Language Selection

English French German Italian Portuguese Spanish

Security News

Filed under
Security
  • Microsoft is reportedly sharing Windows 10 telemetry data with third-parties

    MICROSOFT HAS REPORTEDLY signed a deal with FireEye that will see it share telemetry data from Windows 10 with the third-party security outfit.

    So says Australian website ARN, which reports that Microsoft and FireEye's partnership, which will see the security firm's iSIGHT Intelligence tools baked into Windows Defender, will also see FireEye "gain access to telemetry from every device running Windows 10."

    Microsoft uses telemetry data from Windows 10 to help identify security issues, to fix problems and to help improve the quality of its operating system, which sounds like a good thing. However, with the company previously admitting that it's latest OS is harvesting more data than any version before it, Microsoft's mega data-slurp also raised some privacy concerns.

  • Hackers attack European Commission

    The European Commission was the victim of a “large scale” cyberattack Thursday, a spokesperson said.

    “The attack has so far been successfully stopped with no interruption of service, although connection speeds have been affected for a time. No data breach has occurred,” the spokesperson said.

  • 8 Books Security Pros Should Read

    Calling all infosec pros: What are the best books in your security library?

    On a second thought, let's take a step back. A better question may be: Do you have a security library at all? If not, why?

    Security professionals have countless blogs, videos, and podcasts to stay updated on rapidly changing news and trends. Books, on the other hand, are valuable resources for diving into a specific area of security to build knowledge and broaden your expertise.

    Because the security industry is so complex, it's impossible to cram everything there is to know in a single tome. Authors generally focus their works on single topics including cryptography, network security modeling, and security assessment.

    Consider one of the reads on this list of recommendations, Threat Modeling: Designing for Security. This book is based on the idea that while all security pros model threats, few have developed expertise in the area.

  • DoD Opens .Mil to Legal Hacking, Within Limits

    Security researchers are often reluctant to report programming flaws or security holes they’ve stumbled upon for fear that the vulnerable organization might instead decide to shoot the messenger and pursue hacking charges.

    But on Nov. 21, the DoD sought to clear up any ambiguity on that front for the military’s substantial online presence, creating both a centralized place to report cybersecurity flaws across the dot-mil space as well as a legal safe harbor (and the prospect of public recognition) for researchers who abide by a few ground rules.

  • Data breach law 'will create corporate awareness'

    The introduction of a data breach law requiring disclosure of consumer data leaks is important because it will make big corporates aware they need to be transparent about their state of security, the head of a big cyber-security firm says.

    Guy Eilon, the country manager of Forcepoint, was commenting on the speech made by Dan Tehan, the minister assisting the prime minister on cyber security, on Wednesday.

  • US Navy breach: 130,000 soldiers at risk after HPE contractor hacked [iophk: "MS, possibly MS sharepoint?"]

    The Navy has acknowledged the breach and said it was made aware of the incident after being notified that a laptop belonging to an employee of Navy contractor Hewlett-Packard Enterprise (HPE) was compromised by hackers.

  • US Navy warns 134,000 sailors of data breach after HPE laptop is compromised

    Sailors whose details have been compromised are being notified by phone, letter, and e-mail, the Navy said. "For those affected by this incident, the Navy is working to provide further details on what happened, and is reviewing credit monitoring service options for affected sailors."

  • Personal data for more than 130,000 sailors stolen, admits US Navy

    A spokesman for Hewlett Packard Enterprise Services, said: “This event has been reported to the Navy and because this is an ongoing investigation, HPE will not be commenting further out of respect for the privacy of our Navy personnel.”

  • Riseup’s Canary Has Died

    Popular provider of web tools for activists and anarchists and backbone of much infrastructure for internet freedom, Riseup.net has almost certainly been issued a gag order by the US government.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.