LINUX

Pierluigi Paganini September 08, 2018
Privacy-oriented Linux OS Tails 3.9 is out, what’s new?

The popular Debian-based distribution Tails “The Amnesiac Incognito Live System” is out. The Tails 3.9 is available online with the biggest updates this year. A new version of the popular Debian-based distribution Tails “The Amnesiac Incognito Live System” is out. The Tails version 3.9 is available online, the privacy-oriented operating system gets its biggest update, many […]

Pierluigi Paganini August 17, 2018
Linux Kernel Project rolled out security updates to fix two DoS vulnerabilities

Linux kernel maintainers have rolled out security updates for two DoS vulnerabilities tracked as SegmentSmack and FragmentSmack. Linux kernel maintainers have released security patches that address two vulnerabilities, tracked as two bugs are known as SegmentSmack (CVE-2018-5390) and FragmentSmack (CVE-2018-5391). potentially exploitable to trigger a DoS condition. The vulnerabilities reside the Linux kernel’s TCP stack, an attacker can […]

Pierluigi Paganini July 11, 2018
A tainted version of Arch Linux PDF reader package found in a user-provided AUR

Hackers have poisoned the Arch Linux PDF reader package named “acroread” that was found in a user-provided Arch User Repository (AUR), Hackers have poisoned the Arch Linux PDF reader package, this means that users who have downloaded recently a PDF viewer named “acroread” may have been compromised. ThePDF reader package has been tainted with a malware and Arch […]

Pierluigi Paganini July 01, 2018
Zerodium offers up to $500,000 for Linux Zero-Day exploits

The sale of Zero-day exploits is a prolific business, zero-day broker Zerodium offers rewards of up to $500,000 FreeBSD, OpenBSD, NetBSD, Linux Zero-Days. The sale of Zero-day exploits is a prolific business that most people totally ignore, to better understand its evolution let’s analyze together the offer of the popular exploit broker Zerodium. To have […]

Pierluigi Paganini June 29, 2018
Hackers compromised Gentoo Linux GitHub Page and planted a malicious code

The development team of the Gentoo Linux distribution notifies users that hackers compromised one of the GitHub accounts and planted a malicious code. Developers of the Gentoo Linux distribution announced that hackers compromised one of the GitHub accounts used by the organization and planted a malicious code. “Today 28 June at approximately 20:20 UTC unknown […]

Pierluigi Paganini May 16, 2018
Red Hat Linux DHCP Client affected by a command injection flaw, patch it now!

Red Hat has announced a critical vulnerability in its DHCP client tracked as CVE-2018-1111 that could be exploited by attackers to execute arbitrary commands with root privileges on targeted systems. Felix Wilhelm from the Google security team discovered a critical remote command injection vulnerability in the DHCP client implementation of Red Hat Linux, the issue also affects other distros […]

Pierluigi Paganini May 10, 2018
Misinterpretation of Intel docs is the root cause for the CVE-2018-8897 flaw in Hypervisors and OSs

Developers of major operating systems and hypervisors misread documentation from Intel and introduced a the CVE-2018-8897 vulnerability into to their products. The development communities of major operating systems and hypervisors misread documentation from Intel and introduced a potentially serious vulnerability to their products. The CERT/CC speculates the root cause of the flaw is the developers […]

Pierluigi Paganini May 02, 2018
CVE 2018-8781 Privilege Escalation flaw was introduced in Linux Kernel 8 years ago

Researchers from security firm Check Point discovered a security vulnerability in a driver in the Linux kernel, tracked as CVE 2018-8781, that leads to local privilege escalation. The CVE 2018-8781 flaw, introduced 8 years ago, could be exploited by a local user with access to a vulnerable privileged driver to escalate local privileges and read from and write to […]

Pierluigi Paganini April 10, 2018
Linux open source utility Beep is affected by several vulnerabilitues

Researchers have discovered several vulnerabilities in the Linux command line tool Beep, some experts suggest to remove the utility from distros. An unnamed security researcher has found several vulnerabilities in the Linux command line tool Beep, including a severe flaw introduced by a patch for a privilege escalation vulnerability. Beep is a small open source utility […]

Pierluigi Paganini March 07, 2018
Funny? Useful? Cool? Kali Linux natively on Windows 10

It’s funny, but it is true, the popular Kali Linux hacking distro is available for download on the official Microsoft App Store on Windows 10. Kali Linux is now natively available on Windows 10, without requiring dual boot or virtualization. Kali Linux isn’t the unique Linux distribution available on the Windows App Store, Windows users […]