Une vulnérabilité a été corrigée dans le noyau Linux de Fedora. Elle permet à un attaquant de provoquer un déni de service.

Tmux is great, except when you have to restart the computer. You lose all the running programs, working directories, pane layouts etc. There are helpful management tools out there, but they require initial configuration and continuous updates as your workflow evolves or you start new projects.

tmux-resurrect saves all the little details from your tmux environment so it can be completely restored after a system restart (or when you feel like it). No configuration is required. You should feel like you never quit tmux.

La communauté Debian a récemment découvert que la dernière version du navigateur open source Chromium 43 téléchargeait silencieusement une extension (fichier binaire) contenant du code propriétaire au moment de son installation. Cette extension, baptisée « Chrome Hotword Shared Module » , s'intègre avec le microphone pour favoriser l'utilisation de la reconnaissance vocale au sein du navigateur ; permettant ainsi d'écouter les conversations des utilisateurs à leur insu. L'extension arriverait à faire cela en ajoutant à Chromium la célèbre fonctionnalité « OK Google » contenue dans les applications mobiles.

Connaissez-vous le projet Grsecurity/PaX ? NBS System tient aujourd’hui à mettre en lumière ce composant essentiel de son infrastructure CerberHost, le Cloud de très haute sécurité.

MySQL is a powerful open source Relational Database Management System or in short RDBMS. It was released back in 1995 (20 years old). It uses Structured Query Language which is probably the most popular choice for managing content within a database. The latest MySQL version is 5.6.25 and was released on 29 May 2015.

Unix-privesc-checker is a Unix/Linux User privilege escalation scanner that runs on Unix systems (tested on Solaris 9, HPUX 11, Various Linuxes, FreeBSD 6.2). It tries to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or to access local apps (e.g. databases).

signify: Securing OpenBSD From Us To You (OpenBSD)

Using routing domains / routing tables in a production network with OpenBSD

The program sha256sum is designed to verify data integrity using the SHA-256 (SHA-2 family with a digest length of 256 bits). SHA-256 hashes used properly can confirm both file integrity and authenticity. SHA-256 serves a similar purpose to a prior algorithm recommended by Ubuntu, MD5, but is less vulnerable to attack.

Quel SGBDR choisir ? Prise en charge des applications et critères d’achat

Apple’s iOS is often criticized for having sandboxed apps only and the lack of customization that it involves. Since the original release, Apple has been increasingly opening up APIs to third-party developers and last year, they announced their biggest attempt at making the operating system more integrated across all the sandboxes with Extensions.

Own-Mailbox is a home-plugged personal email server, with strong privacy protection measures integrated at its core. It provides self-hosted email addresses, or connects with your existing email address. In both cases you can seamlessly send and receive encrypted emails from anywhere in the world, through Own-Mailbox webmail, Smartphone app, or through an external email software (Thunderbird, Outlook, ...).

As Microsoft has shifted towards a more customer-oriented culture, Microsoft engineers are using social networks, tech communities and direct customer feedback as an integral part on how we make decisions about future investments. A popular request the PowerShell team has received is to use Secure Shell protocol and Shell session (aka SSH) to interoperate between Windows and Linux – both Linux connecting to and managing Windows via SSH and, vice versa, Windows connecting to and managing Linux via SSH. Thus, the combination of PowerShell and SSH will deliver a robust and secure solution to automate and to remotely manage Linux and Windows systems.

The first of two ZFS books, by critically acclaimed author Michael W Lucas and FreeBSD developer Allan Jude

Docker est sous les feux de l’actualité par rapport aux aspects sécurité, à cause des failles de sécurité OS et applicatifs, à la politique de release management des images docker officielles. Docker Inc. et d’autres proposent des guides de bonnes pratiques, et des outils sécurité pour Docker. Je vais vous en présenter un panorama.

La société SEC Consult Vulnerability Lab vient d’annoncer qu’une faille, visant des millions de routeurs, permettait de bloquer un routeur Internet via une manipulation particulièrement formulée. Visé, le noyau Linux des routeurs, l’utilisation de NetUSB KCodes et le port TCP 20005. Un débordement de mémoire qui fait que les routeurs tombent en panne. Ce port permet un accès réseau aux périphériques (USB, imprimante, …) connectées au routeur.

Our study finds that the current real-world deployment of Diffie-Hellman is less secure than previously believed. This page explains how to properly deploy Diffie-Hellman on your server.

Écrit en Python, Ansible est un outil Open Source qui permet l’automatisation de tâches. Grâce à lui, vous pourrez gérer vos configurations de serveurs plus facilement, et de façon automatique grâce à l’exécution de tâches sur des groupes d’hôtes.

Multiples vulnérabilités dans WordPress

OpenBSD ldapd YP LDAP Domain with default Login Class Support and Blowfish Hashes