Fuzz testing implies a method of detecting bugs in software by feeding unexpected inputs to target program, which could be very effective at finding memory corruption issues which are often the cause of serious security problems.

While Project OneFuzz is the testing framework used in-house by Microsoft for Edge browser and Windows debugging, and now made available as an open-source tool via GitHub for all developers to use.

According to Microsoft, fuzz testing is effective for improving code quality, which is a perfect standard for finding and removing exploitable security vulnerabilities, and increasing the security and reliability of native code.

What the release of Project OneFuzz as open-source means to developers?



Microsoft’s aim of releasing of Project OneFuzz as open-source is to enable developers to easily and continuously fuzz test their code before its final release, and the global release of Project OneFuzz is intended to help secure the platforms and tools that we all depends to carry out our daily digital tasks.



Already, Project OneFuzz has enabled continuous developer-driven fuzzing of Windows which allowed Microsoft to proactively secure the platform prior to shipment of the latest OS builds. It will allow developers to create unit test binaries with modern fuzzing lab which is compiled in a highly reliable test invocation, and detect errors with a single executable.

And developers can be able to launch fuzz jobs ranging in size from a few virtual machines to thousands of cores, with such enablements as: on-demand live-debugging of found crashes, programmatic triage and result deduplication, with crash reporting notification callbacks.

How to get Started with Project OneFuzz



Project OneFuzz is now available on GitHub under an MIT license for developers to try out! And it will be updated by contributions from both Microsoft Research and Security Groups, with input from other partner teams to expand fuzzing coverage and continuously improve the security of all platforms and products.

And Microsoft will continue to maintain Project OneFuzz by releasing updates to the open-source community as they occur.

Project OpenFuzz: Microsoft Azure fuzz testing framework now open-source

GitHub has released the first stable version of CLI 1.0, which is a new command-line tool for developers to interact with GitHub directly from local terminal.

After a 6-month beta that started in February, GitHub CLI 1.0 stable version has been released to help developers to reduce the frequent switching between the terminal and the GitHub portal, and allow them to focus more in building their workflows.

The beta program saw users creating over 250,000 pull requests, with 350,000 merges, and over 20,000 issues covered with GitHub CLI.

GitHub CLI 1.0 functionalities available for workflow



GitHub CLI 1.0 is now available for download on Windows, macOS, and Linux, which avails developers the use of GitHub CLI for their entire workflow.



The available functionalities for GitHub CLI 1.0 are as follows:

  • Easily Connect to GitHub Enterprise Server.
  • Ability to Run the entire GitHub workflow from terminal.
  • Call up the GitHub API to script any action and set a custom alias for commands.


Additionally, GitHub CLI 1.0 allows you to create aliases for any command using gh alias and you have the powerful gh api to access the GitHub API directly, with no limit to what you can do with gh. For more command details, you can check the official GitHub CLI manual.

How to install GitHub CLI 1.0?



As mentioned above, GitHub CLI 1.0 is available for Windows, macOS, and Linux. If you want to install the GitHub CLI, you'll simply need to run the following commands for the respective platform:

For Windows, the command is as follows:

scoop bucket add github-gh https://github.com/cli/scoop-gh.git scoop install gh


For macOS, the command is as follows:

brew install github/gh/gh


And the installation command for various Linux distributions is available here.

GitHub CLI 1.0 avails Developers full Repo functionalities on Terminal

Technology can be a huge help to any business and it can make work get done quickly, accurately and to a high professional standard, but with all the advantages there are also a lot of risks.

Whilst technology can help your business run smoothly if something goes wrong with that equipment, it could cause huge problems. It could even result in your whole business grounding to a halt, wasting your time, your colleagues time and even your customers time.

Below are three of the biggest online and technological threats to your business that you should prepare for now.

3 Biggest Technological and Online threats



1. System Failure





Just like a car, the technology system on which your business runs need maintenance. As the more you use it, and the older it gets, the more likely it is to break down and prevent you from completing the tasks you need to accomplish. So, you can reduce the risk of your system breaking down by giving it a regular service by a team of experts.

You mustn’t wait until your system breaks to try and find someone to repair the problem. By hiring an external IT service, you can rely on their expertise to reduce the risk of problems occurring. You’ll also have somebody on standby to fix any big problems when they occur.

2. Cyberattacks



Another big problem to consider is the risk of cyber-attacks to your business. You might think that your business is too small to be the victim of a cyber-attack. What would any criminal want your data for? The sad reality is that even the smallest amount of personal or financial data is very attractive to a cybercriminal, and they’ll often go to long lengths to acquire it illegally from your system.

There are some very simple ways you can improve the security of your network to try and prevent these tasks. Make sure every system you use has a strong password. You could even make it, so a system needs two forms of verification, for example, a password and a code which is sent to a registered users phone, to gain access. Also, make sure you have a good firewall set up and anti-virus software available on every device.

3. Data loss





A cyber-attack isn’t the only risk to your company’s most valuable documents and information. If a hard drive breaks or a piece of equipment is lost or stolen, you could simply lose hundreds if not thousands of vital pieces of information. This is why it’s important to back up any data regularly.

Whether that’s saving copies to an external hard drive and keeping that drive in a secure location or setting up a system that automatically backs up your entire system, make sure you have copies of every document you need.

3 Biggest Technological and Online threats to any business

Java Development Kit (JDK) 15 is the next version of Java SE (Standard Edition), which is now available as a production release.

While the highlight features of JDK 15 include the Z Garbage Collector, text blocks, hidden classes, and previews of sealed classes, pattern matching, and records, among others.

And as JDK 15 is a short-term release, it will only be supported with Oracle Premier Support for six months; with the next release (JDK 16) scheduled to arrive next March. Meanwhile, JDK 17 will be the next Long-Term Support release to be supported by Oracle for eight years, and it's slated to arrive a year from now, given Oracle’s six-month release cycle for Java SE versions.

What's New in JDK 15?



JDK 15 features a foreign-memory access API, which enable Java programs to safely and efficiently access foreign memory outside of the Java heap. And the API operates on various kinds of foreign memory, such as persistent, native, and managed heap, with many Java programs accessing foreign memory, such as Ignite and MapDB.



The API would also help avoid the cost associated with garbage collection, sharing memory across processes, and serialize and deserialize memory content by mapping files on memory. Other new features and changes in JDK 15, includes:

  • A preview of sealed classes.
  • Records, which are classes that act as carriers for immutable data.
  • Cryptographic signatures based on the Edwards-Curve Digital Signature Algorithm (EdDSA).
  • Disabling biased locking by default and deprecating all related command-line options
  • The Z Garbage Collector (ZGC) graduates from an experimental feature to a product under this proposal.
  • Deprecation of the RMI Activation mechanism.


Additionally, there is the reimplementation of the legacy DatagramSocket API by replacing the underlying java.net.datagram.Socket and java.net.MulticastSocket APIs with more modern implementations that are easy to debug and maintain, with virtual threads currently being explored in Project Loom.

How to get Started with JDK 15



Oracle has mapped out the upgrades for Java, including the open-source reference implementation of version 15 of the Java SE Platform as part of a new, six-month release schedule for standard Java. Therefore, developers can take a look at JDK 15 in order to get an idea of what is expected in JDK 16.

You can also join the early adopter program by downloading the beta versions of JDK 16 to give it a spin.

JDK 15: What's New in the next version of Java Development Kit?

Oracle has open-sourced its Tribuo Java machine learning library, and makes it available free under an Apache 2.0 license; which tool is developed by Oracle Labs, and now accessible on GitHub and Maven Central.

While Oracle is looking to make it easier for developers to build and deploy machine learning models in Java, as it has already happened with Python, and meeting enterprise needs in the machine learning space.

Tribuo offers standard machine learning functionality which includes algorithms for building and deploying classification, clustering, and regression models in Java, with interfaces for TensorFlow, XGBoost, and ONNX.

How Tribuo can be useful in Natural language processing?



As Tribuo includes pipelines for transformation of data and provides a suite of evaluations for supported prediction tasks, and also collects statistics on inputs, it can describe the range of every input, with features like, managing IDs and outputs to avoid ID conflicts and confusion for chaining models.



Tribuo model identifies a feature when seen for the first time, which is particularly useful in working with natural language processing, and the models knows exactly what outputs are, with the outputs being strongly typed, therefore Developers don't have to wonder whether a float is a probability, regressed value, or a cluster ID.

The provenance system in Tribuo can also generate a configuration that rebuilds the training pipeline to reproduce the model, with a tweaked model that can be built on new data or hyperparameters, allowing users to always know what a model is, where it came from, and how to create it.

Tribuo filling a gap for machine learning in Enterprise applications



Oracle believes that Tribuo can fill a gap in the marketplace for machine learning for enterprise apps, whereas the Google-built TensorFlow library already provides core algorithms for deep learning, Tribuo can offer several machine learning algorithms, which are in not available in TensorFlow.

And also providing an interface to TensorFlow, with the Apache Spark analytics engine for large, distributed systems, Tribuo will be ideal for smaller computations on a single machine.

Additionally, Tribuo provides interfaces to XGBoost and the ONNX runtime, along with to TensorFlow, allowing models trained in TensorFlow and XGBoost or stored in the ONNX format to be deployed alongside native Tribuo models, which support allows deployment in Java of models using popular Python libraries such as PyTorch.

Oracle open sources Tribuo Java machine learning library

The Cross-Transport Key Derivation (CTKD) component in Bluetooth is responsible for the authentication when pairing two devices together; now a group of academic researchers have disclosed a flaw in the CTKD supporting both Bluetooth BR/EDR and LE in Bluetooth Specifications 4.2 to 5.0.

While Bluetooth SIG, the organization that is saddled with the development of the Bluetooth standards have issued a statement confirming the flaw, which potentially is affecting hundreds of millions of devices worldwide.

The flaw is dubbed 'BLURtooth' and tracked as CVE-2020-15802, as it exposes devices powered with Bluetooth 4.0 or 5.0 technology, allowing hackers to gain unauthorized access to a targeted nearby device by overwriting the authenticated key, and thus reducing the encryption key strength.

The researchers from École Polytechnique Fédérale de Lausanne (EPFL) and Purdue University also identified that the CTKD may permit a remote access to some LE services when BR/EDR access is achieved and BR/EDR profiles when LE access is achieved. Albeit, given that this is the intended function of CTKD, these processes are not considered as vulnerabilities by the SIG.

How the BLURtooth Flaw affects Dual-mode devices using CTKD



Dual-mode devices that use CTKD to generate Long Term Keys (LTK) or Link Key (LK) are normally capable of overwriting the original LTK or LK in such cases where the transport was enforcing a higher level of security, and vulnerable devices must permit a pairing to proceed transparently without authentication, for any of the BR/EDR or LE transports to be susceptible to the attack.



The flaw leverages on the ability under specific implementations of the pairing process which could allow devices to overwrite authorization keys if the transport enforces a higher level of security.

And if a device becomes paired or bonded on a transport which is spoofing another device's identity and CTKD is used to derive a key which overwrites a pre-existing key of greater strength or that uses authentication, then access can be gained to the authenticated services.

How to Mitigate against the BLURtooth Attack



Bluetooth SIG has warned that the flaw may permit a Man In The Middle (MITM) attack between devices previously paired using authenticated pairing if those devices are both vulnerable. And they recommend the introduction of restrictions on CTKD mandated in Bluetooth Core Specification versions 5.1 and later as primary mitigation.

The company has also started to coordinate with affected vendors to help in releasing necessary patches, and they further recommends that devices should restrict when pairable on either transport to when a user interaction places the device into a pairable mode or when the device has no existing connections to a paired device.

Unpatched Bluetooth Flaw could allow Hackers target Nearby Devices

Microsoft Hypervisor (Hyper-V) is a virtualization technology developed by Microsoft which specifically serves as hardware virtualization, allowing users to run multiple operating systems virtually on Windows platform.

Now, Microsoft is looking to make Linux run as a root partition on its Hyper-V technology, with the company's engineer Wei Liu pushing out a series of patches to Linux’s Hyper-V code. While the RFC (request for comment) patches are aimed at making Linux run as a root partition (like Xen’s Dom0) on Hyper-V.

Hyper-V not only lets you run multiple virtual operating systems on the Windows platform, but also, it allows users to create virtual hard drives and network switches.

How Linux root partition support for Microsoft Hypervisor will work?



Microsoft is looking to create a complete virtualization stack with Linux and Microsoft Hypervisor, which will be a subsequent patch series to provide a device node (/dev/mshv) such that userspace programs can create and run virtual machines.



It also involves the porting of Virtual Machine Monitor (VMM) Cloud Hypervisor, and been able to boot a Linux guest with Virtio devices, which capabilities were added since late July. And as an RFC series, this implements only the absolutely necessary components that are required to get things running.

With a large portion of the series consisting of patches that augment hyperv-tlfs.h, which should be rather uncontroversial and can be applied right away.

The architecture documentation of Hyper-V implies that the root partition has direct access to physical I/O devices, so the virtualization stack in the root partition can provide a memory manager for virtualized I/O devices and management APIs. And the root partition for Microsoft Hypervisor is inspired by type-1 hypervisor (Xen), and Domain 0 (Dom0) of open source, which toolstack and drivers are for hardware that control virtual machines.

Microsoft looks to make Linux run as a root partition on its Hyper-V technology

Manjaro Linux team has announced a new point version, Manjaro 20.1 “Mikah” which is the latest release that supersedes the previous Manjaro 20.0 “Lysia” with more improvements, and refreshed user interfaces.

While Manjaro is designed to work "straight out of the box" with focus on user friendliness and accessibility, and Manjaro 20.1 “Mikah” has continued with the user-friendly-focus bringing its flagship Xfce, GNOME and KDE editions for the popular desktop Linux distribution.

And along with the support for the ZFS file system, Manjaro 20.1 has now enabled ZFS installation by providing the needed kernel modules.

What's new in Manjaro 20.1 “Mikah” Release?



Manjaro 20.1 has its default package manager, Pamac, updated from v9.4 to v9.5 and subsequently, results to an enhanced alpm error handling, optimized internal check dep algorithm, improved database performance, and better internal search algorithm.



Also, Manjaro has added AUR (Arch User Repository) package building to version 20.1, to build packages from the Arch User Repository and install as many packages as possible. And on the desktop environment, Manjaro 20.1 continues the offer of three distinct ISO images for Xfce, KDE, and GNOME desktops.

Additionally, Manjaro 20.1 has packed KDE-based apps from KDE 20.08 application bundle, with KDE edition switched from its Plasma desktop from version 5.18 to the latest 5.19.

How to Upgrade to Manjaro 20.1 “Mikah” Release



Manjaro being a rolling release Linux distro, means that you only need to update your package database and all the packages on the system to switch to the new version, by simply running the following command in your terminal:

sudo pacman -Syu


But, you can also use the below command to force a full refresh of the package database and update the packages on the system.

sudo pacman -Syyu



And the three different ISO images with Xfce, KDE, and GNOME desktop can be downloaded from the official site.

Manjaro 20.1 “Mikah” Release: Build Packages from Arch Linux’s AUR (Arch User Repository)

C++20 is the moniker for the revision of the ISO/IEC standard, which follows C++17, for the C++ programming language.

While the standard have received final technical approval by WG21 at the meeting in Prague in February 2020 and now undergoing final editorial work, following the approval of the draft on 4th September 2020.

C++ remains a very important language, and it is voted the fastest-growing language in the Tiobe Index of September 2020, where it ranks fourth behind C, Java, and Python. And Tiobe cites the C++ 20 specification as the major factor that gave the programming language a boost.

What's New in C++ 20?





C++20 brings new major features which were formerly not available in C++14 or C++17, with some changes that have been accepted into and those that have been discussed for inclusion into C++20. The new major capabilities in C++ 20 include:

  • Synchronization library, for better support of fine-grained hardware control.
  • Concepts to specify template requirements and support generic programming, which promises to improve code quality.
  • Coroutines helps to generalize subroutines for use in nonpreemptive multi-tasking. Though the standardized support for coroutines is still lacking, as the full support is expected in C++ 23.
  • Expansion statements for compile-time repetition of a statement for each element of a tuple, array, class, parameter pack, or range.
  • Improvements in the context-sensitive recognition of import and module to aid non-compiler tools to determine build dependencies.
  • Modules that enables programmers to use modular components.


Additionally, the new rangified algorithms which is a pure library extension of the Standard, with the paper complements P0896 adding rangified overloads for some of the non-parallel additions to since C++14, from whence the Ranges TS took its algorithms.

Also, the contracts capability which was expected in C++ 20 that specify pre-conditions, post-conditions, and assertions, have been removed. Therefore, Contracts has been marked as a C++ 23 item, albeit it may not make it to the final release.

C++ 20 Gets Technical Approval with features such as Modules and Coroutines

Deepin Linux team has released the stable version of Deepin 20 series, dubbed Deepin v20 (1002), with major improvements ranging from new aesthetic design, and dual-kernel system, among others.

While Deepin 20 Beta release, which was originally scheduled for January 2020 release date, but arrived 3 months after brought a unified design style, with redesigned desktop environment and applications, bringing a new interactive experience.

Deepin is perhaps one of the most beautiful Linux distro, with the Deepin 20 Stable release, which is the latest major version of the desktop environment bringing new visual look to the base repository, and the latest Linux kernel.

What’s New in Deepin V20 (1002)?



Deepin Linux distro is based on the popular upstream Debian GNU/Linux, which means that the new Deepin 20 (1002) has its underlying repository upgraded to the latest Debian 10.5.



It has added support for dual kernel installation, allowing users to have dual kernel options, including: Linux Kernel 5.7 (Stable) and Kernel 5.4 (LTS) in the system installation interface with their “Safe Graphics” modes. And Deepin 20 improvised design of Desktop Environment (DDE) and system installer, makes the desktop more user-friendly and the newly introduced colorful icons, graphics interface, offers an exquisite multitask view.

Deepin has also made the design of the system installer simpler and the system installer can now detect NIDIVIA cards to offer closed-source drivers to be installed. With the added support for a variety of authentication features, including fingerprint readers to deliver accurate fingerprint recognition.

The fingerprint options in Deepin Linux is for several purposes such as logging in, unlocking, identity verification, and getting root permissions.

How to Upgrade to Deepin 20 (1002)?



Deepin 20 (1002) ISO image is now available for download from the official download page, and if you’re an existing user on Deepin 15.11, you can upgrade to V20 (1002) by changing your source in
/etc/apt/sources.list

to
deb [by-hash=force] https://community-packages.deepin.com/deepin/ apricot main contrib non-free


And add the official source for the app store in
/etc/apt/sources.list.d/appstore.list


But if the file does not exist, you can create a new one and add the line below:

deb https://community-store-packages.deepin.com/appstore eagle apps


You can also watch the official promo video of Deepin 20 (1002) here for further guidance on available features.

Deepin 20 Stable release brings new Aesthetic Design and Dual-kernel System

Microsoft’s Visual Studio Codespaces will soon be incorporated into GitHub Codespaces, which service will provide hosted Visual Studio Code environments on GitHub, with the current Azure-based offering to be retired in February 2021.

While the Visual Studio Codespaces provide cloud-hosted development environments on Microsoft Azure, the service will be moved because the company believes that transitioning to a codespace from a repository is the most-criticized part of the workflow.

Given that the vast majority of developers preferred a native, and integrated, one-click access experience, which GitHub as the home of 50 million developers can address the issue.

How Visual Studio Codespaces will compliment GitHub Codespaces



GitHub Codespaces is currently a limited public beta, which means that developers need to apply into the program. And if a developer connect to a GitHub Codespace through the Visual Studio Code editor, it will prompt to add a GitHub account to the beta.

GitHub Codespaces


For an optimized experience on GitHub repos, developers can also use Git repos hosted elsewhere, such as on Microsoft Azure or Bitbucket, which requires only a few additional configurations. And the Private Preview for Visual Studio and Windows SKU support will also be moving over to GitHub as part of the service consolidation.

Albeit, Microsoft will continue to support the Private Preview in the current service until the consolidation is complete, after which all Private Preview users will then be moved to GitHub Codespaces.

How current Visual Studio Codespaces users can move to the GitHub beta?



GitHub Codespaces is still in limited public beta, therefore, there is no charge for it. The pricing for GitHub Codespaces may be announced after Codespaces gets a general availability status, which is expected later in the year.

And for a Visual Studio Codespaces user to move to the GitHub beta, there is need to provide the GitHub account you’d like to be added to GitHub Codespaces beta. Then, you will be contacted in one of the following ways, either via the form indicated in the service retirement announcement e-mail. Or upon connection to a Visual Studio Codespace, you’ll be prompted via a notification toast to provide your information.

If you are successfully added to the GitHub Codespaces beta, you’ll then be able to create a codespace from any of your GitHub repositories directly.

Microsoft’s plan to incorporate Visual Studio Codespaces into GitHub Codespaces

NuTyX is a GNU/Linux distribution with high flexibility, leveraging on the collections and groups concepts, built from “Linux From Scratch” project with own custom package manager.

While NuTyX has announced a new version, NuTyX 11.6 release that follows the previous version NuTyX 11.5 released in May 2020, with upgraded ‘Cards’ - which is the custom package manager.

Also, the package manager allows you to install individual binary packages or group of related binary packages, which NuTyX has made possible with the availability of Flatpak.

What's New in NuTyX 11.6 Release?



Besides the upgraded custom package manager, ‘Cards’ from version 2.4.115 to 2.4.122, users can now install more packages, like Flatpak packages, using the universal Flatpak package management utility.

NuTyX 11.6


NuTyX has also updated its supported desktop environments, including KDE Plasma 5.19.5, MATE 1.24.1, and Xfce 4.14.1, with its own framework 5.73.0 and application bundle 20.08.1. While on the core component, NuTyX 11.6 comes with the Long-Term Support (LTS) kernel 4.19.143 and latest stable kernel 5.8.7.

And the ‘kernel-419’ package in NuTyX has replaced the ‘kernel-lts’ package, it now includes four versions of the LTS kernel along with the last stable kernel, like kernel 4.9, 4.14, 4.19, 5.4, and 5.8, with VirtualBox and NVIDIA graphics card drivers also available for all five kernel versions.

How to Upgrade to NuTyX 11.6 Release?



For existing users of NuTyX Linux distro, you can simply run the following single command to upgrade your system to the latest version NuTyX 11.6:

sudo cards upgrade


But if you are a new user, and want to install NuTyx from scratch, you can download the ISO images which are available in “Fixed” and “Rolling” releases for both 64-bit and 32-bit versions.

NuTyX 11.6 Release: Linux From Scratch project with custom Package Manager

Raccoon attack


Transport Layer Security (TLS), and its now-deprecated predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communications security on a computer network.

While several versions of the protocols are employed in widespread use for applications like email, instant messaging, web browsing, and voice over IP. Now, there is a new timing vulnerability in TLS protocol, as disclosed by a group of researchers that could potentially allow attackers to break the encryption to read sensitive communication under certain conditions.

The vulnerability, dubbed "Raccoon Attack," is a server-side attack that exploits a side-channel in the cryptographic protocol on versions TLS 1.2 and lower to extract shared secret key used for secure communications.

How Raccoon Attack leads to Leak of Secret Keys



The vulnerability relies on precise timing measurements and specific server configuration, and it uses the time measurements to compromise a cryptosystem; also employing the same strategy for the Diffie-Hellman (DH) key exchange process during TLS handshake, which is necessary in sharing data securely over a public network.



And the handshake messages between a client and server is recorded, and thus, used to initiate new handshakes to the server, while subsequently measuring the time which it takes for the server to respond to the operations in deriving the shared key.

Now, the shared secret key which is generated during the exchange enables secure browsing, and allows users to safely navigate through websites by protecting the network communications against man-in-the-middle (MitM) attacks.

How Browser and Web technology vendors have responded to the Raccoon Attack



F5 specializes in application services and application delivery networking, and several of their products were found to be vulnerable to a "special" version of the Raccoon attack (CVE-2020-5929) which doesn't resort to timing measurements by directly observing the contents of server responses, so the company has released a patch to thwart the attack by addressing the concern with ephemeral key reuse.

And browser vendors, like Microsoft, Mozilla, and OpenSSL have all released patches to thwart the attack, with Mozilla on its part, haven turned off DH and DHE cipher suites in Firefox browser, and Microsoft recommending that Edge users should disable TLS_DHE.

Raccoon Attack: Server-side attack exploiting a side-channel in the SSL/TLS protocol



Mobian OS is an open-source project that aims to bring Debian GNU/Linux to mobile devices, including the PINE64 devices, PinePhone and PineTab.

While Debian GNU/Linux is among the oldest Linux-based operating systems which boasts of rock-solid stability, and a very large community support; but you can't install pure Debian directly on smartphones or tablets, as it requires hardware-specific customizations to run smoothly on such devices.

Now, Mobian OS has been ported to run on PINE64 devices, including PinePhone and PineTab, as the Mobian team announced that along with PinePhone, they have started to build images for Linux-based tablet, PineTab.

What are the features of Mobian OS?



Mobian OS is an open-source project that aims to bring Debian GNU/Linux on modern mobile devices, featuring the Phosh (Phone shell) user interface developed by Purism for its Linux phone Librem 5.



Its base system uses pure Debian 11 ‘Bulleye’ built for ARM64-based devices, and it uses a powerful tool, called debos, to create a custom Debian image, with Mobian packs standard Dеbіаn расkаgеs and ѕоmе GNОМЕ аррlісаtіоnѕ to carry out specific tasks. You can For a check out this GitLab package repository for full list of supported applications.

Mobian OS is currently targeted at Linux-based PinePhone and PineTab to provide a fully-functional mobile devices with open source and powerful Debian Linux, albeit, Mobian in the near future can also aim to port to other mobile devices and tablets.

How to Download & Install Mobian OS?



Mobian OS is currently available for PinePhone and therefore, if you own any edition of PinePhone and wish to give it a try, you can download the prebuilt images and follow the Mobian installation guides for PinePhone available here to get started.

And if you’re a developer and wish to build custom Debian images for your device, you can check out the repo. Also note that Mobian maintains mobian-recipes repository with debos recipes to generate Debian-based images for all supported mobile phones.

Mobian OS: Brings Debian GNU/Linux to PINE64 devices, PinePhone and PineTab

Quantum computing is a relatively new field which has algorithms built from wiring up logic gates; including vector and matrix mathematics, Dirac notation, Pauli measurements, quantum circuits and the qubit.

While the likes of Microsoft, IBM, and Google have all made major investments in building their own quantum computing software or hardware; Amazon until recently, has been fairly silent about its stance on quantum computing, but that has changed with the announcement of Amazon Braket.

Braket is Amazon's inroad into making quantum computers developed by other vendors available to its cloud users via AWS, with the service currently supporting three quantum computing services, namely: Rigetti, IonQ, and D-Wave.

What's Amazon Braket all About?



Braket is a fully-managed service to help Amazon users to easily get involved with quantum computing, which includes three modules: Build, Test, and Run. With the Build module centering around managed Jupyter Notebooks which are pre-configured with sample algorithms, and developer tools, such as the Amazon Braket SDK.

Amazon Braket


The Test module, on the other hand, provides access to high-performance, and managed quantum circuit simulators. While the Run module offers on-demand access to different types of quantum computers (QPUs), including gate-based quantum computers from Rigetti and IonQ, and quantum annealer from D-Wave.

Albeit, the tasks may not run on the QPU immediately, as the QPUs can only execute tasks during the execution windows.

How to enable Amazon Braket with Notebooks



Amazon Braket is perhaps the easiest way to get into the quantum computing and simulators waters, but as the Noisy Intermediate Scale Quantum (NISQ) phase of quantum computing still persists, you don’t really need to expect much useful results from Braket.

In order to use Braket, you'll need to first enable it in your AWS account, and then you have to create a notebook instance. While noting that such Notebooks use Amazon SageMaker. Once you open the notebook, you'll need to enter new code or use one of Amazon’s examples.

And you'll need to check the status of the QPU devices, as they are not always available. Braket’s current QPU offerings are quite modest, with the 2048-qubit D-Wave annealer as mostly useful for optimization problems, which is about half the size of D-Wave’s latest-generation annealer and the 30-qubit Rigetti Aspen-8 is too small.

The 11-qubit IonQ QPU, has relatively long coherence times, which is way too small to implement the algorithms for quantum computers that should possess useful quantum supremacy, like Shor’s algorithm for finding the prime factors of an integer and Grover’s algorithm for finding the inverse of a function.

Definitely, we’ll still need more qubits, less noise, and longer coherence times, all of which are being actively researched to get any meaningful result with Braket.

Amazon Braket: Brings Quantum Computing to its Cloud users via Amazon Web Services

Zorin OS is a Linux-based operating system designed for users who are new to the Linux platforms, with built-in features that allows them to change the UI to resemble the familiar Microsoft Windows or MacOS system.

While Zorin OS is becoming popular with the Zorin OS 15 series haven received over 1.7 million downloads since its first debut in June 2019. Now, the Zorin team has announced new point version, Zorin OS 15.3 which is the third iteration of the Zorin OS 15 series, and the most advanced and popular release ever.

It will further enhance the Zorin OS stronghold by bringing updated software, for better security and hardware compatibility.

What’s New Zorin OS 15.3 Release?



Zorin OS 15.3 is based on the recently released Ubuntu 18.04.5 LTS, which offers better support for modern hardware, and promises software updates and security patches until April 2023.



And as a further improvement to its hardware compatibility, Zorin OS 15.2 has upgraded core Linux Kernel version from 5.3 to 5.4, which brings support for more hardware like the Intel 11th generation Core processors, and upcoming AMD CPUs/GPUs. Additionally, Zorin OS 15.3 has added improvements to the Zorin Connect app for Android, with such features as auto search for devices on trusted Wi-Fi networks, and quick buttons to send files.

Zorin OS also includes the newest stable LibreOffice 6.4.6, which brings better compatibility with Microsoft Office, better performance boosts, and more utility features.

How to Upgrade to Zorin OS 15.3



For a fresh installation, all available editions of Zorin OS including Lite, Core, Ultimate, and Education can be downloaded here, with the exception of the “Ultimate” variant, which comes at a cost of $39, while all the other editions are free.

If you are an exisiting user of Zorin OS 15 series, you can update your system to reach the new point version Zorin 15.3 by using the Software Updater or running the following command:

sudo apt update
sudo apt full-upgrade
sudo reboot


And for those who are using a Zorin series other than the Zorin OS 15, there is an official upgrade guide available here to help them upgrade to the new point version Zorin 15.3 release.

Zorin OS 15.3 Release: Brings Update to the core apps for faster and better experience



A group of researchers at ETH Zurich have disclosed an authentication flaw in Visa's EMV enabled payment cards that could allow cybercriminals to defraud cardholders as well as merchants by obtain funds illegitimately.

According to the researchers, the flaw is a PIN bypass attack that allows the hackers to leverage a stolen or lost credit card for authorizing high-value purchases without the knowledge of the card's PIN, and also trick a point of sale (PoS) terminal into an unauthenticated offline card transaction.

The flaw affects all contactless cards that use the Visa protocol, including Visa Debit and Credit cards, Visa Electron, and V Pay cards, and the researchers also tied it to the EMV protocols implemented by UnionPay and Discover cards as well. While MasterCard, and American Express, are not impacted by the vulnerability.

How ETH Zurich researchers exploited the flaw to mount a man-in-the-middle (MitM) attack



The international protocol standard for smartcard payment, EMV (short for Europay, MasterCard, and Visa), mandates that all larger amounts of money can only be debited from credit cards using a PIN code.

However, the process devised by the researchers exploits the flaw in the protocol to mount a man-in-the-middle (MitM) attack using an app that "instructs the terminal that PIN verification is not required because the cardholder verification was performed on the device" to gain access.



And the fact that the Cardholder verification method (CVM), which is employed in verifying if an individual that's attempting a transaction with a credit/debit card is the legitimate cardholder, isn't protected cryptographically from modification makes the attack possible.

How to Mitigate against PIN bypass attacks



The attack scenario proves that the PIN is actually useless for security in Visa contactless transactions, and the differences between the contactless payment protocols of MasterCard meant that MasterCard is more secure.

And as the flaw violates fundamental security properties such as authentication and guarantees on accepted transactions, the researchers have proposed three software fixes to the protocol to prevent PIN verification bypass attacks, including using Dynamic Data Authentication (DDA) in securing high-value online transactions and the use of online cryptogram in all PoS terminals, allowing offline transactions to be processed online.

PIN Verification Bypass Flaw affecting all contactless Cards on the Visa protocol



EndeavourOS is an Arch-based Linux distribution that offers almost vanilla and terminal-centric Arch experience, with the first stable version released on July 15, 2019, bringing a friendly GUI-based offline and online installer.

Now, the team has announced a new project that offers EndeavourOS for ARM computers, which is quite similar to the collaboration for EndeavourOS x86_64 and Arch Linux; the EndeavorOS ARM aims to provide same experience on devices running ARM (Acorn RISC Machine) based processors.

Albeit, EndeavourOS isn't the first Linux distribution to offer support for ARM processor architecture, as Linux distros such as Ubuntu, Arch Linux, and Manjaro, already provide images for ARM devices.

What to expect in EndeavourOS ARM Linux Distribution?



Although, there are no official information about the upcoming EndeavourOS ARM Linux Distribution, other than the announcement that the ARM distro will be launching on September 19, 2020.

However, the sneak peak that was shared by team members for the first Odroid-N2+ running EndeavourOS ARM (EOSARM) Linux Distribution, shows what it feels like running the OS on the ODROID-N2 which is a $79 hexa-core computer that uses the Amlogic S922X 12nm SoC, offering a quad-core ARM Cortex-A73 cluster and a dual-core ARM Cortex-A53 cluster with 4GB of 1320MHz DDR4 RAM.



And you will only be able to download EndeavourOS ARM images starting on September 19, 2020 from the new official website.

If you are a developer and would like to host a mirror, there are more information available here, and the guides that will help you with package and software development in Arch Linux ARM can be found here.

EndeavourOS ARM Version: What to expect in the upcoming Linux Distribution?

Evilnum hackers



Evilnum is a hacker group that has been targeting fintech companies, mostly those located in the United Kingdom and EU countries, with the goal of spying on targets and stealing financial information, including login details, bank documents, and email credentials, among others.

According to researchers at Cybereason, the Evilnum group has tweaked its infection chain and also deployed a Python RAT called "PyVil RAT," which possesses the abilities to gather personal information via screenshots, capturing keystrokes, and opening of an SSH shell to deploy new tools.

Since the first discovery of the group in 2018 till today, the group's tactics, techniques and procedures (TTPs) have evolved with the different available tools, but the group hasn't deviated from their initial focus on fintech targets.

How Evilnum targets companies with spear-phishing emails



Formerly, the hacker group targeted companies with spear-phishing emails containing a link to a ZIP file hosted on Google Drive, in order to steal customer credit card information, software licenses, and investments and trading documents.

But now, the infection procedure has undergone a major shift, albeit their modus operandi of gaining an initial foothold in a compromised system has remained the same. And by using spear-phishing emails that mimics know your customer (KYC) documents to trick employees of the fintech industry to click the bait into triggering the malware, the attacks have evolved from using Trojans with backdoor capabilities to bare-bones JavaScript dropper which delivers malicious payloads.

These Trojans are hidden in modified versions of legitimate executables which is an attempt to escape detection. And the first phase in this new infection chain, culminates into the delivery of the payload, with a Python written RAT compiled with py2exe that the security researchers dubbed, PyVil RAT.

The Evilnum group avoided using domains in communications with the C2 on previous their campaigns, rather they employed IP addresses, though the C2 IP address changes every few weeks, but the list of domains associated with the IP address is ever growing.

Now, the multi-process delivery procedure, unpacks shellcode to establish communication with an attacker-controlled server upon execution, and receive a second encrypted executable ("fplayer.exe") that serves as the next phase downloader to fetch the Python RAT.

How to Mitigate against the Evilnum attacks



The Evilnum group's TTPs continue to evolve, therefore it's recommended that businesses should be vigilant security-wise and employees should exercise caution when opening emails and attachments, especially from unknown senders, and monitor their emails for phishing attempts.

Evilnum's origins still remain unclear, but there is enough evidence about their constant improvisation of TTPs which has helped them remain under the radar.

PyVil RAT: Python-based remote access Trojan deployed by Evilnum hackers

Kotlin


Kotlin Multiplatform Mobile (KMM) is an SDK which enables developers to share code for both Android and iOS mobile app developments.

While the KMM which is developed by JetBrains draws on the mulitiplatform capabilities already available in Kotlin to streamline the experience of building truly cross-platform mobile applications. And the SDK is bundled as a preview of KMM plug-in for the Android Studio IDE that allows developers to write, run, and debug code in the same IDE.

According to JetBrains, both Android and iOS versions of an application have a lot in common, but also, there are significant differences, particularly in the UI. These differences can range from subtle variations in scrolling behavior to divergent navigation logic.

How KMM will offer flexibility by retaining native programming benefits



Since application business logic includes data management, analytics, and authentication, which can be pretty identical, it’s natural to share parts of an application across platforms while keeping the other parts separate.

Therefore, KMM offers the flexibility while also retaining native programming benefits, so that a single codebase can be used for business logic with platform-specific logic written only when necessary, whether for native UI or working with platform-specific APIs.

The shared code written in Kotlin is compiled to JVM bytecode with Kotlin/JVM and to native binaries via Kotlin/Native.

How to integrating KMM into Your existing projects



KMM business modules can be used like every other mobile library, and developers don't need to switch IDEs or have Apple’s Xcode running to make sure that code works properly using the plug-in.

JetBrains has set up a Kotlin Multiplatform Mobile developer portal and published an extensive guide on integrating KMM into existing projects.

Kotlin Multiplatform Mobile (KMM): SDK to share code across iOS and Android platforms

Deepfakes Technology


Microsoft has announced a new deepfake detection tool, known as Microsoft Video Authenticator to help in spotting synthetic images and videos that are AI-generated on the internet.

While Deepfake technology is extensively employed in the swapping of people’s faces in videos to make them utter things that was never said by such people, and often used by scammers. Albeit, the technology also has its positive sides, as the development of deep generative models brings new possibilities in healthcare, with the growing concerns about protecting the privacy of patients.

Using the deepfake technology, a hospital with adequate computational power could recreate an entirely imaginary population of its virtual patients, thus eliminating the need to share the data of real patients.

How Microsoft Video Authenticator Deepfake Detection works?



Microsoft Video Authenticator is developed by Microsoft Research, in collaboration with the Responsible AI team and AETHER committee. It analyzes any given image or video to come up with what the company calls "confidence score", which is a percentage score that shows whether the particular media content has been manipulated.

Microsoft Video Authenticator


The tool works by detecting the actual boundary of the deepfake and subtle fading or greyscale elements which might not have been easily detectable by the human eye.

And it integrates with the Microsoft Azure cloud service and allows content publishers to add digital hashes and certificates to their content, which data is then made readable by a browser extension (reader) to verify the authenticity of the content.

Some other complimenting Deepfake detection efforts



Google released a large dataset of visual deepfakes in late 2019, in collaboration with Jigsaw, which has been incorporated into the Technical University of Munich and University Federico II of Naples’ new FaceForensics benchmark, with the aim of directly complimenting deepfake detection efforts.

Moreover, as Deepfake technology is getting more advanced, and thus becoming harder to detect even by the experts; it then becomes pertinent to pitch AI against AI in an attempt to help in the spotting of deepfakes.

Microsoft Video Authenticator: Deepfake Detection Tool Using Confidence Score

SSL Certificates


The validity period of new TLS certificates have been shortened to 398 days (a little over a year), from the previous maximum certificate lifespan of 825 days (2 years and 3 months).

While the Certification Authority Browser Forum (CA/Browser Forum), which is a consortium of certification authorities and browser vendors, had initially imposed a limit of five years in 2011, resulting the reduction of certificate validity period from 8 to 10 years; and subsequently, it was reduced further to three years and two years in 2015/2018 respectively.

Now, the new move to shortened it to 398 days is meant to boost internet security, with Apple, Google, and Mozilla now set to reject public digital certificates in their respective web browsers once its 398 days from their original creation date.

Why Capping Certificate validity improve security?



Generally, the capping of certificate validity period helps to improve website security as it minimizes the chances of compromised or bogus sites exploiting such certificates to carry out malware attacks.

And especially for web development, it is now ideal to implement a certificate automation using tools like EFF's CertBot or Let's Encrypt, which makes it easy to set up, renew, and replace SSL certificates without any manual intervention. Also, as Chrome and Firefox mobile versions don't automatically check for certificate status because of performance constraints, it causes websites with revoked certificates to continue to load without any warning to users.

However, those certificates that were issued before the date of enforcement won't be impacted, or those that have already been issued from administrator-added or user-added Root certificate authorities (CAs).

How the Browser vendors are gearing up for the Enforcement



Google has planned to begin the treat certificates that violate the validity clause as misissued, and accompanied with error message "ERR_CERT_VALIDITY_TOO_LONG". And some SSL certificate providers like Sectigo and Digicert have stopped issuing certificates with two-year validity.

Apple, on its part, recommends that certificates should be issued with a maximum validity of 397 days, and that connections to TLS servers violating the new requirements will fail, thus causing network and app failures and prevent sites from loading.

New SSL/TLS Certificates Lifespan: Why Capping Certificate validity improve security?

Manjaro Linux PinePhone


PINE64 has announced its next PinePhone CE edition that will officially feature Arch-based Manjaro Linux operating system, with two hardware variants, namely: Regular and Convergence Package.

While PinePhone Community Edition (CE) will also include the same PCB (Printed Circuit Board) version 1.2, as the earlier released Community Edition (CE) of Linux-based PinePhone with Ubuntu Touch and postmarketOS.

As Manjaro supports almost all of PINE64 Single-board computers (SBCs) and mobile devices such as PinePhone, Pinebook Pro and PineTab, also PinePhone CE will come bundled with the user-friendly Arch-based Manjaro ARM rolling distribution.

How Manjaro will work on PinePhone Community Edition



The Manjaro team are already working to provide out-of-the-box support for the following mobile user interfaces, namely: Purism’s Phosh, UBport’s Lomiri, and KDE-based Plasma mobile. And expectedly, they will announce which one of these UIs will be bundled with the PinePhone CE.

Albeit, the latest alpha build includes a new mobile user interface, known as Manjaro ARM wallpaper, and a couple of applications; also there is a new layout using extlinux.conf partition as a configuration file.

The new Manjaro ARM alpha images are based on unstable branch of Manjaro Linux and runs the latest Linux 5.5 kernel from PINE64. And PinePhone with Manjaro will be arriving in a custom box designed by Manjaro’s team and also with a Manjaro brand logo at the back cover.

When the PinePhone Manjaro CE will become Available



The pre-orders of Arch-based Manjaro PinePhone CE will commence in mid-September, and then, you can be able to place an order for the PinePhone Community Edition from the official PINE Store.

PinePhone CE will be available in two hardware configurations, and priced as follows: $149 — 2GB RAM; 16GB eMMC, and $199 — 3GB RAM; 32GB eMMC (including a bundled USB-C dock). So if you're a Linux fan and PinePhone user, you would definitely want to try out the latest device with Manjaro ARM build.

Arch-based Manjaro Linux comes pre-installed on PinePhone Community Edition

Microsoft Defender ATP


Microsoft has released the Defender Android app as a preview, and available only to enterprise users with Microsoft 365 E5 license.

While the Defender ATP for Android will focus more on signature-based malware detection, albeit the Defender ATP for Linux and Windows is fully capable of tracking system behaviors and report to the ATP cloud service, which further helps to detect possible threats even before any malware infestation.

The Defender ATP app for Android can also block employees who failed to follow the organization’s security and threat protection policies.

How Microsoft Defender ATP for Android will Function?



The Defender ATP (Advanced Threat Protection) is part of Microsoft Threat Protection (MTP) which offers intelligence, automation, and integration to coordinate the detection, protection, response, and prevention of malware threats by combining into a single solution the capabilities to stop cyber-attacks.

Defender ATP for Android


But Defender ATP for Android mainly targets enterprise users on Android devices, so therefore, there are fewer enterprise security-focused protection capabilities, such as allowing security admins to create custom indicators for web protection, and ability to block users who don’t follow the organization’s security policies.

It also warns about suspicious apps and block malicious web pages opened via WhatsApp, email, and even the web browser; though, it is still a software preview, Microsoft may perhaps have future plans for the non-enterprise users.

How to Download the Defender ATP app for Android



The Microsoft Defender ATP app for Android is now available for download on the Play Store as a software preview, and the app is not a free app, as it is for business/enterprise users who have a valid Microsoft 365 E5 license.

Microsoft also hinted on Defender ATP app for iOS devices, though no specific timeline was mentioned when it would be released.

Microsoft targets Enterprise users on Android with the Defender ATP Application

Nitrux Linux


Nitrus is one of the most unique Linux distributions because of the beautiful KDE Plasma desktop, and that it employs a portable universal app format, called AppImage, with support for package managers like APT and DPKG.

While Nitrux has released a new point version, Nitrux 1.3.2 which succeeds the previous Nitrux 1.3.1 released last month, with several changes and update in many software packages.

The latest version Nitrux 1.3.2 also brings bug fixes, performance improvements, and new hardware supports. And most importantly, Nitrux has finally replaced the default Init System from Systemd to OpenRC init system.

What's New in Nitrux 1.3.2 Release?



Besides the replacement of the default Init System from Systemd to OpenRC, Nitrux 1.3.2 has upgraded the Linux Kernel from version 5.6.0-1020 to the latest 5.6.0-1021.

And it has updated KDE Plasma to the latest version 5.19.4, KDE Applications to version 20.11.70, KDE Frameworks to version 5.74.0, Nvidia driver to version 450.66, LibreOffice to version 7.0.1.1.0+, and Firefox to version 80.

Wayland Session


There is also the addition of a Wayland session in Nitrux 1.3.2, which feature allows you to gain access from the SDDM login manager, albeit, the Wayland session is not turned on by default. And Plasma (Wayland) session works better with Intel and AMD graphics cards, with the session also working on Nvidia graphics cards, but with lower performance.

Additionally, Nitrux 1.3.2 has added new components like Docker for building AppImages via appimage-builder, Nitroshare for sharing files within the same network, and a tree utility that displays the content of a directory in a tree-like format.

How to Upgrade to Nitrux 1.3.2



If you wish to give Nitrux 1.3.2 a spin, the ISO image is now available for download, and it is recommended to reinstall the distribution after performing a backup with Kup.

But note that Nitrux now offers openrc-init directly, rather than as a service manager of another /sbin/init binary, which means you can not be able to install programs with hard dependency on systemd, for instance Snaps.

Nitrux 1.3.2 Release: Finally changed default Init System from Systemd to OpenRC

Microsoft .NET 5


The .NET 5 will serve as a merger of .NET Framework and .NET Core as it is intended to unify the .NET platform and the new .NET 5 is due for general availability on November 10, 2020.

While Microsoft .NET 5 eighth preview has arrived, almost every feature are now in its stable form, with the exception of some bug fixes.

And the goals for .NET 5 include bringing a unified .NET SDK experience, with a single base class library (BCL) across the .NET 5 applications, and support both native and web applications across multiple operating systems, such as Windows, Microsoft Duo (Android), and Apple iOS via native controls.

What’s new in Microsoft .NET 5



Microsoft .NET 5 include support for faster algorithms in the BCL, better support for containers in the runtime, and support for HTTP3 which are essential for building high-performance cloud applications. It also includes support for WebAssembly binary format via the Mono runtime and .NET libraries.

Along with a set of nullable reference type annotations, other improvements noted in the .NET 5 Preview 8 bulletin, includes:

  • Support for Windows ARM64
  • More capable JsonSerializer APIs
  • Performance improvements in the NET libraries, the GC, and the JIT
  • Support for WebAssembly, using the Mono runtime and the .NET Libraries
  • Visual Basic is also included in the .NET 5.0 SDK


Additionally, there is the new foundation of Blazor Web Assembly in .NET 5.0, which is a change from Blazor 3.2, using the Mono runtime and Mono libraries. The advantages of this change are a single development experience for .NET, and much higher compatibility between the various .NET app types.

What are the .NET 5 novel changes?



The .NET and Windows teams have all been working hard to change the way WinRT works, replacing WinRT support for Windows with the C#/WinRT toolchain in .NET 5. And C#/WinRT is a NuGet-packaged toolkit to offer WinRT projection support for C#.

And the removal of the built-in support for WinRT (Windows Runtime), a collection of APIs for building Universal Windows Platform applications, is perhaps a breaking change; whereby .NET Core 3.x apps using WinRT must be recompiled.

Microsoft .NET 5 aims to unify the .NET Framework and .NET Core platforms

ExTiX Linux


ExTiX is an Ubuntu-based and liveDVD Linux distribution that offers a choice of alternative desktop environments, including KDE plasma desktop, with the latest version, ExTiX 20.9, supporting Android apps via Anbox (Android in a box).

While ExTiX 20.9 inclusion of the open-source compatibility layer, Anbox, means that users can now run Android apps on the GNU/Linux distribution.

It features some useful Android apps by default, such as F-Droid and Aptoide App Manager, also allowing users to easily install any other Android app via the Google Play Store, and besides the Play Store, users can download Android APK files and install the apps using ADB tool.

What's New in ExTiX 20.9 Release?



ExTiX 20.09 ships with Refracta Snapshot pre-installed, which application allows you to create an installable Ubuntu/Anbox-based system that runs live on your system or from the hard drive.

ExTiX Refracta


And it comes with the highly configurable KDE Plasma 5.104 desktop environment, replacing the lightweight LXQT desktop that came bundled with the previous version ExTiX 20.8. While ExTiX 20.9 KDE plasma runs on the latest Ubuntu 20.04.1 LTS “Focal Fossa” point version with long-term Linux Kernel 5.4.

Finally, the major new update in ExTiX, support for Anbox has some limitations such as the fact that users won't be able to run Anbox in VirtualBox. And also, it can't play videos directly on YouTube or other apps, albeit sounds-only media works as well.

How to Upgrade to ExTiX 20.9



ExTiX 20.9 is based on Ubuntu with LXQt/Deepin/KDE/Anbox and kernel 5.8.0-rc7, and, if you want to give it a spin, you can download ExTiX 20.9 with KDE and Anbox directly from SourceForge.

But note that you can also create your own Ubuntu system while running ExTiX from DVD or a USB stick, with the whole process (creating new ISO with Refracta) taking only 10 – 30 minutes. In VirtualBox/VMware it may take a couple of hours. You can find the ISO in /home/snapshots and the whole process is very simple.

ExTiX 20.9 Release: Ubuntu-based Linux distro with Anbox (Android in a box) support

Qbot Malware


Qbot, also known as QakBot, QuakBot, or Pinkslipbot was first profiled in 2008, but has evolved from an information stealer to a rather kind of "Swiss Army knife" in delivering different variants of malware, including the notorious Prolock ransomware.

While the malware can even remotely control a target's system to carry out nefarious banking transactions using the victim's IP address, and also use a 'third-party' infection infrastructure like Emotet's to further.

The notorious banking Trojan is famous for stealing bank credentials and other confidential financial information, and now, with new tricks to target government institutions, and manufacturing sectors in Europe and the US.

How Qbot Banking Malware targets its Victims



Qbot mainly focused on banks in the United States with a dedicated campaign to hijack users browsers or redirect them, as it attacks and it watches the victim’s web traffic, looking for specific financial services to harvest credentials.

According to Check Point research, Qbot latest wave of activities appears to have curtailed with the re-emergence of Emotet, which is another notorious phishing-based malware that carried out several botnet-driven ransomware attacks and spam campaigns just last month, and capable of secretly gathering email threads from a victim and using them for malspam campaigns.

The earlier campaign shows about 36 U.S. financial institutions targeted and some banks in Canada and the Netherlands; with the rest of the target list containing generic URLs that may be part of a second stage in the fraud transactions.

Formerly, Qbot used worm-like self-replication techniques to duplicate itself on shared drives or removable media, and the malware remains Windows-based, with the latest variant adding new detection and evasion techniques.

How to Secure Your System against Malware Attacks



Qbot, just like other similar malware, have pretty much retained the same functionalities, though the targets may change or some features added, but it will still be primarily based on keylogging, and extracting personal data from victims.

Therefore, it is recommended that online users should ensure they apply critical patches for known vulnerabilities when available, especially against weaponized exploits that target the Internet tools, such as mail clients and browsers. Also, the use of Antivirus software remains a powerful tool for detecting and thwarting malware infections.

But most importantly, organizations and businesses should provide security awareness training for employees, and also make it easy for employees to report suspicious malicious behaviors.

Qbot Banking Trojan returns with some New Tricks to lure victims

Google Container system


Google Java container technology, Jib has become a huge favorite for developers as it can turn just about any Java app into an optimized container image, and allowing developers to fully optimize the creation of Docker containers.

While Jib helps to build container images in a declarative manner, which delivers an impressively short edit-compile-test development cycle, and transparently applies container best practices, that doesn’t require the installation of Docker or writing a script-like Dockerfiles.

Now, Google has extended the containerization technology with the Jib Plugin Extension Framework, thus enabling customization of the Jib plug-ins for both the Maven and Gradle build systems.

About the Jib Plugin Extension Framework



Jib Plugin Extension Framework is meant to allow developers to easily extend and tailor Jib to perform their custom-specific tasks. And they can use the extension and apply it to any project, for instance, if a developer wants to add custom image layers whose contents come from a ZIP file, an extension can be created for it.

It allows you to tweak every aspect of the image you want to build, powered by Container Build Plan Specification, which is a general, tool-agnostic process of describing how to build an image.

The extension framework actually opens up a lot of possibilities for developers, from fine-tuning images to containerizing GraalVM native images or jlink images for small footprint.

How Jib sets a new course for Java containers



Jib made debut in June, and it became generally available, it has cornered a sizable community around it, with the core Jib team haven been working on expanding the ecosystem.

Google has also improved application framework support for Jib, with the recently released Maven and Gradle Jib extensions for Spring Boot, Quarkus and a Maven extension for GraalVM. And the Jib Extensions repository on GitHub is perhaps where you can discover great extensions for your builds, or perhaps, join the core Jib team in creating more useful extensions.

Jib Plugin Extension Framework enables developers to perform custom-specific tasks

TypeScript


Microsoft announced the availability of the latest stable version of its programming  language, TypeScript 4.0 and as the next generation of TypeScript releases, with focus on expressivity, productivity, and scalability.

While TypeScript is an open-source programming language developed by Microsoft, which serves as a strict syntactical superset of JavaScript with optional static typing support.

TypeScript is fundamentally designed for development of applications at scale and transcompiles directly to JavaScript.

What's New in TypeScript 4.0?



TypeScript 4.0 comes as a major milestone in the programming language, with several enhancements and new features, such as Variadic Tuple Types, which function in JavaScript is called concat that takes two array or tuple types and concatenates them together to make a new array.

It brings two fundamental changes, along with inference improvements to make typing easier. The first change is the fact that spreads in tuple type syntax is now generic, which means that users can represent higher-order operations on tuples and arrays even when they don’t know the actual types operating over.

And if generic spreads are instantiated (or, replaced with a real type) in the tuple types, they can produce other sets of array and tuple types. You can find all the major new features and changes in TypeScript 4.0 below:

  • Custom JSX Factories
  • Labeled Tuple Elements
  • Short-Circuiting Assignment Operators
  • Class Property Inference from Constructors
  • Unknown on catch Clauses


Additionally, TypeScript 4.0 changes the outcome of compiling a program after a previous compile with errors under --incremental, which would previously be extremely slow when using the --noEmitOnError flag, because of none of the information from the last compilation would be cached in a .tsbuildinfo file based on the --noEmitOnError flag.

Now, it gives a great speed boost in the above scenarios, improving --build mode scenarios (which imply both --incremental and --noEmitOnError).

Getting started with TypeScript 4.0



If you want to get started in using TypeScript 4.0, you should install it via NuGet or NPM:

npm i typescript


Also, you can test code using the TypeScript playground or any text editor that supports TypeScript, such as Visual Studio Code. And the official instructions for using TypeScript in Visual Studio Code is available here!

TypeScript 4.0: What's New in the latest version of the Programming language?

Apache Server


Apache HTTP Server, which is colloquially referred to as Apache, is an open-source cross-platform web server software developed and maintained by a community of developers under the auspices of Apache Software Foundation.

While Apache flaws, tracked as CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993, were disclosed by a member of Google Project Zero, named Felix Wilhelm, but since have been fixed by the Apache Foundation.

The Apache foundation fixed multiple vulnerabilities in the web server software that could have potentially allowed an attacker to execute arbitrary code, and in some specific cases, could even allow the attackers to cause a denial of service.

What's the nature of the Apache HTTP Server Flaws



The flaw tracked as (CVE-2020-11984) potentially allows an attacker to view, alter, or delete sensitive information depending on privileges associated with the application running on the Apache server.

And the second flaw (CVE-2020-11993) steps from debugging which is enabled in the "mod_http2" module, thus causing the logging statements to be made on wrong connection and thereby resulting to memory corruption due to concurrent log pool. While the flaw marked as CVE-2020-9490 is the most severe and resides in the HTTP/2 module using a specially crafted 'Cache-Digest' header to cause memory corruption leading to a denial of service.

If a specially crafted code is injected into the 'Cache-Digest' header in HTTP/2 request, it could potentially crash the server by sending a PUSH packet using the header, but this issue can be resolved by simply turning off the HTTP/2 server push feature.

How to Mitigate against the Apache HTTP Server Flaws



These vulnerabilities are not yet been exploited in the wild, but it is essential that users should carry out due testing and make sure that applications running on the server are configured with the required permissions to help mitigate further security impact.

And the latest version of the Apache software v2.4.46, should immediately be installed on the server application to prevent attackers from taking unauthorized control of the server.

Apache HTTP Server Flaws allowing Attackers access to sensitive data