we described some of the differences between on-premises/physical forensics and cyber investigations and those performed in the cloud, and how this can make cloud forensics challenging. That blog post described a method of creating and maintaining a VM image which can be distributed to multiple regions, allowing you to deploy this …
Insecure Internet-connected devices have aided different types of cybercrime for years, most common being DDoS and spam campaigns. But cybercriminals have now shifted toward a profitable scheme where botnets do not just launch DDoS or spam—they mine cryptocurrencies as well. Smominru, an infamous cryptocurrency-mining and credential-stealing botnet, has become one of the rapidly spreading
Ecuador officials have arrested the general manager of IT consulting firm Novaestrat after the personal details of almost the entire population of the Republic of Ecuador left exposed online in what seems to be the most significant data breach in the country's history. Personal records of more than 20 million adults and children, both dead and alive, were found publicly exposed on an unsecured
A cybersecurity researcher recently published details and proof-of-concept for an unpatched zero-day vulnerability in phpMyAdmin—one of the most popular applications for managing the MySQL and MariaDB databases. phpMyAdmin is a free and open source administration tool for MySQL and MariaDB that's widely used to manage the database for websites created with WordPress, Joomla, and many other
Advanced Persistent Threats groups were once considered a problem that concerns Fortune 100 companies only. However, the threat landscape of the recent years tells otherwise—in fact, every organization, regardless of vertical and size is at risk, whether as a direct target, supply chain or collateral damage. The vast majority of security decision-makers acknowledge they need to address the
The United States government today filed a lawsuit against Edward Snowden, a former contractor for the CIA and NSA government agencies who made headlines worldwide in 2013 when he fled the country and leaked top-secret information about NSA's global and domestic surveillance activities. And you would be more surprised to know the reason for this lawsuit—No, Snowden has not been sued for
"Warning — Making your calendar public will make all events visible to the world, including via Google search. Are you sure?" Remember this security warning? No? If you have ever shared your Google Calendars, or maybe inadvertently, with someone that should not be publicly accessible anymore, you should immediately go back to your Google settings and check if you're exposing all your events
The world of connected consumer electronics, IoT, and smart devices is growing faster than ever with tens of billions of connected devices streaming and sharing data wirelessly over the Internet, but how secure is it? As we connect everything from coffee maker to front-door locks and cars to the Internet, we're creating more potential—and possibly more dangerous—ways for hackers to wreak havoc.
Mistakenly sent a picture to someone via WhatsApp that you shouldn't have? Well, we've all been there, but what's more unfortunate is that the 'Delete for Everyone' feature WhatsApp introduced two years ago contains an unpatched privacy bug, leaving its users with false sense of privacy. WhatsApp and its rival Telegram messenger offer "Delete for Everyone," a potentially life-saving feature
The massive data breach at Capital One – America's seventh-largest bank, according to revenue – has challenged many common assumptions about cloud computing for the first time. Ironically, the incident, which exposed some 106 million Capital One customers' accounts, has only reinforced the belief that the cloud remains the safest way to store sensitive data. "You have to compare [the cloud]
The United States Treasury Department on Friday announced sanctions against three state-sponsored North Korean hacking groups for conducting several destructive cyberattacks on US critical infrastructure. Besides this, the hacking groups have also been accused of stealing possibly hundreds of millions of dollars from financial institutions around the world to ultimately fund the North Korean
Good news... next week, on September 19, Apple will roll out iOS 13, the latest version of its mobile operating system. Yes, we're excited about, but here comes the bad news... iOS 13 contains a vulnerability that could allow anyone to bypass the lockscreen protection on your iPhone and access some sensitive information. Jose Rodriguez, a Spanish security researcher, contacted The Hacker
Maintainers of the PHP programming language recently released the latest versions of PHP to patch multiple high-severity vulnerabilities in its core and bundled libraries, the most severe of which could allow remote attackers to execute arbitrary code and compromise targeted servers. Hypertext Preprocessor, commonly known as PHP, is the most popular server-side web programming language that
Cybersecurity researchers today revealed the existence of a new and previously undetected critical vulnerability in SIM cards that could allow remote attackers to compromise targeted mobile phones and spy on victims just by sending an SMS. Dubbed "SimJacker," the vulnerability resides in a particular piece of software, called the S@T Browser (a dynamic SIM toolkit), embedded on most SIM cards
Estonian based web security startup WebARX, the company who is also behind open-source plugin vulnerability scanner WPBullet and soon-to-be-released bug bounty platform plugbounty.com, has a big vision for a safer web. It built a defensive core for websites which is embedded deep inside the company's DNA as even ARX in their name refers to the citadel (the core fortified area of a town or
CISOs and CIOs need to know better than anyone the security pulse of their organizations. On the other hand, they cannot be flooded with every changing detail. Finding the right balance that enables them to clearly grasp the big picture required in making sound decisions is a task many security executives find challenging. Threat actors do not acknowledge off-hours or weekends, introducing the
Hello Ladies, let's talk about periods, privacy, and Facebook. Are you using an app on your smartphone to keep tracks on your periods? Well, it's worrying, because it might be sharing your extremely sensitive information like menstrual cycle and sexual activities with Facebook. A new investigative report from UK-based advocacy group Privacy International revealed how some most popular
It's been a summer of ransomware hold-ups, supply chain attacks and fileless attacks flying under the radar of old-school security. With malware running amok while we were lying on the beach, here's a recap of the most burning strains and trends seen in the wild during the months of July and August 2019. Malware Evolution Trends The heat must have had an effect as this summer saw malware
Unlike previous side-channel vulnerabilities disclosed in Intel CPUs, researchers have discovered a new flaw that can be exploited remotely over the network without requiring an attacker to have physical access or any malware installed on a targeted computer. Dubbed NetCAT, short for Network Cache ATtack, the new network-based side-channel vulnerability could allow a remote attacker to sniff
Immediately after Mozilla announced its plan to soon enable 'DNS over HTTPS' (DoH) by default for Firefox users in the United States, Google today says it is planning an experiment with the privacy-focused technology in its upcoming Chrome 78. Under development since 2017, 'DNS over HTTPS' performs DNS lookups—finding the server IP address of a certain domain name—over an encrypted HTTPS
Mozilla has officially launched a new privacy-focused VPN service, called Firefox Private Network, as a browser extension that aims to encrypt your online activity and limit what websites and advertisers know about you. Firefox Private Network service is currently in beta and available only to desktop users in the United States as part of Mozilla's recently expunged "Firefox Test Pilot"
Breaking News — The Nigerian prince and his allies who might have also asked you over an email for your assistance to help save "the first African astronaut lost in space" have finally been arrested by the FBI. Don't take it too seriously, as there's no Nigerian prince or an astronaut seeking your help. Instead, it was an infamous 'Nigerian 419' scam email template where fraudsters try to
Get your update caps on. Microsoft today released its monthly Patch Tuesday update for September 2019, patching a total of 79 security vulnerabilities in its software, of which 17 are rated critical, 61 as important, and one moderate in severity. Two of the security vulnerabilities patched by the tech giant this month are listed as "publicly known" at the time of release, one of which is an
What could be worse than your router leaking its administrative login credentials in plaintext? Cybersecurity researchers from Trustwave's SpiderLabs have discovered multiple security vulnerabilities in some router models from two popular manufacturers—D-Link and Comba Telecom—that involve insecure storage of credentials, potentially affecting every user and system on that network. Researcher
It's Patch Tuesday again—the day of the month when both Adobe and Microsoft release security patches for vulnerabilities in their software. Adobe has just released its monthly security updates to address a total of 3 security vulnerabilities in only two of its products this time—Adobe Flash Player and Adobe Application Manager (AAM). None of the security vulnerabilities patched this month in
Cybersecurity researchers have discovered a new computer virus associated with the Stealth Falcon state-sponsored cyber espionage group that abuses a built-in component of the Microsoft Windows operating system to stealthily exfiltrate stolen data to attacker-controlled server. Active since 2012, Stealth Falcon is a sophisticated hacking group known for targeting journalists, activists, and
Facebook has patched two high-severity vulnerabilities in its server application that could have allowed remote attackers to unauthorisedly obtain sensitive information or cause a denial of service just by uploading a maliciously constructed JPEG image file. The vulnerabilities reside in HHVM (HipHop Virtual Machine)—a high-performance, open source virtual machine developed by Facebook for
Beware Apple users! Your iPhone can be hacked just by visiting an innocent-looking website, confirms a terrifying report Google researchers released earlier today. The story goes back to a widespread iPhone hacking campaign that cybersecurity researchers from Google's Project Zero discovered earlier this year in the wild, involving at least five unique iPhone exploit chains capable of
A critical remote code execution vulnerability has been discovered in the popular open-source Exim email server software, leaving at least over half a million email servers vulnerable to remote hackers. Exim maintainers today released Exim version 4.92.2 after publishing an early warning two days ago, giving system administrators a heads-up on its upcoming security patches that affect all
What if the tech intended to ensure that your kids, senior citizens, and pets are safe even when they're out of sight inadvertently expose them to stalkers? An estimated 600,000 GPS tracking devices for sale on Amazon and other large online merchants for $25–$50 have been found vulnerable to a handful of dangerous vulnerabilities that may have exposed user's real-time locations, security
Google has finally agreed to pay $170 million fine to settle allegations by the Federal Trade Commission and the New York attorney general that its YouTube service earned millions by illegally harvesting personal information from children without their parents' consent. The settlement requires Google to pay $136 million to the FTC and an additional $34 million fine to New York state for
The Incident Response (IR) services market is in accelerated growth due to the rise in cyberattacks that result in breaches. More and more organizations, across all sizes and verticals, choose to outsource IR to 3rd party service providers over handling security incidents in-house. Cynet is now launching a first-of-its-kind offering, enabling any Managed Security Provider (MSP) or Security
Twitter today finally decided to temporarily disable a feature, called 'Tweeting via SMS,' after it was abused by a hacking group to compromise Twitter CEO Jack Dorsey last week and sent a series of racist and offensive tweets to Dorsey's followers. Dorsey's Twitter account was compromised last week when a hacker group calling itself "Chuckling Squad" replicated a mobile phone number
Beware! Billion of Android users can easily be tricked into changing their devices' critical network settings with just an SMS-based phishing attack. Whenever you insert a new SIM in your phone and connects to your cellular network for the very first time, your carrier service automatically configures or sends you a message containing network-specific settings required to connect to data
Mozilla has finally enabled the "Enhanced Tracking Protection" feature for all of its web browser users worldwide by default with the official launch of Firefox 69 for Windows, Mac, Linux, and Android. The company enabled the "Enhanced Tracking Protection" setting by default for its browser in June this year, but only for new users who downloaded and installed a fresh copy of Firefox.
Well, there's some good news for hackers and vulnerability hunters, though terrible news for Google, Android device manufacturers, and their billions of users worldwide. The zero-day buying and selling industry has recently taken a shift towards Android operating system, offering up to $2.5 million payouts to anyone who sells 'full chain, zero-click, with persistence' Android zero-days.
XKCD—one of the most popular webcomic platforms known for its geeky tech humor and other science-laden comic strips on romance, sarcasm, math, and language—has suffered a data breach exposing data of its forum users. The security breach occurred two months ago, according to security researcher Troy Hunt who alerted the company of the incident, with unknown hackers stealing around 562,000
Good news for you is that this week's THN Deals brings Ethical Hacking A to Z Bundle that let you get started regardless of your experience level. The Ethical Hacking A to Z Bundle will walk you through the very basic skills you need to start your journey towards becoming a professional ethical hacker. The 45 hours of course that includes total 384 in-depth lectures, usually cost $1,273, but
Enterprise servers powered by Supermicro motherboards can remotely be compromised by virtually plugging in malicious USB devices, cybersecurity researchers at firmware security company Eclypsium told The Hacker News. Yes, that's correct. You can launch all types of USB attacks against vulnerable Supermicro servers without actually physically accessing them or waiting for your victim to pick
What could be more exciting than seeing yourself starring alongside your favorite actor in a movie, music video, or TV program? Yes, that's possible—well, kind of, by using a new AI-based deepfake app that has gone viral in China over this weekend, climbing to the top of the free apps list in the Chinese iOS App Store in just three days. Dubbed ZAO, the app is yet another deepfake app for
A few Kubuntu Members (and Councillors!) met Thursday before KDE Akademy’s end. We discussed the coming release (will be 19.10) and the upcoming LTS (20.10) – which will be Plasma LTS *and* Qt LTS. This combination will make this LTS super-supported and stable. We also discussed snaps and when Ubuntu...
From a distance, Linux is one big, confusing ball of passionate users and hardcore technical jargon. But as you zoom in, you can start seeing patterns – and differences. Indeed, the individual and vastly varied choice of a favorite distribution has played a major part in shaping the community conversation in the Linux space. But […]
This is a guest blog by Kara Todd, Director, Linux, IBM Z and LinuxONE Enterprises today need the most secure, and flexible system to support their initiatives, and for that system to grow and evolve for tomorrow. The latest LinuxONE system was designed to support mission-critical initiatives and allow enterprises to be innovative as they […]
This is a guest blog by Kara Todd, Director, Linux, IBM Z and LinuxONE Enterprises today need the most secure, and flexible system to support their initiatives, and for that system to grow and evolve for tomorrow. The latest LinuxONE system was designed to support mission-critical initiatives and allow enterprises to be innovative as they […]
Canonical announces full enterprise support for Kubernetes 1.16, with support covering Charmed Kubernetes, MicroK8s and kubeadm. MicroK8s will be updated with Kubernetes 1.16 enabling users access to the latest upstream release with a single-line command in under 60 seconds. In addition, MicroK8s gets new add-ons with one line installs of Helm and Cilium as well […]
Canonical announces full enterprise support for Kubernetes 1.16, with support covering Charmed Kubernetes, MicroK8s and kubeadm. MicroK8s will be updated with Kubernetes 1.16 enabling users access to the latest upstream release with a single-line command in under 60 seconds. In addition, MicroK8s gets new add-ons with one line installs of Helm and Cilium as well […]
This was a fairly busy two weeks for the Web & design team at Canonical. Here are some of the highlights of our completed work. Web squad Web is the squad that develop and maintain most of the brochure websites across the Canonical. Takeover templates In order to save some time with our more and […]
Every developer, systems admin and tech enthusiast is interested in learning Kubernetes. Kubernetes is a complex container orchestration tool that can be overwhelming for beginners. Kubernetes has been the buzzword in the tech industry and for good reason. If you’re itching to get started with Kubernetes and not looking forward to the complexities involved, this […]
Every developer, systems admin and tech enthusiast is interested in learning Kubernetes. Kubernetes is a complex container orchestration tool that can be overwhelming for beginners. Kubernetes has been the buzzword in the tech industry and for good reason. If you’re itching to get started with Kubernetes and not looking forward to the complexities involved, this […]
In this blog, we are going to explore how to leverage MAAS for hardware discovery and kernel auto-configuration using tags. In many cases, certain pieces of hardware require extra kernel parameters to be set in order to make use of them. For example, when configuring GPU passthrough we will typically need to configure the GPU […]
Artificial Intelligence and Machine Learning adoption in the enterprise is exploding from Silicon Valley to Wall Street with diverse use cases ranging from the analysis of customer behaviour and purchase cycles to diagnosing medical conditions. Following on from our webinar ‘Getting started with AI’, this webinar will dive into what success looks like when deploying […]
Few enterprises want all their computing devices to be fully exposed to the internet. In an environment of ever-growing security threats, isolating internal networks from the wider internet is not simply best practice, but borderline essential. However, with all the benefits that restricted networks provide, it can pose challenges for enterprises who are looking to […]
Few enterprises want all their computing devices to be fully exposed to the internet. In an environment of ever-growing security threats, isolating internal networks from the wider internet is not simply best practice, but borderline essential. However, with all the benefits that restricted networks provide, it can pose challenges for enterprises who are looking to […]
After exploring some ROS 2 subtleties and implementing some CLI tools we felt were missing, the time has come to get our hands even more dirty. What better way to learn than by doing? C’est en forgeant qu’on devient forgeron Humm, pardon my french, Practice makes perfect To enter the realm of ROS 2 and […]
After exploring some ROS 2 subtleties and implementing some CLI tools we felt were missing, the time has come to get our hands even more dirty. What better way to learn than by doing? C’est en forgeant qu’on devient forgeron Humm, pardon my french, Practice makes perfect To enter the realm of ROS 2 and […]
This was a fairly busy two weeks for the Web & design team at Canonical. Here are some of the highlights of our completed work. Web squad Web is the squad that develop and maintain most of the brochure websites across the Canonical. Build and release dqlite.io The dqlite.io site has been built and deployed. […]
This was a fairly busy two weeks for the Web & design team at Canonical. Here are some of the highlights of our completed work. Web squad Web is the squad that develop and maintain most of the brochure websites across the Canonical. Build and release dqlite.io The dqlite.io site has been built and deployed. […]
This was a fairly busy two weeks for the Web & design team at Canonical. Here are some of the highlights of our completed work. Web squad Web is the squad that develop and maintain most of the brochure websites across the Canonical. Build and release dqlite.io The dqlite.io site has been built and deployed. […]
