document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-02-03 23:40:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
Xingyu Wang 2019-08-09 23:55:49 +08:00
commit b7026077f9
3 changed files with 71 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
translated/tech/20190805 4 cool new projects to try in COPR for August 2019.md → published/20190805 4 cool new projects to try in COPR for August 2019.md
View File

@ -1,8 +1,8 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11206-1.html)
[#]: subject: (4 cool new projects to try in COPR for August 2019)
[#]: via: (https://fedoramagazine.org/4-cool-new-projects-to-try-in-copr-for-august-2019/)
[#]: author: (Dominik Turecek https://fedoramagazine.org/author/dturecek/)
@ -12,19 +12,19 @@ COPR 仓库中 4 个很酷的新项目2019.8
![][1]
COPR 是个人软件仓库[集合][2],它不在 Fedora 中。这是因为某些软件不符合轻松打包的标准或者它可能不符合其他 Fedora 标准尽管它是自由而开源的。COPR 可以在 Fedora 套件之外提供这些项目。COPR 中的软件不受 Fedora 基础设施的支持,或者是由项目自己背书的。但是,这是一种尝试新的或实验性的软件的一种巧妙的方式。
COPR 是个人软件仓库[集合][2],它不在 Fedora 中。这是因为某些软件不符合轻松打包的标准或者它可能不符合其他 Fedora 标准尽管它是自由而开源的。COPR 可以在 Fedora 套件之外提供这些项目。COPR 中的软件不受 Fedora 基础设施的支持,或者是由项目自己背书的。但是,这是一种尝试新的或实验性的软件的一种巧妙的方式。
这是 COPR 中一组新的有趣项目。
### Duc
[Duc][3] 是磁盘使用率检查和可视化工具的集合。Duc 使用索引数据库来保存系统上文件的大小。索引完成后,你可以通过命令行界面或 GUI 快速查看磁盘使用情况。
[duc][3] 是磁盘使用率检查和可视化工具的集合。Duc 使用索引数据库来保存系统上文件的大小。索引完成后,你可以通过命令行界面或 GUI 快速查看磁盘使用情况。
![][4]
#### 安装说明
[仓库][5] 目前为 EPEL 7、Fedora 29 和 30 提供 duc。要安装 duc请使用以下命令
[仓库][5]目前为 EPEL 7、Fedora 29 和 30 提供 duc。要安装 duc请使用以下命令
```
sudo dnf copr enable terrywang/duc
@ -33,28 +33,28 @@ sudo dnf install duc
### MuseScore
[MuseScore][6] 是一个处理音乐符号的软件。使用 MuseScore你可以使用鼠标虚拟键盘或 MIDI 控制器创建乐谱。然后MuseScore 可以播放创建的音乐或将其导出为 PDFMIDI 或 MusicXML。此外它还有一个由 Musescore 用户创建的含有大量乐谱的数据库。
[MuseScore][6] 是一个处理音乐符号的软件。使用 MuseScore你可以使用鼠标虚拟键盘或 MIDI 控制器创建乐谱。然后MuseScore 可以播放创建的音乐或将其导出为 PDF、MIDI 或 MusicXML。此外它还有一个由 MuseScore 用户创建的含有大量乐谱的数据库。
![][7]
#### 安装说明
[仓库][5] 目前为 Fedora 29 和 30 提供 MuseScore。要安装 MuseScore请使用以下命令
[仓库][5]目前为 Fedora 29 和 30 提供 MuseScore。要安装 MuseScore请使用以下命令
```
sudo dnf copr enable jjames/MuseScore
sudo dnf install musescore
```
### Dynamic Wallpaper Editor
### 动态墙纸编辑器
[Dynamic Wallpaper Editor][9] 是一个可在 GNOME 中创建和编辑随时间变化的壁纸集合的工具。这可以使用 XML 文件来完成,但是,Dynamic Wallpaper Editor 通过其图形界面使其变得简单,你可以在其中简单地添加图片、排列图片并设置每张图片的持续时间以及它们之间的过渡。
[动态墙纸编辑器][9] 是一个可在 GNOME 中创建和编辑随时间变化的壁纸集合的工具。这可以使用 XML 文件来完成,但是,动态墙纸编辑器通过其图形界面使其变得简单,你可以在其中简单地添加图片、排列图片并设置每张图片的持续时间以及它们之间的过渡。
![][10]
#### 安装说明
[仓库][11] 目前为 Fedora 30 和 Rawhide 提供 Dynamic Wallpaper Editor。要安装 Dynamic Wallpaper Editor,请使用以下命令:
该[仓库][11]目前为 Fedora 30 和 Rawhide 提供动态墙纸编辑器。要安装它,请使用以下命令:
```
sudo dnf copr enable atim/dynamic-wallpaper-editor
@ -69,7 +69,7 @@ sudo dnf install dynamic-wallpaper-editor
#### 安装说明
[仓库][14] 目前为 Fedora 29、30 和 Rawhide 提供 Manuskript。要安装 Manuskript请使用以下命令
[仓库][14]目前为 Fedora 29、30 和 Rawhide 提供 Manuskript。要安装 Manuskript请使用以下命令
```
sudo dnf copr enable notsag/manuskript
@ -83,7 +83,7 @@ via: https://fedoramagazine.org/4-cool-new-projects-to-try-in-copr-for-august-20
作者:[Dominik Turecek][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

58
published/20190806 Microsoft finds Russia-backed attacks that exploit IoT devices.md Normal file
View File

@ -0,0 +1,58 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11207-1.html)
[#]: subject: (Microsoft finds Russia-backed attacks that exploit IoT devices)
[#]: via: (https://www.networkworld.com/article/3430356/microsoft-finds-russia-backed-attacks-that-exploit-iot-devices.html)
[#]: author: (Jon Gold https://www.networkworld.com/author/Jon-Gold/)
微软发现由俄罗斯背后支持的利用物联网设备进行的攻击
======
> 微软表示,默认密码、未打补丁的设备,物联网设备库存不足是导致俄罗斯的 STRONTIUM 黑客组织发起针对公司的攻击的原因。
![Zmeel / Getty Images][1]
在微软安全响应中心周一发布的博客文章中该公司称STRONTIUM 黑客组织对未披露名字的微软客户进行了基于 [IoT][2] 的攻击,安全研究人员相信 STRONTIUM 黑客组织和俄罗斯 GRU 军事情报机构有密切的关系。
微软[在博客中说][3],它在 4 月份发现的攻击针对三种特定的物联网设备:一部 VoIP 电话、一部视频解码器和一台打印机(该公司拒绝说明品牌),并将它们用于获得对不特定的公司网络的访问权限。其中两个设备遭到入侵是因为没有更改过制造商的默认密码,而另一个设备则是因为没有应用最新的安全补丁。
以这种方式受到攻击的设备成为了安全的网络的后门,允许攻击者自由扫描这些网络以获得进一步的漏洞,并访问其他系统获取更多的信息。攻击者也被发现其在调查受攻击网络上的管理组,试图获得更多访问权限,以及分析本地子网流量以获取其他数据。
STRONTIUM也被称为 Fancy Bear、Pawn Storm、Sofacy 和 APT28被认为是代表俄罗斯政府进行的一系列恶意网络活动的幕后黑手其中包括 2016 年对民主党全国委员会的攻击,对世界反兴奋剂机构的攻击,针对记者调查马来西亚航空公司 17 号航班在乌克兰上空被击落的情况,向美国军人的妻子发送捏造的死亡威胁等等。
根据 2018 年 7 月特别顾问罗伯特·穆勒办公室发布的起诉书STRONTIUM 袭击的指挥者是一群俄罗斯军官,所有这些人都被 FBI 通缉与这些罪行有关。
微软通知客户发现其遭到了民族国家的攻击,并在过去 12 个月内发送了大约 1,400 条与 STRONTIUM 相关的通知。微软表示其中大多数五分之四是对政府、军队、国防、IT、医药、教育和工程领域的组织的攻击其余的则是非政府组织、智囊团和其他“政治附属组织”。
根据微软团队的说法,漏洞的核心是机构缺乏对其网络上运行的所有设备的充分认识。另外,他们建议对在企业环境中运行的所有 IoT 设备进行编目,为每个设备实施自定义安全策略,在可行的情况下在各自独立的网络上屏蔽物联网设备,并对物联网组件执行定期补丁和配置审核。
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3430356/microsoft-finds-russia-backed-attacks-that-exploit-iot-devices.html
作者:[Jon Gold][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Jon-Gold/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2019/07/cso_russian_hammer_and_sickle_binary_code_by_zmeel_gettyimages-927363118_2400x1600-100801412-large.jpg
[2]: https://www.networkworld.com/article/3207535/what-is-iot-how-the-internet-of-things-works.html
[3]: https://msrc-blog.microsoft.com/2019/08/05/corporate-iot-a-path-to-intrusion/
[4]: https://www.networkworld.com/article/3207535/internet-of-things/what-is-the-iot-how-the-internet-of-things-works.html
[5]: https://www.networkworld.com/article/2287045/internet-of-things/wireless-153629-10-most-powerful-internet-of-things-companies.html
[6]: https://www.networkworld.com/article/3270961/internet-of-things/10-hot-iot-startups-to-watch.html
[7]: https://www.networkworld.com/article/3279346/internet-of-things/the-6-ways-to-make-money-in-iot.html
[8]: https://www.networkworld.com/article/3280225/internet-of-things/what-is-digital-twin-technology-and-why-it-matters.html
[9]: https://www.networkworld.com/article/3276313/internet-of-things/blockchain-service-centric-networking-key-to-iot-success.html
[10]: https://www.networkworld.com/article/3269736/internet-of-things/getting-grounded-in-iot-networking-and-security.html
[11]: https://www.networkworld.com/article/3276304/internet-of-things/building-iot-ready-networks-must-become-a-priority.html
[12]: https://www.networkworld.com/article/3243928/internet-of-things/what-is-the-industrial-iot-and-why-the-stakes-are-so-high.html
[13]: https://pluralsight.pxf.io/c/321564/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fpaths%2Fcertified-information-systems-security-professional-cisspr
[14]: https://www.facebook.com/NetworkWorld/
[15]: https://www.linkedin.com/company/network-world

73
sources/news/20190806 Microsoft finds Russia-backed attacks that exploit IoT devices.md
View File

@ -1,73 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Microsoft finds Russia-backed attacks that exploit IoT devices)
[#]: via: (https://www.networkworld.com/article/3430356/microsoft-finds-russia-backed-attacks-that-exploit-iot-devices.html)
[#]: author: (Jon Gold https://www.networkworld.com/author/Jon-Gold/)
Microsoft finds Russia-backed attacks that exploit IoT devices
======
Microsoft says default passwords, unpatched devices, poor inventory of IoT gear led to exploits against companies by Russia's STRONTIUM hacking group.
![Zmeel / Getty Images][1]
The STRONTIUM hacking group, which has been strongly linked by security researchers to Russias GRU military intelligence agency, was responsible for an [IoT][2]-based attack on unnamed Microsoft customers, according to the company. a blog post from the companys security response center issued Monday.
Microsoft [said in a blog][3] that the attack, which it discovered in April, targeted three specific IoT devices a VoIP phone, a video decoder and a printer (the company declined to specify the brands) and used them to gain access to unspecified corporate networks. Two of the devices were compromised because nobody had changed the manufacturers default password, and the other one hadnt had the latest security patch applied.
**More on IoT:**
* [][4] [Most powerful Internet of Things companies][5]
* [10 Hot IoT startups to watch][6]
* [The 6 ways to make money in IoT][7]
* [What is digital twin technology? [and why it matters]][8]
* [Blockchain, service-centric networking key to IoT success][9]
* [Getting grounded in IoT networking and security][10]
* [Building IoT-ready networks must become a priority][11]
* [What is the Industrial IoT? [And why the stakes are so high]][12]
Devices compromised in this way acted as back doors to secured networks, allowing the attackers to freely scan those networks for further vulnerabilities, access additional systems, and gain more and more information. The attackers were also seen investigating administrative groups on compromised networks, in an attempt to gain still more access, as well as analyzing local subnet traffic for additional data.
STRONTIUM, which has also been referred to as Fancy Bear, Pawn Storm, Sofacy and APT28, is thought to be behind a host of malicious cyber-activity undertaken on behalf of the Russian government, including the 2016 hack of the Democratic National Committee, attacks on the World Anti-Doping Agency, the targeting of journalists investigating the shoot-down of Malaysia Airlines Flight 17 over Ukraine, sending death threats to the wives of U.S. military personnel under a false flag and much more.
According to an indictment released in July 2018 by the office of Special Counsel Robert Mueller, the architects of the STRONTIUM attacks are a group of Russian military officers, all of whom are wanted by the FBI in connection with those crimes.
Microsoft notifies customers that it discovers are attacked by nation-states and has delivered about 1,400 such notifications related to STRONTIUM over the past 12 months. Most of those four in five went to organizations in the government, military, defense, IT, medicine, education and engineering sectors, and the remainder were for NGOs, think-tanks and other “politically affiliated organizations,” Microsoft said.
The heart of the vulnerability, according to the Microsoft team, was a lack of full awareness by institutions of all the devices running on their networks. They recommended, among other things, cataloguing all IoT devices running in a corporate environment, implementing custom security policies for each device, walling off IoT devices on their own separate networks wherever practical, and performing regular patch and configuration audits on IoT gadgets.
**[ [Prepare to become a Certified Information Security Systems Professional with this comprehensive online course from PluralSight. Now offering a 10-day free trial!][13] ]**
Join the Network World communities on [Facebook][14] and [LinkedIn][15] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3430356/microsoft-finds-russia-backed-attacks-that-exploit-iot-devices.html
作者:[Jon Gold][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Jon-Gold/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2019/07/cso_russian_hammer_and_sickle_binary_code_by_zmeel_gettyimages-927363118_2400x1600-100801412-large.jpg
[2]: https://www.networkworld.com/article/3207535/what-is-iot-how-the-internet-of-things-works.html
[3]: https://msrc-blog.microsoft.com/2019/08/05/corporate-iot-a-path-to-intrusion/
[4]: https://www.networkworld.com/article/3207535/internet-of-things/what-is-the-iot-how-the-internet-of-things-works.html
[5]: https://www.networkworld.com/article/2287045/internet-of-things/wireless-153629-10-most-powerful-internet-of-things-companies.html
[6]: https://www.networkworld.com/article/3270961/internet-of-things/10-hot-iot-startups-to-watch.html
[7]: https://www.networkworld.com/article/3279346/internet-of-things/the-6-ways-to-make-money-in-iot.html
[8]: https://www.networkworld.com/article/3280225/internet-of-things/what-is-digital-twin-technology-and-why-it-matters.html
[9]: https://www.networkworld.com/article/3276313/internet-of-things/blockchain-service-centric-networking-key-to-iot-success.html
[10]: https://www.networkworld.com/article/3269736/internet-of-things/getting-grounded-in-iot-networking-and-security.html
[11]: https://www.networkworld.com/article/3276304/internet-of-things/building-iot-ready-networks-must-become-a-priority.html
[12]: https://www.networkworld.com/article/3243928/internet-of-things/what-is-the-industrial-iot-and-why-the-stakes-are-so-high.html
[13]: https://pluralsight.pxf.io/c/321564/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fpaths%2Fcertified-information-systems-security-professional-cisspr
[14]: https://www.facebook.com/NetworkWorld/
[15]: https://www.linkedin.com/company/network-world