RubyGem Requires Multi-Factor Authentication

The Ruby Package Manager now follows in the same footsteps as NPM and PyPi by requiring multifactor authentication to access Ruby packages.

Starting on August 15, 2022, all RubyGems users with a total of more than 180 million downloads are required to activate MFA to be able to enjoy the Ruby package download service. If some maintainers have exceeded 165 million package downloads, they will receive a notification to enable the MFA feature.

The origin of this mandatory MFA feature is the attacks experienced by NPM and PyPi which increased by 289% according to an analysis from security firm ReversingLabs. This attack causes a serious slowdown when NPM and PyPi users install or update required packages.

In what has by now become a recurring theme, researchers from Checkmarx, Kaspersky, and Snyk uncovered a slew of malicious packages in PyPI that could be abused to conduct DDoS attacks and harvest browser passwords as well as Discord and Roblox credential and payment information.

This is just one of a seemingly endless stream of malware specifically tailored to infect developer's systems with information stealers, potentially enabling the threat actors to identify suitable pivoting points in the compromised environments and deepen their intrusions.

Comments

Cara Disable Antimalware Service Executable di Windows 10

Disadari atau tidak, Windows 10 (dan juga windows-windows lainnya) hadir dengan banyak sekali aplikasi bloatware (aplikasi yang tidak perlu-perlu amat dimiliki oleh end user). Contohnya, adalah aplikasi yang seharusnya sudah tergantikan fungsinya oleh antivirus, seperti Antimalware Service Executable . Aplikasi ini dicurigai membuat Windows 10 mengalami inefisiensi memori/RAM, memakan resource yang tinggi, dengan Load yang tinggi (tanpa limit terkadang). Nah, berikut adalah cara men-disable nya: Tekan tombol Windows + I untuk membuka apliaksi Windows Setting. Pilih icon menu Update and Security Pilih lagi menu disamping kiri Windows Security Pada jendela baru yang muncul, ada pilihan Virus & Threat protection Klik ini Lalu matikan proses Real-time protection tersebut. Dengan Regedit. Buka dialog regedit, Windows + R dan ketik ‘regedit’ Cari Folder regedit ini HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Buat sebuah DWORD baru dengan klik kanan

Setup Debian 11 Official Repository In sources.list (/etc/apt/sources.list)

When you install Debian 11 using a DVD, the OS installer sets the DVD as the source for getting packages for your system if you didn't choose to scan for network mirrors. Due to this reason, the system would ask you to insert a DVD if the disc is not present in the DVD drive when you try to install any software. Also, the packages on DVD may not be the latest release. So, we need to get the packages from the Internet. Media change: please insert the disc labeled 'Debian GNU/Linux 11.0.0 _Bullseye_ - Official amd64 DVD Binary-1 20210814-10:04' in the drive '/media/cdrom/' and press [Enter] The /etc/apt/sources.list file with DVD as a source would look something like below. # deb cdrom:[Debian GNU/Linux 11.0.0 _Bullseye_ - Official amd64 DVD Binary-1 20210814-10:04]/ bullseye contrib main deb cdrom:[Debian GNU/Linux 11.0.0 _Bullseye_ - Official amd64 DVD Binary-1 20210814-10:04]/ bullseye contrib main deb http://security.debian.org/debian-security bullseye-security

How to Install Traefik in Debian (Without Docker)

Download the suitable version of Traefik for your system from here: https://github.com/traefik/traefik/releases as an example, we'll be download the linux 64 bit version: wget https://github.com/traefik/traefik/releases/download/v2.8.7/traefik_v2.8.7_linux_amd64.tar.gz extract those package: tar -xzvf traefik_v2.8.7_linux_amd64.tar.gz set the traefik as executable and move the traefik binary to linux bin folder

How Emka Learn Linux

Search This Blog