Three Flaws in the Linux Kernel Since 2006 Could Grant Root Privileges
"Three recently unearthed vulnerabilities in the Linux kernel, located in the iSCSI module used for accessing shared data storage facilities, could allow root privileges to anyone with a user account," reports SC Media: "If you already had execution.....»»
Rust in Linux lead retires rather than deal with more “nontechnical nonsense”
How long can the C languages maintain their primacy in the kernel? Enlarge / Rust never sleeps. But Rust, the programming language, can be held at bay if enough kernel programmers aren't interested in seeing it implemented. (cred.....»»
EmuDeck coder pivots to hardware with Linux-based “EmuDeck Machines”
Project lead says its "mostly for fun" but "my heart is poured in this thing." Enlarge / Any resemblance to the Dreamcast is completely coincidental, we're sure. (credit: IndieGogo) If you're familiar with the name EmuDe.....»»
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asian countries. When examining the root cause, ESET d.....»»
Cryptomator: Open-source cloud storage encryption
Cryptomator offers open-source, client-side encryption of your files in the cloud. It’s available for Windows, Linux, macOS and iOS. Cryptomator works with Dropbox, Google Drive, OneDrive, MEGA, pCloud, ownCloud, Nextcloud, and any other cloud.....»»
Watch out Windows — Linux market share could hit a major milestone soon
February 2025 could have a big moment in store for the Linux operating system, despite it typically being limited to business and enterprise......»»
Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers......»»
Inadequate sensors and decision-making at the root of false activations
The occasional misperception or misjudgment can trigger a sudden braking event that could result in a crash......»»
GitHub Enterprise Server has a critical security flaw, so patch now
A newly discovered security flaw allows hackers to elevate their privileges and thus take over vulnerable endpoints......»»
LibreOffice 24.8: More privacy, interoperability improvements
LibreOffice 24.8, the new major release of the free Windows, macOS, and Linux office suite, is now available. This is the first to provide an official package for Windows PCs based on ARM processors. The LibreOffice advantage LibreOffice is the best.....»»
PostgreSQL databases under attack
Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access.....»»
“Something has gone seriously wrong,” dual-boot systems warn after Microsoft update
Microsoft said its update wouldn't install on Linux devices. It did anyway. Enlarge (credit: Getty Images) Last Tuesday, loads of Linux users—many running packages released as early as this year—started reporting the.....»»
Security flaws in Microsoft Mac apps could let attackers spy on users
Cisco Talos recently uncovered security vulnerabilities in several Microsoft apps for macOS that can potentially let attackers spy on your camera and other system components.Security flaws found in Microsoft apps for MacTalos claims to have found eig.....»»
Windows 11 is losing in gaming performance
AMD's new Ryzen 9000 series processors are reportedly offering better gaming performance on Linux compared to Windows......»»
AltStore PAL now free, thanks to grant from Epic Games
Third-party iOS app store AltStore PAL is now free of charge, following a grant provided by Epic Games. This means there will be no annual subscription fee for new users, and existing subscribers to the EU app store will not be charged when their.....»»
You definitely want to install these 90 Windows security patches
Microsoft release huge amount of fixes to fix a jaw-dropping 90 security flaws that include nine critical bugs......»»
macOS Sequoia will now prompt you monthly (not weekly) for screen recording permissions
Apple has changed its screen recording privacy prompt in the latest beta of macOS Sequoia. As we reported last week, Apple’s initial plan was to prompt users to grant screen recording permissions weekly. In macOS Sequoia beta 6, however, Apple.....»»
Framework Laptop 13 reviewed, again: Meteor Lake meh, Linux upgrades good
Intel's latest chips often fall behind Ryzen, or even older Intel CPUs. Enlarge / The ever-evolving Framework Laptop 13 is back again, this time with some Linux-friendly upgrades and Intel's new Meteor Lake-based Core Ultra CPUs.....»»
Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)
A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interact.....»»
Almost unfixable “Sinkclose” bug affects hundreds of millions of AMD chips
Worse-case scenario: "You basically have to throw your computer away." Security flaws in your computer's firmware, the deep-seated code that loads first when you turn the machine on and controls even how its operating system boots up.....»»
Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)
Two vulnerabilities (CVE-2024-42219, CVE-2024-42218) affecting the macOS version of the popular 1Password password manager could allow malware to steal secrets stored in the software’s vaults and obtain the account unlock key, AgileBits has con.....»»