Linux - Security Master

15Oct 2023 by webmaster No Comments

How to Protect Your Apple Devices From CVE-2023-42824 and CVE-2023-5217?

Apple recently released iOS 17.0.3 and iPadOS 17.0.3 to address two critical vulnerabilities, CVE-2023-42824 and CVE-2023-5217, that could allow malicious actors to execute arbitrary code on affected devices. These flaws affect various iPhone and iPad models and could be exploited if a user visits a malicious website or is targeted by specially crafted web content. To protect your Apple devices, it is essential to apply the latest updates as soon as possible to ensure your devices are protected against potential attacks leveraging these vulnerabilities. We published this blog post to provide an overview of the vulnerabilities Apple devices impacted, and educate thesecmaster.com users on keeping your devices secure. before we jump into the topic of discussion, let us see a short introduction about WebRTC since these flaws stemmed from the Kernel and…

15Oct 2023 by webmaster No Comments

Raspberry Pi 4 8GB Starter Kit Review

Linux, Programming & Scripting

Imagine the heights you can reach with the Raspberry Pi 4 8GB Starter Kit – 128GB Edition! This incredible tech pack comes fully loaded with a Raspberry Pi 4 8GB Model B, featuring a 1.5GHz 64-bit quad-core CPU (8GB RAM). The kit also boasts a highly efficient Raspberry Pi 4B case that contains a supremely quiet 40mm PWM fan and four heat sinks, ensuring your device maintains excellent heat distribution. You also get a perfectly stable 5V 3.6A Type C Power Supply sporting an ON/OFF switch for your convenience, along with TUV and RoHS certifications guaranteeing professional standards. A huge bonus is the 128GB High Speed Class 10 Card that comes with a Card Reader, ensuring compatibility with all versions of Raspberry Pi. And on top of all that, your package…

15Oct 2023 by webmaster No Comments

How to Upgrade Metasploit Framework on Kali Linux From Metasploit Repository?

Linux, Pen Testing

Metasploit Framework is one of the most popular open-source penetration testing tools used by ethical hackers and cybersecurity professionals. It provides an easy way to find and exploit vulnerabilities on networks and systems. However, like any software, Metasploit needs to be updated regularly to take advantage of the latest exploits, payloads, evasion modules, and other enhancements. Unfortunately, the Metasploit updates are not always available in the standard Kali Linux repositories. So if you rely on the default apt update and apt upgrade commands, you may not have the most recent Metasploit version. In this blog post, we will show you how to easily upgrade Metasploit on Kali Linux directly from the Metasploit repository. This ensures you are running the latest and greatest version with all the newest features. A Short Introduction to Metasploit Framework Metasploit Framework is…

14Sep 2023 by webmaster No Comments

Step-by-Step Procedure to Install Python on Windows

Linux

Python is a versatile and popular programming language that has gained widespread recognition for its ease of use and readability. It’s suitable for a variety of tasks, ranging from web development to data analysis, and is a valuable skill for professionals in the tech industry. Installing Python on Windows may seem complicated, but with a step-by-step guide, users can have their systems up and running in no time. For those looking to get started with Python on their Windows computer, the process is straightforward and accessible. It involves downloading the appropriate installer, making sure the environment is correctly set up, and using tools like the command-line interface to interact successfully with the programming language. By following a comprehensive step-by-step guide, even those who are new to programming can easily install…

14Sep 2023 by webmaster No Comments

Step-by-Step Procedure to Install PyCharm on Windows

Linux

Even in 2023, Windows is the most commonly used computer operating system. According to statista’s report, Windows runs more than 74% of global computers. This proves the popularity of Windows, from school projects to university research and gaming to scientific projects. When it comes to high-level programming language, Python is the computer programming language that stands out of the crowd for numerous reasons, such as flexibility, platform independence, a large set of libraries, and open-source licensing. Well, this clarifies how powerful when Windows and Python are used together. But wait, how do you use Python on Windows? You can download the installation package from python.org and install it on Windows like other operating systems. But, there is a more sophisticated way to run Python on Windows. There are several IDE (Integrated Development Environments) available…

14Sep 2023 by webmaster No Comments

Understand Docker Containers With TheSecMaster

Linux

Some of our readers have requested information about Docker and container technology. We have decided to publish an article on Docker Containers to help many users understand the technical aspects of Docker and containers. In this blog post, we will clarify the concept of containers and their different types, explain what Docker is, explore the relationship between Docker and containers, discuss the appropriate use cases for Docker, delve into the problems Docker solves in development, address whether Docker replaces virtualization, explain the differences between Docker containers and virtual machines, and answer a few more questions that will aid in understanding Docker. Before we delve directly into Docker, let’s begin by exploring containers, as it will make it easier to comprehend Docker if you are familiar with containers. What is a Container? A…

14Sep 2023 by webmaster No Comments

Understand the Docker Architecture with TheSecMaster

Linux

This is our second article about Docker. We covered most of the basic information about Docker and container technology in a different blog post. Please make sure you read the post “Understand Docker Containers With TheSecMaster” if you haven’t read it yet. Components of Docker Docker is a popular open-source tool designed to facilitate the creation, deployment, and execution of applications using containers. Containers allow developers to bundle an application with all its necessary parts, such as libraries and dependencies, and distribute it as a single package. Docker requires multiple components to function properly. Before we dive into the Docker Architecture, let’s familiarize ourselves with the different components of Docker. Docker Engine: The Docker Engine is the base layer of the Docker architecture. It’s a lightweight runtime that builds and runs your Docker images.…

14Sep 2023 by webmaster No Comments

Where You Should Get Started with Docker- Community Edition (CE) vs Enterprise Edition (EE)

Linux

When it comes to modern software development and deployment, Docker is at the forefront, offering an array of possibilities. Let’s delve into the intriguing world of Docker, with a specific focus on its Community Edition, and examine how you can seamlessly get started with this powerful container management tool. The time where you start your Docker journey, it’s required to know the similarities and differences between the Community Edition (CE) and the Enterprise Edition (EE). In this blog post, we aim to simplify your decision-making process by comprehensively comparing Docker CE and Docker EE, assessing their features, use cases, and suitability for different project scales. This comparison will provide you with the necessary insights to identify which edition aligns best with your specific needs, helping you kick-start your Docker journey…

13Sep 2023 by webmaster No Comments

3 Common Types of Processed-Based Attacks Used by Malware Programs to Evade Detection- Process Injection, Process Hallowing, And Process Doppelganging

Linux

Growing technologies are making both attacks and prevention techniques more and more sophisticated. These technologies have made both adversaries and security professionals engage in a rat race. Attackers try every possible method to evade detection, while security professionals strive to thwart their attempts. Therefore, for a security professional, it is not optional to learn evasion techniques; it is a must. Although we can’t cover all evasion techniques in one post, we believe that by learning these three common types of process-based attacks used by malware programs to evade detection, you will be able to understand and detect many cyber attacks and create a strategy to protect your resources. In this post, we will cover the most common attacks targeting system processes by malicious programs. They are: Process Injection Process Hallowing Process Doppelganging Process Injection:…

23Aug 2023 by webmaster No Comments

How to Fix CVE-2023-38408- A Remote Code Execution Vulnerability in OpenSSH’s forwarded ssh-agent?

Linux

On 19th July 2023, OpenSSH released the release notes of OpenSSH 9.3p2, which addressed a Remote Code Execution Vulnerability in OpenSSH’s forwarded ssh-agent. The flaw is tracked as CVE-2023-38408 allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH’s forwarded ssh-agent. Since the flaw allows attackers to perform Remote Code Execution on the victim machine and its widespread use of OpenSSH’s forwarded ssh-agent, it is highly recommended to learn how to Fix CVE-2023-38408- a Remote Code Execution Vulnerability in OpenSSH’s forwarded ssh-agent. The Qualys Threat Research Unit (TRU) has been credited with the discovery of this vulnerability upon they reported the flaw on 7th July 2023. Before we jump in to learn how to Fix CVE-2023-38408- a Remote Code Execution Vulnerability in OpenSSH’s forwarded ssh-agent, let’s see a short intro…