Language Selection

English French German Italian Portuguese Spanish

Security: HP, Windows Malware, Ubuntu and Wi-Fi (WPA)

Filed under
Security
  • HP printer? Over 100 inkjet models have two critical bugs so patch now, warns HP

    Days after launching its printer bug bounty offering up to $10,000 for researchers to find "obscure defects" in its printers, HP has released two firmware fixes for two severe ink printer bugs.

    Hundreds of HP Inkjet printers are vulnerable to two critical remote code execution (RCE) vulnerabilities and need to be patched immediately, according to HP's Product Security Response Team (PSRT).

  • Staff dust off their typewriters after malware attack

    Sophisticated malware has taken down systems in at least two Alaskan municipalities in an attack that officials say is the worst they have ever seen. The Alaskan Borough of Matanuska-Susitna (Mat Su) and the City of Valdez have both been hit.

    At Mat Su, everything from email to the electronic door key swiping system was affected. The Borough first noticed infections in its endpoints on 17 July when an update to its antivirus software spotted a common Trojan banking program on Windows 7 machines (but not its Windows 10 computers).

    The software didn’t notice a range of other malware that the Trojan was infecting endpoints with. It was only a few days later that the Borough noticed issues with 60 of its 500 computers, information technology director Eric Wyatt told local radio reporters.

  • Ubuntu 16.04.5 LTS adds support for Spectre Variant 2 Mitigation for Pentium Silver N/J5xxx, Celeron N/J4xxx, Xeon E5/E7 v4 and Core i7-69xx/68xx
  • New wi-fi crack attack allows outsiders to snag user creds

    Researchers have accidentally discovered a new attack on the wi-fi protected access protocols used in wireless access points that makes it easier for outsiders to capture access credentials.

    The new attack captures the Pairwise Master Key Identifier (PMKID) and - according to the Hashcat password recovery utility developers that devised it - works against 802.11i/p/q/r networks with roaming functions enabled, which covers most modern routers.

    Hashcat developer Jens "Atom" Steube explained to iTnews that the biggest difference between the new method and prior WPA/WPA2 cracks is that an attacker no longer needs another user to be on the target network to capture credentials - "simply starting the authentication process will do".

More in Tux Machines

Red Hat: Dstat, KubeVirt, Openwashing Banks and OpenShift 4

  • Implementing Dstat with Performance Co-Pilot
    Dstat is a beloved tool by many, and a staple when diagnosing system performance issues. However, the original dstat is no longer actively developed. This poses an immediate problem for distributions like Fedora moving to a Python 3 stack, as it lacks a Python 3 implementation (both the tool itself, and its many plugins). It is also problematic in that the plugin system was relatively simplistic and in need of a significant redesign and rewrite to add new desired features.
  • Re-Imagining Virtualization with Kubernetes and KubeVirt – Part II
    KubeVirt exposes a VirtualMachine entity in Kubernetes. This entity is persistent and defines the configuration of a virtual machine. This allows one to create, edit, start, stop, and start again a virtual machine (which one cannot do with a Kubernetes Pod). When the virtual machine is started, a VirtualMachineInstance is created, manifesting in Pod and Container in which the virtual machine runs. The VirtualMachine entity allows one to define virtual machines “the way you would expect it” from a virtualization expert’s perspective. You can name them, describe the virtual hardware devices, define multiple disks and networks. Expect to find your regular virtualization features here: CPU, memory, NUMA, CPU pinning, hugepages, CPU model selection, virtio-rng, memory overcommit, custom SMBIOS, cloud-init, boot order, serial console, graphical (VNC) console, custom PCI addresses for virtio devices, I/O threads, guest agent integration, and more being worked on.
  • Why agile integration is key for open banking
    Many banks are striving to be more agile in their operations, their business practices, and even in their ability to innovate to deliver new products and services. With greater agility, banks can better meet the demands of today’s digital-savvy customers and excel in an increasingly competitive market. Initiatives like open banking can help facilitate that agility. Open banking uses open application programming interfaces (APIs) for third party developers, gives users greater transparency, and provides a model for the use of open source to build out solutions. We think that agile integration – bringing together containers, distributed integration, and APIs – is the best path to deliver open banking.
  • OpenShift 4: A NoOps Platform
    In the previous post I described the goals that helped shape the OpenShift 4 vision. We want to make the day to day of software operations effortless – for operations teams and for developers. How do we make that goal – a NoOps platform for operations – a reality? What does “NoOps” mean in this context? At a ten thousand foot level, “Serverless” or “NoOps” for developers is characterized by tools and services that hide or minimize the operational burden from the developer. [...] That is why I am happy to announce the Developer Preview of OpenShift 4 is now available for public trial. This is a sneak peek of the next version of OpenShift, with an easy to use installer for starting a cluster on AWS on top of Red Hat CoreOS. The preview requires only credentials to an AWS account to provision infrastructure and a set of credentials to access the images for the preview.

Intel Preparing The Linux Kernel For Cascade Lake AP Multi-Die Support

Intel developers have begun posting their Linux kernel patches for enabling multi-die/package topology support to the Linux kernel as part of their Cascade Lake AP upbringing. Cascade Lake "Advanced Performance" is a multi-chip package of multiple Cascade Lake dies, expected to be up to 48 cores / 96 threads per package and twelve DDR4 memory channels. Cascade Lake SP and Cascade Lake X Linux support already has been in order -- or at least appears to be based upon previous commit activity -- while Cascade Lake AP is taking some additional work due to the new multi-die design. Cascade Lake dies are connected via Ultra Path Interconnect (UPI) links. Read more Also: Linux Seeing Support For The HyperBus

Wayland 1.17 & Weston 6.0 Reach Alpha, Officially Releasing Next Month

Out today are the first alpha releases for Wayland 1.17 and the Weston 6.0 reference compositor. This alpha release is about two weeks behind schedule but the developers have updated their plans to now ship the beta releases on 5 March, release candidates begin on 12 March, and potentially releasing the stable versions of Wayland 1.17.0 and Weston 6.0.0 on 19 March. The Wayland 1.17 Alpha release adds to the protocol support for expressing an internal server error message as well as an updated wl_seat protocol. There are also memory leak fixes for the Wayland scanner and various test updates. Details on the 1.17 alpha via wayland-devel. Also out today is the Weston 6.0 Alpha. On the Weston compositor front they have shifted to using the Meson build system while deprecating Autotools, XDG-Shell stable support, FreeRDP 2.0 updates, IVI shell improvements, and many other changes. Read more

NVIDIA 418.31.03 Linux Driver