Red Hat Enterprise Linux 7 Beta Arrives! Download Now And You Can Win $500

Red Hat Enterprise Linux (RHEL) 7 Arrived With Expanded Container Support, Performance Profiles, XFS As the Default Filesystem & Many More. 

We have just spent a less than a month time after the release of Red Hat Enterprise Linux 6.5 made available globally, yet again the American multinational software company, leading the world for open-source software has announced the availability of a first public beta release of Red Hat Enterprise Linux (RHEL) version 7. Based on Fedora 19 and the upstream Linux 3.10 kernel, Red Hat Enterprise Linux 7 will provide users with powerful new capabilities that streamline and automate installation and deployment, simplify management, and enhance ease-of-use, all while delivering the stability that enterprises have come to expect from Red Hat. This further solidifies Red Hat Enterprise Linux's place as the world's leading Linux platform and a standard for the enterprise of the future. Whether rolling out new applications, virtualizing environments or scaling the business with cloud, Red Hat Enterprise Linux 7 delivers the keystone to IT success. The beta release of Red Hat Enterprise Linux 7 adds value to new and existing IT projects across industries by adding key capabilities to improve critical but often cumbersome IT tasks like virtualization and storage while offering a clear pathway to the open hybrid cloud. In their official Red Hat Enterprise Linux YouTube channel, Red Hat posted a short video where you can hear what the team at Red Hat has to say about the next-generation of the world’s leading Linux platform.

Red Hat Enterprise Linux 7 Beta showcases hundreds of new features and enhancements, including: 

• Linux Containers - Enabling applications to be created and deployed in isolated environments with allocated resources and permissions.
• Performance Management – Using built in tools, you can optimize performance out-of-the-box.
• Physical and Hosted In-place Upgrades - In-place upgrades for common server deployment types are now supported. Additionally, virtual machine migration from a Red Hat Enterprise Linux 6 host to a Red Hat Enterprise Linux 7 host is possible, without virtual machine modification or downtime.
• File Systems – File systems continue to be a major focus of development and innovation.
  • XFS is now the default file system, supporting file systems up to 500TB
  • ext4 file systems are now supported to 50TB and include block sizes up to 1MB
  • btrfs file systems are now available to test
• Networking – Enhanced networking configuration and operation. Added support for some of the latest networking standards, including:
  • 40Gb Ethernet support
  • Improved channel bonding
  • TCP performance improvements
  • Low latency socket poll support
• Storage – Expanded support for enterprise level storage arrays. Improved scalable storage stack for deployments that are less disk intensive. Improved storage management for heterogeneous storage environments.
• Windows Interoperability – Bridge Windows™ and Linux infrastructure by integrating SAMBA 4.1 with existing Microsoft Active Directory domains. Or, deploy Red Hat Enterprise Linux Identity Management in a parallel trust zone with Active Directory.
• Subsystem Management – Simplified configuration and administration with uniform management tools for networking, storage, file systems, performance, identities and security. Leveraging the OpenLMI framework, enables use of scripts and APIs to automate management.

To know deeply about the hot features and enhancement of RHEL 7 beta 1, click here. I am quite sure that, after going through with the above description, all of you are very much excited to grab this brand new beta of RHEL 7. Like the previous beta release, this time also The Red Hat Enterprise Linux 7 beta has been made available to Red Hat customers, partners, and members of the public. For further information and to access the beta click here. Last but not least, with this release Red Hat also calls for an very interesting competition, where you can participate & win $500 while telling Red Hat, what interests you most in RHEL 7 beta. So what are you waiting for, lets download RHEL 7 and explore it. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Red Hat Enterprise Linux 7 Beta Arrives! Download Now And You Can Win $500"https://www.voiceofgreyhat.com/2013/12/rhel-7-released-download-now.html</a>

Android 4.4 'KitKat' -The More Compatible, Intelligent and Simple Android Ever

Android 4.4 'KitKat' All You Need to Know-The More Compatible, Intelligent and Simple Android Ever 

Earlier we have discussed several times on android- which is one of the world's most popular and widely used operating system based on Linux kernel, mainly designed for smartphones and tablet computers. Since last four years we have got various flavor of android among them 2.2 (Froyo), 2.3.3–2.3.7 (Gingerbread), 3.2 (Honeycomb), 4.0.3–4.0.4 (Ice Cream Sandwich) & 4.1.x-4.3.x (Jelly Bean) successfully drawn public attention and gained popularity. After the success of Jelly Bean, now Google has introduced Android 4.4 nicknamed 'KitKat.' Official website of android explained the reason of this nomenclature -'as everyone finds chocolate so tempting, we decided to name the next version of Android after one of our favorite chocolate treats, the KitKat®!' Immediately after this release android 4.4 is vogue as with this version of android Google improved performance and memory usage, makes this version more compatible than ever; you can easily try KitKat on your older smartphones. Now lets illuminate android 4.4 briefly-

Introduction:-

Readers, I will introduce a simple way the new features of the version of android, "The KitKat" Accompanies the more intelligent and simple search for Android, says the official Google blog, and more importantly, Should Have compatibility with older devices. This means more people que can have access to the innovations than other Android updates.

Performance and improved use of memory:-

Many of the major changes are the KitKat under the hood. The overall performance should improve, especially in relation to RAM. The Android developers site says "KitKat streamlines all the key components to reduce memory consumption", so even older smartphones running Android 4.4 will be faster and more responsive - even with 512MB of RAM. The multitasking should work better and you can switch applications without lock your smartphone.

Simpler and more powerful: (Google Now)

The Google Now gained much prominence in KitKat, with quick, more cards, and more features without using their hands. Not too can wake up your smartphone to start a search and take a picture saying only "OK Google Now"? It's like Google Glass, but on your smartphone.

The Google Now will also gain space on your homescreen, if you want (and you can slide left to right to find it), and Google will add more cards to make your smartphone smarter automatically suferindo things based on your interests , location, and more.

Support SMS, location sharing, and animated GIFs in Hangouts:-

Google announced this week that Hangouts will turn the main messaging app - is text messaging, video calls and instant. If you hate having your conversations scattered in several different apps, with KitKat you need only Hangouts, which replaces the old Mail app.

The use of location sharing can be very convenient when you're meeting a friend and wants to tell exactly where it is.

Finally, if you like to put emojis in messages, are present in many new keyboard Google.

Improvements in NFC, Cloud Printing and File Management:-

The KitKat also includes improvements that developers can now use apps to improve their apps. Regarding the NFC, it may automatically take you to the right app when you touch your device into a payment terminal. Printer manufacturers can develop served to send print files from Android to your printer. And the new framework for access to storage provides a consistent way to access files stored in other facilities in other apps (eg, open or save files in Dropbox or Box when you're in the browser).

In short, I will whole heartily agree with Google while saying -KitKat 4.4 is Smart, simple, and truly yours To know more about Android 4.4 'KitKat' click here

While concluding this article, I on behalf of Team VOGH, want to thank our new guest editor Mr. Rafael Souza, for sharing his view and extensive thought on android 4.4. Rafael we love you. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Android 4.4 'KitKat' -The More Compatible, Intelligent and Simple Android Ever"https://www.voiceofgreyhat.com/2013/12/android-4.4-kitkat.html</a>

Red Hat Inc Announced The General Availability Red Hat Enterprise Linux (RHEL) 6.5

Red Hat Inc Announced The General Availability Red Hat Enterprise Linux (RHEL) 6.5 

The RHEL 6x series get another important update as Red Hat Inc, the world's leading provider of open source solutions announced the general availability of Red Hat Enterprise Linux 6.5, the latest version of Red Hat Enterprise Linux 6. According to the official press release of Red Hat -RHEL 6.5 expands Red Hat’s vision of providing an enterprise platform that has the stability to free IT to take on major infrastructure challenges and the flexibility to handle future requirements, with an extensive partner and support ecosystem. 

Red Hat Enterprise Linux 6.5 is mainly designed for those who build and manage large, complex IT projects, especially enterprises that require an open hybrid cloud. From security and networking to virtualization, Red Hat Enterprise Linux 6.5 provides the capabilities needed to manage these environments, such as tools that aid in quickly tuning the system to run SAP applications based on published best practices from SAP.“Red Hat Enterprise Linux 6.5 provides the innovation expected from the industry’s leading enterprise Linux operating system while also delivering a mature platform for business operations, be it standardizing operating environments or supporting critical applications. The newest version of Red Hat Enterprise Linux 6 forms the building blocks of the entire Red Hat portfolio, including OpenShift and OpenStack, making it a perfect foundation for enterprises looking to explore the open hybrid cloud.”-said Jim Totton, vice president and general manager of Red Hat Inc. Now lets take a closer look to the main highlights of RHEL 6.5 : 

Securing the Next-Generation Enterprise

Red Hat Enterprise Linux 6.5 continues the push for integrated security functionality that combines ease-of-use and up-to-date security standards into the platform. The addition of a centralized certificate trust store enables standardized certificate access for security services. Also included are tools that meet leading security standards, including OpenSCAP 2.1, which implements the National Institute of Standards and Technology’s (NIST’s) Security Content Automation Protocol (SCAP) 1.2 standard. With these additions, Red Hat Enterprise Linux 6 provides a secure platform upon which to build mission-critical services and applications.

Networking – When Every (Micro)Second Matters

In the financial services and trading-related industries, application latency is measured in microseconds, not seconds. Now, the latest version of Red Hat Enterprise Linux 6 fully supports sub-microsecond clock accuracy over the local area network (LAN) using the Precision Time Protocol (PTP). Precision time synchronization is a key enabler for delivering better performance for high-speed, low latency applications. Red Hat Enterprise Linux 6.5 can now be used to track time on trading transactions, improving time stamp accuracy on archived data or precisely synchronizing time locally or globally. Thanks to other networking enhancements in Red Hat Enterprise Linux 6.5, system administrators now have a more comprehensive view of network activity. These new capabilities enable sysadmins to inspect IGMP (Internet Group Management Protocol) data to list multicast router ports, multicast groups with active subscribers and their associated interfaces, all of which are important to many modern networking scenarios, including streaming media.

Virtualization Enhancements

Red Hat Enterprise Linux 6.5 continues Red Hat’s commitment to improving the overall virtualization experience and includes several improvements that make it a compelling choice for running in virtualized environments. Sysadmins can now dynamically enable or disable virtual processors (vCPUs) in active guests, making it an ideal choice for elastic workloads. The handling of memory intensive applications as Red Hat Enterprise Linux guests has also been improved, with configurations supported for up to 4TB of memory on the Kernel-based Virtual Machine (KVM) hypervisor. The KVM hypervisor also integrates with GlusterFS volumes to provide direct access to the distributed storage platform, improving performance when accessing Red Hat Storage or GlusterFS volumes. Finally, guest drivers have been updated to improve performance of Red Hat Enterprise Linux 6.5 running as a guest on supported third-party hypervisors.

Evolving Ease-of-Use, Storage, and More

As application deployment options grow, portability becomes increasingly important. Red Hat Enterprise Linux 6.5 enables customers to deploy application images in containers created using Docker in their environment of choice: physical, virtual, or cloud. Docker is an open source project to package and run lightweight, self-sufficient containers; containers save developers time by eliminating integration and infrastructure design tasks. Red Hat Enterprise Linux 6.5 stays current with the advancements in Solid-State Drive (SSD) controller interface, introducing support for NVM Express (NVMe)-based SSDs. The NVMe specification aims to standardize the interface for PCIe-based SSDs and its inclusion in Red Hat Enterprise Linux 6.5 positions the platform to support an expanding range of future NVMe-based devices.

Improvements have also been added to improve enterprise storage scalability within Red Hat Enterprise Linux 6.5. It is now possible to configure more than 255 LUNs connected to a single iSCSI target. In addition, control and recovery from SAN for iSCSI and Fibre Channel has been enhanced, and updates to the kexec/kdump mechanism now make it possible to create debug (dump) files on systems configured with very large memory (e.g. 6TB).

Red Hat Enterprise Linux 6.5 makes it easier to track and manage subscription consumption across the enterprise, integrating subscription tracking into existing business workflow. Usability enhancements include support for remote access to Windows clients and servers that use a newer version of the RDP protocol, including Windows 7 and 8 desktops and Windows Server 2012. 

To Download Red Hat Enterprise Linux 6.5 Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Red Hat Inc Announced The General Availability Red Hat Enterprise Linux (RHEL) 6.5 "https://www.voiceofgreyhat.com/2013/11/redhat-enterprise-linux-rhel-6.5-released.html</a>

Debian Linux 7.0 Code Named 'Wheezy' Released & Available For Download

Debian Linux 7.0 Code Named 'Wheezy' Released & Added  Multiarch Support, Several Specific Tools

Once it was one of the most popular Linux distribution which have drawn the maximum attention, yes you are right I am talking about none other than Debian Linux. Now a days the craze of this flavor has became little fade but as the foundation for other, more popular Linux distributions, such as Mint, Ubuntu and few Pen Testing Distro, still the value of Debian exist. So the up-gradation and new release of this Linux flavor is  still very much important. And today I will talk about the new release of Debian Linux version 7.0 code named 'Wheezy'. After many months of constant development, the developers at Debian project proudly announced the general availability of the next version of this major Linux which is Debian 7.0 aka 'Wheezy'. According to the release note - This new version of Debian includes various interesting features such as multiarch support, several specific tools to deploy private clouds, an improved installer, and a complete set of multimedia codecs and front-ends which remove the need for third-party repositories. Multiarch support, one of the main release goals for Wheezy, will allow Debian users to install packages from multiple architectures on the same machine. This means that you can now, for the first time, install both 32- and 64-bit software on the same machine and have all the relevant dependencies correctly resolved, automatically. The installation process has been greatly improved: Debian can now be installed using software speech, above all by visually impaired people who do not use a Braille device. Thanks to the combined efforts of a huge number of translators, the installation system is available in 73 languages, and more than a dozen of them are available for speech synthesis too. In addition, for the first time, Debian supports installation and booting using UEFI for new 64-bit PCs (amd64), although there is no support for Secure Boot yet. 

This Release Includes Numerous Updated Software Packages, Such as:-

• Apache 2.2.22
• Asterisk 1.8.13.1
• GIMP 2.8.2
• An updated version of the GNOME desktop environment 3.4
• GNU Compiler Collection 4.7.2
• Icedove 10 (an unbranded version of Mozilla Thunderbird)
• Iceweasel 10 (an unbranded version of Mozilla Firefox)
• KDE Plasma Workspaces and KDE Applications 4.8.4
• kFreeBSD kernel 8.3 and 9.0
• LibreOffice 3.5.4
• Linux 3.2
• MySQL 5.5.30
• Nagios 3.4.1
• OpenJDK 6b27 and 7u3
• Perl 5.14.2
• PHP 5.4.4
• PostgreSQL 9.1
• Python 2.7.3 and 3.2.3
• Samba 3.6.6
• Tomcat 6.0.35 and 7.0.28
• Xen Hypervisor 4.1.4
• The Xfce 4.8 desktop environment
• X.Org 7.7

Along with these more than other 36,000 ready-to-use software packages, built from nearly 17,500 source packages also included in Debian Linux 7.0. So after reading all those cool features, what you are waiting for lets download the installation image via bittorrent (the recommended method), jigdo, or HTTP. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Debian Linux 7.0 Code Named 'Wheezy' Released & Available For Download "https://www.voiceofgreyhat.com/2013/05/Debian-Linux-7.0-Codenamed-Wheezy-Released.html</a>

'Kali Linux' The Most Advanced & Stable Penetration Testing Distribution

From The Makers of BackTrack We Got 'Kali Linux' The Most Advanced & Stable Penetration Testing Distribution 

Fans of world famous penetration testing distribution 'BackTrack' can now taste another flavor as the developer at BackTrack and Offensive Security has introduced a new Linux distribution targets enterprise security, offering a suite of helpful tools for rigorous testing calling it "Kali Linux." In the official release note Offensive-Security claimed that Kali Linux is the most advanced, robust, and stable penetration testing distribution to date. From that note we also came to know that this new distribution is a product of seven years long knowledge and experience which make Kali Linux the “next generation” penetration testing distribution. Now lets look at the main features of Kali Linux at a glance: 

Kali Linux Features:-

Kali is a complete re-build of BackTrack Linux, adhering completely to Debian development standards. All-new infrastructure has been put in place, all tools were reviewed and packaged, and we use Git for our VCS.

• More than 300 penetration testing tools: After reviewing every tool that was included in BackTrack, we eliminated a great number of tools that either did not work or had other tools available that provided similar functionality.
• Free and always will be: Kali Linux, like its predecessor, is completely free and always will be. You will never, ever have to pay for Kali Linux.
• Open source Git tree: We are huge proponents of open source software and ourdevelopment tree is available for all to see and all sources are available for those who wish to tweak and rebuild packages.
• FHS compliant: Kali has been developed to adhere to the Filesystem Hierarchy Standard, allowing all Linux users to easily locate binaries, support files, libraries, etc.
• Vast wireless device support: We have built Kali Linux to support as many wireless devices as we possibly can, allowing it to run properly on a wide variety of hardware and making it compatible with numerous USB and other wireless devices.
• Custom kernel patched for injection: As penetration testers, the development team often needs to do wireless assessments so our kernel has the latest injection patches included.
• Secure development environment: The Kali Linux team is made up of a small group of trusted individuals who can only commit packages and interact with the repositories while using multiple secure protocols.
• GPG signed packages and repos: All Kali packages are signed by each individual developer when they are built and committed and the repositories subsequently sign the packages as well.
• Multi-language: Although pentesting tools tend to be written in English, we have ensured that Kali has true multilingual support, allowing more users to operate in their native language and locate the tools they need for the job.
• Completely customizable: We completely understand that not everyone will agree with our design decisions so we have made it as easy as possible for our more adventurous users tocustomize Kali Linux to their liking, all the way down to the kernel.
• ARMEL and ARMHF support: Since ARM-based systems are becoming more and more prevalent and inexpensive, we knew that Kali’s ARM support would need to be as robust as we could manage, resulting in working installations for both ARMEL and ARMHF systems. Kali Linux has ARM repositories integrated with the mainline distribution so tools for ARM will be updated in conjunction with the rest of the distribution. Kali is currently available for the following ARM devices:
• rk3306 mk/ss808
• Raspberry Pi
• ODROID U2/X2
• Samsung Chromebook

Kali is specifically tailored to penetration testing and therefore, all documentation on this site assumes prior knowledge of the Linux operating system. For more information, I would like to request you to visit the official website of Kali Linux. 

To Download Kali Linux (.iso, VMWare Image, Samsung Chromebook ARM, Odroid U2, Raspberry Pi & rk3306 mk/ss808) Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">'Kali Linux' The Most Advanced & Stable Penetration Testing Distribution"https://www.voiceofgreyhat.com/2013/03/KaliLinux-Most-Advanced-Pen-Testing-Distribution.html</a>

Samsung Galaxy S III, S II & Note II Vulnerable to Inject Malicious Code Directly into Kernel

Samsung Galaxy S III, S II & Note II Vulnerable to Inject Malicious Code Directly into Kernel

Serious security hole has been discovered in Samsung smartphones. According to a member of XDA-Developer forum named 'alephzain' the vulnerability exists in the Samsung Galaxy S III, Galaxy S II and Galaxy Note II along with several other Samsung devices. As per sources the vulnerability is marked as "severe". This vulnerability could provide a malicious way for remotely downloaded apps to read user data, brick phones and perform other malicious activities. In other words, this hole could allow a malicious app free reign over your smartphone’s memory, and basically take complete control of your device. Prepare tin foil hats. Another XDA-Developer user, supercurio says Samsung has been notified of the security hole, but had not yet acknowledged the issue. That is until this morning when Samsung dropped word to Android Central that they are “currently in the process of conducting an internal review” in reference to the security hole. Supercurio says the potential exists for millions of devices to be in harms way, especially those with Exynos 4210 and 4412 processors that use Samsung code. Another XDA user, Entropy512 adds “this exploit changes things — there is a no root exploit that can be used by an app straight from the market, in the background, with little to no user intervention.” 

While talking about security holes in Samsung phones, then we would like to remind you that few moths ago, researcher have unveiled several android based handsets including Samsung Galaxy S3, S2 were vulnerable to 'remote wipe' hack.   

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Samsung Galaxy S III, S II & Note II Vulnerable to Inject Malicious Code Directly into Kernel"https://www.voiceofgreyhat.com/2012/12/Samsung-Galaxy-Vulnerable-Inject-Malicious-Code.html</a>

VMware Confirmed: The Source Code of ESX kernel Was Indeed Stolen By Hackers

VMware Confirmed: The Source Code of ESX kernel Was Indeed Stolen By Hackers

VMware, the global leader in virtualization and cloud infrastructure again faced cyber attack. Earlier in this year a hacker named "Hardcore Charlie" had stolen files from its ESX server hypervisor source code has been posted online. In that attack the hacker managed to steal more than 300MB source code of  VMWare products. Here also after 6 months another hacker named Stun (57UN) claiming to be affiliated with hacker collective Anonymous managed to hack the source code of VMware's ESX kernel. Immediately after the breach the hacker tweeted a link to a torrent site hosting the stolen VMkernel source code. In their official blog post VMware director of platform security Iain Mulholland acknowledged the breach on Sunday and confirmed the source code was indeed stolen. But VMware also confirmed that leaked is source code that dates back to 1998-2004 which was previously leaked Hardcore Charlie. VMware also said that it is investigating what actions to take next. The torrent file posted by 57UN is leading to download you the source code of VMware ESX, that is sized almost 2MB. 

In a security note VMware said- "our security team became aware of the public posting of VMware ESX source code dating back to 2004. This source code is related to the source code posted publicly on April 23, 2012. It is possible that more related files will be posted in the future. We take customer security seriously and have engaged our VMware Security Response Center to thoroughly investigate. Ensuring customer security is our top priority. As a matter of best practices with respect to security, VMware strongly encourages all customers to apply the latest product updates and security patches made available for their specific environment. We also recommend customers review our security hardening guides. By applying the combination of the most current product updates and the relevant security patches, we believe our customer environments will be best protected. As is our practice, VMware will continue to assess any further security risks, and will provide recommendations and updates here as appropriate..." VMware also encouraged its customers to view the May 3, 2012 security patch information as a resource.

While talking about source code leak, we want to remind you that couple of months ago this hacker (57UN) stolen the source code of Skype. Also earlier in 2012 another hacker group named  The Lords of Dharmaraja has managed to steal the source code of Norton Symantec. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">VMware Confirmed: The Source Code of ESX kernel Was Indeed Stolen By Hackers"https://www.voiceofgreyhat.com/2012/11/Sourcecode-of-VMware-ESX-kernel-Stolen.html</a>

Apple Releases iOS 6.0.1, Serious Flaws in Kernel, Passcode Lock & WebKit Patched

Apple Releases iOS 6.0.1, Serious Flaws in Kernel, Passcode Lock & WebKit Patched

Couple of moths ago we got iOS6, where Apple added over 200 new features, including Apple's own Maps app, Facebook integration, Siri improvements, Apple's new Passbook digital wallet app, and more. iOS 6 is compatible with the third-generation iPad, iPad 2, iPhone 4S, iPhone 4, iPhone 3GS, and fourth-generation iPod touch. With such tremendous features there also several security bugs have been spotted in the wild, which is affecting millions of iOS users across the globe. Among those bugs the most serious seems to be a kernel flaw discovered by researcher Mark Dowd of Azimuth Security and Eric Monti of Square that affects iPhone 3GS and later, as well iPod Touch and iPad2 and later. An attacker exploiting the vulnerability could essentially bypass address space randomization layout (ASLR) protections using a malicious application, and could determine addresses in the kernel, Apple’s advisory said. The researchers said the vulnerability, which could expose data to an attacker, occurs in the way iOS handles application programming interfaces in relation to kernel extensions. 

Apple has released updates for iOS 6 which include security fixes. The iOS 6.0.1 update includes security fixes for the kernel, passcode locking and WebKit. The WebKit issues were also fixed in an update of the Safari web browser for Mac OS X. “Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection,” Apple said. “This issue was addressed by unsliding the addresses before returning them.” 

A vulnerability in iOS’ Passcode Lock was also addressed in the latest update that could allow someone with access to the iOS device to access Passbook passes without entering a passcode. “A state management issue existed in the handling of Passbook passes at the lock screen. This issue was addressed through improved handling of Passbook passes,” Apple said. Finally, a pair of WebKit vulnerabilities were patched.

The first involved how iOS handled JavaScript arrays, and could allow an attacker to remotely execute code if a user visited a malicious site and was infected. Apple said it addressed the matter through additional validation of JavaScript arrays. The other WebKit flaw is a use-after-free issue in the handling of SVG images. Scalable vector graphics (SVG) are file formats for static or animated graphics. A user visiting a website hosting a malicious graphic could experience application crashes or worse, an attacker could remotely execute code.  

The iOS 6.0.1 software update also includes fixes for the iPhone 5 to allow it to install over the air updates and to make it work better with WPA2 Wi-Fi networks. There are also corrections for bugs which flashed horizontal lines over the keyboard and stopped the camera flash going off. The two WebKit issues were also the only issues apparently fixed in the Safari 6.0.2 update. Safari 6.0.2 is available through Software Update for Mac OS X 10.7 Lion and the Mac App Store for Mac OS X 10.8 Mountain Lion.

-Source (Apple, threat post & The-H)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Apple Releases iOS 6.0.1, Serious Flaws in Kernel, Passcode Lock & WebKit Patched"https://www.voiceofgreyhat.com/2012/11/iOS6.0.1-Kernel-PasscodeLock-WebKit-Flaws-Patched.html</a>

BackBox Linux 3 Released! To Perform Penetration Tests & Security Assessments

BackBox Linux 3 Released! To Perform Penetration Tests & Security Assessments

In past we have discussed many times about BackBox, which is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment. Its own software repositories, always being updated to the latest stable version of the most used and best known ethical hacking tools. Now a days along with  BackTrack this Ubuntu based penetration testing distribution has became very popular in hacker communities, even several penetration testers also using BackBox. Like other popular Pen testing distro, BackBox also get updated periodically. This time BackBox developer team has announced a major release BackBox Linux, version 3.0. The major release include features such as the new Linux Kernel 3.2 flower and Xfce 4.8. Apart from the system major upgrade, all auditing tools are up to date as well. 

What's new:- 

• System upgrade
• Bug corrections
• Performance boost
• Improved start menu
• Improved Wi-Fi dirvers (compat-wireless aircrack patched)
• New and updated hacking tools

System requirements:- 

• 32-bit or 64-bit processor
• 512 MB of system memory (RAM)
• 4.4 GB of disk space for installation
• Graphics card capable of 800×600 resolution
• DVD-ROM drive or USB port

To Download BackBox Linux Version 3.0 Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">BackBox Linux 3 Released! To Perform Penetration Tests & Security Assessments"https://www.voiceofgreyhat.com/2012/10/BackBox-Linux-3-Released.html</a>

LinuxCon & Embedded Linux Conference Europe 2012 Schedule Announced

LinuxCon & Embedded Linux Conference Europe 2012 Schedule Announced 

The Linux Foundation declared the schedule of for the second LinuxCon Europe event, which will take place from 5 to 7 November in Barcelona, in Hotel Fira Palace, has been posted on the conference's web site. LinuxCon Europe will bring together the best and brightest that the Linux community has to offer, including community developers, system administrators, business executives and operations experts. LinuxCon Europe will deliver attendees top notch speaking talent (from across Europe and around the globe), innovative and abundant program content, and a wide variety of opportunities to connect with peers. Keynote speakers include Canonical founder Mark Shuttleworth and Eucalyptus CEO Mårten Mickos. The conference will also feature a discussion of the latest technical advancements in the Linux kernel between Linus Torvalds and Intel's Chief of Linux and Open Source Technologies Dirk Hondel. Scheduled talks include Google's Theodore Ts'o speaking on "Optimizing File System Performance When Memory is Tight" and a talk by Intel developer Marcel Holtmann on new challenges for network support in embedded and consumer applications of Linux. Red Hat employee Ric Wheeler is heading a panel of developers from several SSD caching projects who will discuss how SSDs can be used in Linux as caches for more traditional storage media. Projects that are covered in the schedule include LibreOffice, OpenStack, oVirt, LXC, systemd and Qt. 

Also the schedule for the co-located Embedded Linux Conference Europe has also been posted by Linux Foundation. Last year Embedded Linux Conference Europe (ELCE) took place at October in Prague. 

-Source (The-H & Linux Foundation)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">LinuxCon & Embedded Linux Conference Europe 2012 Schedule Announced"https://www.voiceofgreyhat.com/2012/09/LinuxCon-Embedded-Linux-Conference-Europe.html</a>

Ubuntu 12.10 Codenamed "Quantal Quetzal" Beta 1 Released !!

Ubuntu 12.10 Codenamed "Quantal Quetzal" Beta 1 Released !!

After the release of two Alpha version (Alpha1 & Alpha 2), now its time for beta; and as expected both Canonical and the Ubuntu developer team has released the first beta of version 12.10 of their Ubuntu Desktop, Server, Cloud, and Core products, code named "Quantal Quetzal". Ubuntu 12.10 Beta 1 uses a Linux kernel which is based on the recent 3.5.3 Linux kernel, the current stable version of Linux 3.5.

12.10 continues Ubuntu's proud tradition of integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution.  The team has been hard at work through this cycle, introducing new features and fixing bugs. For the client, this release now has a consolidated Ubuntu image.  There is no longer a traditional CD sized image, DVD or alternate image, but rather a single 800MB Ubuntu image that can be used from USB or DVD.  This change does not affect Ubuntu Server, which remains a traditional CD sized image.  With Ubuntu 12.10, Kubuntu, Edubuntu, Lubuntu, and Ubuntu Studio also reached Beta 1 status today.   These images, along with Xubuntu will continue to have daily updates for the remainder of the release. The final version of Ubuntu 12.10 is expected to be released on October 18, 2012. 

Key Features at a Glance:- 

• The consolidated client images now support the logical volume manager (LVM) as well as full disk encryption.
• Update Manager has been renamed Software Updater and now checks for updates when launched.
• A new X.org stack has been introduced which includes xserver 1.13 candidate versions, mesa 9.0, and updated X libs and drivers. 
• Unity has been updated to version 6.4 including support for dash previews and coverflow view.  Now that compiz with GLES support has  landed, unity-3d works again on the pandaboard.
• The Ubuntu desktop has begun migrating from Python 2 to Python 3. Most Python applications included in the desktop is now using Python 3, and most Python modules that are included by default are available for both Python 2 and Python 3.

Changes in Ubuntu Server and Cloud Images:-

• ARM hard float (armhf) cloud images are now available.
• OpenStack folsom testing packages are available.  Openstack instance architecture testing support has been added, as has a heterogenous scheduler for ARM.
• Apache Tomcat 7 is now the default supported version. Ceph has updated to 0.48.1 (upstream argonaut stable release), and includes RADOS Gateway (S3 and Swift Compatible), as well as performance improvements.
• Floodlight (Openflow Network Controller) and mininet (Network Simulation) packages are now available.

According to the project's release schedule, the beta release will be followed by a second beta on 27 September. The current stable release is Ubuntu 12.04.1 LTS, the first point update to the Long Term Support (LTS) edition of the distribution.

To Download Ubuntu 12.10 Beta 1 (Both Ubuntu Desktop and Ubuntu Server) Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Ubuntu 12.10 Codenamed "Quantal Quetzal" Beta 1 Released !!"https://www.voiceofgreyhat.com/2012/09/Ubuntu12.10-Codenamed-Quantal-Quetzal-Beta1-Released.html</a>

Google Announced 'Pwnium 2' & Increased Prize Money $2m To Exploit Chrome

Google Announced 'Pwnium 2' & Increased Prize Money $2m To Exploit Chrome

Few days ago we got the result of Microsoft hosted Blue Hat Security contest, where Microsoft awarded a bunch of hackers and gave away an amount of  $260,000. Immediately after this event, Internet giant Google   has upped the ante in its industry-leading cash-for-security-bugs program with hefty bonuses and a hacking contest that will award up to $2 million worth of prizes to people who successfully exploit its Chrome browser. In the official Chromium blog, Google has announced the plan for Pwnium 2. According to a blog post by Chris Evans, Software Engineer at Google- Pwnium 2 will be held on Oct 10th, 2012 at the Hack In The Box 10 year anniversary conference in Kuala Lumpur, Malaysia.

This time, Google be sponsoring up to $2 million worth of rewards at the following reward levels:

• $60,000: “Full Chrome exploit”: Chrome / Win7 local OS user account persistence using only bugs in Chrome itself. 
• $50,000: “Partial Chrome exploit”: Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs. For example, a WebKit bug combined with a Windows kernel bug. 
• $40,000: “Non-Chrome exploit”: Flash / Windows / other. Chrome / Win7 local OS user account persistence that does not use bugs in Chrome. For example, bugs in one or more of Flash, Windows or a driver. 
• $Panel decision: “Incomplete exploit”: An exploit that is not reliable, or an incomplete exploit chain. For example, code execution inside the sandbox but no sandbox escape; or a working sandbox escape in isolation. For Pwnium 2, we want to reward people who get “part way” as we could definitely learn from this work. Our rewards panel will judge any such works as generously as we can. 

Exploits should be demonstrated against the latest stable version of Chrome. Chrome and the underlying operating system and drivers will be fully patched and running on an Acer Aspire V5-571-6869 laptop (which we’ll be giving away to the best entry.) Exploits should be served from a password-authenticated and HTTPS Google property, such as App Engine. The bugs used must be novel i.e. not known to us or fixed on trunk. Please document the exploit. 

We also like to give you reminder that earlier in this year Google had increased vulnerability bounties in Anniversary of Vulnerability Reward Programbe. Also PayPal, Facebook & many other has already started this paid bug bounty program.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google Announced 'Pwnium 2' & Increased Prize Money $2m To Exploit Chrome"https://www.voiceofgreyhat.com/2012/08/Google-Announced-Pwnium2-Increased-Priz-Money.html</a>

Microsoft Fixes & Apologizes Embarrassing 'Big Boobs' String (0xB16B00B5) From Linux Code

Microsoft Fixes & Apologizes Embarrassing 'Big Boobs' String (0xB16B00B5) From Linux Code

Buried in the software that connects the Linux kernel to Microsoft‘s HyperV virtualization program was the following code string: '0xB16B00B5'. The string was spotted by programmer Paolo Bonzini, who posted about his discovery to the Linux Kernel mailing list saying “Somone (sic) was trying to be funny, I guess”.

The string was used every time the Microsoft program ran a virtual version of Linux. Linux developer Dr Matthew Garrett is upset by what he sees as “straightforward childish humour”. He points out that previously Microsoft used the string 0x0B00B135 (or “BOOBIES” to non-programmers) in a previously submitted piece of code. Dr Garrett points out that the string may be used to connect Linux system to Microsoft’s Azure cloud platform, making the problem even tougher to fix. “So, full marks, Microsoft,” says Dr Garrett. “You’ve managed to make the kernel more offensive to half the population and you’ve made it awkward for us to rectify it”. Microsoft was made aware of the code quickly issued an apologetic statement, saying “We thank the community for reporting this issue and apologize for the offensive string. We have submitted a patch to fix this issue and the change will be published in a future release of the kernel.”  The software giant then immediately issued a patch that corrected the string. In early June, Microsoft suffered another embarrassment over '"vulgar" language used during a song and dance routine at a company conference.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Fixes & Apologizes Embarrassing 'Big Boobs' String (0xB16B00B5) From Linux Code"https://www.voiceofgreyhat.com/2012/07/MicrosoftFixeBigBoobString0xB16B00B5.html</a>

Ubuntu 12.10 (Quantal Quetzal) Alpha 2 Arrives With Linux Kernel 3.5-rc4 & Improved Filesystem Utilities

Ubuntu 12.10 (Quantal Quetzal) Alpha 2 Arrives With Linux Kernel 3.5-rc4 & Improved Filesystem Utilities

The first alpha version of Ubuntu 12.10 was made available in the first week of June. As expected now the Canonical and the Ubuntu developer team has released the second alpha of version 12.10 of their Ubuntu codenamed "Quantal Quetzal". The new alpha release mostly has package updates to the distribution's components, including a Linux 3.5-rc4 based kernel (Ubuntu kernel 3.5.0-2.2), filesystem utilities (e2fsprogs, mdadm, autofs and btrfs-tools), Firefox and Thunderbird, and GTK+ (to the 3.5 series which will allow a number of GNOME 3.5 updates to take place).

Ubuntu Server has seen updates too, with Tomcat 7 replacing Tomcat 6, Chef 0.10.x, Ceph-0.57.2, MySQL 5.5.25 and updates to OpenStack to track the current "folsom" development milestones. The alpha 2 release also sees images for the Calxeda ARM servers being made available. There are also updates for Kubuntu, with KDE SC 4.9 Beta 2 included, and the experimental replacement of LibreOffice with Calligra Suite. Xubuntu sees a later Xfce (4.10) in use and updated Gimp and gThumb. 

ISO images of the general desktop testing release are available for 32- and 64-bit x86 systems and 64-bit Mac systems. For all changes, known issues and links to further information and other images, consult the Alpha 2 Technical Overview. Development releases are meant for testing only and should not be used in a production or critical environment; users wanting a stable system should install Ubuntu 12.04 LTS

-Source (Ubuntu ,The-H)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Ubuntu 12.10 (Quantal Quetzal) Alpha 2 Arrives With Linux Kernel 3.5-rc4 & Improved Filesystem Utilities"https://www.voiceofgreyhat.com/2012/06/ubuntu-1210-quantal-quetzal-alpha-2.html</a>

Microsoft Security Bulletin (June 2012) Closed Security Hole in RDP, IE,Certificate Tool & .NET

Microsoft Security Bulletin (June 2012) Closed Security Hole in RDP, IE,Certificate Tool & .NET

Microsoft released June 2012 Security bulletin to close a total of 27 security holes in its products, among them 13 in Internet Explorer. The rest of the patches affect all currently supported Windows versions, the .NET Framework, Remote Desktop, Lync, Windows Kernel and Dynamics AX. The company separately announced changes to its automatic updater to block untrusted security certificates. Microsoft updated the updater tool after researchers uncovered how the Flame malware had gamed the process. The most important updates are bundled in the cumulative Internet Explorer patch (MS12-037), which includes fixes for the holes that were targeted by Pwn2Own exploits. Another urgent update is MS12-036, which concerns denial of service and remote code execution vulnerabilities in the Remote Desktop features built into all supported versions of Windows. The third critical update affects the .NET Framework (MS12-038). The remaining 4 updates are rated "important" by Microsoft and close code execution bugs in Lync and privilege escalation holes in Dynamics AX and Windows.

Through this security bulletin Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Security Bulletin (June 2012) Closed Security Hole in RDP, IE,Certificate Tool & .NET"https://www.voiceofgreyhat.com/2012/06/microsoft-security-bulletin-june-2012.html</a>