Security: Microsoft/RDP, Misattributed FUD, Linux Patching and LibreOffice Update
-
RDP Exposure To The Internet
The Remote Desktop Protocol, commonly referred to as RDP, is a proprietary protocol developed by Microsoft that is used to provide a graphical means of connecting to a network-connected computer. RDP client and server support has been present in varying capacities in most every Windows version since NT. Outside of Microsoft’s offerings, there are RDP clients available for most other operating systems. If the nitty gritty of protocols is your thing, Wikipedia’s Remote Desktop Protocol article is a good start on your way to a trove of TechNet articles.
RDP is essentially a protocol for dangling your keyboard, mouse and a display for others to use. As you might expect, a juicy protocol like this has a variety of knobs used to control its security capabilities, including controlling user authentication, what encryption is used, and more. The default RDP configuration on older versions of Windows left it vulnerable to several attacks when enabled; however, newer versions have upped the game considerably by requiring Network Level Authentication (NLA) by default. If you are interested in reading more about securing RDP, UC Berkeley has put together a helpful guide, and Tom Sellers, prior to joining Rapid7, wrote about specific risks related to RDP and how to address them.
-
Golang Malware Targets Linux-Based Servers [Ed: Better headline would say something like, "malware written in some programming language (Go) wants people to foolishly install it on a server and it's compiled for or made compatible with GNU/Linux"]
A cryptominer campaign has been targeting Linux-based servers using a new Golang malware, according to research published by F5 Labs.
Though not often seen in the threat landscape, the Golang malware was first identified in mid-2018 and has sustained throughout 2019. Researchers noted the latest operation, which has infected an estimated several thousand machines, began around June 10. The first exploit requests were identified around June 16.
-
Microsoft wants to join private Linux security developer board [Ed: If Linux values security, then it will reject the company that started PRISM with the NSA]
Microsoft has applied to join a private group of Linux developers responsible for reporting and discussing security issues before they go public.
-
Microsoft bids for behind-the-scenes access to Linux flaws [Ed: They have already taken over parts of the Linux Foundation, so why not this?]
Request to join security lists come as the firm reveals Linux usage on Azure VMs outweighs Windows usage.
-
[Slackware] LibreOffice 6.2.5 packages available
Earlier this week, the Document Foundation released version 6.2.5 of their office suite LibreOffice. I have built and uploaded sets of packages for Slackware 14.2 and also for -current, 32bits and 64bits.
The Document Foundation themselves finally think that 6.2.x is production ready: “… Users in production environments can start evaluating LibreOffice 6.2.5…“. I was already happy with 6.2.4 and I find the capability to open and work with MS Office documents improving all the time.
- Login or register to post comments
- Printer-friendly version
- 1941 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago