Full Circle Magazine FR

Canonical accelerates Gnome Shell According to a post in the Ubuntu forum, Canonical developers have noticed that the Gnome shell in Ubuntu 19.04, which is based on Gnome 3.32, was noticeably slower than other desktop environments. The reason was initially assumed to be the use of JavaScript, but it turned out that JavaScript was only about ten percent of the code in the combination of Gnome-Shell with the window manager mother and was not responsible for the observed slowness. The next guess was that the software was overburdening the CPU or graphics card. But measurements showed that this was not the case. What emerged instead was that the processors were forced to idle too long. The optimization of the Gnome shell should concentrate on modern and fast hardware for Ubuntu 20.04. Remaining problems that affect older and slower computers should be addressed and solved in Ubuntu 20.10. Source: https://www.pro-linux.de/news/1/27546/canonical-beschleunigt-gnome-shell.html

Canonical augmente la vitesse de Gnome Shell

D'après un billet sur les forums Ubuntu, les développeurs de Canonical ont remarqué que le shell Gnome dans Ubuntu 19.04, basé sur Gnome 3.32, était sensiblement plus lent comparé à d'autres environnements de bureau. Au départ, on avait supposé que l'utilisation de JavaScript en était la cause, mais il s'est avéré que JavaScript ne formait qu'environ dix pour cent du code dans la combinaison de Gnome-Shell avec le gestionnaire de fenêtres et nétait pas responsable du ralenti. Après on a pensé que c'était le logiciel qui surchargeait le processeur ou la carte graphique. Mais les mesures démontraient que ce n'était pas le cas ; en fait, la cause de la lenteur était que les processeurs était obligés d'être inactifs pendant trop longtemps.

L'optimisation de Gnome Shell pour Ubuntu 20.04 devrait se concentré sur des matériaux modernes et rapides. Les problèmes restants qui affectent des ordinateurs vieillissants et moins rapide devrait être traités et solutionnés dans Ubuntu 20.10.

Source: https://www.pro-linux.de/news/1/27546/canonical-beschleunigt-gnome-shell.html

Automated testing comes to the Linux kernel: KernelCI At the recent Linux Kernel Plumbers get-together in Lisbon, Portugal, one of the hottest topics was how to bring better and automated testing to the Linux kernel. There, the top Linux developers united their efforts behind one testing framework: KernelCI. So, while there will still be many Linux testing suites, no longer will they stand alone without any real coordination between them. KernelCI's goal going forward will be not just to test a wider variety of devices but to unify all upstream Linux kernel testing efforts. Together, this will provide a single place to store, view, compare and track testing results. KernelCI will improve Linux Long Term Support (LTS) kernel testing and validation; consolidate existing testing initiatives; improve Linux's overall security; and increase the pool of tested hardware. This, in turn, will improve the quality, stability. and long-term maintenance of the Linux kernel. Source: https://www.zdnet.com/article/automated-testing-comes-to-the-linux-kernel-kernelci/

Fedora 31 Officially Released with GNOME 3.34 & Linux 5.3, Drops 32-Bit Support Fedora 31 has been in development during the past six months, and after a one-week delay, it's finally here packed with some of the latest and greatest Open Source software and GNU/Linux technologies, including the GNOME 3.34 desktop environment, Linux 5.3 kernel, Glibc 2.30, Python 3, and Node.js 12. Fedora 31 brings numerous other improvements for fans of the open-source operating system, including variable Google Noto fonts, Qt Wayland and Firefox Wayland by default in GNOME, zstd compression for RPMs for faster updates, automatic R runtime dependencies, minimal GDB in buildroot, and custom crypto policies. On top of that, Fedora 31 also disables root password login in SSH, improves Fedora Toolbox containerized workflow, enables net.ipv4.ping_group_range parameter in the Linux kernel to let users create ICMP Echo sockets without using setuid binaries, and improves support for Rockchip SoC devices like Rock960, RockPro64, and Rock64. Source: https://news.softpedia.com/news/fedora-31-officially-released-with-gnome-3-34-linux-5-3-drops-32-bit-support-528031.shtml

Machine Learning alone will not find any bugs The Microsoft employed developer Sasha Levin maintains together with Greg Kroah-Hartman the so-called stable branches of the Linux kernel. Among other things, Levin uses a machine learning approach to find the necessary patches for improvement. As the developer reported in his presentation at this year's Open Source Summit Europe in Lyon, he had been repeatedly asked, because of his work, whether it could have found bugs before they are even incorporated into the kernel. The answer is, according to Levin, anything but simple, as he presents in a detailed analysis. Because, as many developers know, detecting bad code is not a manageable task. Although there are already a variety of tools for finding errors, such as static code analysis. But from the point of view of Levin, the biggest source of error in the development of the Linux kernel is its development process itself. The developer tries to underpin this with his own analyzes. Source: https://www.golem.de/news/linux-kernel-machine-learning-allein-findet-keine-bugs-1910-144689.html

Running on Intel? If you want security, disable hyper-threading, says Linux kernel maintainer Linux kernel dev Greg Kroah-Hartman reckons Intel Simultaneous Multithreading (SMT) - also known as hyper-threading - should be disabled for security due to MDS (Microarchitectural Data Sampling) bugs. Kroah-Hartman, who was speaking at the Open Source summit in Lyons, has opened up on the subject before. “I gave a talk last year about Spectre and how Linux reacted to it,” he told The Reg. “And then this year it's about things found since the last talk. It's more and more of the same types of problems. “These problems are going to be with us for a long time; they're not going away.” There is another issue, though. “People didn't realise how we do security updates, the whole CVE mess, and the best practices we need to have. Linux isn't less secure or more secure than anything else. The problem is: these are bugs in the chips. We fix them in time, we just have to make sure that everybody updates.” Source: https://www.theregister.co.uk/2019/10/29/intel_disable_hyper_threading_linux_kernel_maintainer/

Ubuntu Touch Installer Now Supports OnePlus 3 and Sony Xperia X Ubuntu Phones As many of you may already be aware, the UBports project continues to develop Canonical's deprecated Ubuntu Touch mobile operating system for Ubuntu Phones, which gets regular OTA (Over-the-Air) updates that bring new features and improvements, and there's also an official Ubuntu Touch installer. The Ubuntu Touch installer now supports all the officially supported Ubuntu Phone devices, including the BQ Aquaris E4.5, BQ Aquaris E5 HD, BQ Aquaris M10 HD, BQ Aquaris M10 FHD, Fairphone 2, Meizu MX4, Meizu PRO 5, Nexus 4, Nexus 5, Nexus 7 2013 LTE, Nexus 7 2013 Wi-Fi, OnePlus One, OnePlus 3/3T, and Sony Xperia X. Source: https://news.softpedia.com/news/ubuntu-touch-installer-now-supports-oneplus-3-and-sony-xperia-x-ubuntu-phones-528097.shtml

SparkyLinux's November ISO Brings Latest Debian GNU/Linux 11 “Bullseye” Updates The SparkyLinux 2019 “Po Tolo” operating system series is a rolling release version of SparkyLinux, based on the Debian Testing software repositories, where the upcoming Debian GNU/Linux 11 “Bullseye” operating system is currently being developed. SparkyLinux 2019.11 is now the most up-to-date snapshot, adding all the latest software updates and security patches from the Debian GNU/Linux 11 “Bullseye” repositories as of November 2nd, 2019. Additionally, it upgrades the Linux kernel to version 5.2.17 and the Calamares installer to version 3.2.16. With this release, the SparkyLinux developers have also added the Debian Sid (unstable) software repositories, which aren't active, but can be enabled by those who know what they're doing. Also, the SparkyLinux unstable repositories now contain the latest Linux 5.3.8 and Linux 5.4 RC5 kernels. Source: https://news.softpedia.com/news/sparkylinux-s-november-iso-brings-latest-debian-gnu-linux-11-bullseye-updates-528100.shtml

This Ubuntu Bug Reveals Your Media Files To Others Without Warning If you have recently updated Ubuntu, chances are a new bug might be sharing your media files with users on the same network. Reportedly, the problem is the part of Ubuntu’s easy media sharing feature in the latest version of Ubuntu 19.10. However, users running Ubuntu 19.10 in a non-GNOME Shell/Ubuntu session report that the media sharing feature autostarts at login, without warning users that it is being run in the background. This enables other users on the same local area network to access media files and folders without the owner knowing. Some Ubuntu users claim the culprit is an upstream configuration that asks systemd to toggle media sharing. While there is no permanent fix for the bug, however, developers are working towards it and a fix would roll out in no time. Source: https://fossbytes.com/ubuntu-bug-media-files-no-warning/

Canonical Pledges to Fully Support Ubuntu Linux on All Raspberry Pi Boards When they released the Ubuntu 19.10 (Eoan Ermine) operating system series last month, Canonical said that Raspberry Pi's Foundation's latest Raspberry Pi 4 boards will be officially supported. However, Ubuntu 19.10 ships with a Linux kernel bug that blocks the use of USB ports out of the box in the official arm64 image on the Raspberry Pi 4 SBC with 4GB RAM. Canonical is currently working hard to test kernel patches for this bug, which should soon be released for everyone. Meanwhile, Canonical pledges to offer full, out-of-the-box official support for its Ubuntu Linux operating system on all Raspberry Pi single-board computers, including the original Raspberry Pi board, as well as all Raspberry Pi 2, Raspberry Pi 3, and Raspberry Pi 4 models. Both Ubuntu Server and Ubuntu Core will be officially supported on the Raspberry Pi boards. Source: https://news.softpedia.com/news/canonical-promises-full-official-ubuntu-support-for-all-raspberry-pi-boards-528101.shtml

Singa becomes top-level project of the Apache Software Foundation After more than three and a half years in the Apache incubator, Singa fulfills all the conditions of an Apache project, as the Apache Software Foundation announces. Apache Singa is a distributed, scalable machine learning library. Singa was developed by the National University of Singapore in 2014 and handed over to the Apache Software Foundation (ASF) in March 2015. Three years ago, the first version of Singa, version 0.1.0 was released. Further releases followed up to version 2.0.0 half a year ago. The first release as an official Apache project is still pending. Singa uses a variety of well-known distributed training strategies, including synchronous and asynchronous training. According to the project, Singa's users include, among others, Carnegie Technologies, CBRE, Citigroup, the National University of Singapore, NetEase, Noblis, Shentilium Technologies YZBigData and various clinics. Source: https://www.pro-linux.de/news/1/27564/singa-wird-toplevel-projekt-der-apache-software-foundation.html

Canonical's Kernel Livepatch Ubuntu Advantage Client Is Out for Ubuntu 14.04 ESM Canonical's Ubuntu Advantage client is a command-line client pre-installed on all Ubuntu Linux releases that works via single-token access to allow users to access Canonical's Ubuntu Advantage for Infrastructure services, such as Extended Security Maintenance (ESM) and Kernel Livepatch, which include patches for high and critical security vulnerabilities. The new updated Ubuntu Advantage is currently available only for Ubuntu 14.04 ESM users, who can use it by simply running the “ua” command (without quotes) in the Terminal app to quickly get started with key security and compliance services, as well as all related tools. Canonical's Ubuntu Advantage services are available for free for up to three machines. Source: https://news.softpedia.com/news/canonical-s-kernel-livepatch-ubuntu-advantage-client-is-out-for-ubuntu-14-04-lts-528118.shtml

Libarchive vulnerability can lead to code execution on Linux, FreeBSD, NetBSD A compression library included by default in Debian, Ubuntu, Gentoo, Arch Linux, FreeBSD, and NetBSD distros, contains a vulnerability that can allow hackers to execute code on user machines. The macOS and Windows operating systems, where this library is also included and used as a default decompression utility, are not affected. The vulnerability impacts Libarchive, a library for reading and creating compressed files. It is a powerful all-in-one toolkit for working with archive files that also bundles other Linux/BSD utilities like tar, cpio, and cat, making it ideal for a wide variety of operations, and the reason it's so widely adopted across operating systems. The bug, tracked under the CVE-2019-18408 identifier, allows an attacker to execute code on a user's system via a malformed archive file. Exploitation scenarios include users who receive malicious files from attackers or local apps . Source: https://www.zdnet.com/article/libarchive-vulnerability-can-lead-to-code-execution-on-linux-freebsd-netbsd/

PinePhone Linux smartphone pre-orders start next week Linux users keeping tabs on the smartphone market may have long been wishing for an honest to goodness non-Android Linux phone. That almost came to be with Ubuntu Touch but Canonical sadly saw no profit to be made there. That mission has then been left to smaller companies that prize principles over profits, manufacturing and selling computing devices that value security and privacy more than anything else. One of those is PINE64 whose PinePhone is just a month away from becoming reality. Pre-orders for the PinePhone Brave Heart Edition will start on November 15 at 8:00 AM GMT, around 3 AM ET. The phones are expected to start shipping in December through January 2020, that is if no delays happen. Source: https://www.slashgear.com/pinephone-linux-smartphone-pre-orders-start-next-week-06598834/

Blackhat makers expect more hardware attacks in 2020 The Blackhat Conference Review Board reviews a mass of potential Talks. Attacks on IoT hardware seem to be emerging as a trend for 2020. For some time, security researchers have been claiming that the growth of the IoT sector is likely to be a lot of work for them. Indicators include security holes in sloppily programmed router and camera hardware. In the Linux area, security expert Matthew Garrett regularly interfaces with IoT devices in his blog to test their security. These include intelligent light bulbs, routers but also the scooters from Lime and Bird. Source: https://www.linux-magazin.de/news/blackhat-macher-erwarten-2020-mehr-hardware-angriffe/

Microsoft Confirms Linux Will Get Microsoft Defender ATP Antivirus In 2020 Microsoft is working to bring its popular Microsoft Defender ATP antivirus to the Linux operating system. At its Ignite Conference, the Windows-maker company will give a live demo on how Linux security specialists can use the company’s homemade antivirus for protection against potential threats. Now, it makes sense why in March this year, Microsoft announced the change in the brand name of the antivirus. Previously known as Windows Defender, Microsoft renamed it to Microsoft Defender. The company also offered the software for enterprise Mac computers for protection against malware via the Microsoft Defender console. Speaking to ZDNet, Microsoft M365 Security’s corporate vice president said that Microsoft Defender ATP for Linux will be available for the general public in 2020. In addition to Defender ATP, Microsoft will also bring Application Guard — a security feature to open a webpage in an isolated virtual machine to Office 365 documents. Source: https://fossbytes.com/linux-to-get-microsoft-defender-atp-antivirus-2020/

Ubuntu 20.04 LTS and Debian GNU/Linux 11 “Bullseye” Progress on Python 2 Removal The removal of an older Python implementation from an entire operating system system and its software repositories is a major deal for any OS vendor, as it raises many severe issues due to the fact that numerous packages have not been ported to a newer branch. In this case we're talking about the removal of Python 2 and its replacements with Python 3. For Debian and Ubuntu, whose communities work closely together since the latter is based on the former, the transition from Python 2 to Python 3 started a few years ago, but now it's time for their next major release to ship without any Python 2 packages, though this appears to be a major deal even for some of the biggest GNU/Linux distributions in the world. The Ubuntu and Debian developers have recently published more information for package maintainers to provide them with guidance in an attempt to accelerate the removal of Python 2 from the upcoming Ubuntu 20.04 LTS (Focal Fossa) and Debian GNU/Linux 11 “Bullseye” releases. Source: https://news.softpedia.com/news/ubuntu-20-04-lts-and-debian-gnu-linux-11-bullseye-progress-on-python-2-removal-528138.shtml

Ubuntu 18.04.4 LTS (Bionic Beaver) Slated for Release on February 6th, 2020 As all Ubuntu LTS series, the Bionic Beaver will receive up to five point releases that bring a new installation medium with up-to-date components to make the deployment of the operating system less painful. The latest point release in the series being Ubuntu 18.04.3 LTS, released on August 8th, 2019. Besides updated core components and applications, as well as various improvements, the Ubuntu 18.04.3 LTS point release also brought upgraded kernel and graphics stacks from Ubuntu 19.04 (Disco Dingo), such as Linux kernel 5.0 and Mesa 19.0, to the Ubuntu 18.04 LTS series. New point release for Ubuntu LTS version are released every six months, so the next one, Ubuntu 18.04.4 LTS has been slated for February 6th, 2020. Most probably, it will ship with updated kernel and graphics stacks based on those from the latest Ubuntu release, namely Ubuntu 19.10 (Eoan Ermine). Canonical also published the release date of the last point release in the Bionic Beaver series, Ubuntu 18.04.5 LTS, which should hit the streets on August 6th, 2020. Source: https://news.softpedia.com/news/ubuntu-18-04-4-lts-bionic-beaver-slated-for-release-on-february-6th-2020-528140.shtml

Filesharing software Pydio Cells 2.0 released With the release of Pydio Cells 2.0 the server according to the developers was further improved and extended with new features. For example, Pydio Cells 2.0 introduces a new annotation mechanism that extends online editing to images and videos. According to the manufacturer, the new functionality should be an alternative to proprietary solutions, without the risk that images and videos are tracked by search engines, for example. The migration tool already introduced in earlier versions of Pydio Cells, which allows for the transfer of data from Pydio to Pydio Cells, has also been expanded and the desktop sync client, which was missing from previous Pydio 8 users, has been completely rewritten for Windows, Mac and Linux released. In addition, the documentation has been revised and the server also released for Microsoft Windows. Source: https://www.pro-linux.de/news/1/27577/filesharing-software-pydio-cells-20-freigegeben.html

Canonical Outs Major Linux Kernel Security Updates for All Supported Ubuntu OSes Canonical was quick to respond to the latest security vulnerabilities affecting Intel CPU microarchitectures, so they now published Linux kernel updates to mitigate them. These are CVE-2019-11135, CVE-2018-12207, CVE-2019-0154, and CVE-2019-0155, which could allow local attackers to either expose sensitive information or possibly elevate privileges or cause a denial of service. On top of these security issues affecting Intel CPUs, the new Linux kernel security updates also address three vulnerabilities (CVE-2019-15791, CVE-2019-15792, and CVE-2019-15793) discovered by Google Project Zero's . Canonical released new Linux kernel versions for all supported Ubuntu Linux versions to address a regression introduced by the previous kernel versions, which broke KVM guests on systems where extended page tables (EPT) were disabled or not supported. Also they discovered that the fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. Source: https://news.softpedia.com/news/canonical-outs-important-linux-kernel-updates-for-all-supported-ubuntu-releases-528153.shtml

This Linux-Based Smartphone Will Keep You Completely Anonymous We are being constantly monitored through the devices and apps we use on a regular basis. One of the biggest ways of surveillance is our smartphone and the majority of users are divided between two — Android and iOS. But there is a new Linux-based smartphone dubbed Volla Phone on Kickstarter, that rethinks the entire approach to how we use our smartphones and all its features are based around protecting user anonymity. Volla Phone uses Nemo Mobile that is based on the Android Open Source Project (AOSP) that promised increased security and privacy features. Volla Phone also promises to support an alternative, free, and open-source operation system like Ubuntu Touch. The phone contains neither Google Apps nor Google Play Services. In case you need any Android app, you can install them via an anonymous App Store. Source: https://fossbytes.com/linux-based-smartphone-volla-phone-protects-anonymity/

Sparky Linux releases Special Editions About a week ago, Sparky 2019.11 Po Tolo released an updated edition of Debian Testing's rolling-release version of the distribution. Now the team announces three more images dedicated to games, multimedia and data recovery. Common to all is the base with kernel 5.2.17, with more kernels to be found in the reusable unstable repository from Sparky. For Sparky 2019.11 this is 5.3.8 and 5.4-rc5, for the three variants 5.3.10 and 5.4-rc7. The installer is based on the Calamares framework in version 3.2.16 and has KPMCore 4 as its foundation. As a desktop in the standard edition comes with Xfce 4.14; an image with LXQt is available as an alternative. In addition, the two images MinimumGUI and MinimalCLI are offered. Source: https://www.pro-linux.de/news/1/27581/sparky-linux-ver%C3%B6ffentlicht-special-editions.html

Canonical Donates More Ubuntu Phones to UBports and You Can Get One Right Now Once again, Canonical decided to donate even more Ubuntu Touch devices to UBports, but this time there's even better news for those interested in contributing to the development of Ubuntu Touch, the mobile OS created by Canonical for Ubuntu Phones, which is now entirely maintained by the UBports Foundation. This time, UBports decided to donate the Ubuntu Touch devices, which consists of two dozen BQ Aquaris E4 phones, two BQ Aquaris M10 tablets, one Meizu MX4 phone, and several others we can't identify, to any developer interested in joining the Ubuntu Phone movement and contribute to the development of Ubuntu Touch. Source: https://news.softpedia.com/news/canonical-donates-more-ubuntu-phones-to-ubports-for-ubuntu-touch-development-528158.shtml

Chrome, Edge, Safari hacked at elite Chinese hacking contest China's top hackers have gathered this weekend in the city of Chengdu to compete in the Tianfu Cup, the country's top hacking competition. Over the course of two days – November 16 and 17 – Chinese security researchers will test zero-days against some of the world's most popular applications. The goal is to exploit and take over an app using never-before-seen vulnerabilities. If attacks succeed, researchers earn points towards an overall classification, cash prizes, but also the reputation that comes with winning a reputable hacking competition. The Tianfu Cup's rules are identical to what we see at Pwn2Own, the world's largest hacking contest. The two events are more tied than most people know. Prior to 2018, Chinese security researchers dominated Pwn2Own, with different teams winning the competition years in a row. Now, all that talent is going against one another. In the spring of 2018, the Chinese government barred security researchers from participating in hacking contests organized abroad, such as Pwn2Own. The TianfuCup was set up a few months later, as a response to the ban, and as a way for local researchers to keep their skills sharp. The first edition was held in the fall of 2018 to great success, with researchers successfully hacking apps like Edge, Chrome, Safari, iOS, Xiaomi, Vivo, VirtualBox, and more. Source: https://www.zdnet.com/article/chrome-edge-safari-hacked-at-elite-chinese-hacking-contest/

Debian GNU/Linux 10.2 “Buster” Live & Installable ISOs Now Available to Download Debian GNU/Linux 10.2 “Buster” ISO images are now available to download (see download links below) for all supported architectures, including 32-bit (i386), 64-bit (amd64), ARM64 (AArch64), Armel, ARMhf, MIPS, MIPSel (MIPS Little Endian), MIPS64el (MIPS 64-bit Little Endian), PPC64el (PowerPC 64-bit Little Endian), and s390x (IBM System z). Live images are available as well with the KDE Plasma, GNOME, Xfce, LXDE, MATE, and Cinnamon desktop environments, but only for 32-bit (i386) and 64-bit (amd64) systems. As usual, a multi-arch image supporting both amd64 (64-bit) and i386 (32-bit) architectures is available as well, along with netboot images. Source: https://news.softpedia.com/news/debian-gnu-linux-10-2-buster-live-installable-isos-now-available-to-download-528178.shtml

Red Hat Enterprise Linux and CentOS Now Patched Against Latest Intel CPU Flaws After responding to the latest security vulnerabilities affecting Intel CPU microarchitectures, Red Hat has released new Linux kernel security updates for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7 operating systems to address the well-known ZombieLoad v2 flaw and other issues. The CentOS community also ported the updates for their CentOS Linux 6 and CentOS Linux 7 systems. The security vulnerabilities patched in this new Linux kernel security update are Machine Check Error on Page Size Change (IFU) (CVE-2018-12207), TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135), Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154), and Intel GPU blitter manipulation that allows for arbitrary kernel memory write (CVE-2019-0155). Source: https://news.softpedia.com/news/red-hat-enterprise-linux-and-centos-now-patched-against-latest-intel-cpu-flaws-528177.shtml

World’s Top 500 Supercomputers Run On Linux Top500 has released its 54th edition of the list comprising of the top 500 supercomputers in the world, and all the supercomputers in the list have one thing in common – Linux. The average speed of the supercomputers featured in the list is now 1.65 exaflops, and the entry-level supercomputer now performs at 1.14 petaflops as compared to 1.02 petaflops when the list was released back in June 2019. Apart from the fact that all the 500 supercomputers appearing in this list run on Linux, the list also shows that China has emerged as a dominating country developing supercomputers. As many as 227 supercomputers out of 500 are China-developed. There are only 118 US-based supercomputers on the list. However, the supercomputers developed by the US are larger and faster. If we consider the average performance of the supercomputers in the list, the US stands at 37.8%, and China trails it with a 31.9% share. Source: https://fossbytes.com/worlds-top-500-supercomputers-run-on-linux/

Linux, Windows Users Targeted With New ACBackdoor Malware Researchers have discovered a new multi-platform backdoor that infects Windows and Linux systems allowing the attackers to run malicious code and binaries on the compromised machines. The malware dubbed ACBackdoor is developed by a threat group with experience in developing malicious tools for the Linux platform based on the higher complexity of the Linux variant as Intezer security researcher Ignacio Sanmillan found. Both variants share the same command and control (C2) server but the infection vectors they use to infect their victims are different: the Windows version is being pushed through malvertising with the help of the Fallout Exploit Kit while the Linux payload is dropped via a yet unknown delivery system. Source: https://www.bleepingcomputer.com/news/security/linux-windows-users-targeted-with-new-acbackdoor-malware/

NextCry Ransomware Goes After Linux Servers NextCry is a new ransomware that has started targeting Linux servers that operate decentralized file syncing and sharing services powered by the open source NextCloud software. The ransomware is currently not being detected by antivirus engines. BleepingComputer forum user xact64 reported that half of his files got encrypted by NextCry after the ransomware infected his NextCloud server. The file sharing software continued to update the files on his laptop with the encrypted version until he realized what was going on and stopped the server from sending the files to his laptop. After it executes on the NextCloud-enabled computer, the malware reads NextCloud service’s config.php in order to find the NextCloud file share and sync data directory. The ransomware first deletes any folders and files that might be used to restore infected files to their previous clean state and then begins to encrypt the victim’s files. Source: https://www.tomshardware.com/news/nextcry-ransomware-nextcloud-linux-nginx-cybersecurity

Linux Servers Running Webmin App Targeted By DDoS Attacks A new botnet named Roboto is targeting Linux servers running Webmin app, according to security researchers at 360 Netlab. Roboto is a peer-to-peer botnet that has been active since summer and is exploiting a vulnerability in the Webmin app. The app offers a web-based remote management system for Linux servers and is installed on as many as 215,000 servers. The vulnerability, identified as CVE-2019-15107, allows bad actors to compromise older Webmin servers by running malicious code and gaining root privileges. The vulnerability was identified and patched by the company behind Webmin. However, many users have not installed the latest version with the patch, and Roboto botnet is targeting such servers. According to security researchers, the Roboto botnet has DDoS attack capability in its code, and it is the main feature of the botnet. The bad actors behind the botnet aim to expand it by conducting DDoS attacks via vectors such as HTTP, ICMP, UDP, and TCP. Source: https://fossbytes.com/linux-servers-webmin-targeted-ddos-attacks/

IPFire Open-Source Linux Firewall Gets Improved and Faster QoS IPFire 2.23 Core Update 138 is now available for download with improved Quality of Service (QoS), which allows the firewall to pass even more traffic on smaller systems, as well as reduce packet latency on faster machines, thus creating a faster and more responsive network. To take full advantage of the improved and faster QoS, the IPFire project recommends you reboot your systems after installing the new update. Under the hood, IPFire 2.23 Core Update 137 ships with a newer kernel, namely Linux 4.14.150, which is hardened, fully patched and optimized to deliver more throughput for IP connections, as well as to reduce latency to a minimum for your network to be fast and responsive as possible. This new kernel also fixes a nasty bug that caused the system to drop DNS packets if the Suricata IDS (Intrusion Detection System) was enabled. Source: https://news.softpedia.com/news/ipfire-open-source-linux-firewall-gets-improved-and-faster-qos-latest-updates-528202.shtml

System76 Will Build Its Own Linux Laptops From January 2020 Speaking to Forbes in an interview, System76’s CEO Carl Richell says that the company wants to follow-up its popular Thelio desktop with in-house built Linux laptops. System76 offers an extensive line of laptops but the machines are designed by other manufacturers like Clevo and Sager. The company only offers its Pop!_OS in these laptops. Mr. Richell says he’s confident that the experience his company has gained from designing custom-built Thelio desktop will be highly useful. According to Richell, System76’s first priority is deciding the aesthetic aspect of its new Linux laptops. The next step would involve fixing the supply chain management and contacting various display and component makers. As per Mr. Richell, System76 will foray into the new market with laptops having Ultrabook’s form factor similar to its current offerings Darter and Galago. Next, it would decide whether to go with high-end gaming and workstation notebooks with dedicated graphics. The entire procedure of designing and building Linux laptops from scratch is a time-taking process and we’re expecting the company to start shipping before 2021. Source: https://fossbytes.com/system76-build-own-linux-laptops-january-2020/

Zorin OS 15 Lite Released as a Windows 7 Replacement, Based on Ubuntu 18.04 LTS Based on Canonical's latest long-term supported Ubuntu 18.04 (Bionic Beaver) operating system series, Zorin OS 15 Lite is here packed with some of the most advanced and efficient software components and the latest Xfce 4.14 desktop environment, which provides a user-friendly experience and promises extend the lifespan of your PC for years to come. Highlights of the Zorin OS 15 Lite release include a refreshed and refined look and feel of the desktop with a new, minimal, simple, and more welcoming theme with beautiful animations, six color variants, and Light and Dark modes. The new desktop theme also adapts throughout the day by automatically switching between Light and Dark modes during sunrise and sunset. Zorin OS 15 Lite also comes with built-in Snap, Flatpak and Flathub support to make it easier to install your favorite apps, a new Notifications Indicator that features a “Do not disturb” options to silence notifications when you're busy, the Linux 5.0 kernel series, and numerous under-the-hood improvements and latest software and security updates from Ubuntu 18.04 LTS. Source: https://news.softpedia.com/news/zorin-os-15-lite-released-as-a-windows-7-replacement-based-on-ubuntu-18-04-lts-528245.shtml