GoKawiil - Latest Tech News & Aggregated Headlines

When root meets immutable: OpenBSD chflags vs. log tampering

news.ycombinator.com Rafael Sadowski 2025-07-21 01:36:47

Why ISO 27001 Demands Immutable Logs (Without Actually Saying So) # ISO 27001 is like that careful lawyer who never says exactly what they mean – it tells you what needs to be achieved, not how to do it. When it comes to logging, this is particularly telling: Control A.12.4.2 simply states that “logging information and logging facilities shall be protected against tampering and unauthorized access.” Period. How? That’s your problem to solve. But anyone who’s ever had to investigate a security

Topics: log logs root secure var

Shop Amazon

When Root Meets Immutable: OpenBSD Chflags vs. Log Tampering

news.ycombinator.com Rafael Sadowski 2025-07-22 12:36:47

Why ISO 27001 Demands Immutable Logs (Without Actually Saying So) # ISO 27001 is like that careful lawyer who never says exactly what they mean – it tells you what needs to be achieved, not how to do it. When it comes to logging, this is particularly telling: Control A.12.4.2 simply states that “logging information and logging facilities shall be protected against tampering and unauthorized access.” Period. How? That’s your problem to solve. But anyone who’s ever had to investigate a security

Topics: log logs root secure var

Shop Amazon

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

bleepingcomputer.com Unknown 2025-07-26 10:33:15

A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances. The backdoor is a user-mode rootkit that allows hackers to hide malicious components, maintain persistent access on the device, and steal sensitive credentials. Researchers at Google Threat Intelligence Group (GTIG) observed the rootkit in attacks that may have relied on “an unknown, zero-day remote code

Topics: access hackers rootkit threat unc6148

Shop Amazon

A quick look at unprivileged sandboxing

news.ycombinator.com Unknown 2025-07-26 08:41:30

blog - git - desktop - images - contact A quick look at unprivileged sandboxing Disclaimer: This is to the best of my knowledge. It's a complicated topic, there are tons of options, and this only covers a tiny fraction of this topic anyway. If you spot mistakes, please tell me. Suppose you have a server daemon that you want to confine to a single directory. During the startup phase of the program, it also needs to read some files outside of that directory -- you can apply the confinement only

Topics: die include newroot subdir tmp

Shop Amazon

Plants monitor the integrity of their barrier by sensing gas diffusion

news.ycombinator.com Iida 2025-08-05 04:18:39

Plant materials and growth conditions Col-0 was used as the wild type unless stated otherwise. ein2-1, etr1-3, ate1-2;ate2-1, prt6-5, proWOX4-erYFP, proPXY:GUS, proPXY:erVenus and 35S:EIN3-GFP have been described previously10,13,27,37,38,39,40. ate1-2;ate2-1 mutants were reciprocally backcrossed into Col-0 for three generations and transfer DNA insertions were confirmed by genotyping to obtain double-homozygous mutants. Seeds were sown on half-strength MS (Duchefa) plates supplemented with 0.0

Topics: ervenus roots signal used wound

Shop Amazon

Cisco warns that Unified CM has hardcoded root SSH credentials

bleepingcomputer.com Unknown 2025-08-17 18:08:24

Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges. Cisco Unified Communications Manager (CUCM), formerly known as Cisco CallManager, serves as the central control system for Cisco's IP telephony systems, handling call routing, device management, and telephony features. The vulnerability (tracked as CVE-2025-20309) was rated as maximum severity, and it is caused

Topics: account cisco cm root unified

Shop Amazon

“I Am Groot” Translates to “This Dancing Groot LEGO Set Hits All-Time Low” While Stock Lasts on Amazon

gizmodo.com Joe Tilleli 2025-08-23 02:40:51

Who doesn’t love Lego? Appealing to folks of all ages, Lego makes for wonderful gifts or collectors items. I find myself just really enjoying the process of it all. Popping on a podcast or some music while I just tune out and build. You take each piece of the instructions one step at a time while you can see your progress moving along in real time. It’s pretty mindful and therapeutic as you put this cool thing together in front of you while your mind wanders and your real-life stressors momentar

Topics: groot guardians just lego marvel

Shop Amazon

New Linux udisks flaw lets attackers get root on major Linux distros

news.ycombinator.com Unknown 2025-09-01 02:05:20

Attackers can exploit two newly discovered local privilege escalation (LPE) vulnerabilities to gain root privileges on systems running major Linux distributions. The first flaw (tracked as CVE-2025-6018) was found in the configuration of the Pluggable Authentication Modules (PAM) framework on openSUSE Leap 15 and SUSE Linux Enterprise 15, allowing local attackers to gain the privileges of the "allow_active" user. The other security bug (CVE-2025-6019) was discovered in libblockdev, and it enab

Topics: attackers gain linux qualys root

Shop Amazon

New Linux udisks flaw lets attackers get root on major Linux distros

bleepingcomputer.com Unknown 2025-09-10 12:45:36

Attackers can exploit two newly discovered local privilege escalation (LPE) vulnerabilities to gain root privileges on systems running major Linux distributions. The first flaw (tracked as CVE-2025-6018) was found in the configuration of the Pluggable Authentication Modules (PAM) framework on openSUSE Leap 15 and SUSE Linux Enterprise 15, allowing local attackers to gain the privileges of the "allow_active" user. The other security bug (CVE-2025-6019) was discovered in libblockdev, and it enab

Topics: attackers gain linux qualys root

Shop Amazon

Root raises $9M to launch its social platform with customizable apps

venturebeat.com Rachel Kaser 2025-09-12 06:47:34

Root announced today that it has raised $9 million in seed funding to build a next-gen social platform, which offers customizable apps designed towards building and maintaining large communities. Headline Ventures and Konvoy Ventures led the round, with Day One Ventures, Untamed Ventures, Crunchyroll founder Kun Gao, Clark Valberg and Jack Dunlop among others participating. The company plans to launch the closed beta for the app soon. Root as a platform is notable for its customizability and ap

Topics: apps communities community platform root

Shop Amazon

1972 Unix V2 "Beta" Resurrected

news.ycombinator.com Unknown 2025-06-04 10:41:07

[TUHS] 1972 UNIX V2 "Beta" Resurrected Hi everyone, First-time poster here. Near the end of last year, I did some forensic analysis on the DMR tapes (https://www.tuhs.org/Archive/Applications/Dennis_Tapes) and had some fun playing around with them. Warren forwarded a few of my emails to this list at the end of last year and the beginning of this year, but it was never my intention for him to be my messenger, so I'm posting here myself now. Here's an update on my work with the s1/s2 tapes - I've

Topics: 00 jan root sdrwrw unix

Shop Amazon

Latest Tech News

When root meets immutable: OpenBSD chflags vs. log tampering

When Root Meets Immutable: OpenBSD Chflags vs. Log Tampering

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

A quick look at unprivileged sandboxing

Plants monitor the integrity of their barrier by sensing gas diffusion

Cisco warns that Unified CM has hardcoded root SSH credentials

“I Am Groot” Translates to “This Dancing Groot LEGO Set Hits All-Time Low” While Stock Lasts on Amazon

New Linux udisks flaw lets attackers get root on major Linux distros

New Linux udisks flaw lets attackers get root on major Linux distros

Root raises $9M to launch its social platform with customizable apps

1972 Unix V2 "Beta" Resurrected

About GoKawiil

Privacy

Advertising

Latest Tech News

Trending Topics

Hot Now

Popular

Emerging

About GoKawiil

Privacy

Advertising