CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) made itself known over the past few days and admins everywhere are rushing to patch it. Ill skip the analysis, watch the video below for that, and get right to patching.
In a New York Times article released on January 6, 2021, JetBrains and their Continuous Integration / Continuous Deployment (CI/C) application Teamcity were confirmed to be used by recently hacked software company SolarWinds.
Using Pastebin unique visitor counts for tracking, over 6,500 victims are estimated to be affected after detection of this malware in December. These numbers may be off and definatly will grow in the coming days. Called ElectroRAT by Intezer, the RAT is written from ground-up in Golang and designed to target multiple operating systems such as Windows, Linux, and macOS. https://thehackernews.com/2021/01/warning-cross-platform-electrorat.html “Cybersecurity
A website I worked on last year, recently had a wave of media spam comments hit my inbox. There is no easy way within WordPress to turn off commenting for media items, especially if you have >100 items and just want it DONE! The solution I found was a quick SQL query:
The U.S. government has been waiting the British court’s ruling for some time now and on Monday (1/4/21) the court made their announcement. No extradition for Julian Assange on charges pertaining to illegally obtaining and sharing classified material related to national security.
Who doesn’t love a good Linux one-liner? To me they are the epitome of skill. They represent the ability to not only know what command needs to happen but how to initiate this in a very efficient way. For example one of my favorite commands I am telling people all of the time is sudo !! or “sudo bang bang”.
Preventing SQL injections is a popular topic. #1 on stackoverflow (for php) and also listed on the OWASP top 10. So what is an SQL Injection? The first part “SQL” refers to Sequential Query Language which is used in querying databases like Mysql, Postgres SQL or mariaDB. The term is meant to be used as a generalization for any database
Believe it or not, Twitter is not the only way to share your thoughts on the internet. Well, in light of recent behavior we’ve come to understand that Twitter is the adult and we all are the teenagers living under their roof. But just like a teenager, there are ways to get away from these rules. Enter Mastadon. No, not
Exakat Exakat is a tool for analyzing, reporting and assessing PHP code source efficiently and systematically. Exakat processes PHP 5.2 to 7.4 and 8.0 code, as well as reporting on security, performance, code quality, migration. –Exakat docs Static analysis of code is a great tool to use whether for unit testing or in this case security vulnerabilities and malware infestations.
ANDROID IN A BOX is here to bring any Android OS to your Linux box. Android in a box (Anbox) is a brand new player to the scene making use of containers instead of emulators to bring Android to Linux. Here’s a quick video of it in action. To get started with Anbox your system needs to first use snaps.