Windows SSH Support Replaces PuTTY

🚨 New Rust Vulnerability Discovered in the Linux Kernel! A recent flaw in the Rust for Linux RFL component highlights that adopting memory-safe languages is a powerful step, but not an automatic security guarantee. 🔍 Key Points from the Report: • The vulnerability, tracked as CVE-2024-40986, is a use-after-free flaw in the `netdevice` module of the Rust for Linux framework. • It received a CVSS score of 7.8 High severity and could allow local attackers to escalate privileges or crash the system. • The issue was introduced in a January 2024 patch and fixed in late June 2024. Major distributions like Ubuntu and Fedora have released updates. • This case shows that while Rust eliminates entire classes of memory bugs, logic errors in API usage can still create security risks. 🛡️ The Bigger Picture: This is a crucial reminder that "memory safety" is not synonymous with "flawless security." The shift to languages like Rust dramatically reduces the attack surface, but secure design and implementation remain paramount. What’s your take? As Rust adoption grows in critical systems, how should our security and code review practices evolve to catch these new types of logic-based vulnerabilities? Link:https://lnkd.in/gjjy3gtE

Linux just hit a milestone: the first CVE tied to Rust code in the mainline kernel was officially assigned. It’s CVE-2025-68260, and it affects the Rust rewrite of the Android Binder driver. The flaw stems from a race condition in some unsafe Rust blocks, which can corrupt linked list pointers and cause a kernel crash on systems running Linux 6.18+. It’s not about remote exploitation, but it is a real bug in recently merged Rust kernel code. This matters for a few reasons: • Rust isn’t hypothetical in the kernel anymore. It’s been merged and is growing; this CVE is the first time Rust code in Linux has been flagged with an official vulnerability. • The flaw shows that “safe by default” doesn’t fully eliminate risk — unsafe blocks in Rust are still risky, especially in low-level systems code. • There’s a wider context: Rust’s inclusion aims to improve memory safety over C. The fact this is the first CVE since Rust began landing years ago suggests the overall impact has been modest so far. • For kernel maintainers and security folks, this underscores you still need good code review and testing, even with Rust. In short: Rust in Linux is a success story, but this first CVE is a reminder that unsafe code and concurrency bugs still bite — even in “safer” languages. https://lnkd.in/e8tpE8p3 #linux #rustlang #kernel #security #cve #memorysafety #systemsengineering #devops #opensource #cybersecurity

Windows Credential Access With Mimikatz Prerequisites & Requirements In order to follow along with the tools and techniques utilized in this document, you will need to use one of the following offensive Linux distributions: Kali Linux Parrot OS The following is a list of recommended technical prerequisites that you will need in order to get the most out of this course: Familiarity with Linux system administration....

Windows Red Team Lateral Movement With PsExec Prerequisites & Requirements In order to follow along with the tools and techniques utilized in this document, you will need to use one of the following offensive Linux distributions: Kali Linux Parrot OS The following is a list of recommended technical prerequisites that you will need in order to get the most out of this course: Familiarity with Linux system administration....

🔍 Website Health Monitoring System | Bash Script Built a Bash-based Website Health Monitoring System that performs sequential checks on multiple websites. What it does: Checks host reachability Validates HTTP status codes (200, 301/302, errors) Scans ports 80 & 443 for reachable websites Skips further checks if a host is down Displays clean, readable results Skills used: Bash scripting, Linux, networking tools (ping, curl, nmap), conditional logic. Hands-on practice to understand real-world monitoring workflows used in SOC teams. #Bash #Linux #CyberSecurity #SOC #Networking

******Basic Linux patching questions****** 1. What is Linux patching? Linux patching is The process of updating the system by applying security fixes, bug fixes, or performance improvements To The kernel, software packages, or libraries. 2. Why is patching important in Linux? Patching helps fix security vulnerabilities, improve system stability, and ensure compliance with security policies. 3. What are The common ways To apply patches in Linux? Using package managers like yum, dnf, apt, zypper, or manually applying patches with Tools like patch and rpm. 4. What is The difference between a security patch and a kernel patch? A security patch fixes vulnerabilities, while a kernel patch updates The Linux kernel for performance, security, or feature enhancements. 5. How do you check the current version of a package before patching? Use commands like: rpm -qa | grep package> (RHEL-based) dpkg 11 grep package> (Debian-based) yum list installed package> 6. How do you update all packages on a Linux system? Use: yum update y (RHEL-based) apт update && apт upgrade y (Debian-based) 7. How do you check available updates on a Linux system? Use: yum check-update (RHEL). hashtag #AWS hashtag #Linux hashtag #RedHat hashtag #Networking

I recently built and documented a home lab where I installed Windows 10 and Kali Linux in Oracle VirtualBox to strengthen my hands-on understanding of virtualization, operating system deployment, and basic networking. What I worked on: -Installed and configured multiple virtual machines in VirtualBox -Configured NAT networking for isolated internet access -Documented the lab using Markdown in GitHub, including setup steps, troubleshooting, and lessons learned This lab serves as the foundation for future networking and security testing, including Windows administration, Linux usage, and Security+-aligned practice. Key takeaways: -How virtualization enables safe testing environments -The importance of proper resource allocation and network configuration -Why clear documentation matters just as much as the technical work Next steps: -expanding this lab with internal networking, a vulnerable machine, and basic security testing. Always open to learning and improving — feedback is welcome. #HomeLab #Cybersecurity #ITLearning #Virtualization #Windows #Linux #KaliLinux #NetworkPlus #SecurityPlus #GitHub

If you’re into open source and cybersecurity, check out the tech start-up project: Harden. They’re building in the open and welcoming new contributors. Whether you want to help secure systems, ship features, or bring a fresh idea to the table. Your idea could be the next innovation in global tech.

HackTheBox Tabby ✅ Tabby is a easy difficulty Linux machine. Enumeration of the website reveals a second website that is hosted on the same server under a different vhost. This website is vulnerable to Local File Inclusion. Knowledge of the OS version is used to identify the tomcat-users.xml file location. This file yields credentials for a Tomcat user that is authorized to use the /manager/text interface. This is leveraged to deploy of a war file and upload a webshell, which in turn is used to get a reverse shell. Enumeration of the filesystem reveals a password protected zip file, which can be downloaded and cracked locally. The cracked password can be used to login to the remote machine as a low privileged user. However this user is a member of the LXD group, which allows privilege escalation by creating a privileged container, into which the host's filesystem is mounted. Eventually, access to the remote machine is gained as root using SSH. #HackTheBox #htb #OSCP #job #Easy #linux

🚨 Chrome Zero-Day Vulnerability Alert Issue: High-severity zero-day flaw actively exploited in the wild. Affected Versions: Chrome prior to 143.0.7499.109/.110 (Windows/Mac) and 143.0.7499.109 (Linux). Action Required: Update Chrome immediately to the latest stable version. Restart the browser after updating to apply the patch. Why It Matters: Google confirmed exploitation of this vulnerability (ID: 466192044), meaning attackers are targeting unpatched systems now. Source: https://lnkd.in/g5ZyPHHz