Plex: Music for all the feels

Get in the mood this Valentine’s Day by streaming over 60 million songs from Plex for all your feels: whether you’re in love, nursing a heartache, or just rocking the single life. Plex seamlessly integrates the entire TIDAL streaming library with your own music collection, so kick things off with one of these curated playlists to get the big day started!

ADMIN: New Zero-day Vulnerability in Windows Systems

The flaw exists in the processing of vCard files, but a hacker can disguise anything in the vCard to embed a compromised link. If any unsuspecting user clicks on the compromised URL, Windows would run the malicious software without throwing any warning.

For those who don't know, vCard is a VCF file format used for storing contact information. Microsoft Outlook supports vCard.

Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-VCF-FILE-INSUFFICIENT-WARNING-REMOTE-CODE-EXECUTION.txt

Meet with Wowza at NAB 2019, Vegas!

Headed to NAB 2019 in Vegas? We'll see you there!

All Viz Artist courses are now free!

You asked, we listened: Viz Artist courses are nowfree!

REF: https://www.vizrt.com/community/viz-university/freelancers

LM: browser-based Cockpit tool to monitor and administer multiple Linux servers

Figure 1: You can check for and install available updates on any remote machine from its System page.
REF: http://www.linux-magazine.com/Online/Features/Keep-All-Your-Linux-Servers-in-Check

[Check_mk Announce] New Check_MK stable release 1.5.0p12

---------- Forwarded message ---------
From: Check_mk Announcements
Date: Mon, Feb 18, 2019 at 2:43 AM

Dear friends of Check_MK,

the new stable release 1.5.0p12 of Check_MK is ready for download.

We are proud to announce the release of Check_MK version 1.5.0p12 also known as
1.5.0+, because it ships with several new features we wanted you to be able to
use as soon as possible.

With the new release, Check_MK provides a connector to Amazon Web Services
(AWS) and a large set of off-the-shelf plug-ins to monitor metrics of some of
the most popular AWS services. These includethe Simple Storage Service (S3),
Elastic Compute Cloud(EC2), Elastic Block Store (EBS), and Elastic Load
Balancing (ELB) and Amazon Relational Database Service (RDS). Furthermore,
users can also monitor the costs of their AWS services.

Check_MK 1.5+ also provides plug-ins for Microsoft Azure services via
a special agent to monitor Azure Virtual Machines, Azure Storage Accounts,
Azure SQL Databases, Azure Webservers and Azure Virtual Network Gateways.

The new release also enhances the monitoring of container environments beyond
the already existing Docker monitoring. With Check_MK 1.5+, users will be able
to monitor Kubernetes, one of the most prominent container orchestration tools,
and see detailed metrics on Kubernetes clusters, nodes and pods.

Another interesting part of this release are the new notification plug-ins that
Check_MK 1.5+ is introducing. We have added plug-ins for the incident
management systems VictorOps and PagerDuty and also for the collaboration and
communication platform Slack.

Have a look at the Check_MK handbook for further information:

https://mathias-kettner.de/cms_monitoring_kubernetes.html
https://mathias-kettner.de/cms_monitoring_aws.html
https://mathias-kettner.de/cms_monitoring_azure.html

Besides these features, this maintenance release ships with 40 changes affecing
all editions of Check_MK, 8 Enterprise Edition specific changes and 0 Managed
Services Edition specific changes.

Sophos:Home Premium with AI for Beta Testers

This next-gen technology detects and blocks never-before-seen malware. Plus, we’re offering our original beta testers a special 30% off Sophos Home Premium with Artificial Intelligence. 

Roku: New! Enjoy free TV & your subscriptions – all in one!

Subscription streaming made easy

Easily manage your subscriptions, view one bill, and cancel anytime.

[USN-3891-1] systemd vulnerability

---------- Forwarded message ---------
From: Chris Coulson
Date: Feb 19, 2019 1:01AM

It was discovered that systemd incorrectly handled certain D-Bus messages.
A local unprivileged attacker could exploit this in order to crash the
init process, resulting in a system denial-of-service (kernel panic).

References:
  https://usn.ubuntu.com/usn/usn-3891-1
  CVE-2019-6454

Plex: Get Cozy with Web Shows!

What do Romance and Horror have in common? Hearts. Lots of bloody, bloody hearts! Curious why Slasher fans love Valentine’s Day so much? Well, check out the hit web show Fandor to figure out which classic terrifying flick will make your loved one squeal with fear and cuddle with delight. Web Shows in Plex are always on and always free!

Roku: Stream these past award winners and nominees.

Watch past winners for free

From Peter Pan’s origin story to Al Capone’s rise to power, The Roku Channel has you covered when it comes to past award winners worth watching. See a classic you’ve missed, or re-live the magic you remember.

Updated Debian 9: 9.8 released

---------- Forwarded message ---------
From: Donald Norwood
Date: Feb 17, 2019 Sun 2:05AM

------------------------------------------------------------------------
The Debian Project                               https://www.debian.org/
Updated Debian 9: 9.8 released                          press@debian.org
February 16th, 2019            https://www.debian.org/News/2019/20190216
------------------------------------------------------------------------

The Debian project is pleased to announce the eighth update of its
stable distribution Debian 9 (codename "stretch"). This point release
mainly adds corrections for security issues, along with a few
adjustments for serious problems. Security advisories have already been
published separately and are referenced where available.

Please note that the point release does not constitute a new version of
Debian 9 but only updates some of the packages included. There is no
need to throw away old "stretch" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.

TrendLabs: Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners

Figure 1. Script downloading from domain, logged from one of our honeypots.

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/linux-coin-miner-copied-scripts-from-korkerds-removes-all-other-malware-and-miners/

Plex: All the podcasts you love

Looking for some actual advice on romance and amore? Check out Loveletters, a podcast hosted by Boston Globe advice columnist Meredith Goldstein, which does a deep dive on a single burning question about love and relationships across every season. Podcasts in Plex are always free and ready to stream on all your favorite devices.

Trello: How To Give Your Brain A Break Without Booking Vacation Days

✔ All to-do’s completed for the week

✔ Dinner plans set for Meatless Monday

✔ Workout and game night scheduled

When you get that ideal routine down, it can feel empowering to be so predictably productive.

REF: https://blog.trello.com/neuroplasticity-tips-for-how-to-give-your-brain-a-break

ADMIN: openSUSE Leap 15.0

Hardware requirements for the DVD in this issue include a 2GHz dual-core processor or better, 2GB of system memory, more than 40GB of free hard drive space, and a DVD drive. Note that this DVD is not Live and will install on bootup.

REF: http://www.admin-magazine.com/Archive/2019/49/openSUSE-Leap-15.0-direct-install-not-Live

[USN-3885-1] OpenSSH vulnerabilities

---------- Forwarded message ---------
From: Marc Deslauriers
Date: Feb 8, 2019 Friday 3:01AM

Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a
user or automated system were tricked into connecting to an untrusted
server, a remote attacker could possibly use these issues to write to
arbitrary files, change directory permissions, and spoof client output.

References:
  https://usn.ubuntu.com/usn/usn-3885-1
  CVE-2018-20685, CVE-2019-6109, CVE-2019-6111

TrendLabs: Windows App Runs on Mac, Downloads Info Stealer and Adware

Figure 5. One of the adwares downloaded posing as a popular app.

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/windows-app-runs-on-mac-downloads-info-stealer-and-adware/

Plan A Vacation With Trello: All "A Board!"

Planning a vacation is exciting: researching what you’ll see, where you’ll stay, what you’ll eat. The entire process can overwhelm you with the feeling of boundless potential. A cheap airfare quote pops up in your inbox and suddenly the world is your oyster—where eating oysters in another part of the world is no longer a fantasy.

REF: https://blog.trello.com/all-a-board-plan-a-vacation-with-trello

ADMIN: Into the Cloud for Security

Just put your paws on the keyboard and type S-E-C-A-A-S. Security as a Service (SECaaS) is an actual thing. Companies are heading to the cloud for security in huge numbers. Whether you call it SECaaS or Software as a Service (SaaS) security, the result is the same: Real-time data analytics finding and blocking threats from your very vulnerable network has made traditional perimeter-based security and signature-based

REF: http://www.admin-magazine.com/Archive/2019/49/Into-the-Cloud-for-Security

TrendLabs: Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire

Figure 1. Infection chain for the malware
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/trickbot-adds-remote-application-credential-grabbing-capabilities-to-its-repertoire/

Trello: Why Taking Breaks Is The Key To Productivity

It’s only natural to think you need to be chained to your desk for hours at a time in order to get things done. Workaholics are oft celebrated; they even have their own national holiday. If you aren't taking breaks, however, you're probably decreasing your productivity rather than improving it.

REF: https://blog.trello.com/taking-breaks-key-productivity

[USN-3880-1] Linux kernel vulnerabilities

---------- Forwarded message ---------
From: Steve Beattie
Date: Feb 5 2019, Tuesday 9:55 AM

It was discovered that the CIFS client implementation in the Linux kernel
did not properly handle setup negotiation during session recovery, leading
to a NULL pointer exception. An attacker could use this to create a
malicious CIFS server that caused a denial of service (client system
crash). (CVE-2018-1066)

Jann Horn discovered that the procfs file system implementation in the
Linux kernel did not properly restrict the ability to inspect the kernel
stack of an arbitrary task. A local attacker could use this to expose
sensitive information. (CVE-2018-17972)

Jann Horn discovered that the mremap() system call in the Linux kernel did
not properly flush the TLB when completing, potentially leaving access to a
physical page after it has been released to the page allocator. A local
attacker could use this to cause a denial of service (system crash), expose
sensitive information, or possibly execute arbitrary code. (CVE-2018-18281)

It was discovered that the socket implementation in the Linux kernel
contained a type confusion error that could lead to memory corruption. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2018-9568)

References:
  https://usn.ubuntu.com/usn/usn-3880-1
  CVE-2018-1066, CVE-2018-17972, CVE-2018-18281, CVE-2018-9568

Trello: 7 Weird Ways To Help Combat 'Hermit' Habits As A Remote Worker

It happens to even the most experienced remote workers. Actually, it happens especially to those who have worked from home for a while. You land an amazing remote job, set up your home office with a customized desk setup, and get settled with ease. Over time, however, you become a little too settled. It’s been three days since you left your house and the fridge is empty—not that you’ve noticed, because you haven’t taken a proper lunch break in months. And when was the last time that you wore anything other than that same hoodie?

REF: https://blog.trello.com/hermit-habits-remote-work

Charly's Column – DNSDiag

dnsping lives up to its name, repeatedly querying a DNS server and displaying the response times. The hostname to be resolved is a mandatory parameter. dnsping prompts you for the system's default name server, which can be changed using -s . After typing

sudo dnsping.py -v -s 8.8.8.8 linux-magazine.com

REF: http://www.linux-magazine.com/Issues/2019/220/The-sys-admin-s-daily-grind-DNSDiag

TrendLabs: Various Google Play “Beauty Camera” Apps Sends Users Pornographic Content, Redirects Them to Phishing Websites and Collects Their Pictures

Figure 1. Screenshots of the malicious beauty camera apps on Google Play

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/various-google-play-beauty-camera-apps-sends-users-pornographic-content-redirects-them-to-phishing-websites-and-collects-their-pictures/

[Check_mk Announce] New Check_MK stable release 1.4.0p38

---------- Forwarded message ---------
From: Check_mk Announcements
Date: Wed, Jan 30, 2019 at 8:09 PM

Changes in all Check_MK Editions:

Checks & agents:
* 6995 FIX: oracle_undostat: Fixed crash if state in case of positive space error count is set to OK
* 6994 FIX: oracle_tablespaces: ignore warn/crit for read only Tablespaces
* 6818 FIX: netapp_api_volumes: Added forgotten 'operations/s' metrics
* 6826 FIX: kemp_loadmaster_services: Do not discover disabled services
* 6999 FIX: ipmi_sensors: Treat "S0/G0" as "System full operational, working" state
* 6754 FIX: if_lancom: Fixed correct interface discovery for newer lancom router
NOTE: Please refer to the migration notes!
* 6814 FIX: hp_msa_if: Do not crash if no speed information is available
* 6991 FIX: genua_carp, genua_fan, genua_pfstate, genua_state_correlation, genua_vpn: Also discover Genubox and Genuscript devices
* 7003 FIX: f5_bigip_pool: Fixed crash if no SNMP info
* 6893 FIX: diskstat: Make check compatible with addional kernel versions
* 6873 FIX: df: made rule being found when searching for "inodes"
* 7009 FIX: cpu.threads: On Solaris the number of threads was calculated incorrectly
* 6997 FIX: check_mk_agent.linux: Decryption of agent output fails if passphrase contains '&'. This may also occur in case of other special chars.
* 6809 FIX: aix_if: Transmit/Receive errors are no longer ignored
* 6961 FIX: Unbreak check_mkevents active check.

You can download Check_MK from our download page:
 * http://mathias-kettner.de/check_mk_download.html

Sophos Home Premium with AI

Sophos is announcing our most advanced cybersecurity yet with Sophos Home Premium with Artificial Intelligence (AI) for PCs – and we’ve upgraded your account. This next-gen technology has received some of the highest performance scores ever seen in third-party testing of our business technologies and now it’s available to protect you at home.

ADMIN: Assess USB performance while exploring storage caching

Figure 6: iotop showing real-time input/output operations per second (IOPS) load on the system during the dd tests.
REF: http://www.admin-magazine.com/Articles/Assess-USB-performance-while-exploring-storage-caching