IS LINUX SECURE? https://en.wikipedia.org/wiki/Damn_Vulnerable_Linux https://www.linux.com/training-tutorials/myth-busting-linux-immune-viruses/ https://raspwn.org/ ___________________________________________________ THE LATEST https://www.forbes.com/sites/daveywinder/2020/07/29/boothole-secure-boot-threat-confirmed-in-most-every-linux-distro-windows-8-and-10-microsoft-ubuntu-redhat-suse-debian-citrix-oracle-vmware/ https://www.forbes.com/sites/daveywinder/2020/08/14/linux-hackers-threaten-national-security-say-fbi-and-nsa-who-is-apt28-drovorub/ https://www.forbes.com/sites/daveywinder/2020/02/18/millions-of-windows-and-linux-systems-are-vulnerable-to-this-hidden-cyber-attack/ --------------------------------------------------- https://resources.whitesourcesoftware.com/blog-whitesource/top-10-linux-kernel-vulnerabilities https://news.softpedia.com/news/debian-linux-was-the-most-vulnerable-operating-system-in-the-last-20-years-529387.shtml https://www.cvedetails.com/vulnerability-list.php?vendor_id=33&product_id=47&version_id=0&page=1&hasexp=0&opdos=0&opec=0&opov=0&opcsrf=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opfileinc=0&opginf=0&cvssscoremin=7&cvssscoremax=7.99&year=0&cweid=0&order=1&trc=662&sha=27cc1be095dd1cc4189b3d337cc787289500c13e ---------------------------------------------------- UBUNTU & MINT RELATED https://thehackernews.com/2020/03/ppp-daemon-vulnerability.html https://thehackernews.com/2019/10/linux-sudo-run-as-root-flaw.html https://www.engadget.com/2019-10-14-linux-unix-sudo-command-security-flaw.html _____________________________________________________ Have or have had troulble maintaining a constant connection to you VPN? See below. Don't think it can't happen here -- https://www.techshout.com/internet/2020/10/china-now-blocking-https-connections-with-esni/ _____________________________________________________ THE ELECTION (and why I quit my ISP throughout 2016!) https://www.techshout.com/internet/2020/13/google-facebook-announce-measures-to-secure-us-elections-after-2016-fiasco/ SpaceX & MUSK https://www.techshout.com/internet/2019/12/spacex-launches-60-more-satellites-for-cheaper-worldwide-internet/ _____________________________________________________ AHA! https://www.techshout.com/security/2020/07/cybercriminals-using-legitimate-tools-to-hack-into-computers/ Cybercriminals Using Legitimate Tools to Hack into Computers By IANS - Aug 7, 2020 Almost a third of cyber attacks that the Kaspersky Global Emergency Response team investigated in 2019 involved legitimate remote management and administration tools. In total, the analysis of anonymized data from incident response cases showed that 18 various legitimate tools were abused by attackers for malicious purposes, according to the company’s new ‘Incident Response Analytics Report’. The most widely used one was PowerShell. This powerful administration tool can be used for many purposes, from gathering information to running malware. Another tool, PsExec, was leveraged in 22 per cent of the attacks. This console application is intended for launching processes on remote endpoints. This was followed by SoftPerfect Network Scanner, which is intended to retrieve information about network environments. ____________________________________________________ ---------------------------------------------------- And members thought my mention of AutoTux using the arbitrarily installed PowerShell to control/spy/hack the distro's users was paranoid? Eat crow! ---------------------------------------------------- ____________________________________________________