Working remotely? Check out new Microsoft 365 personal and family subscriptions

2020-03-31 KENNETH 0

Working remotely? Check out new Microsoft 365 personal and family subscriptions Now more than ever, as so many work and learn remotely, “it’s never been more important to stay connected and on top of the things that matter,” writes Yusuf Mehdi, corporate vice president for Modern Life, Search & Devices at Microsoft, on the Microsoft 365 Blog. Microsoft has a powerful set of familiar applications and services used by more than a half billion people that help you create, share, connect and collaborate with your friends and family across the web and on your devices. And now, they’re free. Office, Word, Excel, PowerPoint, Skype, Outlook, OneNote and OneDrive apps enable you to co-author, video chat, organize and come together. On April 21, Office 365 will become Microsoft 365, which builds on the foundation of Office by infusing new AI, rich [ more… ]

No Image

USN-4312-1: Timeshift vulnerability

2020-03-30 KENNETH 0

USN-4312-1: Timeshift vulnerability Timeshift vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Summary Timeshift could be made to run programs as an administrator. Software Description timeshift – System restore utility Details Matthias Gerstner discovered that Timeshift did not securely create temporary files. An attacker could exploit a race condition in Timeshift and potentially execute arbitrary commands as root. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 timeshift – 19.01+ds-2ubuntu0.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2020-10174 Source: USN-4312-1: Timeshift vulnerability

No Image

USN-4310-1: WebKitGTK+ vulnerability

2020-03-30 KENNETH 0

USN-4310-1: WebKitGTK+ vulnerability webkit2gtk vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 18.04 LTS Summary Several security issues were fixed in WebKitGTK+. Software Description webkit2gtk – Web content engine library for GTK+ Details A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 libjavascriptcoregtk-4.0-18 – 2.28.0-0ubuntu0.19.10.2 libwebkit2gtk-4.0-37 – 2.28.0-0ubuntu0.19.10.2 Ubuntu 18.04 LTS libjavascriptcoregtk-4.0-18 – 2.28.0-0ubuntu0.18.04.3 libwebkit2gtk-4.0-37 – 2.28.0-0ubuntu0.18.04.3 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. This update uses a new upstream release, [ more… ]

No Image

USN-4308-2: Twisted vulnerabilities

2020-03-30 KENNETH 0

USN-4308-2: Twisted vulnerabilities twisted vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Summary Several security issues were fixed in Twisted. Software Description twisted – Event-based framework for internet applications Details USN-4308-1 fixed several vulnerabilities in Twisted. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possibly perform header injection attacks. (CVE-2019-12387) It was discovered that Twisted incorrectly verified XMPP TLS certificates. A remote attacker could possibly use this issue to perform a man-in-the-middle attack and obtain sensitive information. (CVE-2019-12855) Jake Miller and ZeddYu Lu discovered that Twisted incorrectly handled certain content-length headers. A remote attacker could possibly use this issue to perform HTTP [ more… ]

No Image

두 달 간의 신입 개발자 온보딩 과정을 돌아보며 – 신입 개발자들과의 인터뷰

2020-03-30 KENNETH 0

두 달 간의 신입 개발자 온보딩 과정을 돌아보며 – 신입 개발자들과의 인터뷰 안녕하세요! 기술기획팀 캔디스입니다. 지난 두 편의 포스팅을 통해서 카카오 신입 개발자 온보딩 프로그램이 어떻게 진행되었는지 살펴 보았는데요, 이번 편에서는 실제 온보딩에 참여했던 신입 개발자들의 이야기를 들어보려고 합니다. 그래서! 카카오의 크루로서 첫발을 내디딘 풋풋한 신입 개발자 세 분(Albus, David, Tate)을 만났습니다. 카카오의 신입 온보딩 과정은 어떤 매력으로 가득한지, 실제로 카카오에 적응하는데 얼마나 도움이 되었는지 등 지난 […] Source: 두 달 간의 신입 개발자 온보딩 과정을 돌아보며 – 신입 개발자들과의 인터뷰