How To Patch Linux Servers Against the Glibc GHOST Vulnerability # CVE-2015-0235

What is the vulnerability? During a code audit Qualys researchers discovered a heap-based buffer overflow in Glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() Glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of… Continue reading How To Patch Linux Servers Against the Glibc GHOST Vulnerability # CVE-2015-0235

linux.conf.au 2015 is finished – watch videos

linux.conf.au is one of the foremost open source conferences in the world and is considered the most prestigious in the Southern Hemisphere. Every year open source geeks from across the globe gather to meet their fellow technologists, share the latest ideas and innovations, and spend a week collaborating on free, open source software projects. The… Continue reading linux.conf.au 2015 is finished – watch videos

Mageia 5 beta 2 is out

After several delays, the beta 2 version of Mageia 5 is finally out. Stable release of Mageia 5 release postponed to March. Mageia team updated in their blog post that the delay is due to difficulties with EFI boot, grub 2 and unavailability of EFI-based machines for QA team to test new EFI boot. Mageia… Continue reading Mageia 5 beta 2 is out

Bug in steam deletes everything owned by the user

A recent bug reported at steam-for-linux Github page shows that it might delete all the contents owned by the system user who is running it. That includes all the files owned by user in system hard disk and if there any external storage device connected then steam will remove all the files from it also. Comments in… Continue reading Bug in steam deletes everything owned by the user

New patches adds new networking functionality to systemD

SystemD a project announced in 2010 by Lennart Poettering to replace existing traditional boot systems in Linux such as SysV init, has grown too much within past few years. There are a lot of development work happening in systemD and in recent couple of weeks over 200 commits were seen. Latest development work has been on improving systemDs's… Continue reading New patches adds new networking functionality to systemD

DigitalOcean now supports FreeBSD

DigitalOcean a cloud hosting company famous for cheap SSD VPSs, yesterday announced that users can now select FreeBSD as VPS OS. FreeBSD is unique in that the development of both its kernel and user space utilities are managed by the same core team, ensuring consistent development standards across the project. FreeBSD also offers a simple,… Continue reading DigitalOcean now supports FreeBSD

Encrypt and password protect files using vim

VIM is a great text editor with innumerable number of features and options. In this article I am going to discuss a security feature of VIM using that we can encrypt files we are editing in VIM, making it impossible for other users to read even with root access. Create new encrypted file. To create,… Continue reading Encrypt and password protect files using vim

Device to log keystrocks from Microsoft wireless keyboard

Device called KeySweeper, which is developed using Arduino board and camouflaged as a functioning USB wall charger, can wirelessly and passively sniffs, decrypts, logs and reports back (over GSM) all keystrokes from any Microsoft wireless keyboard in the vicinity. As per its developer SamyKamkar : All keystrokes are logged online and locally. SMS alerts are sent upon trigger words, usernames… Continue reading Device to log keystrocks from Microsoft wireless keyboard

Anonymous VS CyberCaliphate

Anonymous, the hacktivist group who declared cyber war against Charlie Hebdo attackers and ISIS, today extended their declaration of war to include CyberCaliphate splinter group who attacked U.S. Central Command’s social networking sites. In a statement released at Pastebin website, they wrote : Citizens of the World, We are Anonymous. In light of the recent cyber attacks led by… Continue reading Anonymous VS CyberCaliphate

U.S. Central Command’s Twitter and YouTube sites compromised

Hacker group who call themselves as CyberCaliphate hacked U.S. Central Command's social networking accounts and claims to have released internal military files. On Monday, as President Obama was giving a speech on cybersecurity at the Federal Trade Commission in Washington D.C., the attackers took control of the @CENTCOM account. In the pastebin post released, hackers wrote : Pentagon… Continue reading U.S. Central Command’s Twitter and YouTube sites compromised