Feed aggregator

Linux distro designed to look like Windows hits 2 million downloads since the end of Windows 10 support  PC Guide

The European Union published guidance on December 30 that reclassified nuclear weapons as acceptable investments under its sustainable finance framework, completing a policy change approved in November that narrowed the definition of banned armaments from "controversial" to "prohibited." The shift addresses earlier vagueness that the Commission said hindered efforts to raise $932 billion in defense investments over four years. Under the revised rules, only four weapon categories remain expressly outlawed by a majority of EU states: personnel mines, cluster munitions, and biological and chemical weapons. Nuclear weapons manufacturers avoided exclusion because only Austria, Ireland and Malta signed the Treaty on the Prohibition of Nuclear Weapons, though all EU members support non-proliferation under the Non-Proliferation Treaty. The updated guidance also permits ESG labeling for companies handling depleted uranium for anti-tank ammunition and white phosphorus, which is toxic but not classified as a chemical weapon. European ESG funds currently hold minimal defense stocks, according to Jefferies data. The Commission's notice now makes these investments eligible for funds operating under Article 8 and Article 9 sustainable investment mandates.

Read more of this story at Slashdot.

Community Benchmarks on Kaggle lets the community build, share and run custom evaluations for AI models.Community Benchmarks on Kaggle lets the community build, share and run custom evaluations for AI models.

Intel Panther Lake GSC Firmware Published Ahead Of Laptop Availability  Phoronix

Experts warn this new Chinese Linux malware could be preparing something seriously worrying  TechRadar

Experts warn this new Chinese Linux malware could be preparing something seriously worrying  TechRadar

5 popular Linux terminal-based file managers—ranked  How-To Geek

An anonymous reader quotes a report from Ars Technica: Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers' needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign. VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases. To detect which cloud service hosts the machine, VoidLink examines metadata using the respective vendor's API. Similar frameworks targeting Windows servers have flourished for years. They are less common on Linux machines. The feature set is unusually broad and is "far more advanced than typical Linux malware," said researchers from Checkpoint, the security firm that discovered VoidLink. Its creation may indicate that the attacker's focus is increasingly expanding to include Linux systems, cloud infrastructure, and application deployment environments, as organizations increasingly move workloads to these environments. "VoidLink is a comprehensive ecosystem designed to maintain long-term, stealthy access to compromised Linux systems, particularly those running on public cloud platforms and in containerized environments," the researchers said in a separate post. "Its design reflects a level of planning and investment typically associated with professional threat actors rather than opportunistic attackers, raising the stakes for defenders who may never realize their infrastructure has been quietly taken over." The researchers note that VoidLink poses no immediate threat or required action since it's not actively targeting systems. However, defenders should remain vigilant.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers' needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign. VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases. To detect which cloud service hosts the machine, VoidLink examines metadata using the respective vendor's API. Similar frameworks targeting Windows servers have flourished for years. They are less common on Linux machines. The feature set is unusually broad and is "far more advanced than typical Linux malware," said researchers from Checkpoint, the security firm that discovered VoidLink. Its creation may indicate that the attacker's focus is increasingly expanding to include Linux systems, cloud infrastructure, and application deployment environments, as organizations increasingly move workloads to these environments. "VoidLink is a comprehensive ecosystem designed to maintain long-term, stealthy access to compromised Linux systems, particularly those running on public cloud platforms and in containerized environments," the researchers said in a separate post. "Its design reflects a level of planning and investment typically associated with professional threat actors rather than opportunistic attackers, raising the stakes for defenders who may never realize their infrastructure has been quietly taken over." The researchers note that VoidLink poses no immediate threat or required action since it's not actively targeting systems. However, defenders should remain vigilant.

Read more of this story at Slashdot.

Niche Linux System Becomes a 'Phenomenal Hit' Forced by Microsoft: 2M Downloads in 3 Months, 1.5M Windows Users 'Defect'  36Kr

GOG leadership turns on Windows as Linux is considered  Windows Central

Netrunner Rolling 2019.04 Arch-based Linux distribution available for download  BetaNews

New "Thames" Linux Accelerator Driver Posted Along With Companion Gallium3D Driver  Phoronix

New Linux malware framework targets cloud and containers  Techzine Global

New Linux malware detected: admins “may never realize their infrastructure has been quietly taken over”  Cybernews

I'm a creator and my new favorite Linux distro is multimedia perfection - here's why  ZDNET

Over the past year, we’ve witnessed how creators globally have been using our AI models and tools to share their stories with the world. That’s why we launched the AI Fi…

NASA and the U.S. Department of Energy plan to deploy a nuclear fission reactor on the Moon by 2030 to provide continuous, long-duration power for lunar bases, science missions, and future Mars exploration. space & defense reports: NASA said fission surface power will provide a critical capability for long-duration missions by delivering continuous, reliable electrical power independent of sunlight, lunar night cycles or extreme temperature conditions. Unlike solar-based systems, a nuclear reactor could operate for years without refuelling, supporting habitats, science payloads, resource utilisation systems and surface mobility. NASA Administrator Jared Isaacman said achieving long-term human presence on the Moon and future missions to Mars will require new approaches to power generation. He said closer collaboration with the Department of Energy is essential to delivering the capabilities needed to support sustained exploration and infrastructure development beyond Earth orbit. The fission surface power system is expected to produce safe, efficient and scalable electrical power, forming a foundational element of NASA's Moon-to-Mars architecture. Continuous power availability is seen as a key enabler for permanent lunar bases, in-situ resource utilisation and expanded scientific operations in permanently shadowed regions. Further reading: You Can Now Reserve a Hotel Room On the Moon For $250,000

Read more of this story at Slashdot.

Linux Systems Face a New Predator: Inside VoidLink’s Sophisticated Attack Arsenal  Technology Org

The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The Linux Mint project has announced the release of Linux Mint 22.3. The Ubuntu-based distribution will receive support through to 2029 and introduces a new tool to help users troubleshoot problems. "The 'System Reports' tool received many new features and it was rebranded as 'System Information'. In addition....