15Oct 2023 by webmaster No Comments
Looney Tunables- A High Severity Local Privilege Escalation Vulnerability in GNU C Library Aka glibc- CVE-2023-4911

Looney Tunables- A High Severity Local Privilege Escalation Vulnerability in GNU C Library Aka glibc- CVE-2023-4911

LUNIX
The Qualys Threat Research Unit (TRU) recently disclosed a high-severity vulnerability in GNU C Library aka glibc that could allow a local attacker to gain root privileges. This vulnerability, tracked as CVE-2023-4911 and nicknamed “Looney Tunables”, has been given a CVSS score of 7.8 making it a critical security issue that needs immediate attention. In this blog post, we will take a look into this vulnerability – its origins, impact, and the steps you need to take to patch this vulnerability on Linux systems using glibc. A Short Note About GNU C Library The GNU C Library or glibc provides core OS functionality like memory allocation, input/output operations, and thread handling required by most programs on a Linux system. A key component of glibc is the dynamic loader (ld.so) which loads the required shared libraries and…
Read More
14Sep 2023 by webmaster No Comments
Discover the Easiest Way to Install Docker on Ubuntu With This Step-by-Step Guide!

Discover the Easiest Way to Install Docker on Ubuntu With This Step-by-Step Guide!

LUNIX
If you are new to the Docker environment, you don’t know what the Docker is. The short answer is that Docker is an open-source platform that provides the management interface to manage containers. Using Dockers, you can do a lot of administrative tasks on containers, like create, delete, run, stop, and configure containers. If you want to have a complete idea about Docker and containers, we have published several posts on the Installing Docker on Ubuntu is a great way to get started with using containers for your development or production environment. It’s simple and straightforward and makes it easy to get up and running quickly. In this article, we’ll walk you through the step-by-step procedure to install Docker on Ubuntu. We’ll cover the prerequisites, downloading and installing Docker, using…
Read More
23Aug 2023 by webmaster No Comments
Where You Should Get Started with Docker- Community Edition (CE) vs Enterprise Edition (EE)

Where You Should Get Started with Docker- Community Edition (CE) vs Enterprise Edition (EE)

Cyber Security, LUNIX
When it comes to modern software development and deployment, Docker is at the forefront, offering an array of possibilities. Let’s delve into the intriguing world of Docker, with a specific focus on its Community Edition, and examine how you can seamlessly get started with this powerful container management tool. The time where you start your Docker journey, it’s required to know the similarities and differences between the Community Edition (CE) and the Enterprise Edition (EE). In this blog post, we aim to simplify your decision-making process by comprehensively comparing Docker CE and Docker EE, assessing their features, use cases, and suitability for different project scales. This comparison will provide you with the necessary insights to identify which edition aligns best with your specific needs, helping you kick-start your Docker journey…
Read More
22Aug 2023 by webmaster No Comments
How to Protect Your Windows PC from Brute Force Attacks Using Group Policies?

How to Protect Your Windows PC from Brute Force Attacks Using Group Policies?

Cyber Attacks, Data Breaches, LUNIX, Threats & Vulnerabilities
Brute force attacks are one of the top three ways that Windows computers are attacked today. These attacks involve malicious actors trying to guess user passwords by repeatedly trying different password combinations. If successful, the attacker gains access to the compromised account and can further penetrate the system. Windows devices have traditionally been vulnerable to brute force attacks against local administrator accounts. This is because Windows did not allow built-in local Administrator accounts to be locked out, no matter how many failed login attempts occurred. Attackers could essentially launch an unlimited number of password guesses over the network against the administrator account. However, Microsoft has introduced new security capabilities in recent Windows versions to counter brute force password attacks against local administrator accounts. By properly configuring new Group Policy settings, you can now…
Read More
22Aug 2023 by webmaster No Comments
3 Flaws in PowerShell Gallery Could Lead to Supply Chain Attacks- Common Countermeasures

3 Flaws in PowerShell Gallery Could Lead to Supply Chain Attacks- Common Countermeasures

Linux, LUNIX
A team of security researchers from Aqua recently uncovered three critical vulnerabilities in Microsoft’s PowerShell Gallery that could enable attackers to conduct devastating supply chain attacks. Mor Weinberger, Yakir Kadkoda, and Ilay Goldman revealed flaws that allow threat actors to spoof legitimate packages and gain access to deleted secrets. The researchers were able to upload a fake package mimicking a popular Azure module that received callbacks from numerous cloud environments. This highlights the ease with which attackers could potentially compromise countless organizations by poisoning the repository. Despite responsible disclosure, Microsoft is yet to implement comprehensive fixes to the packaging system used by millions. The flaws enable typosquatting, metadata spoofing, and exposure of unpublished packages. Until addressed, PowerShell Gallery users are advised to implement cautionary measures to avoid becoming victims. In this blog, we…
Read More
22Aug 2023 by webmaster No Comments
Step-by-Step Procedure to Deploy RDP Certificates Using GPO

Step-by-Step Procedure to Deploy RDP Certificates Using GPO

Cloud & OS Platforms, Linux, LUNIX
Remote Desktop Protocol (RDP) is an essential tool for IT administrators to remotely manage servers and desktops. However, by default, RDP uses weak encryption and is susceptible to man-in-the-middle attacks. Administrators use RDP certificates to secure weak RDP connections. We have published a blog post, “Step By Step Procedure To Fix The RDP Certificate Error On Windows Servers” There, we showed how to get RDP certificate and how to bind that certificate to a Windows server. Deploying RDP certificates on a server or a small number of servers could be manageable, but what if, in larger environments, it’s laborious, isn’t it? Administrators can use Group Policy Objects (GPOs) to deploy RDP certificates. RDP certificates utilize the Transport Layer Security (TLS) protocol to authenticate and encrypt RDP connections. The certificates are…
Read More
15Jun 2023 by Ernest Haberli Jr. No Comments
Mastering Linux Security: Top Linux Security Tools You Should Know About

Mastering Linux Security: Top Linux Security Tools You Should Know About

Application Security, Application/Appliance, Best Reads, Cloud & OS Platforms, Cyber Security, LUNIX, Network Security, Tutorials
Linux security tools are essential for protecting your system and data from potential cyber attacks. That’s why all Linux administrators need to learn how to use them, regardless of their experience level. In this article, we will explore some of the top Linux security tools and show you how to set them up. You will also learn about different categories of security tools. Types of Linux Security Tools Securing a Linux system requires a multi-layered approach that involves using a combination of different types of security tools. By understanding the purpose of each tool, you can select the right ones to protect your system from various security threats. Antivirus One of the most crucial types of Linux security tools for protecting your system against malware is antivirus software. These tools…
Read More