Forwarded from It's FOSS
Looking for a Notion alternative? Explore these open source tools that put you in control.
https://itsfoss.com/notion-alternatives/
https://itsfoss.com/notion-alternatives/
It's FOSS
5 Privacy-Focused Notion Alternatives That I Tried!
Looking to replace Notion with some open source and privacy-friendly solutions on Linux? I tried a few alternatives and here's what I think of them.
Forwarded from It's FOSS
Master Docker Compose: Essential Commands You Need to Know"
https://linuxhandbook.com/docker-compose-essential/
https://linuxhandbook.com/docker-compose-essential/
Linux Handbook
Essential Docker Compose Commands and Their Usage
Here's an overview of the Docker Compose file components and various commands you can use to manage them.
Forwarded from The Hacker News
🚨 Over 1,000 victims targeted by the new Horns&Hooves malware campaign.
Using fake emails disguised as customer requests, attackers deploy NetSupport RAT & BurnsRAT, leading to data theft & ransomware risks.
🔗 Read more: https://thehackernews.com/2024/12/horns-campaign-delivers-rats-via-fake.html
Using fake emails disguised as customer requests, attackers deploy NetSupport RAT & BurnsRAT, leading to data theft & ransomware risks.
🔗 Read more: https://thehackernews.com/2024/12/horns-campaign-delivers-rats-via-fake.html
Forwarded from The Hacker News
📧 Kimsuky, a North Korea-aligned #hacking group, now uses Russian email services like Mail[.]ru to disguise phishing attacks aimed at stealing credentials.
Discover how these campaigns operate: https://thehackernews.com/2024/12/north-korean-kimsuky-hackers-use.html
Discover how these campaigns operate: https://thehackernews.com/2024/12/north-korean-kimsuky-hackers-use.html
Forwarded from The Hacker News
Researchers have uncovered critical vulnerabilities in Palo Alto Networks and SonicWall VPN clients, which could allow attackers to achieve remote code execution on Windows and macOS systems, install malicious root certificates, and execute privileged commands.
A proof-of-concept tool, NachoVPN, has been released.
🔗 Read more: https://thehackernews.com/2024/12/nachovpn-tool-exploits-flaws-in-popular.html
A proof-of-concept tool, NachoVPN, has been released.
🔗 Read more: https://thehackernews.com/2024/12/nachovpn-tool-exploits-flaws-in-popular.html
Forwarded from The Hacker News
Cybersecurity is moving beyond 'castle & moat' defenses. Modern threats target critical systems—lights, water, cities—raising stakes to safety & national security.
Legacy OT systems need modern solutions like PAM & Zero Trust to stay secure.
Learn more: https://thehackernews.com/expert-insights/2024/11/beyond-castle-walls-operational.html
Legacy OT systems need modern solutions like PAM & Zero Trust to stay secure.
Learn more: https://thehackernews.com/expert-insights/2024/11/beyond-castle-walls-operational.html
Forwarded from The Hacker News
A 10-year-old flaw in Cisco ASA (CVE-2014-2120) is being actively exploited. This vulnerability allows attackers to execute XSS attacks remotely.
If your Cisco ASA isn't updated, you could be the next target.
Learn more: https://thehackernews.com/2024/12/cisco-warns-of-exploitation-of-decade.html
If your Cisco ASA isn't updated, you could be the next target.
Learn more: https://thehackernews.com/2024/12/cisco-warns-of-exploitation-of-decade.html
Forwarded from The Hacker News
🌊 Attacks using stolen credentials are surging, fueled by the rise in infostealers and the criminal marketplaces dealing in them.
TI feeds can alert you to stolen credentials when they appear for sale, but TI providers have no way to check if the credentials are actually valid or not.
Using Push Security, you can now eliminate the noise and get alerts only when verified credentials belonging to your employees appear on criminal marketplaces.
Push’s browser extension compares stolen credentials from widely-used TI feeds directly against the credentials your employees are actually using ✅
Find out more here 👉 https://thn.news/push-credential-detection
TI feeds can alert you to stolen credentials when they appear for sale, but TI providers have no way to check if the credentials are actually valid or not.
Using Push Security, you can now eliminate the noise and get alerts only when verified credentials belonging to your employees appear on criminal marketplaces.
Push’s browser extension compares stolen credentials from widely-used TI feeds directly against the credentials your employees are actually using ✅
Find out more here 👉 https://thn.news/push-credential-detection
Forwarded from The Hacker News
🚨 A new phishing campaign is slipping past email defenses! Corrupted ZIP files and Office documents bypass antivirus and spam filters, landing directly in your inbox.
🚩 Why care? These cleverly crafted files could lead you straight to fake login pages or malware-laden sites. One wrong click could cost your data—or worse.
Read the full breakdown: https://thehackernews.com/2024/12/hackers-use-corrupted-zips-and-office.html
🚩 Why care? These cleverly crafted files could lead you straight to fake login pages or malware-laden sites. One wrong click could cost your data—or worse.
Read the full breakdown: https://thehackernews.com/2024/12/hackers-use-corrupted-zips-and-office.html
Forwarded from The Hacker News
🚨 Alert: A critical vulnerability (CVE-2024-10905) in SailPoint's IdentityIQ software exposes sensitive content.
CVSS score? A whopping 10.0—maximum severity.
Affected versions span from 8.2 to 8.4 and earlier, putting countless systems at risk. Static files that should be locked down are now vulnerable to unauthorized access.
Learn more: https://thehackernews.com/2024/12/critical-sailpoint-identityiq.html
CVSS score? A whopping 10.0—maximum severity.
Affected versions span from 8.2 to 8.4 and earlier, putting countless systems at risk. Static files that should be locked down are now vulnerable to unauthorized access.
Learn more: https://thehackernews.com/2024/12/critical-sailpoint-identityiq.html
Forwarded from The Hacker News
🛡️ Veeam users, take note! A critical flaw in the Service Provider Console (CVE-2024-42448) could allow remote code execution (RCE).
CVSS score: 9.9/10—this is as serious as it gets.
🔗 Don't wait, secure your systems today — https://thehackernews.com/2024/12/veeam-issues-patch-for-critical-rce.html
CVSS score: 9.9/10—this is as serious as it gets.
🔗 Don't wait, secure your systems today — https://thehackernews.com/2024/12/veeam-issues-patch-for-critical-rce.html
Forwarded from The Hacker News
Cybersecurity agencies have issued a coordinated advisory along with an urgent checklist to combat the Salt Typhoon threat—a nation-state group linked to China that has been infiltrating U.S. telecom networks to steal sensitive data.
Dive into the full story: https://thehackernews.com/2024/12/joint-advisory-warns-of-prc-backed.html
Dive into the full story: https://thehackernews.com/2024/12/joint-advisory-warns-of-prc-backed.html
Forwarded from The Hacker News
A software supply chain attack targeted Solana's popular Solana's web3.js npm library (400,000+ weekly downloads). Malicious versions (1.95.6 and 1.95.7) were designed to steal users' private keys and drain cryptocurrency wallets.
The backdoor was cleverly hidden in the “addToQueue” function, seamlessly blending into legitimate code.
Learn more here 👉 https://thehackernews.com/2024/12/researchers-uncover-backdoor-in-solanas.html
The backdoor was cleverly hidden in the “addToQueue” function, seamlessly blending into legitimate code.
Learn more here 👉 https://thehackernews.com/2024/12/researchers-uncover-backdoor-in-solanas.html
Forwarded from The Hacker News
Europol has dismantled MATRIX, an invite-only encrypted messaging service used by criminals, intercepting 2.3 million messages tied to drug trafficking, arms deals, and money laundering.
Read the full story: https://thehackernews.com/2024/12/europol-dismantles-criminal-messaging.html
Read the full story: https://thehackernews.com/2024/12/europol-dismantles-criminal-messaging.html
Forwarded from The Hacker News
Russia-linked APT group Turla has been hijacking the infrastructure of a Pakistani hacking group to spy on Afghan and Indian government targets by deploying custom #malware, TwoDash and Statuezy.
Learn more: https://thehackernews.com/2024/12/russia-linked-turla-exploits-pakistani.html
Learn more: https://thehackernews.com/2024/12/russia-linked-turla-exploits-pakistani.html
Forwarded from Tech & Leaks Zone
Dixon Technologies partners with Compal to Manufacture Google Pixels at its Noida Plant in India
Homegrown electronics contract manufacturer Dixon Technologies announced a pact with Taiwanese original design maker Compal Electronics to produce Google Pixel smartphones in India.
Dixon’s wholly owned subsidiary Padget Electronics will be making the high-end smartphones at its manufacturing facility in Noida. Foxconn subsidiary Wow Tech currently makes these phones at its Chennai unit and now Dixon will become the second contract manufacturer to make Pixels in India.
With Pixel phones in its bouquet, Dixon is now the contract manufacturer to almost every major smartphone brand in India, except Apple. The company will be making around 100,000 (1 Lakh) Pixel phones every month, of which 25-30% will be exported to countries like Singapore, Malaysia etc.
Unlike Compal in Vietnam, Dixon is quite strict in terms of leaks.
Follow @TechLeaksZone
Homegrown electronics contract manufacturer Dixon Technologies announced a pact with Taiwanese original design maker Compal Electronics to produce Google Pixel smartphones in India.
Dixon’s wholly owned subsidiary Padget Electronics will be making the high-end smartphones at its manufacturing facility in Noida. Foxconn subsidiary Wow Tech currently makes these phones at its Chennai unit and now Dixon will become the second contract manufacturer to make Pixels in India.
With Pixel phones in its bouquet, Dixon is now the contract manufacturer to almost every major smartphone brand in India, except Apple. The company will be making around 100,000 (1 Lakh) Pixel phones every month, of which 25-30% will be exported to countries like Singapore, Malaysia etc.
Unlike Compal in Vietnam, Dixon is quite strict in terms of leaks.
Follow @TechLeaksZone
Forwarded from Tech & Leaks Zone
Department of "Cybersecurity" and "High-Tech Crime Prevention" Ministry in Vietnam Blocked GSMArena Website Thinking it as a "Gambling Site". It's an ISP block and all major carriers in the Vietnam have blocked the access of GSMArena in Vietnam
Follow @TechLeaksZone
Follow @TechLeaksZone
Forwarded from Tech & Leaks Zone
BREAKING: Google Announced Changes to the Play Integrity API
Google has announced changes in the tech that powers the Play Integrity API on all devices running Android 13+ (API Level 33). API integrations will automatically transition to the new verdicts in May 2025.
The improved verdicts will require, and make greater use of, hardware-backed security signals using Android Platform Key Attestation, making it significantly harder and more costly for attackers to bypass. We’ll also be adjusting verdicts when we detect security threats across Android SDK versions, such as when there is evidence of excessive activity or key compromise, without requiring any developer work
The transition to the new verdicts will reduce the device signals that need to be collected and evaluated on Google servers by ~90% and our testing indicates verdict latency can improve by up to ~80%.
All optional verdict signals are being standardized across apps, games, SDKs, and more.
For apps installed outside of Google Play & all other API requests, developers receive a verdict with information about the device, account license, and app, but without the extra security signals. You can read the full changes on Android Developers Blog
Follow @TechLeaksZone
Google has announced changes in the tech that powers the Play Integrity API on all devices running Android 13+ (API Level 33). API integrations will automatically transition to the new verdicts in May 2025.
We're updating the “meets-strong-integrity” response to require a security update within the last year on devices running Android 13 and above. For example, your app could respond differently to the legacy “meets-strong-integrity” definition on devices running Android 12 and lower than to the enhanced definition on devices running Android 13 and higher. However, when the strong label isn’t available for the user, we recommend that you have a fallback option.
The improved verdicts will require, and make greater use of, hardware-backed security signals using Android Platform Key Attestation, making it significantly harder and more costly for attackers to bypass. We’ll also be adjusting verdicts when we detect security threats across Android SDK versions, such as when there is evidence of excessive activity or key compromise, without requiring any developer work
The transition to the new verdicts will reduce the device signals that need to be collected and evaluated on Google servers by ~90% and our testing indicates verdict latency can improve by up to ~80%.
All optional verdict signals are being standardized across apps, games, SDKs, and more.
For apps installed outside of Google Play & all other API requests, developers receive a verdict with information about the device, account license, and app, but without the extra security signals. You can read the full changes on Android Developers Blog
Follow @TechLeaksZone