Tag: inux
-
The Register: Here’s what happens if you don’t layer network security – or remove unused web shells
Source URL: https://www.theregister.com/2024/11/22/cisa_red_team_exercise/ Source: The Register Title: Here’s what happens if you don’t layer network security – or remove unused web shells Feedly Summary: TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated The US Cybersecurity and Infrastructure Agency often breaks into critical organizations’ networks – with their permission,…
-
Hacker News: Security researchers identify new malware targeting Linux
Source URL: https://www.welivesecurity.com/en/eset-research/unveiling-wolfsbane-gelsemiums-linux-counterpart-to-gelsevirine/ Source: Hacker News Title: Security researchers identify new malware targeting Linux Feedly Summary: Comments AI Summary and Description: Yes Summary: ESET researchers have revealed the emergence of Linux malware associated with the Gelsemium APT group, marking a significant shift in their tactics as they move beyond Windows-targeted malware. The malware includes notable…
-
Simon Willison’s Weblog: TextSynth Server
Source URL: https://simonwillison.net/2024/Nov/21/textsynth-server/ Source: Simon Willison’s Weblog Title: TextSynth Server Feedly Summary: TextSynth Server I’d missed this: Fabrice Bellard (yes, that Fabrice Bellard) has a project called TextSynth Server which he describes like this: ts_server is a web server proposing a REST API to large language models. They can be used for example for text…
-
Slashdot: Ubuntu Linux Impacted By Decade-Old ‘needrestart’ Flaw That Gives Root
Source URL: https://it.slashdot.org/story/24/11/21/0057206/ubuntu-linux-impacted-by-decade-old-needrestart-flaw-that-gives-root?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Ubuntu Linux Impacted By Decade-Old ‘needrestart’ Flaw That Gives Root Feedly Summary: AI Summary and Description: Yes Summary: The text details five local privilege escalation vulnerabilities found in the Linux utility “needrestart,” crucial for professionals in security and compliance to recognize, as they highlight significant risks associated with resource…
-
Hacker News: Memos – An open source Rewinds / Recall
Source URL: https://github.com/arkohut/memos Source: Hacker News Title: Memos – An open source Rewinds / Recall Feedly Summary: Comments AI Summary and Description: Yes Summary: The text describes “Memos,” a privacy-centric software tool designed for passive screen recording. Its primary focus is on user data control, ensuring all recording and processing occur locally, which aligns with…
-
Hacker News: Garak, LLM Vulnerability Scanner
Source URL: https://github.com/NVIDIA/garak Source: Hacker News Title: Garak, LLM Vulnerability Scanner Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text describes “garak,” a command-line vulnerability scanner specifically designed for large language models (LLMs). This tool aims to uncover various weaknesses in LLMs, such as hallucination, prompt injection attacks, and data leakage. Its development…
-
Hacker News: A new vulnerability on IPv6 parsing in linux
Source URL: https://nvd.nist.gov/vuln/detail/CVE-2024-50252 Source: Hacker News Title: A new vulnerability on IPv6 parsing in linux Feedly Summary: Comments AI Summary and Description: Yes Summary: The text details a recently resolved memory leak vulnerability (CVE-2024-50252) in the Linux kernel associated with the `mlxsw` driver when handling remote IPv6 addresses. This vulnerability presents significant implications for IT…
-
Slashdot: Open Source Fights Back: ‘We Won’t Get Patent-Trolled Again’
Source URL: https://yro.slashdot.org/story/24/11/15/018247/open-source-fights-back-we-wont-get-patent-trolled-again?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Open Source Fights Back: ‘We Won’t Get Patent-Trolled Again’ Feedly Summary: AI Summary and Description: Yes **Summary:** At KubeCon North America 2024, the Cloud Native Computing Foundation (CNCF) emphasized a collaborative movement against patent trolls that exploit cloud-native technologies. The organization aims to invalidate patents that hinder innovation by…