Category Archives: News

News

Linux For Beginners

Read Time:5 Minute, 18 Second

The content of this post is solely the responsibility of the author.  LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

Welcome to the world of Linux! This blog will take you on a step-by-step journey on how to get familiar with Linux if you are a new user. By the end, you’ll have an understanding of Linux and how to use it effectively.

Linux is an open-source operating system that manages your computer’s hardware and software resources. Unlike proprietary systems like Windows and macOS, Linux is free to use, modify, and distribute. Its open-source nature has created a vibrant community and many different versions of Linux, known as distributions (distros).

Why Use Linux?

Cost-Free: Linux is free to download, use, and modify.

Security: It is known for its strong security features and regular updates.

Flexibility: Highly customizable to fit your specific needs.

Performance: Efficient and can run well on older hardware.

Getting Started with Linux

Ubuntu:Known for its user-friendliness and extensive documentation.

Fedora: Offers cutting-edge features and a strong focus on security.

Debian: Valued for its stability and reliability, especially in server environments.

Kali Linux and Parrot Security OS: Debian-based distros tailored for penetration testing and security research.

Backbox: An Ubuntu-based distribution optimized for security assessments.

Installing Linux

You can install Linux alongside your existing operating system (dual-boot) or as a Virtual Machine on your Host OS (Primary OS) using a Virtualization Software like Virtual box, VMware, Microsoft Hyper-V etc. In order to create and run a Virtual Machine (Guest OS), We need to meet certain technical specification like processor should support Virtualization Technology and it should be enabled (It can be enabled/disabled from BIOS/UEFI settings). Most modern processors support Virtualization. Virtualization allows you to share your system resources (RAM, Storage, Network etc. ) without requiring you to install a completely new OS from scratch, it allows you to run multiple virtual machines. Let us take a look at steps we can follow to create an Ubuntu Virtual Machine using Oracle Virtual Box. You can download VirtualBox installer from VirtualBox.org and follow the installation steps. Once Virtual Box is installed:

Download Ubuntu ISO: Get the desired version from the Ubuntu official website. Many Linux distributions already share their VM editions (You can download the VM version of that OS you are installing, if available)

Enable Virtualization: Restart your PC, while booting up press F2 or F10 enter BIOS/UEFI settings, and enable Intel VT-x or AMD-V. (You can find this information on system manufactures website).

Open VirtualBox, click “New”, name the VM, select “Linux” > “Ubuntu”, allocate at least 2048 MB RAM (2GB RAM), and create a virtual hard disk of at least 20 GB, you can customise the Allocated RAM and Storage if you have more RAM available or more storage available .

Go to VM Settings > Storage > Controller: IDE > Empty > Choose disk file > Select Ubuntu ISO.

Select the VM and click “Start”, then follow on-screen instructions to install Ubuntu.

After installation, remove the ISO from the virtual drive by going to Devices > Optical Drives > Remove disk from virtual drive.

Optional – Install Guest Additions: Guest additions allow user to install device drivers and performance enhancements. To install Guest additions, In the running VM, go to Devices > Insert Guest Additions CD image and follow the prompts for better integration.

Once the installation in finished and we are boot up, it is advisable to update your newly created virtual machine once. We can do so by going to terminal, you can find it in launcher as well can launch by pressing ctrl+alt+t. For updating our machine, Linux uses package managers to install and manage software. On Ubuntu, the default package manager is APT (Advanced Package Tool).

Update Package List: sudo apt update

Upgrade Packages: sudo apt upgrade

Install a Package: sudo apt install package_name

Remove a Package: sudo apt remove package_name

Navigating the Linux File System

The Linux file system structure is different from Windows.

Here’s a quick overview:

root Directory (/):

The top level of the file system home Directory (/home):

Where user files and settings are stored If there were multiple users you would see respective directories with username under home directory.

bin Directory (/bin): Contains essential binary files (programs) etc directory (/etc):

etc directory (/etc): Configuration files for the system

Configuration files for the system The command line interface (CLI) in Linux is powerful and is accessible through a command shell called terminal. Here are some essential commands:

ls: List files in a directory

cd: Change directory

pwd: Print working directory

cp: Copy files

mv: Move or rename files

rm: Remove files

sudo: Temporarily grant users or user groups privileged access while running a command which requires permissions to execute.

man: To display user manual of any command (man sudo will show user manual for sudo command)

Managing Files and Directories

Creating, moving, and deleting files can be done with simple commands:

mkdir: Create a new directory

touch: Create a file

cp: Copy a file

mv: Move or Rename a file

rm: Delete a file

Permissions and Ownership

Linux is a multi-user system, and understanding file permissions and ownership is crucial. Permissions are represented by a series of characters like rwxr-xr-x. Each set of three characters represents read (r), write (w), and execute (x) permissions for the owner, group, and others.

View Permissions: ls -l

Let’s move ahead and see how permissions will change for file 1 if made executable, we can compare with above snapshot.

Change Permissions: chmod permissions file

In above screenshot we used chmod +x filename to make the file executable.

Other Resources

 In case you do want to take a glance at what a command will do in your Linux system, you can check explainshell.com, lets take a look:

Now we have basic understanding of Linux file system architecture and commands, in our next blog we will take a closer look at network configuration and other related settings.

Hope this blog will help you being familiar and comfortable with using Linux systems. We will take a closer look at Network configuration and related options in our next blog. Happy Learning!

Read More

News

UK Prime Minister Keir Starmer and Prince William deepfaked in investment scam campaign

Read Time:21 Second

Scammers are once again using deepfake technology to dupe unwary internet Facebook and Instagram users into making unwise cryptocurrency investments.

AI-generated videos promoting fraudulent cryptocurrency trading platform Immediate Edge have used deepfake footage of British Prime Minister Sir Keir Starmer and His Royal Highness Prince William to reach an estimated 890,000 people via Meta’s social media platforms.

Read more in my article on the Hot for Security blog.

Read More

News

Six 0-Days Lead Microsoft’s August 2024 Patch Push

Read Time:3 Minute, 38 Second

Microsoft today released updates to fix at least 90 security vulnerabilities in Windows and related software, including a whopping six zero-day flaws that are already being actively exploited by attackers.

Image: Shutterstock.

This month’s bundle of update joy from Redmond includes patches for security holes in Office, .NET, Visual Studio, Azure, Co-Pilot, Microsoft Dynamics, Teams, Secure Boot, and of course Windows itself. Of the six zero-day weaknesses Microsoft addressed this month, half are local privilege escalation vulnerabilities — meaning they are primarily useful for attackers when combined with other flaws or access.

CVE-2024-38106, CVE-2024-38107 and CVE-2024-38193 all allow an attacker to gain SYSTEM level privileges on a vulnerable machine, although the vulnerabilities reside in different parts of the Windows operating system.

Microsoft’s advisories include little information about the last two privilege escalation flaws, other than to note they are being actively exploited. Microsoft says CVE-2024-38106 exists in the Windows Kernel and is being actively exploited, but that it has a high “attack complexity,” meaning it can be tricky for malware or miscreants to exploit reliably.

“Microsoft lists exploit complexity as high due to the attacker needing to win a race condition,” Trend Micro’s ZeroDay Initiative (ZDI) noted. “However, some races are easier to run than others. It’s times like this where the CVSS can be misleading. Race conditions do lead to complexity high in the CVSS score, but with attacks in the wild, it’s clear this bug is readily exploitable.”

Another zero-day this month is CVE-2024-38178, a remote code execution flaw that exists when the built-in Windows Edge browser is operating in “Internet Explorer Mode.” IE mode is not on by default in Edge, but it can be enabled to work with older websites or applications that aren’t supported by modern Chromium-based browsers.

“While this is not the default mode for most users, this exploit being actively exploited suggests that there are occasions in which the attacker can set this or has identified an organization (or user) that has this configuration,” wrote Kev Breen, senior director of threat research at Immersive Labs.

CVE-2024-38213 is a zero-day flaw that allows malware to bypass the “Mark of the Web,” a security feature in Windows that marks files downloaded from the Internet as untrusted (this Windows Smartscreen feature is responsible for the “Windows protected your PC” popup that appears when opening files downloaded from the Web).

“This vulnerability is not exploitable on its own and is typically seen as part of an exploit chain, for example, modifying a malicious document or exe file to include this bypass before sending the file via email or distributing on compromised websites,” Breen said.

The final zero-day this month is CVE-2024-38189, a remote code execution flaw in Microsoft Project. However, Microsoft and multiple security firms point out that this vulnerability only works on customers who have already disabled notifications about the security risks of running VBA Macros in Microsoft Project (not the best idea, as malware has a long history of hiding within malicious Office Macros).

Separately, Adobe today released 11 security bulletins addressing at least 71 security vulnerabilities across a range of products, including Adobe Illustrator, Dimension, Photoshop, InDesign, Acrobat and Reader, Bridge, Substance 3D Stager, Commerce, InCopy, and Substance 3D Sampler/Substance 3D Designer. Adobe says it is not aware of active exploitation against any of the flaws it fixed this week.

It’s a good idea for Windows users to stay current with security updates from Microsoft, which can quickly pile up otherwise. That doesn’t mean you have to install them on Patch Tuesday each month. Indeed, waiting a day or three before updating is a sane response, given that sometimes updates go awry and usually within a few days Microsoft has fixed any issues with its patches. It’s also smart to back up your data and/or image your Windows drive before applying new updates.

For a more detailed breakdown of the individual flaws addressed by Microsoft today, check out the SANS Internet Storm Center’s list. For those admins responsible for maintaining larger Windows environments, it pays to keep an eye on Askwoody.com, which frequently points out when specific Microsoft updates are creating problems for a number of users.

Read More

News

The AI Fix #11: AI gods, a robot dentist, and an angry human

Read Time:27 Second

In episode 11 of The AI Fix, OpenAI battles a Shakespearean lawyer, Graham sings an uncanny bluegrass acrostic, Google drops the ball with a terrible AI ad, and Mark wonders why there’s no sound on a video of an AI dentist.

Graham finds religion with a little help from a man named “L Ron”, a traffic cone saves the world, and Mark has a heated argument with belligerent ChatGPT.

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

Read More