Monthly Archives: June 2021
Install Windows 11 Within VirtualBox
In this tutorial you will be shown how to install Windows 11 within VirtualBox. VirtualBox is great VM software to test releases of different types of OS’s.
Lets get started
- Lets download Virtual Box
- Once downloaded go through the wizard and leave default settings.
- If you need Windows 11 you can follow this Windows 11 Download tutorial.
- Open Virtual Box.
- Click on the New icon.
- Name your Virtual Machine
- Find and select version and select Windows 10. Click Next
- Memory Size 2GB will be fine. Click Next
- Hard Disk, Select Create a Virtual hard disk now. Click Next
- Hard Disk File type can be left with VDI selected. Click Next
- Storage on physical hard disk, select Dynamically allocated. Click Next
- File location and size can be left as default. Click Create
- Start the virtual machine
- VM should boot into the ISO, go through the process of installing windows.
If you
… Read the restHow to Download Windows 11
In this tutorial you will be shown how to download and install Windows 11 and use Rufus bootable USB. This is the latest release of Microsoft Windows 11 is visually great in my option however it all comes down to how you feel about it.
This tutorial I will show you how to download Windows 11 iso. Make sure you have proper backups of your system before making any changes. You choose to move forward at your own digression and I will not be liable for any data loss.
Keep in mind that this stolen software release was not supposed to be leaked to the public. This ISO was found from random link sources and may have been tampered with.
Windows 11: Release Date
We could expect Microsoft to announce the release date of Windows 11 at its event next week. The event is scheduled for June 24 at 11:00 … Read the rest
Phishing Attacks Growing At Rapid Pace
What’s going on?
- The frequency of phishing attacks is different for each industry and is based on the targeted firm’s size. Healthcare and manufacturing sectors are the most targeted by phishing scams.
- Social media are also lucrative targets, with social messaging apps being the main target. Accounts with single sign-on accounted for 40% of all phishing attacks.
- There are many different types of phishing attacks
SSL VPN Attacks Up Nearly 2000%
A recent report published by Nuspire outlined what activity cyber criminals have been up to. SSL VPN attacks have gone up nearly 2000%.
Increase in VPN attacks
In Q1 2021, there was a 1,916% increase in attacks against Fortinet’s SSL-VPN and a 1,527% increase in Pulse Connect Secure VPN. These vulnerabilities allow a threat actor to gain access to a network. Once they are in, they can exfiltrate information and deploy ransomware.
“2020 was the era of remote work and as the workforce adjusted, information technology professionals scrambled to support this level of remote activity by enabling a wide variety of remote connectivity methods,” said J.R. Cunningham, CSO at Nuspire. “This added multiple new attack vectors that enabled threat actors to prey on organizations, which is what we started to see in Q1 and are continuing to see today.”
Because of the significant increase in VPN and RDP … Read the rest
How To Execute Docker without using sudo privilege on Ubuntu 20.04
In this tutorial you will be shown how to configure Ubuntu 20.04 to execute Docker without using sudo. By default, you have to run docker commands with sudo privilege or by a user in the docker group. This tutorial will show you how to bypass that.
To test your privileges to confirm you cannot run Docker without sudo type in docker run hello-word. You should get the following message and if should move forward with the tutorial.
$ docker run hello-world Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker. sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.27/containers/json: dial unix /var/run/docker.sock: connect: permission denied
Lets Get Started
- SSH into your Ubuntu 20.04 server.
- Create new group. This command will likely fail as group maybe already exist, but let’s run it anyways.
sudo groupadd docker
3. Now we will add the current logged in user to the docker group
sudo
Docker Command Guide: A Complete List of Essential Commands
In this tutorial you will be shown how to use Docker commands and if you need help Executing docker without using sudo privilege click here.
In this section below I will explain how to use docker commands. So, before going into these details, let’s take look at the syntax of ‘docker’ commands:
$ docker [options] [sub-commands] [arguments]
Now if you want to list all available sub-commands of docker, run:
$ docker
There are many sub-commands and arguments that can follow after $docker. Below are some of them in the following sections of this tutorial.
Management Commands:
attach ## Attach local standard input, output, and error streams to a running container build ## Build an image from a Dockerfile commit ## Create a new image from a container's changes cp ## Copy files/folders between a container and the local filesystem create ## Create a new container diff ## Inspect changes
54% of all employees reuse passwords on multiple accounts
Yubico released the results of a study into current attitudes and adaptability to at-home corporate cybersecurity, employee training, and support in the current global hybrid working era. The report surveyed 3,006 employees, business owners, and C-suite executives at large organizations (250+ employees), who have worked from home and use work issued devices in the UK, France and Germany.
Data shows that since the start of the pandemic employees have been engaging in poor cybersecurity practices on work-issued devices, with business owners and C-level executives proving to be the worst culprits. At the same time, enterprises are falling short on cybersecurity best practices that need to be implemented for out-of-office environments.
Less than a quarter of respondents admit to even implementing 2FA since the start of the pandemic and even then, many are using less secure and less user-friendly forms of 2FA like mobile authentication apps and SMS one-time passcodes.
Polkit vulnerability provides local privilege escalation bypass
Many of the Linux distros are vulnerable to the Polkit exploit. This vulnerability provides a local privilege escalation bypass. A hacker can easily obtain root access with this vulnerability.
The vulnerability was recently discovered by GitHub Security Lab security researcher Kevin Backhouse. The vulnerability CVE-2021-3560 was publicly disclosed, and a fix was released on June 3, 2021. Make sure to update your Linux servers if you haven’t done so already.
A few of the vulnerable distros shared by Backhouse includes distros such as RHEL 8, Fedora 21 (or later), Ubuntu 20.04 and Debian.
“When a requesting process disconnects from dbus-daemon just before the call to polkit_system_bus_name_get_creds_sync starts, the process cannot get a unique uid and pid of the process and it cannot verify the privileges of the requesting process,” Red Hat’s security advisory explains.
The few commands which allow this exploit to work is nothing complex.
This vulnerability … Read the rest
How to Install Docker on Ubuntu 20.04
In this tutorial you will be shown how to install Docker onto Ubuntu 20.04. Docker is an open source platform that simplifies the process of building, running, managing and distributing applications. It does this by virtualizing the operating system of the computer on which it is installed and running.
Lets Get Started!
Prerequisites
- Create a Ubuntu 20.04 VPS server on Linode. The $5 plan will be fine for this tutorial. If your planning on deploying many containers consider using a larger plan.
Lets SSH into Ubuntu 20.04 and perform some updates.
- To SSH into the server we will be using Putty. Download and install Putty.
- Open up putty and type in the IPv4 address of your server and click open.
- Log into your Ubuntu 20.04 server with the username and password.
- started with making sure we have the latest updates installed.
sudo apt update sudo apt upgrade
5. … Read the rest
How To Backup Ubuntu 20.04 To Backblaze B2 Storage
In this tutorial I will be showing you how to install Duplicati Backup Software on Ubuntu 20.04 and then how to configure backups to store data into Backblaze B2 Storage. It is important to have backups of your Ubuntu 20.04 server because If your server gets hacked or corrupted you will lose everything. So it is best to install a 3rd party backup solution that transfers data to cloud storage.
In this tutorial we will be using the OS Ubuntu 20.04, Duplicati Backup Software and BackBlaze B2 Cloud Storage.
1. Lets get started with installing Duplicati Backup Software onto Ubuntu 20.04 by using the following commands one at a time.
wget https://updates.duplicati.com/beta/duplicati_2.0.5.1-1_all.deb sudo apt-get -f install -y sudo dpkg -i duplicati_2.0.5.1-1_all.deb
2. Alright so Duplicati is now installed but there are a few more things we need to do to get it working properly. Lets configure webservice … Read the rest