Distribution Release: Armbian 24.11.1
Posted: 2024-11-30 15:01:14 Source: https://distrowatch.com/12300
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The Armbian team has announced the release of Armbian 24.11.1, the updated build of the project's Debian and Ubuntu-based Linux distribution designed primarily for ARM development boards. The new release updates the Linux kernel to version 6.6.60 and brings other significant improvements: "We are thrilled to announce Armbian....
Fortifying Linux Web Applications: Mastering OWASP ZAP and ModSecurity for Optimal Security
Posted: 2024-11-28 17:00:00 Source: https://www.linuxjournal.com/content/fortifying-linux-web-applications-mastering-owasp-zap-and-modsecurity-optimal-security
Introduction
In an increasingly interconnected digital world, web applications are the backbone of online services. With this ubiquity comes a significant risk: web applications are prime targets for cyberattacks. Ensuring their security is not just an option but a necessity. Linux, known for its robustness and adaptability, offers a perfect platform for deploying secure web applications. However, even the most secure platforms need tools and strategies to safeguard against vulnerabilities.
This article explores two powerful tools—OWASP ZAP and ModSecurity—that work together to detect and mitigate web application vulnerabilities. OWASP ZAP serves as a vulnerability scanner and penetration testing tool, while ModSecurity acts as a Web Application Firewall (WAF) to block malicious requests in real time.
Understanding Web Application Threats
Web applications face a multitude of security challenges. From injection attacks to cross-site scripting (XSS), the OWASP Top 10 catalogues the most critical security risks. These vulnerabilities, if exploited, can lead to data breaches, service disruptions, or worse.
Key threats include:
- SQL Injection: Malicious SQL queries that manipulate backend databases.
- Cross-Site Scripting (XSS): Injecting scripts into web pages viewed by other users.
- Broken Authentication: Flaws in session management leading to unauthorized access.
Proactively identifying and mitigating these vulnerabilities is crucial. This is where OWASP ZAP and ModSecurity come into play.
OWASP ZAP: A Comprehensive Vulnerability Scanner
What is OWASP ZAP?OWASP ZAP (Zed Attack Proxy) is an open-source tool designed for finding vulnerabilities in web applications. It supports automated and manual testing, making it suitable for beginners and seasoned security professionals alike.
Installing OWASP ZAP on Linux- Update System Packages:
sudo apt update && sudo apt upgrade -y - Install Java Runtime Environment (JRE): OWASP ZAP requires Java. Install it if it's not already present:
sudo apt install openjdk-11-jre -y - Download and Install OWASP ZAP: Download the latest version from the official website:
Extract and run:wget https://github.com/zaproxy/zaproxy/releases/download//ZAP__Linux.tar.gztar -xvf ZAP__Linux.tar.gz cd ZAP__Linux ./zap.sh
next-20241128: linux-next
Posted: 2024-11-28 02:30:35 Source: https://www.kernel.org/
| Version: | next-20241128 (linux-next) |
|---|---|
| Released: | 2024-11-28 |
The World's First Unkillable UEFI Bootkit For Linux
Posted: 2024-11-27 23:20:00 Source: https://it.slashdot.org/story/24/11/27/2028231/the-worlds-first-unkillable-uefi-bootkit-for-linux?utm_source=atom1.0mainlinkanon&utm_medium=feed
An anonymous reader quotes a report from Ars Technica: Over the past decade, a new class of infections has threatened Windows users. By infecting the firmware that runs immediately before the operating system loads, these UEFI bootkits continue to run even when the hard drive is replaced or reformatted. Now the same type of chip-dwelling malware has been found in the wild for backdooring Linux machines. Researchers at security firm ESET said Wednesday that Bootkitty -- the name unknown threat actors gave to their Linux bootkit -- was uploaded to VirusTotal earlier this month. Compared to its Windows cousins, Bootkitty is still relatively rudimentary, containing imperfections in key under-the-hood functionality and lacking the means to infect all Linux distributions other than Ubuntu. That has led the company researchers to suspect the new bootkit is likely a proof-of-concept release. To date, ESET has found no evidence of actual infections in the wild. Still, Bootkitty suggests threat actors may be actively developing a Linux version of the same sort of unkillable bootkit that previously was found only targeting Windows machines. "Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats," ESET researchers wrote. "Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats." [...] As ESET notes, the discovery is nonetheless significant because it demonstrates someone -- most likely a malicious threat actor -- is pouring resources and considerable know-how into creating working UEFI bootkits for Linux. Currently, there are few simple ways for people to check the integrity of the UEFI running on either Windows or Linux devices. The demand for these sorts of defenses will likely grow in the coming years.
Read more of this story at Slashdot.
Ubuntu Cinnamon 24.10 overview | Ubuntu, traditionally modern.
Posted: 2024-11-27 17:18:26 Source: https://www.youtube.com/watch?v=RNumqdTfr5A
How to Use the ip Command in Linux: A Beginner’s Guide
Posted: 2024-11-27 05:00:44 Source: https://www.youtube.com/watch?v=wHfIFZlDxtU
next-20241127: linux-next
Posted: 2024-11-27 03:06:31 Source: https://www.kernel.org/
| Version: | next-20241127 (linux-next) |
|---|---|
| Released: | 2024-11-27 |
Distribution Release: elementary OS 8.0
Posted: 2024-11-26 22:09:05 Source: https://distrowatch.com/12299
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The elementary OS project has announced the release of version 8.0 of the project's Ubuntu-based distribution. The new release focuses on adjusting application permissions and expanding the default Flatpak repositories: "Application settings has an all-new design that expands your control over permissions. We now support adjusting the run-time....
How to install Red Hat Enterprise Linux 9.5
Posted: 2024-11-26 18:12:54 Source: https://www.youtube.com/watch?v=P5xrNJKnQ4o
ESET Discovers New Linux Malware
Posted: 2024-11-26 17:49:13 Source: http://www.linux-magazine.com/Online/News/ESET-Discovers-New-Linux-Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
Harnessing Quantum Potential: Quantum Computing and Qiskit on Ubuntu
Posted: 2024-11-26 17:00:00 Source: https://www.linuxjournal.com/content/harnessing-quantum-potential-quantum-computing-and-qiskit-ubuntu
Introduction
Quantum computing, a revolutionary paradigm, promises to solve problems that are computationally infeasible for classical systems. By leveraging the peculiar principles of quantum mechanics—superposition, entanglement, and quantum interference—quantum computing has emerged as a transformative force across industries. From cryptography and drug discovery to optimization and artificial intelligence, its potential is vast.
Ubuntu, a leading open source operating system, provides an ideal environment for quantum computing development due to its robust community support, extensive software repositories, and seamless integration with tools like Qiskit. Qiskit, an open source quantum computing framework by IBM, is a gateway for developers, researchers, and enthusiasts to dive into the quantum world. This article explores how to set up and explore quantum computing with Qiskit on Ubuntu, guiding you from the basics to practical applications.
Understanding Quantum Computing
What Is Quantum Computing?Quantum computing is a field that redefines computation. While classical computers use binary bits (0s and 1s), quantum computers utilize quantum bits or qubits, which can exist in a state of 0, 1, or a combination of both, thanks to superposition. This unique property allows quantum computers to perform parallel computations, drastically enhancing their processing power for specific tasks.
Key Concepts- Superposition: The ability of a qubit to exist in multiple states simultaneously.
- Entanglement: A phenomenon where qubits become interconnected, and the state of one directly affects the other, regardless of distance.
- Quantum Gates: Analogous to logical gates in classical computing, these manipulate qubits to perform operations.
Quantum computing is not just theoretical; it is already impacting fields like:
- Cryptography: Breaking traditional encryption and enabling quantum-safe cryptographic protocols.
- Optimization: Solving complex logistical problems more efficiently.
- Machine Learning: Enhancing algorithms with quantum speed-ups.
Setting Up the Environment on Ubuntu
Installing Prerequisites- Install Python: Qiskit is Python-based. On Ubuntu, install Python via:
sudo apt update sudo apt install python3 python3-pip - Update Pip:
pip3 install --upgrade pip
next-20241126: linux-next
Posted: 2024-11-26 04:33:55 Source: https://www.kernel.org/
| Version: | next-20241126 (linux-next) |
|---|---|
| Released: | 2024-11-26 |
SUSE Unveils Major Rebranding, New Data-Protecting AI Platform
Posted: 2024-11-25 21:25:00 Source: https://linux.slashdot.org/story/24/11/25/2112247/suse-unveils-major-rebranding-new-data-protecting-ai-platform?utm_source=atom1.0mainlinkanon&utm_medium=feed
An anonymous reader quotes a report from ZDNet, written by Steven Vaughan-Nichols: At KubeCon North America, SUSE announced a significant rebranding effort, several new product offerings, and the launch of SUSE AI, a secure platform for deploying and running generative AI (gen AI) applications. SUSE has renamed its entire portfolio to make product names more descriptive and customer-friendly. Notable changes include: - Rancher, SUSE's Kubernetes offering, is now SUSE Rancher. - Liberty Linux, the company's Red Hat Enterprise Linux (RHEL)/CentOS clone and support offering, becomes SUSE Multi Linux Support. - Harvester is rebranded as SUSE Virtualization - Longhorn is now SUSE Storage. [...] Also, like everyone else, SUSE now has an AI offering: SUSE AI. This isn't an AI chatbot, like Red Hat's Lightspeed AI tool. No, it's a secure platform for deploying and running gen AI applications. This new offering addresses key challenges faced by enterprises as they move from AI experimentation to deployment, particularly in areas of security and compliance. These are SUSE AI's top features, as highlighted by Vaughan-Nichols: 1. Security by Design: SUSE AI provides security and certifications at the software infrastructure level, along with zero-trust security tools, templates, and compliance playbooks. 2. Multifaceted Trust: The platform ensures that generated data is correct and private customer and IP data remain secure. It supports deployment across various environments, including on-premise, hybrid, cloud, and air-gapped setups. 3. Choice and Flexibility: SUSE AI allows customers to select and deploy their preferred AI components and LLMs. 4. Simplified Operations: The platform provides simplified cluster operations, persistent storage, and easy access to pre-configured shared tools and services.
Read more of this story at Slashdot.
Distribution Release: Emmabuntüs DE5-1.03
Posted: 2024-11-25 21:18:00 Source: https://distrowatch.com/12298
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The Emmabuntüs project is a desktop Linux distribution with editions based on Debian's Stable branch with both the Xfce and LXQt desktop environments available. The project has fixed some issues with the ISO which could cause problems when used with specific image writers. The new Emmabuntüs DE5-1.03 release....
Distribution Release: YunoHost 12.0
Posted: 2024-11-25 17:58:39 Source: https://distrowatch.com/12297
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. YunoHost is a Debian-based distribution which strives to make it easy to quickly set up a server and host web applications. The project has relesed a new version based on Debian 12 "Bookworm". "YunoHost now depends on Debian 12. The user portal and SSO (Single Sign On) system....
Red Hat Enterprise Linux 9.5 overview | security functionality and performance for IT environments
Posted: 2024-11-25 16:53:02 Source: https://www.youtube.com/watch?v=4Izm3Am7-sk
Flamewar Leads to Declining of Bcachefs Pull Requests During Linux 6.13 Kernel Development Cycle
Posted: 2024-11-25 08:59:00 Source: https://linux.slashdot.org/story/24/11/25/0427242/flamewar-leads-to-declining-of-bcachefs-pull-requests-during-linux-613-kernel-development-cycle?utm_source=atom1.0mainlinkanon&utm_medium=feed
"Get your head examined. And get the fuck out of here with this shit." That's how Bcachefs developer Kent Overstreet ended a post on the Linux kernel mailing list. This was followed by "insufficient action to restore the community's faith in having otherwise productive technical discussions without the fear of personal attacks," according to an official ruling by committee enforcing the kernel community's code of conduct. After formalizing an updated enforcement process for unacceptable behaviors, it then recommended that during the Linux 6.13 kernel development cycle, Overstreet's participation should be restricted (with his pull requests declined). Phoronix covered their ruling, and ItsFOSS and The Register offer some of the backstory. Overstreet had already acknowledged that "Things really went off the rails (and I lost my cool, and earned the ire of the CoC committee)" in a 6,200-word blog post on his Patreon page. But he also emphasized that "I'm going to keep writing code no matter what. Things may turn into more of a hassle to actually get the code, but people who want to keep running bcachefs will always be able to (that's the beauty of open source, we can always fork), and I will keep supporting my users..." More excerpts from Overstreet's blog post: I got an emails from multiple people, including from Linus, to the effect of "trust me, you don't want to be known as an asshole — you should probably send him an apology"... Linus is a genuinely good guy: I know a lot of people reading this will have also seen our pull request arguments, so I specifically wanted to say that here: I think he and I do get under each other's skin, but those arguments are the kind of arguments you get between people who care deeply about their work and simply have different perspectives on the situation... [M]y response was to say "no" to a public apology, for a variety of reasons: because this was the result of an ongoing situation that had now impacted two different teams and projects, and I think that issue needs attention — and I think there's broader issues at stake here, regarding the CoC board. But mostly, because that kind of thing feels like it ought to be kept personal... I'd like a better process that isn't so heavy handed for dealing with situations where tensions rise and communications break down. As for that process: just talk to people... [W]e're a community. We're not interchangeable cogs to be kicked out and replaced when someone is "causing a problem", we should be watching out for each other... Another note that I was raising with the CoC is that a culture of dismissiveness, of finding ways to avoid the technical discussions we're supposed to be having, really is toxic, and moreso than mere flamewars... we really do need to be engaging properly with each other in order to do our work well. After the official response from the committee, Overstreet responded on the kernel mailing list. "I do want to apologize for things getting this heated the other day, but I need to also tell you why I reacted the way I did... I do take correctness issues very seriously, and I will get frosty or genuinely angry if they're being ignored or brushed aside."
Read more of this story at Slashdot.
next-20241125: linux-next
Posted: 2024-11-25 04:17:16 Source: https://www.kernel.org/
| Version: | next-20241125 (linux-next) |
|---|---|
| Released: | 2024-11-25 |
DistroWatch Weekly, Issue 1098
Posted: 2024-11-25 01:11:16 Source: https://distrowatch.com/12296
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. This week in DistroWatch Weekly:
Review: Linux Lite 7.2
News: Murena offers Fairphone perk, Arch Linux installer gets new text interface, an Ubuntu security tool patched against exploits
Questions and answers: Backing up specific folders in the user's home directory
Released last week: AlmaLinux OS 9.5, Rocky Linux 9.5, Oracle Linux....
Red Hat is Becoming an Official Microsoft 'Windows Subsystem for Linux' Distro
Posted: 2024-11-23 17:34:00 Source: https://tech.slashdot.org/story/24/11/23/0251245/red-hat-is-becoming-an-official-microsoft-windows-subsystem-for-linux-distro?utm_source=atom1.0mainlinkanon&utm_medium=feed
"You can use any Linux distribution inside of the Windows Subsystem for Linux" Microsoft recently reminded Windows users, "even if it is not available in the Microsoft Store, by importing it with a tar file." But being an official distro "makes it easier for Windows Subsystem for Linux users to install and discover it with actions like wsl --list --online and wsl --install," Microsoft pointed out this week. And "We're excited to announce that Red Hat will soon be delivering a Red Hat Enterprise Linux WSL distro image in the coming months..." Thank you to the Red Hat team as their feedback has been invaluable as we built out this new architecture, and we're looking forwards to the release...! Ron Pacheco, senior director, Red Hat Enterprise Linux Ecosystem, Red Hat says: "Developers have their preferred platforms for developing applications for multiple operating systems, and WSL is an important platform for many of them. Red Hat is committed to driving greater choice and flexibility for developers, which is why we're working closely with the Microsoft team to bring Red Hat Enterprise Linux, the largest commercially available open source Linux distribution, to all WSL users." Read Pacheco's own blog post here. But in addition Microsoft is also releasing "a new way to make WSL distros," they announced this week, "with a new architecture that backs how WSL distros are packaged and installed." Up until now, you could make a WSL distro by either creating an appx package and distributing it via the Microsoft Store, or by importing a .tar file with wsl -import. We wanted to improve this by making it possible to create a WSL distro without needing to write Windows code, and for users to more easily install their distros from a file or network share which is common in enterprise scenarios... With the tar based architecture, you can start with the same .tar file (which can be an exported Linux container!) and just edit it to add details to make it a WSL distro... These options will describe key distro attributes, like the name of the distro, its icon in Windows, and its out of box experience (OOBE) which is what happens when you run WSL for the first time. You'll notice that the oobe_command option points to a file which is a Linux executable, meaning you can set up your full experience just in Linux if you wish.
Read more of this story at Slashdot.