Willkommen auf der Seite mit Neuigkeiten und Informationen des aktuellen Monates rund um die Thematik der IT, IT-Sicherheit und meinem eigenen kleinen Webprojekt.
Hier finden Sie eine kleine Auswahl an externen Feeds wieder mit denen sich nicht nur Administratoren aus den Welten von Microsoft® und Linux® beschäftigen sollten, zudem spezifisch zu Ubuntu und Kubuntu.
Ebenfalls haben Sie die Möglichkeit die aktuellen Nachrichten über die Veröffentlichung neuer Artikel unter HowTo's, ... zu meiner Webseite mittels einem Feedreader zu abonieren im Format RSS 2.0 und im Nachrichtenarchiv in den Listen der News herum zu stöbern.
Ein aktueller Entwurf der IETF sieht vor, dass die alten TLS-Versionen 1.0 und 1.1 künftig nicht mehr benutzt werden dürfen. Ein Fallback ist explizit nicht vorgesehen. (TLS, Verschlüsselung)
Besitzer eines Google Home oder Chromecast können von Webseiten auf wenige Meter genau lokalisiert werden. Hintergrund des Angriffs ist eine Technik namens DNS Rebinding. (Google Home, Google)
Eine Gruppe von Anwälten hat mit Unterstützung der Gesellschaft für Freiheitsrechte eine Klage gegen die Bundesrechtsanwaltskammer eingereicht. Sie wollen eine Ende-zu-Ende-Verschlüsselung im besonderen elektronischen Anwaltspostfach (BeA) erzwingen. (BeA, Verschlüsselung)
In Hollywoodfilmen haben Hacker mit Sturmmasken ein ganzes Arsenal von Zero-Day-Exploits, und auch sonst scheinen die kleinen Programme mehr und mehr als zentraler Begriff der IT-Sicherheit verstanden zu werden. Der Hacker Thomas Dullien hingegen versucht sich an einem theoretischen Modell eines Exploits. (Security, Applikationen)
Das BSI warnt vor Angriffen auf Energieversorger. Bislang habe es allerdings keinen Zugriff auf kritische Infrastruktur gegeben, sondern vor allem auf Büronetzwerke. Wieso die Warnung genau zu diesem Zeitpunkt kommt, ist allerdings unklar. (BSI, Internet)
Register der Floating Point Unit in Core i und wohl auch von einigen Xeon-Prozessoren können Ergebnisse vertraulicher Berechnungen verraten. Dazu ist jedoch ein lokaler Angriff mit Malware erforderlich, außerdem ein veraltetes Betriebssystem. (Intel, Amazon)
Kommt ein Kaspersky-Verbot in EU-Institutionen? Ja, jedenfalls wenn es nach dem EU-Parlament geht. Mit breiter Wirkung hat es einen Bericht zu "Cybervorfällen" angenommen, der unter anderem ein Verbot der Kaspersky-Software fordert. (Kaspersky, Virenscanner)
In bestimmten Situationen lässt sich die Signaturprüfung von GnuPG in den Plugins für Thunderbird und Apple Mail austricksen. Der Grund: Über ungefilterte Ausgaben lassen sich Statusmeldungen des Kommandozeilentools fälschen. Doch der Angriff funktioniert nur unter sehr speziellen Bedingungen. (GPG, E-Mail)
Ein schnelles Verbot von Abmahnungen zur DSGVO ist gescheitert. Doch nun hat sich eine ungewöhnliche Allianz gebildet, um Änderungen am Datenschutz durchzusetzen. (Angela Merkel, Datenschutz)
Zahlreiche günstige Android-Geräte werden mit voraktivierter ADB-Schnittstelle ausgeliefert und können aus dem Netz kontrolliert werden. Derzeit wird das von einer Kryptomining-Kampagne genutzt. (Kryptomining, Android)
Ein Fehler in Cortana ermöglicht einem Angreifer die Ausführung von Code von einem gesperrten Windows-Sperrbildschirm aus. Microsoft hat den Fehler am Patch Tuesday behoben. (Windows 10, Windows)
Wenn Betreiber von Ladestationen das Wort "eichrechtskonform" hören, stöhnen sie genervt auf. Doch demnächst soll es mehr Lösungen geben, die die Elektromobilität mit dem strengen deutschen Eichrecht in Einklang bringen. Davon profitieren Anbieter und Fahrer gleichermaßen. (Elektroauto, RFID)
Foscam muss seine IP-Kameras erneut gegen mehrere Sicherheitslücken absichern. Angreifer hätten für eine erfolgreiche Übernahme gleich mehrere Schwachstellen kombinieren müssen. (Security, Datenschutz)
Eine Android-App der spanischen Fußballliga sucht im Hintergrund nach illegalen Streams in Kneipen - und aktiviert dazu Mikrofon und GPS des Smartphones. Herausgekommen ist das Verhalten durch die Datenschutzgrundverordnung. (Fußball, Datenschutz)
Wenn ein Unternehmen mit Ransomware attackiert wird, geht es nicht immer um Erpressung. Bei einem Angriff auf die Banco de Chile soll die Software vor allem als Ablenkung eingesetzt worden sein. (Ransomware, Virus)
Die Datenschutzverstöße bei Facebook gehen weiter. Facebook hat zugegeben, mehreren Unternehmen auch nach 2015 Zugriff auf Freunde-Daten zu gewähren - ohne Erlaubnis. (Facebook, Soziales Netz)
Pläne für eine Antischiffsrakete, Informationen über ein verschlüsseltes Kommunikationssystem und andere vertrauliche Daten der US-Marine sind von Hackern kopiert worden. Das FBI geht davon aus, dass der Angriff aus China kam. (Spionage, Internet)
Die Verhandlungen zur E-Privacy-Verordnung gehen in die Schlussphase. Die Bundesregierung hat deutlich gemacht, dass sie die Einbußen für die Werbewirtschaft möglichst gering halten will. (EU, Datenschutz)
Flash-Exploits werden mittlerweile immer häufiger über Office-Dokumente verteilt, weil Browser die Inhalte kaum noch anzeigen. In einem aktuellen Fall werden Nutzer im arabischen Raum angegriffen. (Microsoft, Office-Suite)
Das Projekt Gitea erstellt eine leichtgewichtige Open-Source-Alternative zu Github. Ein Bot-Account des Projekts auf Github ist nun offenbar kurzzeitig übernommen worden, um Cryptominer zu verbreiten. Quellcode und Infrastruktur sollen nicht betroffen sein. (Open Source, Softwareentwicklung)
Bei 14 Millionen Facebooknutzern waren Posts für einige Tage standardmäßig öffentlich und nicht - wie von den Nutzern intendiert - privat. Facebook hat das Problem behoben, das bei Arbeiten an einem neuen Feature unabsichtlich entstanden war. (Facebook, Soziales Netz)
Zahlreiche Webseitenbetreiber haben die Patches für kritische Sicherheitslücken in Drupal nicht eingespielt. Viele der Seiten werden für Kryptomining genutzt oder wurden per Defacement verändert. (Internet, CMS)
Was bedeutet das EuGH-Urteil für die Betreiber von Fanseiten auf Facebook? Zwar ist in erster Linie nun der US-Konzern selbst gefordert, doch für die Betreiber bestehen gewisse Risiken. (Facebook, Soziales Netz)
Die Router-Malware VPN Filter kann mehr als bislang angenommen. Die Software soll neben einem Selbstzerstörungsmodul auch eines zum Aufbrechen verschlüsselter Verbindungen haben. (Router-Lücke, Virus)
Google will Android-Entwicklern eine einfache Möglichkeit geben, Pushnachrichten mit einer Ende-zu-Ende-Verschlüsselung zu versehen. Project Capillary setzt dabei beim Firebase Cloud-Messaging-Dienst an. (Security, Google)
Rund 92 Millionen Nutzerdaten von einem Dienst zur Ahnenforschung sind unberechtigt kopiert worden. Die Passwörter liegen jedoch nur gehasht vor. Das Unternehmen verarbeitet auch DNA-Informationen. (Security, Server)
Eine Sicherheitslücke in Kompressionsbibliotheken ermöglicht Angreifern, Dateien zu verändern und an beliebige Orte zu schreiben. Sind Adminrechte vorhanden, können Exe-Dateien getauscht und Skripte manipuliert werden. (Sicherheitslücke, Java)
Noch vor der Sommerpause soll es ein gesetzliches Verbot von Abmahnungen wegen Verstößen gegen die DSGVO geben. Doch die Koalition plant keine dauerhafte Lösung des Problems. (Angela Merkel, Datenschutz)
Die EU-Datenschutzgrundverordnung zeigt Wirkung. Die Mitarbeiter des Autozulieferers Continental dürfen auf Diensthandys kein Whatsapp mehr nutzen. Zwei andere Messengerdienste bleiben aber erlaubt. (Facebook, Instant Messenger)
Wer bei Facebook eine Fanseite betreibt, kann den Datenschutz nicht komplett auf den US-Konzern abwälzen. Datenschutzbeauftragte rechnen damit, dass viele Firmen ihre Fan-Seiten nach einem EuGH-Urteil vorläufig schließen werden. (Facebook, Soziales Netz)
In Deutschland und den USA sieht sich Facebook starker Kritik ausgesetzt. Facebook soll mehr als 60 Geräteherstellern Zugriff auf Nutzerdaten gewährt haben. Dem sozialen Netzwerk wird vorgeworfen, bei Anhörungen die Unwahrheit gesagt zu haben - weitere Anhörungen sind geplant. (Facebook, Soziales Netz)
Schwere Vorwürfe gegen Facebook. Das soziale Netzwerk soll über 60 Herstellern von Smartphones und Tablets umfangreichen Zugriff auf Facebook-Daten gewährt haben - ohne Zustimmung der Nutzer. Facebook hält den Datenaustausch für rechtskonform. (Facebook, Soziales Netz)
Ein neuartiges biometrisches Erkennungssystem soll die Authentifizierung etwa bei einer Zugangskontrolle vereinfachen: Der Proband muss nicht mehr Finger oder Iris scannen lassen, sondern geht einfach über eine Sensormatte. (Biometrie, KI)
Mehr als zehn Jahre lang hat Valve offenbar eine Sicherheitslücke im Client von Steam übersehen, mit der Fremdcode auf Millionen von Windows-Rechnern hätte ausgeführt werden können. (Steam, Valve)
Ein Seitenkanal in einer CSS-Funktion ermöglicht Rückschlüsse auf die Inhalte von iFrames, die in bösartigen Webseiten eingebaut werden. Forscher konnten so an den Facebook-Namen und das Profilfoto eines Opfers gelangen. Die Lücke ist in Chrome und Firefox behoben. (Sicherheitslücke, Firefox)
Domain-Registrare müssen künftig weniger Daten von ihren Kunden erheben. Die Internetverwaltung Icann konnte sich mit ihrer Klage nicht durchsetzen. (DSGVO, Datenschutz)
Um das Risiko für Angriffe über Spectre-Lücken zu mindern, schaltet das Betriebssystem OpenBSD bei Intel-Prozessoren Multi-Threading jetzt standardmäßig ab.
Das Europäische Parlament stuft Software von Kaspersky als "böswillig" ein. Begründet wird das nicht: es handelt sich offenbar um eine politische Aktion.
Wer die Andy-OS-Installationsdatei von der offiziellen Seite herunterlädt und ausführt, fängt sich mehreren Nutzern zufolge eine bösartige Mining-Software ein.
Automatische Schlüsselgenerierung, Federated Services, Datenportabilität und Datenhandel: Die No-Spy Konferenz widmete sich wichtigen Sicherheitsthemen.
Angriffe von Hackern auf die Stromversorgung nehmen zu. Die Versorger ziehen ihre Abwehrmauern höher und üben die richtige Reaktion in Trainingszentren.
Eigene Mail-Server seien zu teuer. Google die Verantwortung über die Mails anzuvertrauen sei die bessere Alternative, so der Konsens unter Sicherheitsforschern.
Ein Forscher ist auf eine Spammer-Datenbank mit mehr als 43 Millionen Mail-Adressen gestoßen. Noch ist unklar, wie viele von ihnen schon zuvor geleakt wurden.
Als Folge der Efail-Probleme erzwingt GnuPG 2.2.8 jetzt die Verwendung von Prüfcodes. Außerdem beseitigt das Update ein neu entdecktes Sicherheitsproblem.
Das Programm für die diesjährige Sicherheitskonferenz steht: Viele Praxistipps und Workshops sollen helfen, das IT-Sicherheitsniveau im Unternehmen zu erhöhen.
Mit Project Capillary macht Google es Android-Entwicklern einfacher, Push-Nachrichten an ihre Apps zu verschlüsseln, sodass Google sie nicht lesen kann.
In verschiedenen Netzwerkgeräten und -Software von Cisco klaffen teils kritische Lücken. Betroffene Admins sollten die verfügbaren Patches zügig installieren.
Die Drahtzieher hinter VPNFilter bauen ihr Botnetz mit gekaperten Routern von beispielsweise Asus, D-Link und Huawei weiter aus. Auch Endpoints sind bedroht.
Auf der Ahnenforschungs- und DNA-Test-Webseite hat es ein Datenleck gegeben. Dabei wurden auch Passwörter abgezogen. Die Ursachen sind bislang noch unklar.
Es gibt wichtige Patches für einige Server-Serien des Telekommunikationsausrüsters Huawei. Sie sollen Schwachstellen stopfen, die mit dem Bedrohungsgrad "hoch" eingestuft sind.
Eine Schwachstelle in CSS konnte dazu führen, dass Angreifer persönliche Informationen von Facebook-Mitgliedern über Chrome und Firefox auslesen. Beide Browser sind mittlerweile gefixt.
Google researcher has discovered a severe vulnerability in modern web browsers that could have allowed websites you visit to steal the sensitive content of your online accounts from other websites that you have logged-in the same browser. Discovered by Jake Archibald, a developer advocate for Google Chrome, the vulnerability resides in the way browsers handle cross-origin requests to video
One of the world's most popular flight tracking services Flightradar24, which shows real-time aircraft flight information on a map, has suffered a massive data breach that may have compromised email addresses and hashed passwords for more than 230,000 customers. Without revealing any information about the breach publically via their blog or social media accounts, Flightradar24 started sending
Security-oriented BSD operating system OpenBSD has decided to disable support for Intel's hyper-threading performance-boosting feature, citing security concerns over Spectre-style timing attacks. Introduced in 2002, Hyper-threading is Intel's implementation of Simultaneous Multi-Threading (SMT) that allows the operating system to use a virtual core for each physical core present in processors
Security researchers have been warning of a new trick that cybercriminals are leveraging to hide their malicious code designed to re-introduce the infection to steal confidential information from Magento based online e-commerce websites. So, if you have already cleaned up your hacked Magento website, there are chances your website is still leaking login credentials and credit card details of
Security researchers have been warning about a simple technique that cyber criminals and email scammers are using in the wild to bypass most AI-powered phishing detection mechanisms implemented by widely used email services and web security scanners. Dubbed ZeroFont, the technique involves inserting hidden words with a font size of zero within the actual content of a phishing email, keeping
Remember the 'Olympic Destroyer' cyber attack? The group behind it is still alive, kicking and has now been found targeting biological and chemical threat prevention laboratories in Europe and Ukraine, and a few financial organisation in Russia. Earlier this year, an unknown group of notorious hackers targeted Winter Olympic Games 2018, held in South Korea, using a destructive malware that
BitTorrent, the company which owns the popular file-sharing client uTorrent, has quietly been sold for $140 million in cash to Justin Sun, the founder of blockchain-focused startup TRON. TRON is a decentralized entertainment and content-sharing platform that uses blockchain and distributed storage technology. It allows users to publish content without having to use third-party platforms such
A 29-year-old former CIA computer programmer who was charged with possession of child pornography last year has now been charged with masterminding the largest leak of classified information in the agency's history. Joshua Adam Schulte, who once created malware for both the CIA and NSA to break into adversaries computers, was indicted Monday by the Department of Justice on 13 charges of
Security researchers are warning of almost a decade old issue with one of the Apple's macOS feature which was designed for users' convenience but is potentially exposing the contents of files stored on password-protected encrypted drives. Earlier this month, security researcher Wojciech Regula from SecuRing published a blog post, about the "Quick Look" feature in macOS that helps users
Given Fortnite's current popularity and craziness across the globe, we understand if you have been searching the web for download links to Fortnite APK for Android phone. However, you are not alone, thousands of people out there are also searching tutorials and links for, "how to install Fortnite on Android" or "how to download Fortnite for Android" on the Internet. The app has taken the
A security researcher has discovered a critical vulnerability in some of the world's most popular and widely used email encryption clients that use OpenPGP standard and rely on GnuPG for encrypting and digitally signing messages. The disclosure comes almost a month after researchers revealed a series of flaws, dubbed eFail, in PGP and S/Mime encryption tools that could allow attackers to
Cybersecurity researchers have uncovered an espionage campaign that has targeted a national data center of an unnamed central Asian country in order to conduct watering hole attacks. The campaign is believed to be active covertly since fall 2017 but was spotted in March by security researchers from Kaspersky Labs, who have attributed these attacks to a Chinese-speaking threat actor group called
Hell Yeah! Another security vulnerability has been discovered in Intel chips that affects the processor's speculative execution technology—like Specter and Meltdown—and could potentially be exploited to access sensitive information, including encryption related data. Dubbed Lazy FP State Restore, the vulnerability (CVE-2018-3665) within Intel Core and Xeon processors has just been confirmed
Have you recently bought a OnePlus 6? Don't leave your phone unattended. A serious vulnerability has been discovered in the OnePlus 6 bootloader that makes it possible for someone to boot arbitrary or modified images to take full admin control of your phone—even if the bootloader is locked. A bootloader is part of the phone's built-in firmware and locking it down stops users from replacing
PRIVACY – a bit of an Internet buzzword nowadays, because the business model of the Internet has now shifted towards data collection. Today, most users surf the web unaware of the fact that websites and online services collect their personal information, including search histories, location, and buying habits and make millions by sharing your data with advertisers and marketers. If this is
It's time to gear up for the latest June 2018 Microsoft security patch updates. Microsoft today released security patch updates for more than 50 vulnerabilities, affecting Windows, Internet Explorer, Edge, MS Office, MS Office Exchange Server, ChakraCore, and Adobe Flash Player—11 of which are rated critical and 39 as important in severity. Only one of these vulnerabilities, a remote code
Cortana, an artificial intelligence-based smart assistant that Microsoft has built into every version of Windows 10, could help attackers unlock your system password. With its latest patch Tuesday release, Microsoft has pushed an important update to address an easily exploitable vulnerability in Cortana that could allow hackers to break into a locked Windows 10 system and execute malicious
You probably have come across many websites that let you install browser extensions without ever going to the official Chrome web store. It's a great way for users to install an extension, but now Google has decided to remove the ability for websites to offer "inline installation" of Chrome extensions on all platforms. Google announced today in its Chromium blog that by the
A years-old vulnerability has been discovered in the way several security products for Mac implement Apple's code-signing API that could make it easier for malicious programs to bypass the security check, potentially leaving millions of Apple users vulnerable to hackers. Josh Pitts, a researcher from security firm Okta, discovered that several third-party security products for Mac—including
Despite warnings about the threat of leaving insecure remote services enabled on Android devices, manufacturers continue to ship devices with open ADB debug port setups that leave Android-based devices exposed to hackers. Android Debug Bridge (ADB) is a command-line feature that generally uses for diagnostic and debugging purposes by helping app developers communicate with Android devices
Due to the surge in cryptocurrency prices, not only hackers but also legitimate websites and mobile apps are increasingly using cryptocurrency miners to monetize by levying the CPU power of your PC and phones to mine cryptocurrencies. However, Apple wants to protect your Mac and iPhone battery from shady cryptocurrency mining apps, and therefore, the company has put restrictions on such apps
The United States Department of Justice announced Monday the arrest of 74 email fraudsters across three continents in a global crackdown on a large-scale business email compromise (BEC) scheme. The arrest was the result of a six-month-long operation dubbed "Operation Wire Wire" that involved the US Department of Justice, the US Department of Homeland Security, the US Treasury, and the US Postal
It’s no secret that expecting security controls to block every infection vector is unrealistic. For most organizations, the chances are very high that threats have already penetrated their defenses and are lurking in their network. Pinpointing such threats quickly is essential, but traditional approaches to finding these needles in the haystack often fall short. Now there is a unique
China no longer owns the fastest supercomputer in the world; It is the United States now. Though China still has more supercomputers on the Top 500 list, the USA takes the crown of "world's fastest supercomputer" from China after IBM and the U.S. Department of Energy's Oak Ridge National Laboratory (ORNL) unveiled "Summit." Summit is claimed to be more than twice as powerful as the current
Security researchers have been warning about cybercriminals who have made over 20 million dollars in just past few months by hijacking insecurely configured Ethereum nodes exposed on the Internet. Qihoo 360 Netlab in March tweeted about a group of cybercriminals who were scanning the Internet for port 8545 to find insecure geth clients running Ethereum nodes and, at that time, stole 3.96234
In its years-long efforts to censor the Internet by blocking access to a large number of websites in the country, Russia has now approved a new bill introducing fines for search engines that provide links to banned sites, VPN services, and anonymization tools. VPNs, or Virtual Private Networks, are third-party services that help users access block banned websites by encrypting users' Internet
Facebook admits as many as 14 millions of its users who thought they're sharing content privately with only friends may have inadvertently shared their posts with everyone because of a software bug. Facebook said in front of Congress in March over the Cambridge Analytica scandal that "every piece of content that you share on Facebook you own, you have complete control over who sees it and how
If you have already uninstalled Flash player, well done! But if you haven't, here's another great reason for ditching it. Adobe has released a security patch update for a critical vulnerability in its Flash Player software that is actively being exploited in the wild by hackers in targeted attacks against Windows users. Independently discovered last week by several security
Marcus Hutchins, the British malware analyst who helped stop global Wannacry menace, is now facing four new charges related to malware he allegedly created and promoted it online to steal financial information. Hutchins, the 24-year-old better known as MalwareTech, was arrested by the FBI last year as he was headed home to England from the DefCon conference in Las Vegas for his alleged role
After the discovery of massive VPNFilter malware botnet, security researchers have now uncovered another giant botnet that has already compromised more than 40,000 servers, modems and internet-connected devices belonging to a wide number of organizations across the world. Dubbed Operation Prowli, the campaign has been spreading malware and injecting malicious code to take over servers and
You must update your Google Chrome now. Security researcher Michał Bentkowski discovered and reported a high severity vulnerability in Google Chrome in late May, affecting the web browsing software for all major operating systems including Windows, Mac, and Linux. Without revealing any technical detail about the vulnerability, the Chrome security team described the issue as incorrect
It turns out that the threat of the massive VPNFilter botnet malware that was discovered late last month is beyond what we initially thought. Security researchers from Cisco's Talos cyber intelligence have today uncovered more details about VPNFilter malware, an advanced piece of IoT botnet malware that infected more than 500,000 routers in at least 54 countries, allowing attackers to spy on
Apple is making it easier for mobile developers to port their iOS apps to the next-generation macOS Mojave desktop platform—a major step in bringing the two platforms closer together. However, at the same time, the company straightforward denied the idea of merging the iPhone and Mac operating systems into one platform, which was being speculated for years. So, Apple made it clear that iOS
MyHeritage, the Israel-based DNA testing service designed to investigate family history, has disclosed that the company website was breached last year by unknown attackers, who stole login credentials of its more than 92 million customers. The company learned about the breach on June 4, 2018, after an unnamed security researcher discovered a database file named "myheritage" on a private
Security researchers at British software firm Snyk have revealed details of a critical vulnerability that affects thousands of projects across many ecosystems and can be exploited by attackers to achieve code execution on the target systems. Dubbed "Zip Slip," the issue is an arbitrary file overwrite vulnerability that triggers from a directory traversal attack while extracting files from an
At Worldwide Developer Conference 2018 on Monday, Apple announced the next version of its macOS operating system, and it's called Mojave. Besides introducing new features and improvements of macOS 10.14 Mojave—like Dark Mode, Group FaceTime, Dynamic Desktop, and Finder—at WWDC, Apple also revealed a bunch of new security and privacy features coming with the next major macOS update. Apple CEO
Not following cybersecurity best practices could not only cost online users but also cost cybercriminals. Yes, sometimes hackers don't take best security measures to keep their infrastructure safe. A variant of IoT botnet, called Owari, that relies on default or weak credentials to hack insecure IoT devices was found itself using default credentials in its MySQL server integrated with command
Hundreds of thousands of websites running on the Drupal CMS—including those of major educational institutions and government organizations around the world—have been found vulnerable to a highly critical flaw for which security patches were released almost two months ago. Security researcher Troy Mursch scanned the whole Internet and found over 115,000 Drupal websites are still vulnerable to
Despite the continual emergence of new cyber attacks because of misconfigured servers and applications, people continue to ignore security warnings. A massive malware campaign designed to target open Redis servers, about which researchers warned almost two months ago, has now grown and already hijacked at least 75% of the total servers running publicly accessible Redis instances. Redis, or
After being embroiled into controversies over its data sharing practices, it turns out that Facebook had granted inappropriate access to its users' data to more than 60 device makers, including Amazon, Apple, Microsoft, Blackberry, and Samsung. According to a lengthy report published by The New York Times, the social network giant struck data-sharing partnerships with at least 60 device
Here's the biggest news of the week—Microsoft has reportedly acquired GitHub for $7.5 billion. For those unaware, GitHub is a popular code repository hosting service that allows developers to host their projects, documentation, and code in the cloud using the popular Git source management system, invented in 2005 by Linux founder Linus Torvalds. GitHub is used by many developers and big tech
With the migration of governments and enterprises towards controller-based architectures, the role of a core network engineer has become more important than ever. Today, majority of interconnected wide area networks (WANs) and local area networks (LANs) in the world run on Cisco routers and other Cisco networking equipments, and therefore most organizations need network engineers to maintain
A couple of weeks ago representatives from across Canonical met in London to talk about ideas to improve the user experience of GNOME Software. We had people from the store team, snap advocacy, snapd, design and from the desktop team. We were also fortunate enough to be joined by Richard Hughes representing upstream GNOME […]
How do financial services organisations evolve so that they are no longer seen as cumbersome Goliaths unable to keep up with the pace of change? The answer has its roots at both an infrastructure level, where legacy technology is being replaced with something more akin to what is seen in challengers banks or in technology […]
The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team. If you would like to reach the server team, you can find us at the #ubuntu-server channel on Freenode. Alternatively, you can sign up and use the Ubuntu Server Team mailing list. cloud-init […]
Last month, Zenkit published their project management tool as a snap. For those not familiar with Zenkit, they introduced themselves in a guest blog at the time the snap was published which can be read here. Since then, we caught up with Philipp Beck, Full Stack Developer at Zenkit, to discover his opinion on snaps […]
Welcome to the latest work and updates from the design and web team. The team manages all web projects across Canonical. From www.ubuntu.com to the Juju GUI we help to bring beauty and consistency to all the web projects. MAAS squad Code school We ran our first team code school which was “Install & run […]
Stu Miniman and John Boyer of theCUBE interviewed Mark Baker, Field Product Manager, Canonical at the OpenStack Summit in Vancouver. Read on to to find out about OpenStack’s increasing maturity. The Kubernetes and OpenStack story isn’t simple. Challenges exist, and plenty of pathfinding still needs to take place when it comes to Kubernetes. Customers want […]
Independent Report highlights the TCO of Canonical’s managed private cloud in a diverse multi-cloud strategy and enterprise infrastructure portfolio 451 Research’s latest report, ‘Busting the myth of private cloud economics ’, found that Canonical’s managed private OpenStack offering, BootStack, delivers private cloud with a TCO that matches public clouds. For multi-cloud operations, enterprise can benefit […]
The benefits of Ubuntu optimisation by Amazon and Canonical now extend to Amazon’s Elastic Container Service for Kubernetes (EKS) with Ubuntu worker nodes hosting high performance Docker containers in AWS. This creates perfect portability for enterprise container workloads developed on Ubuntu workstations and operated on private infrastructure with Canonical’s distribution of upstream Kubernetes. Amazon EKS […]
The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team. If you would like to reach the server team, you can find us at the #ubuntu-server channel on Freenode. Alternatively, you can sign up and use the Ubuntu Server Team mailing list. cloud-init […]
Spring has sprung a bounty of applications in the snap store! We’ve hand picked a small selection from those we highlighted during May 2018. You can stay up to date with our editorial picks by following Snapcraft on Facebook where we share three new and interesting snaps a week. We’d also love to hear what […]
Stu Miniman and John Boyer of theCUBE interviewed Stephan Fabel, Director of Ubuntu Product and Development at the OpenStack Summit in Vancouver. Read on for the full interview, and to hear more on Kubernetes, Kubeflow and MicroK8s. OpenStack has entered a new phase, maturing to a point where those in attendance are serious about open […]
Welcome to the latest work and updates from the design and web team. We manage all web projects across Canonical – from www.ubuntu.com to the Juju GUI we help to bring beauty and consistency to all the web projects. Web A/B tests on blog Setup an A/B test on blog.ubuntu.com to test different newsletter sign-up […]
2020, the year that we expect 5G networks to begin turning on is not that far away with some already starting early so it is inevitable that the IoT will adapt to the new features that it brings. Our increasingly connected world, sometimes affectionately called the ‘hyper-connected IoT’, is driving demand for bandwidth through the roof. […]
