NextCry Ransomware Targets NextCloud Linux Servers and Remains Undetected Features

This statement provides insight into how hackers may have been able to access his system. On October 24, NextCloud disclosed a remote code execution vulnerability (CVE-2019-11043) which has been exploited to compromise servers with the default Nextcloud NGINX configuration.

Source: NextCry Ransomware Targets NextCloud Linux Servers and Remains Undetected Features

Linux Foundation exec believes edge computing will be more important than cloud computing

When Joshipura is talking about edge computing, he means compute and storage resources that are five to 20 milliseconds away. He also means edge computing should be an open, interoperable framework. This framework should be independent of hardware, silicon, cloud, or operating system. Open-edge computing should also work with any edge-computing use case: Internet of Things (IoT) edge, a telecom edge, cloud edge, or enterprise edge, whatever, “Our goal here is to unify all of these.”

Source: Linux Foundation exec believes edge computing will be more important than cloud computing | ZDNet

To make this happen, Joshipura announced two more projects were being incorporated into LF Edge: Baetyl and Fledge.

Raspberry Pi 4 on sale now from $35

Raspberry Pi 4 Model B

Here are the highlights:

  • A 1.5GHz quad-core 64-bit ARM Cortex-A72 CPU (~3× performance)
  • 1GB, 2GB, or 4GB of LPDDR4 SDRAM
  • Full-throughput Gigabit Ethernet
  • Dual-band 802.11ac wireless networking
  • Bluetooth 5.0
  • Two USB 3.0 and two USB 2.0 ports
  • Dual monitor support, at resolutions up to 4K
  • VideoCore VI graphics, supporting OpenGL ES 3.x
  • 4Kp60 hardware decode of HEVC video
  • Complete compatibility with earlier Raspberry Pi products

Source: Raspberry Pi 4 on sale now from $35 – Raspberry Pi

Google’s Tensor Processing Unit could advance Moore’s Law 7 years into the future

“We’ve been running TPUs inside our data centers for more than a year, and have found them to deliver an order of magnitude better-optimized performance per watt for machine learning. This is roughly equivalent to fast-forwarding technology about seven years into the future (three generations of Moore’s Law),” the blog said. “TPU is tailored to machine learning applications, allowing the chip to be more tolerant of reduced computational precision, which means it requires fewer transistors per operation. Because of this, we can squeeze more operations per second into the silicon, use more sophisticated and powerful machine learning models, and apply these models more quickly, so users get more intelligent results more rapidly.”

Source: Google’s Tensor Processing Unit could advance Moore’s Law 7 years into the future | PCWorld

How I Hacked Facebook, and Found Someone’s Backdoor Script

Here I’d like to explain some common security problems found in large corporations during pentesting by giving an example.

Source: How I Hacked Facebook, and Found Someone’s Backdoor Script | DEVCORE 戴夫寇爾

A brief summary, the hacker created a proxy on the credential page to log the credentials of Facebook employees. These logged passwords were stored under web directory for the hacker to use WGET every once in a while

What’s the best way to check if a volume is mounted in a Bash script?

What’s the best way to check if a volume is mounted in a Bash script? What I’d really like is a method that I can use like this: if <something is mounted at /mnt/foo> then <Do some

Source: What’s the best way to check if a volume is mounted in a Bash script?

Avoid using /etc/mtab because it may be inconsistent.

Avoid piping mount because it needn’t be that complicated.

Simply:

if grep -qs '/mnt/foo' /proc/mounts; then
    echo "It's mounted."
else
    echo "It's not mounted."
fi

HTTP is obsolete. It’s time for the distributed, permanent web

IPFS is still in the alpha stages of development, so we’re calling this an experiment for now. It hasn’t replaced our existing site storage (yet). Like with any complex new technology, there’s a lot of improvements to make. But IPFS isn’t vaporware, it works right now. You can try it out on your own computer, and already can use it to help us serve and persist Neocities sites.

Source: HTTP is obsolete. It’s time for the distributed, permanent web

Ikea Patched for Shellshock by Methodically Upgrading All Servers

Glantz explained that the first step in the assembly of his IT infrastructure is to have a well-defined Standard Operating Environment (SOE). The SOE includes a definition of the hardware platforms used as well as the Linux and application software that is installed. There is also an installation and configuration management layer that helps enforce the SOE across the distributed Ikea IT footprint. Additionally, Glantz has defined a lifecycle-management plan that describes the lifecycle of how Linux will be used at Ikea for the next seven years.”

It’s not enough just to have documents, you have to have systems driving how technology works,” Glantz said.

Source: Ikea Patched for Shellshock by Methodically Upgrading All Servers