Security News
A vulnerability in the Point-to-Point Protocol Daemon software, which comes installed on many Linux-based and Unix-like operating systems and networking devices, can be exploited by unauthenticated attackers to achieve code execution on - and takeover of - a targeted system. Pppd is a daemon that is used to manage PPP session establishment and session termination between two nodes on Unix-like operating systems.
The makers of NordVPN have come out with a new version of their NordPass password manager. Find out how to install and use it.
Kali Linux evolution: What's next for the open source pentesting Linux distro?The Kali open source project is funded and maintained by Offensive Security and Kali development is decided on and performed by a very small core team. Exploring the impact that hybrid cloud is having on enterprise security and IT teamsWhile enterprises rapidly transition to the public cloud, complexity is increasing, but visibility and team sizes are decreasing while security budgets remain flat to pose a significant obstacle to preventing data breaches, according to FireMon's 2020 State of Hybrid Cloud Security Report.
Microsoft has released PowerShell 7, the latest major update to its popular task automation tool and configuration management framework that can be used on various operating systems. PowerShell was initially a Windows component, but was open-sourced in 2016 and made available for Windows, macOS and various Linux distributions.
The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices. Discovered by IOActive security researcher Ilja Van Sprundel, the critical issue is a stack buffer overflow vulnerability that exists due to a logical error in the Extensible Authentication Protocol packet parser of the pppd software, an extension that provides support for additional authentication methods in PPP connections.
The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices. Discovered by IOActive security researcher Ilja Van Sprundel, the critical issue is a stack buffer overflow vulnerability that exists due to a logical error in the Extensible Authentication Protocol packet parser of the pppd software, an extension that provides support for additional authentication methods in PPP connections.
The makers of NordVPN have come out with a new version of their NordPass password manager. From the office of "Things you should have started doing years ago," comes a warning I've given countless times: A password manager should be considered a must-have.
If your desktop of choice is Linux, you don't have to be without a 2FA tool, thanks to OTPClient.
For security reasons, you might need to create a Linux user without the ability to log in. Jack Wallen shows you how.
According to Jim O'Gorman, Chief Content and Strategy officer at Offensive Security and leader of the Kali team, Kali users generally fall into two buckets: highly informed, experienced professionals/hobbyist and individuals that are new to Linux in general. "As a whole, I think it's fair to say that we build and design Kali for security professionals and hobbyists to utilize as a base platform for their work. These are individuals that could easily roll their own version of Linux for their needs, but if Kali is done right, it's a no-brainer to use it and save the work and effort that would go into building your own," he told Help Net Security.