File directory – Boom Directory http://boomdirectory.com/ Thu, 19 May 2022 13:46:37 +0000 en-US hourly 1 https://wordpress.org/?v=5.9.3 https://boomdirectory.com/wp-content/uploads/2021/08/cropped-icon-32x32.png File directory – Boom Directory http://boomdirectory.com/ 32 32 How to Use File Sharing on Your Mac https://boomdirectory.com/how-to-use-file-sharing-on-your-mac/ Thu, 19 May 2022 10:00:00 +0000 https://boomdirectory.com/how-to-use-file-sharing-on-your-mac/ Apple was the first computer company to facilitate network file sharing. Decades after this feature was introduced on the Mac, it’s less important in the age of cloud storage. Unless you’re on a corporate network, and often even so, it’s easiest to transfer files to a central repository by copying them to a folder or […]]]> ]]> Sensitive personal data among thousands of files exposed in Elgin: Gonyou cybersecurity incident – London https://boomdirectory.com/sensitive-personal-data-among-thousands-of-files-exposed-in-elgin-gonyou-cybersecurity-incident-london/ Mon, 16 May 2022 21:11:04 +0000 https://boomdirectory.com/sensitive-personal-data-among-thousands-of-files-exposed-in-elgin-gonyou-cybersecurity-incident-london/ A cybersecurity incident that left Elgin County’s website and email services offline throughout April resulted in the posting of thousands of county files, some containing highly sensitive personal information, on the dark web, Elgin’s chief administrative officer confirmed Monday. County officials south of London, Ont., have kept quiet about the incident for the past few […]]]>

A cybersecurity incident that left Elgin County’s website and email services offline throughout April resulted in the posting of thousands of county files, some containing highly sensitive personal information, on the dark web, Elgin’s chief administrative officer confirmed Monday.

County officials south of London, Ont., have kept quiet about the incident for the past few weeks but now say about 26,000 files and the information of about 300 people were compromised after a “unauthorized third party” gained access to his network.

Highly sensitive data about 33 people, including social insurance numbers, health card numbers and financial information, was also among the data released, Elgin chief executive Julie Gonyou said in an interview with Global. News.

“We are providing 12 months of credit monitoring and identity theft protection to 33 people whose sensitive information has been compromised,” Gonyou said Monday.

The story continues under the ad

For the more than 260 other people affected, the compromised information included data that was not necessarily of great value to cybercriminals, but which could pose more reputational risks, such as performance reviews and termination letters, she said.

“Those affected were really current and former Elgin County staff, as well as current and former residents of our long-term care facilities. In long-term care facilities, five people have been affected,” Gonyou said. The county operates three long-term care facilities, including Bobier Villa, Elgin Mayor and Terrace Lodge.

“We took immediate action to notify these individuals… All notices were sent on Friday.”

Read more:

Alleged Elgin County Data Posted Online by Ransomware Group: Cyber ​​Threat Expert

County officials first confirmed that a “cybersecurity incident” had occurred in a memo that was distributed to staff on March 31 and obtained by the London Free Press.

In the memo, Gonyou wrote that a large amount of spam containing malicious attachments or links was sent to staff members and that an external consultant had been hired to investigate the incident and monitor data breaches.

On Monday, Gonyou said that after learning of the unauthorized network access, the network was shut down immediately on April 1 to mitigate further damage – a shutdown that would last until April 27, affecting the website and county courier services.

The story continues under the ad

On May 3, Elgin officials were alerted by their cybersecurity consultant that information had been dumped on the dark web, she said.

“It was 26,000 files, some of which were not active. Really, it was a directory of files that was posted. We manually scoured and rated each of the 26,000 records for review against a set of criteria,” Gonyou said.

“I would say it was a very, very small percentage of the total volume of files that we host in the county. And it was sort of sampling across multiple different servers and different files.

There was no “rhyme or reason” as to which service areas were affected by the breach, Gonyou said, noting that the county provides about 25 different services. “It is difficult to discern whether certain areas have been more affected than others.”

Elgin County’s apparent listing on the Conti ransomware group’s dark web portal.

Global News first reported in late April that a cybersecurity expert observed data claiming to belong to the county being posted on the dark web portal of notorious Russian ransomware group Conti.

The story continues under the ad

The data allegedly downloaded included at least one 40 megabyte ZIP file titled “elgin_AccountsPayable”. Global News could not independently verify the authenticity of the Conti list or the data allegedly released, as it appeared to have already been deleted the following day.

The cause of the cybersecurity incident is under investigation, but Gonyou says the incident was not, to their knowledge, a ransomware attack.

“We shut down our network, which I think is very different from a ransomware attack, where I think under these circumstances cybercriminals or threat actors shut down your system or hold your information for ransom. “, she said. The county did not pay a ransom and its systems were brought back online on April 27, she said.

Read more:

Canada wants G7 countries to have rapid response cybersecurity team after Ukraine attack

A cyber threat expert, however, says it all depends on your definition of ransomware.

“Ransomware has evolved over the past two years,” said Brett Callow, Vancouver Island-based threat analyst for cybersecurity firm Emsisoft.

“In the past, they simply blocked the networks of their targets. They still do this sometimes, but they also steal a copy of the data and use it as additional leverage to extort payment. Sometimes they completely skip the encryption process and just steal the data.

The story continues under the ad

When asked if Conti was suspected of having been involved in the incident, or if contact had been made with the group either by the county or its cybersecurity consultant, Gonyou declined to comment, citing a ongoing investigation by the Ontario Provincial Police with which the county is cooperating.

About 50 gigabytes of files claiming to belong to Elgin County remain published on the dark web portal of another ransomware group. Global News does not identify the group because the data was still online Monday.

World News

Gonyou said Monday that she did not know if any of the compromised information had been taken offline.

“I think once it’s released, it…presents a risk regardless,” she said.

Since publishing Conti’s initial story in late April, Global News has learned that alleged Elgin data has also been published on the dark web portal of another ransomware group. Global News does not identify the group because the data was still online Monday afternoon.

This data dump, measuring approximately 50 gigabytes, also contains an “elgin_AccountsPayable” folder, as well as directories labeled “Engineering”, “elgin_data”, and “elgin_hr”.

The story continues under the ad

“Thank you for that information. I’ll follow up, but have no further comment,” Gonyou said when told about the other data dump. Gonyou also declined to say whether the county had had any contact with a ransomware group, citing the OPP investigation.


Click to play video: 'How to spot and avoid common cyber scams'







How to Spot and Avoid Common Cyber ​​Scams


How to spot and avoid common cyber scams – March 23, 2022

When asked if it was unusual to see data posted on the portals of two different ransomware groups, Callow explained that most ransomware groups operate on a ransomware-as-a-service basis.

“You have the team creating the ransomware, and they’re actually renting it out to other people who are using it in their attacks” – affiliates – “and they’re all splitting the proceeds among themselves,” he said. he declares.

“One possibility here is that an affiliate carried out the attack using Conti ransomware, Conti gave it up, and so the affiliates turned it over to another ransomware group to try and extort money .”

The story continues under the ad

According to the Canadian Center for Cyber ​​Security, Conti is considered “one of the most sophisticated ransomware groups in operation” and frequently targets hospitals, governments, medical networks and other essential services.

Speaking to Global News last month, Callow said it was unlikely Elgin was targeted for any particular reason, and that an overwhelming majority of attacks are carried out randomly via malicious links in e-mails. -phishing emails or unpatched vulnerabilities on Internet-connected networks.

Read more:

Tips to protect against ransomware attacks

Following the cybersecurity incident, Gonyou said the county has implemented additional safeguards and protections for its computer network.

“We carry out regular audits of health systems and improve the training of our staff across the company. Additionally, our work with our external cybersecurity team is ongoing, so we will continue to investigate the matter,” she said.

“We also look forward to recommendations from our consultants.”

With the rise in the prevalence of cyberattacks in businesses large and small, Gonyou says other organizations should learn from Elgin’s case and be hyper-vigilant about cyberthreats.

“Elgin County had robust systems in place such that threat actors or perpetrators use very sophisticated means to infiltrate computer systems and networks,” she said.

The story continues under the ad

According to the Canadian Center for Cyber ​​Security (CCCS), ransomware is the most common cyber threat Canadians face.

“Ransomware is not a new problem. Observed as far back as 1989, over the past 15 years ransomware has become one of the most popular types of cybercrime,” said a Cyber ​​Threat Bulletin 2021 from CCCS readings.

The bulletin notes that ransomware-as-a-service operations have helped increase the impact and scale of ransomware attacks in recent years. According to the agency, global ransomware attacks increased by 151% in the first half of 2021 compared to the same period in 2020.

“The Cyber ​​Center is aware of 235 ransomware incidents against Canadian victims from January 1 to November 16, 2021. More than half of these victims were critical infrastructure providers,” the bulletin said, adding that the most attacks go unreported and victims can be hit multiple times. time.

“Despite a temporary lull following international action, we believe that ransomware will continue to pose a threat to the national security and economic prosperity of Canada and its allies in 2022, as it remains a profitable business for cybercriminals. .”

© 2022 Global News, a division of Corus Entertainment Inc.

]]>
IceApple Post-Exploitation Framework deployed on Exchange servers https://boomdirectory.com/iceapple-post-exploitation-framework-deployed-on-exchange-servers/ Wed, 11 May 2022 18:59:18 +0000 https://boomdirectory.com/iceapple-post-exploitation-framework-deployed-on-exchange-servers/ The researchers caution against deploying a sophisticated post-exploitation framework on Microsoft Exchange server instances to perform credential harvesting and local reconnaissance of companies in the technology, academic, and government sectors. The .NET-based framework, which the researchers call IceApple, contains 18 separate modules that remain under development in order to evade detection, including capabilities for collecting […]]]>

The researchers caution against deploying a sophisticated post-exploitation framework on Microsoft Exchange server instances to perform credential harvesting and local reconnaissance of companies in the technology, academic, and government sectors.

The .NET-based framework, which the researchers call IceApple, contains 18 separate modules that remain under development in order to evade detection, including capabilities for collecting credentials, deleting files, and directories and data exfiltration.

As these modules, which do not provide exploitation or lateral movement capabilities, show, post-exploitation frameworks like IceApple do not provide initial access, but are instead used to help with malicious objectives after attackers have already compromised the system. In some cases, researchers have observed attackers using the framework in attacks after repeatedly returning to the victim’s environment every ten to fourteen days, likely to ensure that access was continuously maintained.

“When used shortly after an adversary gained initial access, IceApple was quickly deployed to multiple hosts to facilitate credential harvesting from local and remote host registries , logging of credentials to OWA servers, reconnaissance and data exfiltration,” said researchers from Crowdstrike’s Falcon OverWatch. threat hunting team in an analysis Wednesday. “OverWatch then observed adversaries returning daily to the networks to continue their activity.”

While build timestamps on modules used by the framework date back to May 2021, researchers first discovered the late 2021 framework being loaded on Exchange servers. Researchers said further investigation revealed that the adversary behind the framework has detailed knowledge of how Internet Information Services (IIS) works and is capable of targeting any IIS web application. IIS is Microsoft’s web server software used to host and provide Internet services to the end user.

The framework was thoughtfully loaded via precompiled .NET assemblies into an application pool for Exchange servers. Precompiled .NET assemblies have previously been used by adversaries with existing access to a system to load additional functionality, either via webshells or malicious IIS components.

The researchers said they routinely discover reflection-loaded .NET assemblies of “different levels of sophistication,” from basic wrappers around Windows utilities (such as WMI) to modular frameworks with multiple levels of encryption that help protect data in transit. and between modules. This type of malicious activity can be detected if a reflective .NET load occurs under an IIS application or application pool that does not typically perform this type of operation, the researchers said.

“While many assemblies…are seen only once in a customer’s environment and then never again, a few, like IceApple, continue to be reused on target networks while showing signs of degradation. active development,” the researchers said.

The researchers said IceApple’s in-memory-only framework shows that the actor prioritizes a low forensic footprint over targeted companies. In addition, its many modules support a wide range of features, including listing and deleting directories, writing data to a file, retrieving the configuration of installed network adapters, retrieving IIS server variables , flushing credentials stored in registry keys on the infected host, performing Active Directory queries and capturing OWA credentials.

“This is typical of long-term goals aimed at intelligence gathering and aligns with a targeted state-sponsored mission,” the researchers said.

]]>
Time limit for filing written statement under Ordinance VIII, Rule 1, CPC not mandatory: Supreme Court https://boomdirectory.com/time-limit-for-filing-written-statement-under-ordinance-viii-rule-1-cpc-not-mandatory-supreme-court/ Tue, 10 May 2022 14:30:58 +0000 https://boomdirectory.com/time-limit-for-filing-written-statement-under-ordinance-viii-rule-1-cpc-not-mandatory-supreme-court/ The Supreme Court reiterated that the time limit for filing the written statement under Ordinance VIII, Rule 1 of the Code of Civil Procedure is not mandatory (if it is not a commercial action). In this case, an application for an injunction was filed by the plaintiff. The High Court confirmed the trial court’s order […]]]>

The Supreme Court reiterated that the time limit for filing the written statement under Ordinance VIII, Rule 1 of the Code of Civil Procedure is not mandatory (if it is not a commercial action).

In this case, an application for an injunction was filed by the plaintiff. The High Court confirmed the trial court’s order refusing to condone the 193-day delay in filing the written statement on the basis that there was “no plausible explanation or coherent reason” for the delay in filing the written statement .

On appeal filed by the defendant, the Apex Court noted that the injunctive suit filed by the plaintiff is not one governed by the Commercial Court Act 2015.

“Therefore, the time limit for filing the written statement under Ordinance VIII, Rule 1 of the CPC is not mandatory in view of the judgment of this Court reported under the title” Kailash V. Nankhu & Ors “. reported in (2005) 4 SCC 480. In view of the judgment cited above, we conclude that the delay in filing the written statement could very well be compensated by costs, but denying the benefit of filing the written statement is unreasonable. .”, the bench Judges Hemant Gupta and V. Ramasubramanian mentioned.

Allowing the appeal, the bench ordered the trial court to expedite the prosecution’s decision taking into account the plaintiff’s old age.

Deadline for filing the written statement: law and precedents

Ordinance VIII rule 1 of the Code of Civil Procedure provides that the defendant must, within thirty days from the date of service of the summons against him, submit a written statement of his defence: it being understood that if the defendant does not file the written statement within the said thirty day period, he is entitled to file the same on any other day, which may be specified by the Court, for reasons to be recorded in writing, but which shall not be more later than ninety days from the date of service of the summons.

In Kailash Vs. Nanhku, it stood like this:

  1. The purpose of providing the timeline for filing the written statement under CPC Order VIII, Rule 1 is to expedite, not scuttle, the hearing. The provision spells out a handicap on the defendant. It does not impose an embargo on the Court’s power to extend the time limit. Although the wording of the proviso in Rule 1 of CPC Order VIII is drafted in negative form, it does not specify any penal consequences flowing from non-compliance. Since the provision falls within the domain of procedural law, it must be directive and not mandatory. The Court’s power to extend the time for filing the written statement beyond the time frame provided by CCP Order VIII, Rule 1 is not completely removed.
  2. Although CPC Ordinance VIII, Rule 1 is part of procedural and therefore directive law, in view of the need for expeditious trial of civil cases which persuaded Parliament to enact the provision in its present form, it is considered that normally the time schedule contained in the provision should be followed as a general rule and deviating from it would be exceptionally. A request for an extension of time made by the defendant should not be granted merely as a matter of routine and merely for asking, especially when the 90 day period has expired. An extension of time may be granted on an exceptional basis, for reasons to be attributed by the defendant and also recorded in writing, however briefly, by the court when satisfied. An extension of time may be allowed if it should be granted in exceptional circumstances, occasioned by reasons beyond the control of the defendant and if a serious injustice would be caused if the time limit were not extended. Fees may be imposed and an affidavit or documents supporting the defendant’s reasons for an extension of time may be required, depending on the facts and circumstances of a particular case.

In Salem Advocate Bar Association, Tamil Nadu Vs. Union of India, it was observed that there is no restriction in Ordinance VIII Rule 10 that after the expiration of ninety days, further time may not be granted. “The Court has broad power to ‘make such order in connection with the prosecution as it deems fit’. It is therefore clear that the provision of Order VIII, Rule 1, providing for an upper limit of 90 days to file a written statement is a repertoire. That said, we would like to make it clear that an order extending the time for filing a written statement cannot be made on a routine basis. The time can only be extended in exceptionally difficult cases While extending the time limit, it should be borne in mind that the legislature has set the upper time limit of 90 days.The Court’s discretion to extend the time limit should not be exercised so frequently and consistently as to negate the time limit fixed by Ordinance VIII Rule 1.”

Before the commercial courts

The Commercial Courts, Commercial Division and Commercial Appeal Division of the High Courts Act 2015 amended this provision by adding the following reservation to Rule 1: However, if the defendant does not file the written statement within the said thirty day period, he is entitled to file the written statement on another day, which may be specified by the court, for reasons to be reduced to writing and the payment of the such costs as the court deems appropriate, but which shall not be later than one hundred and twenty days from the date of service of the summons and the expiration of a period of one hundred and twenty days from the date of the service of the subpoena, the defendant is deprived of the right to file the written statement and the Court does not allow the written statement to be recorded. But it has been made applicable to cases involving commercial disputes.

In SCG Contracts India Pvt. Ltd v KS Chamankar Infrastructure Pvt. Ltd, the Supreme Court observed that this reservation is mandatory and that no written statement can be entered in commercial proceedings if it is not filed within 120 days from the date of service of the subpoena.

In Desh Raj v Balkishan (D) clarified that the mandatory time limit for filing a written statement does not apply to non-commercial lawsuits. With respect to non-commercial lawsuits, the written statement deadline is directive and not mandatory, the court said. Last year, it was observed in the case of Shoraj Singh v Charan Singh that the 90 day time limit for filing a written statement under Ordinance VIII, Rule 1 of the Code of Civil Procedure in lawsuits civilians, is directive.

Case details

Bharat Kalra vs. Raj Kishan Chabra | 2022 LiveLaw (SC) 465 | CA 3788 FROM 2022 | May 9, 2022

Coram: Judges Hemant Gupta and V. Ramasubramanian

Summaries

Code of Civil Procedure, 1908; Order VIII Rule 1 – The deadline for filing the written statement is not mandatory – The delay in filing the written statement could very well be compensated by costs. [Referred to Kailash vs Nankhu (2005) 4 SCC 480 ] (Paragraph 3-4)

Click here to read/download the order

]]>
How to manage your Docker containers with DockStation – The New Stack https://boomdirectory.com/how-to-manage-your-docker-containers-with-dockstation-the-new-stack/ Sun, 08 May 2022 12:02:01 +0000 https://boomdirectory.com/how-to-manage-your-docker-containers-with-dockstation-the-new-stack/ When looking for a graphical tool to manage your Docker containers, you’ll find more options than you might imagine. These tools range from the overly simplistic to the remarkably complicated, and everything in between. Every once in a while, though, you’ll find a desktop client that does a stellar job of making container management easier. […]]]>

When looking for a graphical tool to manage your Docker containers, you’ll find more options than you might imagine. These tools range from the overly simplistic to the remarkably complicated, and everything in between. Every once in a while, though, you’ll find a desktop client that does a stellar job of making container management easier.

Such a graphical interface is Dock, which is available for Linux, macOS, and Windows and can be used for free for personal and startup use. With DockStation, you’ll find features like:

  • Manage both services and containers
  • Backwards compatibility
  • Monitoring statistics, ports and logs
  • Project creation
  • Built-in analyzer
  • Observer
  • Drag and drop images onto projects
  • Docker Compose support

One of the only caveats to DockStation is that while it lets you create and manage projects on localhost (the machine the app is installed on), with remote hosts you can’t create. You can do a lot with your remotely connected Docker server though.

Let’s start by installing DockStation, build our first project on the local machine, then connect it to a remote machine. I will demonstrate on Pop!_OS Linux and connect to a remote Ubuntu Server instance with Docker installed.

How to install DockStation

Installing DockStation is quite simple. The first thing you need to do is download the installation file compatible with your operating system. As I am using a Debian based distro, I will download the .deb file from the DockStation download page. Save the file to your ~/Downloads directory, then open a terminal window.

From the terminal, install DockStation with the command:

sudo dpkg -i ~/Downloads/dockstation*.deb

If the installation error occurs, correct the problem with:

sudo apt-get install -f

Once the installation is complete, you are ready to launch the application.

Launching DockStation and connecting

Launch DockStation and in the login window (Figure 1), register with Google or GitHub or click Register Now and follow the instructions to create an account.

Figure 1: Creating an account for DockStation.

Upon successful authentication, an empty projects tab will be displayed (Figure 2).

Figure 2: DockStation is ready for you to create your first project.

Click + to create a new project. In the resulting window (picture 3), give the project a name, then set a path to host the project files and folders.

picture 3: Creating a new project in DockStation.

After filling in the required information, click CREATE to add the new project.

Let’s build a WordPress project. Type WordPress in the search file then, when the official image appears (Figure 4), drag it from the center column to the right.

Install WordPress

Figure 4: WordPress images are available for use in DockStation.

Wait for the versions to populate, then from the dropdown select the image tagged with latest. Click OK and the image will be added. Then click on the gear icon associated with the image and you can modify the service to suit your needs perfectly (Figure 5).

Figure 5: Here you can change general, boot, volume and port options.

Once the configuration is complete, click OK and you are returned to the project window. Click the start button associated with the WordPress service to deploy the container.

And that’s it for creating a very basic container deployment with DockStation on your local machine.

Connecting DockStation to a Remote Host

This part is a little tricky because it’s hidden in plain sight. We are going to use SSH as a way to connect to the remote machine. Before doing this, we need to generate an SSH key and copy it to our remote host.

To generate the SSH key, open a terminal window and run the command:

ssh-keygen

Go ahead and accept the defaults and when prompted, make sure to give the key a strong password.

Once the key is generated, you must copy it to the remote server with the command:

ssh-copy-id [email protected]

Where USER is the username on the remote server and SERVER is the IP address of the remote server.

With the copied key, you can now connect DockStation to the remote server. To do this, click the Containers tab and click the edit button directly to the left of localhost in the upper left corner (Figure 6).

Dock

Figure 6: The DockStation Containers tab not only shows all your running containers, but it also allows you to connect to remote hosts.

In the resulting window (Picture 7), click ADD.

Add a remote connection to DockStation.

Picture 7: Added a new remote connection to DockStation.

Click on the SSH tab in the resulting window and fill in the necessary information (Figure 8).

Picture 8: Added details of our SSH connection to a remote host.

Click OK and, when prompted, enter the password for the SSH key you generated earlier. Now, in the localhost dropdown (top left corner), select the new connection you just created and click CONNECT. Again you will be prompted for your SSH key password. After successful authentication, you will see all containers running on your remote server (Picture 9).

Success, we can now manage the containers present on our remote server.

Picture 9: Success, we can now manage the containers present on our remote server.

There. Yet another Docker GUI you can use to manage your container deployments. I admit I’m a fan of DockStation, but I wish they allowed deploying to a remote server from the GUI. Even with that caveat, DockStation is still a great tool for container management.

The New Stack is a wholly owned subsidiary of Insight Partners, an investor in the following companies mentioned in this article: Docker.

]]>
Dabo Swinney’s brother arrested, charged with child sexual exploitation https://boomdirectory.com/dabo-swinneys-brother-arrested-charged-with-child-sexual-exploitation/ Thu, 05 May 2022 22:14:00 +0000 https://boomdirectory.com/dabo-swinneys-brother-arrested-charged-with-child-sexual-exploitation/ The brother of Clemson football coach Dabo Swinney has been arrested in South Carolina and charged with sexual exploitation of a minor. Henry Ervil Swinney III, 53, of Clemson was arrested – alongside Carson Alexander Radlein, 22 – after allegedly distributing sexual abuse material, according to South Carolina Attorney General Alan Wilson. WCIV News 4 […]]]>

The brother of Clemson football coach Dabo Swinney has been arrested in South Carolina and charged with sexual exploitation of a minor.

Henry Ervil Swinney III, 53, of Clemson was arrested – alongside Carson Alexander Radlein, 22 – after allegedly distributing sexual abuse material, according to South Carolina Attorney General Alan Wilson.

WCIV News 4 in Charleston, Henry Swinney was arrested on April 23 and charged with one count of 2nd degree sexual exploitation of a minor. It is a crime punishable by 10 years in prison.

The arrest was made after a tip was given by the National Center for Missing and Exploited Children.

NBC affiliate WSBD News 2 reportsaccording to a warrant, Swinney disseminated “material containing a visual depiction of a minor engaging in sexual activity and/or appearing in a state of sexually explicit nudity, via a file sharing link called ‘Mega'”.

Meanwhile, Radlein, who was arrested on April 29, faces 10 counts of 3rd degree sexual exploitation of a minor.

Riley Morningstar of “The Seneca Journal” reports that Radlein is listed as a computer engineering student at Clemson University, according to the Student Directory.

Mark Heim is a sports reporter for The Alabama Media Group. Follow him on Twitter @Mark_Heim.

]]>
Reported critical RCE bug in dotCMS content management software https://boomdirectory.com/reported-critical-rce-bug-in-dotcms-content-management-software/ Wed, 04 May 2022 12:05:00 +0000 https://boomdirectory.com/reported-critical-rce-bug-in-dotcms-content-management-software/ A pre-authenticated remote code execution vulnerability has been disclosed in dotCMS, an open-source content management system written in Java and “used by more than 10,000 customers in more than 70 countries around the world, from Fortune 500 brands and midsize companies.” The critical flaw, tracked as CVE-2022-26352stems from a directory traversal attack when performing file […]]]>

A pre-authenticated remote code execution vulnerability has been disclosed in dotCMS, an open-source content management system written in Java and “used by more than 10,000 customers in more than 70 countries around the world, from Fortune 500 brands and midsize companies.”

The critical flaw, tracked as CVE-2022-26352stems from a directory traversal attack when performing file downloads, allowing an adversary to execute arbitrary commands on the underlying system.

“An attacker can upload arbitrary files to the system,” Shubham Shah of Assetnote mentioned in a report. “By uploading a JSP file to the root directory of Tomcat, it is possible to achieve code execution, leading to the execution of commands.”

In other words, the arbitrary file upload flaw can be exploited to replace already existing files in the system with a web shell, which can then be used to gain persistent remote access.

dotCMS content management software

Although the exploit allowed writing to arbitrary JavaScript files served by the app, researchers said the nature of the bug was such that it could be weaponized to get commands executed.

AssetNote said it discovered and reported the flaw on February 21, 2022, after which patches were released in versions 22.03, 5.3.8.10, and 21.06.7.

cyber security

“When files are uploaded to dotCMS through the Content API, but before they become content, dotCMS writes the file to a temporary directory,” the company said. mentioned. “In the case of this vulnerability, dotCMS does not sanitize the filename passed through the multipart request header and therefore does not sanitize the temporary filename.”

“In the case of this exploit, an attacker can upload a special .jsp file to the dotCMS webapp/ROOT directory that may allow remote code execution,” he noted.

]]>
How to Attach an Action to a Mac Folder for Automated Workflows https://boomdirectory.com/how-to-attach-an-action-to-a-mac-folder-for-automated-workflows/ Mon, 02 May 2022 09:00:00 +0000 https://boomdirectory.com/how-to-attach-an-action-to-a-mac-folder-for-automated-workflows/ Folder actions are one of the many hidden gems of macOS. You can set an action to occur whenever the contents of a folder change. It could be a simple action taken from a list provided by Apple with macOS, an AppleScript, or a workflow produced in Automator. Automator allows you to extend these actions […]]]> ]]> How to Check Disk Usage in Linux https://boomdirectory.com/how-to-check-disk-usage-in-linux/ Sat, 30 Apr 2022 12:00:35 +0000 https://boomdirectory.com/how-to-check-disk-usage-in-linux/ No matter how big your storage drive is, you always need to see how much space you’ve used and what files are using it. While there are ways to do this from the GUI on Linux, as always you get more detail using the terminal command line. Terminal tools are particularly useful for users monitoring […]]]>

No matter how big your storage drive is, you always need to see how much space you’ve used and what files are using it. While there are ways to do this from the GUI on Linux, as always you get more detail using the terminal command line. Terminal tools are particularly useful for users monitoring remote systems, such as busy system administrators logging in through a secure shell. link. In this tutorial, we will look at different ways to use the terminal to check disk usage, which will allow us to see how much storage space is left on our system, wherever we are.

All commands in this tutorial will work on most Linux machines. We used an Ubuntu 20.04 install, but you can run this guide on a Raspberry pie. All procedures are performed through the terminal. You can open a terminal window on most Linux machines by pressing ctrl, alt and t.

Using df to check disk usage in Linux

(Image credit: Tom’s Hardware)

A simple approach to check all disk usage on a system is to simply issue the df command from the home directory in a terminal window.

]]>
How To Share Directories On Your Local Network From Ubuntu Desktop 22.04 https://boomdirectory.com/how-to-share-directories-on-your-local-network-from-ubuntu-desktop-22-04/ Tue, 26 Apr 2022 17:20:00 +0000 https://boomdirectory.com/how-to-share-directories-on-your-local-network-from-ubuntu-desktop-22-04/ Jack Wallen walks you through the simple steps of sharing a directory from Ubuntu Desktop 22.04 to your local network for other users to access. Image: Mohamad Faizal/Adobe Stock Ubuntu 22.04 (Jammy Jellyfish) is here, and it offers many exciting new features that are sure to appeal to die-hard Linux users as well as those […]]]>

Jack Wallen walks you through the simple steps of sharing a directory from Ubuntu Desktop 22.04 to your local network for other users to access.

Image: Mohamad Faizal/Adobe Stock

Ubuntu 22.04 (Jammy Jellyfish) is here, and it offers many exciting new features that are sure to appeal to die-hard Linux users as well as those new to the world of open source. As usual, the Ubuntu devs went out of their way to make everything not only work “right”, but do it easily.

TO SEE: 40+ open source and Linux terms you need to know (TechRepublic Premium)

Example: sharing directories on your local network. This is one area where Ubuntu has always been above the competition. In fact, you’d be hard-pressed to find a Linux distro that makes folder sharing as easy as Ubuntu.

And that’s exactly what I’m going to show you how to do… share a directory on your local network, so that other users can access the content in it.

What you will need

For this to work, you will need a running instance of Ubuntu Desktop 22.04 connected to a local area network (LAN). That’s it, let’s get to work.

How to share a directory on the local network using Ubuntu

Log in to your Ubuntu Desktop 22.04 instance, then open the File Manager application. Right-click the Public folder and select Local Network Share (Figure A).

Figure A

Sharing the public folder on your local network can be done through the right-click context menu in the File Manager application.
Sharing the public folder on your local network can be done through the right-click context menu in the File Manager application.

In the resulting popup window (Figure B), check the Share this folder box.

Figure B

Folder sharing options for the public folder.
Folder sharing options for the public folder.

Since Ubuntu Desktop 22.04 does not come with Samba pre-installed, you will be prompted to install Windows Network Sharing Service. Click Install Service (Figure C).

Figure C

Installing the sharing service is just one click away.
Installing the sharing service is just one click away.

When prompted, click Install again and, if prompted, enter your user password. Once the installation is complete, Samba will be running and you can continue to configure the share. Give the share a name, an optional comment, then set the permissions. If you want other users to be able to create and share files in the directory, check the box associated with this option. If you are the only user on this desktop computer, you will need to grant Guest access to the share.

After setting everything up, click Create Share and you’re done. Note: If you grant access to other users to create and share files, or grant access to guests, you will be prompted to allow the system to automatically set the permission (which you must allow).

Troubleshooting Sharing with Ubuntu

If you find that users cannot access the share, the problem is that the GUI tool is not able to add a Samba password for the system to use. This is one of those sticking points that has been troubling Ubuntu for some time. However, the solution to this problem is quite simple. All you have to do is open a terminal window and run the command:

sudo smbpasswd -a USER

Where USER is the name of the user account on your system.

What’s a bit annoying about this hiccup is that it just might be preventing guest access. For this reason, if you want to share the folder with someone, you will need to create a guest account. You can go back to the terminal window and add the user with the command:

sudo adduser guest

Answer the necessary questions (giving the guest user a strong password). Once you have created the user, you will then need to add them with the smbpasswd command as follows:

sudo smbpasswd -a guest

Follow this with the command:

sudo smbpasswd -e guest

At this point, you can give guest credentials to anyone who needs access to this public folder, and they should be able to access it from any machine on your local network.

If that doesn’t work, you’ll need to add the share to the Samba configuration file. Open this file with the command:

sudo nano /etc/samba/smb.conf

In this file, add the following at the bottom:

[Public]
path = /home/USER/Public
browsable = yes
writable = yes
read only = no

Where USER is your username. Save and close the file.

And if that doesn’t grant access to other registered users, you may need to add the guest account to the group associated with the share. For example, suppose the share is in /home/jack/Public (meaning it is owned by user/group jack. You can add the guest account to group jack with the command:

sudo usermod -aG jack guest

After that, any user belonging to the group jack should be able to access the public directory which has been shared on the local network.

I’d like to see in future releases of Ubuntu (or any Linux desktop release) a much more simplistic approach to successfully sharing directories on a local network without having to go through all the extra troubleshooting steps.

Subscribe to TechRepublic How to make technology work on YouTube for all the latest tech tips for professionals from Jack Wallen.

]]>