Experimental News Clipping Site

Tag: Ubuntu

  • Cisco Talos Blog: Small praise for modern compilers – A case of Ubuntu printing vulnerability that wasn’t

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/small-praise-for-modern-compilers-a-case-of-ubuntu-printing-vulnerability-that-wasnt/ Source: Cisco Talos Blog Title: Small praise for modern compilers – A case of Ubuntu printing vulnerability that wasn’t Feedly Summary: By Aleksandar NikolichEarlier this year, we conducted code audits of the macOS printing subsystem, which is heavily based on the open-source CUPS package. During this investigation, IPP-USB protocol caught our attention.…

  • Simon Willison’s Weblog: Using pip to install a Large Language Model that’s under 100MB

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Feb/7/pip-install-llm-smollm2/ Source: Simon Willison’s Weblog Title: Using pip to install a Large Language Model that’s under 100MB Feedly Summary: I just released llm-smollm2, a new plugin for LLM that bundles a quantized copy of the SmolLM2-135M-Instruct LLM inside of the Python package. This means you can now pip install a full LLM! If…

  • Bulletins: Vulnerability Summary for the Week of January 27, 2025

    by

    Kurt Seifried
    in

    Source URL: https://www.cisa.gov/news-events/bulletins/sb25-034 Source: Bulletins Title: Vulnerability Summary for the Week of January 27, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 0xPolygonZero–plonky2  Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floor(num_routed_wires / 3) always…

  • Hacker News: Thoughts on having SSH allow password authentication from the Internet

    by

    Kurt Seifried
    in

    Source URL: https://utcc.utoronto.ca/~cks/space/blog/sysadmin/SSHOnExposingPasswordAuth Source: Hacker News Title: Thoughts on having SSH allow password authentication from the Internet Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the security implications of using SSH (Secure Shell) for remote server access, particularly the advantages and disadvantages of disabling password-based authentication in favor of public key…

  • The Register: Six vulnerabilities in ubiquitous rsync tool announced and fixed in a day

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/17/rsync_vulnerabilities/ Source: The Register Title: Six vulnerabilities in ubiquitous rsync tool announced and fixed in a day Feedly Summary: Turns out tool does both file transfers and security fixes fast Don’t panic. Yes, there were a bunch of CVEs affecting potentially hundreds of thousands of users found in rsync in early December –…

  • Google Online Security Blog: OSV-SCALIBR: A library for Software Composition Analysis

    by

    Kurt Seifried
    in

    Source URL: https://security.googleblog.com/2025/01/osv-scalibr-library-for-software.html Source: Google Online Security Blog Title: OSV-SCALIBR: A library for Software Composition Analysis Feedly Summary: AI Summary and Description: Yes Summary: The article discusses the launch of OSV-SCALIBR, an extensible library for software composition analysis (SCA) and file system scanning. It highlights its capabilities, including vulnerability scanning and Software Bill of Materials…

  • The Register: Nvidia shrinks Grace-Blackwell Superchip to power $3K mini PC

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/07/nvidia_project_digits_mini_pc/ Source: The Register Title: Nvidia shrinks Grace-Blackwell Superchip to power $3K mini PC Feedly Summary: Tuned for running chunky models on the desktop with 128GB of RAM, custom Ubuntu CES Nvidia has announced a desktop computer powered by a new GB10 Grace-Blackwell superchip and equipped with 128GB of memory to give AI…

  • Hacker News: Developing inside a virtual machine

    by

    system automation
    in

    Source URL: https://blog.disintegrator.dev/posts/dev-virtual-machine/ Source: Hacker News Title: Developing inside a virtual machine Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text describes an individual’s experience setting up a secure and efficient development environment using a virtual machine (VM) on a MacBook Pro. It highlights the benefits of containerizing development tools and dependencies within…

  • Hacker News: Bootkitty: Analyzing the first UEFI bootkit for Linux

    by

    system automation
    in

    Source URL: https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-uefi-bootkit-linux/ Source: Hacker News Title: Bootkitty: Analyzing the first UEFI bootkit for Linux Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the emergence of “Bootkitty,” the first UEFI bootkit targeting Linux systems, highlighting its implications for security professionals in AI, cloud, and infrastructure. This new threat reflects an evolving…

  • Hacker News: Researchers discover first UEFI bootkit malware for Linux

    by

    system automation
    in

    Source URL: https://www.bleepingcomputer.com/news/security/researchers-discover-bootkitty-first-uefi-bootkit-malware-for-linux/ Source: Hacker News Title: Researchers discover first UEFI bootkit malware for Linux Feedly Summary: Comments AI Summary and Description: Yes Summary: The discovery of ‘Bootkitty,’ the first UEFI bootkit targeting Linux systems, signifies a concerning evolution in malware threats that traditionally focused on Windows. The research uncovers how Bootkitty operates beneath the…