Linux News and Information

Kali Linux 2024.2: The 18 New Tools and Its Future Kali Linux has released version 2024.2, the first release of 2024, featuring eighteen new tools and fixes for the Y2038 bug. Kali Linux is a distribution designed for cybersecurity professionals and ethical hackers to perform penetration tests, security audits, and network investigations, according to the Bleeping Computer portal. As usual with the first release of the year, the Kali team has introduced new visual elements, including wallpapers and updates to the boot menu and login screen. 18 New Tools in Kali Linux 2024.2 Kali 2024.2 with eighteen new tools added in this version: autorecon: A multiprocess network reconnaissance tool. coercer: Automatically forces a Windows server to authenticate to an arbitrary machine. dploot: A Python rewrite of SharpDPAPI. getsploit: A command-line utility for searching and downloading exploits. gowitness: A web screenshot utility using Chrome Headless. horst: A highly optimized radio scanni

Ubuntu 24.10 Will Use Wayland by Default with NVIDIA The use of Wayland by default with the official NVIDIA driver has been a pending issue in Ubuntu since the change was reversed at the last minute in version 22.04 LTS of the distribution. However, it seems this will soon be rectified according to an update to the GDM3 package published on Launchpad.net by Daniel van Vugt, who is a Canonical employee, a GNOME contributor, and a key figure in the development of Ubuntu for the desktop. Daniel van Vugt explains the following in the update to the GDM3 package that will be used by the upcoming Ubuntu 24.10 : "Remove Ubuntu-specific rules that made Xorg the default for NVIDIA. The patch Revert-data-Disable-GDM-on-hybrid-graphics-laptops-with-v.patch has been updated to ensure that NVIDIA 5xx drivers always default to Wayland unless there is a stronger reason why it won't work (such as modeset being disabled in the kernel command line). Also update the patch description with a

SELKS 10: The Specialized Network Security Distribution SELKS 10 , a specialized security distribution developed by Stamus Networks, marks a decade of activity for a project that we haven't previously discussed in these parts. So, while we may be late to this announcement, we're actually late to the project itself. Indeed, there are well-known solutions in the Linux realm that serve as tools for these purposes, and in fact, two new versions of the most prominent ones, Kali Linux 2024.2 and Parrot 6.1, have been released recently. However, one of the typical aspects of Linux is that alternatives to alternatives are always emerging. Therefore, it's worth repeating that here we have the release of SELKS 10. How is SELKS similar to or different from Kali Linux or Parrot? Stamus Networks' product, which specializes in network security, focuses on security and threat detection, but with a more particular approach, if possible, based on Debian. SELKS is actually an acronym fo

systemd 256 arrives with run0, the ‘sudo clone’ that aims to improve security systemd 256 is now a reality, featuring an interesting innovation that could represent a significant change in Linux in the not-too-distant future, although this will ultimately depend on the decisions made by various distributions. Without further delay, let’s go over the main new features. First, we have the introduction of run0, a kind of clone of sudo that aims to enhance security by reducing the attack surface. According to Lennart Poettering, the creator of systemd, this is achieved by ensuring “the target command is invoked in an isolated execution context, freshly forked from PID 1, without inheriting any context from the client,” making its behavior more akin to SSH. And since we’ve mentioned SSH, there’s the systemd-ssh-generator , which has been added to detect if the SSHD binary (the SSH daemon) is present and then link it through socket activation per connection to various sockets depending on

Immutability for Easier Management of Containers and Virtual Machines SUSE has announced SUSE Linux Enterprise Micro 6.0 (SLE Micro 6.0) , the latest version of its operating system designed for containers and virtualization, aiming to make it easier to maintain. Those familiar with openSUSE Leap Micro and ALP can get an idea of the approach of this new operating system. However, following the company's lead, we'll outline the most important points. First, SUSE Linux Enterprise Micro 6.0 is an immutable operating system that supports transactional updates. This implies the use of Btrfs as a file system along with Snapper and transactional-update, the atomic update system used by the chameleon ecosystem. The company explains that this "ensures system consistency with rollback capabilities, which is crucial for maintaining stability across container deployments." Other features of the system include automated configuration with Ignition and Combustion , and it can now

CentOS Stream 10 Set to Kick Off: Increased Activity Expected in 2024 As the landscape of enterprise Linux continues to evolve, CentOS Stream 10 is preparing to make its mark. This new version, which bridges the gap between Fedora and Red Hat Enterprise Linux (RHEL), is already generating buzz in the Linux community, particularly for those who rely on CentOS for development and production environments. The Transition from CentOS Linux to CentOS Stream CentOS Stream serves as a continuous delivery platform, positioned as the upstream development branch of RHEL. It allows developers to access and contribute to what will eventually become the next minor release of RHEL. With CentOS Stream 10, this model is expected to become even more integral to the ecosystem, as it offers a rolling preview of what’s to come in RHEL 10. Key Features and Expectations While specific details about CentOS Stream 10 are still emerging, it's anticipated to follow the trajectory set by its predecessors, wit

Kali Linux 2024.2 Released with GNOME 46 and New Tools This version completes the transition to t64 to avoid the Year 2038 problem. Offensive Security has announced the release of Kali Linux 2024.2 as the latest ISO snapshot of this popular rolling distribution based on Debian, designed for ethical hacking and penetration testing. Kali Linux 2024.2 Announcement Kali Linux 2024.2 arrives more than three months after Kali Linux 2024.1 and finalizes the prevention of the t64 transition to protect the system against the Year 2038 problem. It updates the GNOME desktop environment to the latest GNOME 46 version and improves the Kali-Undercover and HiDPI modes in the default Xfce desktop. Offensive Security has announced today the release of Kali Linux 2024.2 as the latest ISO snapshot of this popular rolling distribution based on Debian, designed for ethical hacking and penetration testing. Kali Linux 2024.2 arrives more than three months after Kali Linux 2024.1 and finalizes the preventio

 Parrot 6.1: The security-focused distro improves its support for Raspberry Pi, among other updates Parrot 6.1 is here as the latest version of the security-oriented distribution based on Debian. Once again, we remind you that since version 5, it has switched to being based on the stable branch of its parent distribution instead of Testing, so this release is based on Debian 12 "Bookworm." Parrot 6.1, as a maintenance version, mainly stands out for the software updates it provides, aiming to implement the latest bug fixes and security patches. Notable updates include the presence of Anonsurf 4.2, nmap, burpsuite 2024.2.1.3, sqlmap 1.8.3, powershell-empire 5.9.5, golang 1.21, libc6, glibc6, OpenJDK, PHP8, Ruby 3.1, GRUB 2.12, and many other tools, along with the reintroduction of the Parrot updater , which notifies users of pending updates. The second most significant highlight of Parrot 6.1 is the improved support for Raspberry Pi mini-PCs. The distribution's developers

 NixOS 24.05 Updates to KDE Plasma 6, GNOME 46, and Linux 6.6, and Introduces Lomiri NixOS 24.05 "Uakari" has been released as the new version of the distribution built with the Nix package manager, aimed at creating "reproducible, declarative, and reliable systems." It is an immutable operating system that uses atomic updates and supports rollbacks, but conceptually differs from the approaches of Fedora, openSUSE, and Vanilla OS. While previous releases introduced significant new features, NixOS 24.05 stands out for its software updates. The maintainers mention that this release results from the work of 2,491 contributors who made 47,795 commits since the previous version of the distribution. A total of 17,777 new packages have been added, 16,429 have been updated, and 9,393 were removed. As a result of these package changes, 145 modules have been added, 23 removed, and 1,983 processes were incorporated compared to 304 that were eliminated. As mentioned earlier, t

Ubuntu Core 24 Powers AI and Enhances GPU Support Canonical has announced the release of Ubuntu Core 24 , the latest version of its immutable operating system primarily geared towards IoT, which is expected to become the technological foundation of a future desktop system. Like the release discussed in this entry, it will heavily feature the Snap package format. Ubuntu Core 24 officially supports x86_64, ARM, and RISC-V architectures and is designed to operate on billions of edge devices, or at least that's what Canonical claims. Moreover, it offers twelve years of support , a duration that will surely be appreciated by companies using this product. Regarding the new features of Ubuntu Core 24, it includes a new factory installation system aimed at IoT device manufacturers, AI of Things (AIoT) support via the GPU, and device management integrations with Landscape, Canonical's system management tool, and Microsoft Azure IoT Edge. Landscape provides centralized control of OTA upd

 Kaspersky Launches a Malware Scanner for Linux Viruses on Linux? There's a bit of everything in the world, but don't call them viruses—call them malware, which is the more modern term. The question is: Should you be worried about these things on Linux? The truth is, opinions vary widely, although not all opinions carry the same weight. Regardless, here's a new tool you might want to know about. The veteran security firm announced the launch of a malware application for Linux systems, aimed at both desktop and server environments: Kaspersky Virus Removal Tool (KVRT) , a basic utility that, they warn, "cannot monitor attacks on your computer or server in real-time," but rather "allows you to scan Linux systems for known cyber threats." KVRT is a search-and-clean tool, not a protection tool, so it doesn't replace good privacy practices, which are also essential on Linux. However, it won't consume your system's resources just by being there, w

Kdenlive 24.05 Arrives with Automatic Subtitle Translation and Improved Support for TikTok Kdenlive 24.05 has been officially announced as the new stable version of the well-known non-linear video editor from the KDE project, which is possibly the most popular application in its segment among those released as free software. This time, we find a handful of new features that are useful in real-world contexts. The first noteworthy feature of Kdenlive 24.05 is the ability to render videos in more aspect ratio formats , including vertical and square formats. This can be particularly useful for creating content for platforms like TikTok or YouTube Shorts, which are videos that are no longer than a minute and are vertically oriented. The second most interesting feature is the ability to apply an effect to a group of clips in the timeline so that it doesn't have to be configured clip by clip. While this isn't a revolution in itself, it will undoubtedly help to speed up production co

  Massive Cyber Attack On AWS Cloud Environments A complex large-scale campaign was detected by Unit 42 researchers that manipulated and extorted several organizations using cloud systems. Security analysts discovered this massive, large-scale cyber-attack on AWS cloud environments had over 230 million unique targets. The attackers crafted a smart tactic of exploiting exposed environment variable (.env) files on misconfigured cloud infrastructures. These .env files, often overlooked in security measures, contained confidential data such as access codes to different programs and services. This allowed the hackers to gain unauthorized entry into the victims’ systems, through which they infiltrated further into the networks. Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with         ANY.RUN --->    Get 14 Days Free Access .                                                                                 Technical Analysis The threat actors utilized aut