We assess apps owned by the People’s Republic of China (PRC) and the potential threat posed to users. Does the PRC leverage these apps for data collection and influence operations?
Daily Archives: August 14, 2024
Critical Vulnerability Found in Microsoft’s AI Healthcare Chatbot
Tenable detailed two privilege escalation vulnerabilities in the Azure Health Bot Service, one of which has been rated critical
Cyber-Attack Spreads Phishing Scam Across Greater Manchester Areas
A cyber-attack has hit several boroughs across Greater Manchester, England, leaving thousands of residents vulnerable to a phishing scam
community-mysql-8.0.39-1.fc39
FEDORA-2024-c611359ae1
Packages in this update:
community-mysql-8.0.39-1.fc39
Update description:
MySQL 8.0.39
Release notes:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-38.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-39.html
Linux For Beginners
The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article.
Welcome to the world of Linux! This blog will take you on a step-by-step journey on how to get familiar with Linux if you are a new user. By the end, you’ll have an understanding of Linux and how to use it effectively.
Linux is an open-source operating system that manages your computer’s hardware and software resources. Unlike proprietary systems like Windows and macOS, Linux is free to use, modify, and distribute. Its open-source nature has created a vibrant community and many different versions of Linux, known as distributions (distros).
Why Use Linux?
Cost-Free: Linux is free to download, use, and modify.
Security: It is known for its strong security features and regular updates.
Flexibility: Highly customizable to fit your specific needs.
Performance: Efficient and can run well on older hardware.
Getting Started with Linux
Ubuntu:Known for its user-friendliness and extensive documentation.
Fedora: Offers cutting-edge features and a strong focus on security.
Debian: Valued for its stability and reliability, especially in server environments.
Kali Linux and Parrot Security OS: Debian-based distros tailored for penetration testing and security research.
Backbox: An Ubuntu-based distribution optimized for security assessments.
Installing Linux
You can install Linux alongside your existing operating system (dual-boot) or as a Virtual Machine on your Host OS (Primary OS) using a Virtualization Software like Virtual box, VMware, Microsoft Hyper-V etc. In order to create and run a Virtual Machine (Guest OS), We need to meet certain technical specification like processor should support Virtualization Technology and it should be enabled (It can be enabled/disabled from BIOS/UEFI settings). Most modern processors support Virtualization. Virtualization allows you to share your system resources (RAM, Storage, Network etc. ) without requiring you to install a completely new OS from scratch, it allows you to run multiple virtual machines. Let us take a look at steps we can follow to create an Ubuntu Virtual Machine using Oracle Virtual Box. You can download VirtualBox installer from VirtualBox.org and follow the installation steps. Once Virtual Box is installed:
Download Ubuntu ISO: Get the desired version from the Ubuntu official website. Many Linux distributions already share their VM editions (You can download the VM version of that OS you are installing, if available)
Enable Virtualization: Restart your PC, while booting up press F2 or F10 enter BIOS/UEFI settings, and enable Intel VT-x or AMD-V. (You can find this information on system manufactures website).
Open VirtualBox, click “New”, name the VM, select “Linux” > “Ubuntu”, allocate at least 2048 MB RAM (2GB RAM), and create a virtual hard disk of at least 20 GB, you can customise the Allocated RAM and Storage if you have more RAM available or more storage available .
Go to VM Settings > Storage > Controller: IDE > Empty > Choose disk file > Select Ubuntu ISO.
Select the VM and click “Start”, then follow on-screen instructions to install Ubuntu.
After installation, remove the ISO from the virtual drive by going to Devices > Optical Drives > Remove disk from virtual drive.
Optional – Install Guest Additions: Guest additions allow user to install device drivers and performance enhancements. To install Guest additions, In the running VM, go to Devices > Insert Guest Additions CD image and follow the prompts for better integration.
Once the installation in finished and we are boot up, it is advisable to update your newly created virtual machine once. We can do so by going to terminal, you can find it in launcher as well can launch by pressing ctrl+alt+t. For updating our machine, Linux uses package managers to install and manage software. On Ubuntu, the default package manager is APT (Advanced Package Tool).
Update Package List: sudo apt update
Upgrade Packages: sudo apt upgrade
Install a Package: sudo apt install package_name
Remove a Package: sudo apt remove package_name
Navigating the Linux File System
The Linux file system structure is different from Windows.
Here’s a quick overview:
root Directory (/):
The top level of the file system home Directory (/home):
Where user files and settings are stored If there were multiple users you would see respective directories with username under home directory.
bin Directory (/bin): Contains essential binary files (programs) etc directory (/etc):
etc directory (/etc): Configuration files for the system
Configuration files for the system The command line interface (CLI) in Linux is powerful and is accessible through a command shell called terminal. Here are some essential commands:
ls: List files in a directory
cd: Change directory
pwd: Print working directory
cp: Copy files
mv: Move or rename files
rm: Remove files
sudo: Temporarily grant users or user groups privileged access while running a command which requires permissions to execute.
man: To display user manual of any command (man sudo will show user manual for sudo command)
Managing Files and Directories
Creating, moving, and deleting files can be done with simple commands:
mkdir: Create a new directory
touch: Create a file
cp: Copy a file
mv: Move or Rename a file
rm: Delete a file
Permissions and Ownership
Linux is a multi-user system, and understanding file permissions and ownership is crucial. Permissions are represented by a series of characters like rwxr-xr-x. Each set of three characters represents read (r), write (w), and execute (x) permissions for the owner, group, and others.
View Permissions: ls -l
Let’s move ahead and see how permissions will change for file 1 if made executable, we can compare with above snapshot.
Change Permissions: chmod permissions file
In above screenshot we used chmod +x filename to make the file executable.
Other Resources
In case you do want to take a glance at what a command will do in your Linux system, you can check explainshell.com, lets take a look:
Now we have basic understanding of Linux file system architecture and commands, in our next blog we will take a closer look at network configuration and other related settings.
Hope this blog will help you being familiar and comfortable with using Linux systems. We will take a closer look at Network configuration and related options in our next blog. Happy Learning!
libtiff-4.6.0-6.fc41
FEDORA-2024-f19c79e713
Packages in this update:
libtiff-4.6.0-6.fc41
Update description:
Automatic update for libtiff-4.6.0-6.fc41.
Changelog
* Wed Aug 14 2024 Michal Hlavinka <mhlavink@redhat.com> – 4.6.0-6
– fix CVE-2024-7006 (rhbz#2302997)
– fix CVE-2023-52356 (rhbz#2260112)
– fix CVE-2023-6228 (rhbz#2251863)
NCSC Calls on UK Firms to Join Mass Cyber-Deception Initiative
The UK’s National Cyber Security Centre wants to test the effectiveness of cyber-deception tactics
libtiff-4.6.0-6.fc42
FEDORA-2024-4d0efe49df
Packages in this update:
libtiff-4.6.0-6.fc42
Update description:
Automatic update for libtiff-4.6.0-6.fc42.
Changelog
* Wed Aug 14 2024 Michal Hlavinka <mhlavink@redhat.com> – 4.6.0-6
– fix CVE-2024-7006 (rhbz#2302997)
– fix CVE-2023-52356 (rhbz#2260112)
– fix CVE-2023-6228 (rhbz#2251863)
Microsoft Fixes Nine Zero-Days on Patch Tuesday
Microsoft’s August Patch Tuesday saw the tech giant address nine zero-day vulnerabilities
UK Prime Minister Keir Starmer and Prince William deepfaked in investment scam campaign
Scammers are once again using deepfake technology to dupe unwary internet Facebook and Instagram users into making unwise cryptocurrency investments.
AI-generated videos promoting fraudulent cryptocurrency trading platform Immediate Edge have used deepfake footage of British Prime Minister Sir Keir Starmer and His Royal Highness Prince William to reach an estimated 890,000 people via Meta’s social media platforms.
Read more in my article on the Hot for Security blog.