Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon, a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. KrebsOnSecurity has learned that the defendant was busted in March 2022, after fleeing mandatory military service in Ukraine in the weeks following the Russian invasion.

Ukrainian national Mark Sokolovsky, seen here in a Porsche Cayenne on Mar. 18 fleeing mandatory military service in Ukraine. This image was taken by Polish border authorities as Sokolovsky’s vehicle entered Germany. Image:

The U.S. Attorney for the Western District of Texas unsealed an indictment last week that named Mark Sokolvsky as the core developer for the Raccoon Infostealer business, which was marketed on several Russian-language cybercrime forums beginning in 2019.

Raccoon was essentially a Web-based control panel, where — for $200 a month — customers could get the latest version of the Raccoon Infostealer malware, and interact with infected systems in real time. Security experts say the passwords and other data stolen by Raccoon malware were often resold to groups engaged in deploying ransomware.

Working with investigators in Italy and The Netherlands, U.S. authorities seized a copy of the server used by Raccoon to help customers manage their botnets. According to the U.S. Justice Department, FBI agents have identified more than 50 million unique credentials and forms of identification (email addresses, bank accounts, cryptocurrency addresses, credit card numbers, etc.) stolen with the help of Raccoon.

The Raccoon v. 1 web panel, where customers could search by infected IP, and stolen cookies, wallets, domains and passwords.

The unsealed indictment (PDF) doesn’t delve much into how investigators tied Sokolovsky to Raccoon, but two sources close to the investigation shared more information about that process on condition of anonymity because they were not authorized to discuss the case publicly.

According to those sources, U.S. authorities zeroed in on an operational security mistake that the Raccoon developer made early on in his posts to the crime forums, connecting a Gmail account for a cybercrime forum identity used by the Raccoon developer (“Photix”) to an Apple iCloud account belonging to Sokolovsky. For example, the indictment includes a photo that investigators subpoenaed from Sokolovsky’s iCloud account that shows him posing with several stacks of bundled cash.

A selfie pulled from Mark Sokolovsky’s iCloud account. Image: USDOJ.

When Russian President Vladimir Putin invaded Ukraine in late February 2022, Sokolovsky was living in Kharkiv, a city in northeast Ukraine that would soon come under heavy artillery bombardment from Russian forces. Authorities monitoring Sokolovsky’s iCloud account had spent weeks watching him shuttle between Kharkiv and the Ukrainian capital Kyiv, but on Mar. 18, 2022, his phone suddenly showed up in Poland.

Investigators learned from Polish border guards that Sokolovsky had fled Ukraine in a Porsche Cayenne along with a young blond woman, leaving his mother and other family behind. The image at the top of this post was shared with U.S. investigators by Polish border security officials, and it shows Sokolovsky leaving Poland for Germany on Mar. 18.

At the time, all able-bodied men of military age were required to report for service to help repel the Russian invasion, and it would have been illegal for Sokolovsky to leave Ukraine without permission. But both sources said investigators believe Sokolovsky bribed border guards to let them pass.

Authorities soon tracked Sokolvsky’s phone through Germany and eventually to The Netherlands, with his female companion helpfully documenting every step of the trip on her Instagram account. Here is a picture she posted of the two embracing upon their arrival in Amsterdam’s Dam Square:

Authorities in The Netherlands arrested Sokolovsky on Mar. 20, and quickly seized control over the Raccoon Infostealer infrastructure. Meanwhile, on March 25 the accounts that had previously advertised the Raccoon Stealer malware on cybercrime forums announced the service was closing down. The parting message to customers said nothing of an arrest, and instead insinuated that the core members in charge of the malware-as-a-service project had perished in the Russian invasion.

“Unfortunately, due to the ‘special operation,’ we will have to close our Raccoon Stealer project,” the team announced Mar. 25. “Our team members who were responsible for critical components of the product are no longer with us. Thank you for this experience and time, for every day, unfortunately everything, sooner or later, the end of the WORLD comes to everyone.”

Sokolovsky’s extradition to the United States has been granted, but he is appealing that decision. He faces one count of conspiracy to commit computer fraud; one count of conspiracy to commit wire fraud; one count of conspiracy to commit money laundering, and one count of aggravated identity theft.

Sources tell KrebsOnSecurity that Sokolovsky has been consulting with Houston, Tx.-based attorney F. Andino Reynal, the same lawyer who represented Alex Jones in the recent defamation lawsuit against Jones and his conspiracy theory website Infowars. Reynal was responsible for what Jones himself referred to as the “Perry Mason” moment of the trial, wherein the plaintiff’s lawyer revealed that Reynal had inadvertently given them an entire digital copy of Jones’s cell phone. Mr. Reynal did not respond to requests for comment.

If convicted, Sokolovsky faces a maximum penalty of 20 years in prison for the wire fraud and money laundering offenses, five years for the conspiracy to commit computer fraud charge, and a mandatory consecutive two-year term for the aggravated identity theft offense.

The Justice Department has set up a website — — that allows visitors to check whether their email address shows up in the data collected by the Raccoon Stealer service.

Truss Phone Hacking Scandal Blame Foreign Culprits

Earlier today it was reported that former UK Prime Minister Liz Truss’s personal phone was hacked earlier this year by suspected foreign agents, putting national security at risk, according to a new report on Sunday.

Further to this, unnamed “security sources” told the Mail on Sunday that the incident was discovered during the Conservative Party leadership contest over the summer, causing Truss sleepless nights as she worried it may impact her chances of winning.

In addition, then-Prime Minister Boris Johnson and cabinet secretary Simon Case are said to have imposed a total news blackout on the incident.

“It is not a great look for the intelligence services if the foreign secretary’s phone can be so easily plundered for embarrassing personal messages by agents presumed to be working for Vladimir Putin’s Russia,” a security source told the paper.

It appears that there is no evidence was given linking the breach to the Kremlin, although it’s believed that a year’s worth of messages were downloaded from Truss’s device by an unauthorized intruder.

Apparently, these included “highly sensitive” conversations with other countries’ foreign ministers about the war in Ukraine, including detailed discussions about arms shipments.

Additionally, the use by ministers of personal devices and consumer-grade services for government business is creating unacceptable national security risks, according to security experts.

It has also been reported that home secretary Suella Braverman was recently forced to resign after it was revealed that she used her personal email to send a confidential government document on immigration policy to a Tory backbencher. She was subsequently reappointed by incoming PM Rishi Sunak.

Jake Moore, ESET global cybersecurity advisor, pointed to notorious phone-snooping malware Pegasus as a potential culprit for the Truss attack.

“Its quiet, under-the-radar delivery method enables it to monitor the vast majority of a device and those targeted will have no idea of its residence,” he argued.

“High-profile people such as politicians are often targeted, so it is extremely important they keep their personal phone number private and to change it immediately if ever leaked. It is also imperative that they keep their phones up to date and patched with the latest security updates to reduce the chance of such attacks.”

VP EMEA for Absolute Software, Achi Lewis, added that everyone in an organization is a potential target.

“From the Prime Minister to a new joiner, every potential employee and endpoint is at risk of a cyber-attack,” he said.

“All members of staff and electronic devices contain sensitive data in some form which makes them vulnerable to threat actors and requires that they not only have sufficient cyber-training to identify the dangers but also effective cybersecurity technologies to both prevent and react when – not if – an attack occurs.”

The post Truss Phone Hacking Scandal Blame Foreign Culprits appeared first on IT Security Guru.

Most Inspiring Women in Cyber Awards 2022

The nominations for the Most Inspiring Women in Cyber awards are out! It’s always wonderful to read about the incredible women in our industry, who are making fantastic contributions and paving the way for others.

In no particular order, here is PART I of the 2022 shortlist along with snippets of what their nominators had to say about them! (To see Part II, see HERE)

Dr. Kiri Addison, senior product manager, Mimecast

Kiri has vast experience in the cybersecurity space, and has helped develop everything from creating systems to detect and prevent cyber-attacks and fraud to currently developing innovative products that utilize AI and ML to keep companies safe from cyberattacks.

“Kiri really is an unsung hero… Her fierce intelligence, combined with her openness and kindness make her a great mentor, colleague and friend. I also really like the fact that she is open about her struggles, this makes her relatable and brave. She is now using the skills she learnt to share her knowledge to mentor other women in the tech sector.”

Sophia Adhami, director of cyber security engagement, Sage

Sophia delivers incredible outreach and engagement to underrepresented groups. She is continually looking to improve gender and race diversity in the industry and doesn’t let anyone stand in her way when it comes to delivering knock out engagement that empowers women and unrepresented groups. 

“This lady lets nothing stop her. She joined a global security during the pandemic with two young children at home. Her passion, commitment to doing the right thing and delivery are incredible. Everyone needs a colleague like Sophia.”

Anah Ahee, assistant manager, cybersecurity, KPMG

Anah’s personal investment in time, passion and know-how has been inspiring to all those she has encountered.  Despite the challenges of Covid, KPMG delivered over 50 cyber awareness sessions to approximately 4,000 young adults, with consistently positive feedback.  Key to this was Anah’s meticulous planning and execution, and impactful delivery of education. At such an early stage of her career, Anah demonstrates excellent leadership in delivering the corporate cyber community’s messages around awareness, safety and inclusivity.

“The objectives of Anah’s pursuits shape the agenda she follows to drive a KPMG-backed cyber message through a lens of diversity into our communities with great success.  In an increasingly pernicious digital environment, early education of children is critical.  Moreover, it embeds the message into communities we might not otherwise reach.”

Beverley Alderson, senior cyber broker, Aon

Beverley is a senior cyber broker at Aon where she has been for over 20 years. Throughout her career she has mentored and sponsored many women who have gone on to have successful careers in the cyber market after Bev’s custodianship and is a pioneer of early adoption of cyber insurance and cyber security principles. 

“Beverley’s ability to distil difficult issues down to basic principles and to resolve them without aggression is inspiring; she does this with strong communication skills, transparency and trust.”

Sarah Armstrong-Smith, chief security advisor, Microsoft

Sarah is an inspiring lady who reach high level security positions with the government and Microsoft without any formal cyber qualifications and tells her story frequently to increase cyber security awareness as a career path. 

“With Sarah’s determination, perseverance and good speaking abilities, she is an inspiration to all who get to hear her story.”

Sakina Asadova, offensive security expert, Canon

Sakina is newer to industry; she’s a junior penetration tester at Canon. Whilst still breaking into the industry, Sakina is dedicated to providing quality work and providing great insights on all projects she is a part of.         

“Having started in another country, Sakina has navigated the university system and started a career in another country. She not only changed from her native language, to learn both Dutch and English, she often works in situations that call on a variety of languages to ensure the messages get across”

Andrea Babbs, director of sales UK & Ireland, VIPRE Security

Andrea Babbs has worked in the IT Industry for over 20 years. During that time she has worked for IT Security Vendors and Resellers dealing with email, endpoint and web security. Andrea is currently Country Manager and Head of Sales for VIPRE Security Limited, where she manages the UK and Irish business. Andrea’s length of experience in the industry means she has seen the threat landscape change from simple viruses and spam to the sophisticated, zero-day, polymorphic threats of today. However, she recognises that in attacks of all types, humans are the last line of defence, meaning they need awareness and effective tools to help them prevent little mistakes with big consequences

“Andrea understands that her team needs to be able to trust her to do the right thing by them and the business needs to understand that not everything can happen right now, so a little bit of patience and trust go a long way to making the impossible possible in the best timescales for everyone.”

Rae Baker, OSINT Analyst at Operation: Safe Escape

Rae has taken the industry by storm – starting out just three years ago. She has moved from graphic design, into OSINT investigations, specialising in Maritime. Rae volunteers her time to support organisations such as Operation Safe Escape. A not-for-profit supporting survivors of domestic abuse and violence. She also is currently writing a book on OSINT, volunteers to support survivors and persons targeted, and works heavily within the OSINT community to spread knowledge. Rae has a YouTube channel where she provides introductions to OSINT, specifically maritime, for people to learn from. She speaks at conferences, and is always happy to give back to the community. Whilst it’s been only three years, she has quickly become one of the authorities on OSINT.

“Nominating Rae because of her continuous efforts to provide support to the OSINT community, support vulnerable persons, and educate. She works hard to ensure information is readily available to everyone who needs it.”

Kristina Balaam, senior security intelligence engineer, Lookout

Kristina is a key figure in Lookout’s threat research division particularly as a Senior Security Intelligence Engineer at Lookout where she reverse engineers mobile malware. She regularly uncovers mobile-related threats that help protects millions.

“Kristina is always doing her best to inspire the next generation of women in cyber and regularly participates in the Day of Security.”

Katie Beecroft, associate director, Fidelity International

Katie and her team have worked tirelessly to build awareness of cyber security threats to the firm. Thanks to her efforts, employees appreciate that they are part of the solution. More than that, Katie has looked beyond the bricks and mortar, coordinating webinars and training to educate individuals as to the risks of cyber threats in their personal lives. These programs have been very well received by employees and have resulted in a positive impact on the company’s cyber health.

“Katie knows how to engage people. She goes beyond facts and figures to ensure her audience comes away feeling they are part of the solution and fully invested in protecting themselves, their families and by extension our firm.”

Andra Catincescu, associate director, Fidelity International

An associate director at Fidelity International, Andra is subject matter expert and a passionate supporter of diversity and inclusion within the cybersecurity field. Knowledgeable when it comes to the assessment of risks and threats, Andra is a confident leader and speaker who can effectively explain even the most complex of situations. 

“[Andra has an] ability to keep calm and level headed, [even] in a range of situations.”

Hope Chauland, GTM Manager, Microsoft

By investing her time in researching the trends of the United Kingdom’s security and identity markets, Hope is actively involved in the process of product launching and marketing. Going above and beyond her position as a GTM Manager at Microsoft, Hope is also the co-leader of UK Women in Security at Microsoft, where she strives to promote topics valuable to women working in security. Whether through presenting, creating content, or the designing of new programs, Hope always ascertains that her products are always top of mind within the company. 

“Hope’s role is incredibly demanding and she seems to work non-stop! Yet, she always has time to lend a hand to a project or provide input. She is a very positive role model and is the personification of success!  Hope’s commitment to the work she does as well as to diversity in cyber makes her a phenomenal asset to the cyber community and a true inspiration!” 

Camellia Chan, CEO & Founder, FLEXXON

Bridging together her love for technology and business, Camellia has built FLEXXON from the ground up, forming an international team spanning from Asia, North America and the EMEA regions. Yet despite the team’s size, Camellia cares deeply about each and every one of her employees, making it her mission to make FLEXXON a safe space that allows for them to thrive—taking their career trajectories, senses of well-being, and personal growth into account. As a result of her leadership, FLEXXON was awarded both a prize and funding at the Cyber Security Agency of Singapore’s 2018 Cybersecurity Industry Call for Innovation, later developing the world’s first AI-embedded data security solution, the X-PHY Cyber Secure SSD. 

“Camellia represents a spirit of never giving up, striving for your goals even when the path ahead is challenging and being able to balance championing the human spirit through it all.”

Nathalie Cole, Cyber Security Consultant, NCC Group

Having transitioned from working as a veterinary surgeon to her role as a Cyber Security Consultant for NCC Group, Nathalie is now also serving as the chapter administrator for the Ladies of Cheltenham Hacking Society—in which she advocates for the promotion of diversity for women, people from ethnic minorities, and the neurodivergent community. In an effort to further disseminate diversity and inclusion throughout the cybersecurity industry, Nathalie is an avid supporter of CyNam and the Cheltenham Science Festival. 

“Being a career changer, Nathalie demonstrates a non-traditional route into cybersecurity. She is also HUGELY passionate about championing diversity, which is an attribute that is truly inspirational.”

Anna Collard, SVP Content Strategy & Evangelist, KnowBe4

With only five employees and no physical office, Anna was able to found Popcorn Training, one of the first global companies to educate individuals about online safety with story-based and engaging video and gaming content as an educational medium. Since then, Popcorn Training has been acquired by KnowBe4, and has won multiple international awards. Working at KnowBe4 herself as an SVP Content Strategist, Anna is also an evangelist for cybersecurity, Anna has a way of painting cyber awareness in a light that makes it exciting and engaging, even to the average, non-technical individual. In her free time, Anna is very involved with her local community, advocating for equal rights in South African townships, and personally assisting senior citizens with yoga. Regardless of the subject at hand, Anna has mentored a number of women to push ahead and excel.  

“Anna persevered to build a company from the ground up. She has also offered her time and expertise to help others, particularly young women, join the industry. For example, she was involved in the Gov-X initiative, which is an innovation challenge aimed towards inspiring the youth to assist the government in solving African national security challenges.”

Alice Conibere, Junior Security Researcher, Secure Impact

An expert when it comes to networking and outreach, Alice has a way of sharing her knowledge in an engaging manner—ranging from how she helped people succeed in a UK Government cybersecurity training programme to the talks she arranged as Communications Officer on behalf of her university’s cybersecurity society. Her colleagues at Secure Impact think very highly of her, as she always contributes the best work possible. Not yet even 22 years old, Alice is a recent graduate in cybersecurity at the Bournemouth University Computing and Security Society, where she held informative sessions to encourage her fellow students to venture into the field of cybersecurity. 

“Her diligent work, community efforts, and open attitude places her as a monumental figure within the cyber security community. Her frequent community engagement, presence at numerous events, and constant willingness to provide advice makes her an inspirational figure within the cybersecurity community, proving that there is room for all in this stereotypically male-dominated field.”

Adenike Cosgrove, VP Marketing, EMEA, Proofpoint

A driving force for increasing cybersecurity awareness in terms of how, why, and when an organization and its people are being targeted, Adenike has been elected as the Vice Chair of the ‘authindicators’ working group—which was entrusted with the duty of developing a way to consistently show end user recipients that their messages have been authenticated. In addition, Adenike has collaborated with a major private healthcare organization in the UK, educating healthcare providers on the interplay of cybersecurity and threat actors with the healthcare industry—and how to best protect and defend their staff, suppliers, and patients. By taking on a novel and innovative method of risk assessment and cyberattack observation, Adenike’s work has successfully allowed numerous companies to see where their people-centric security is lacking, and where to take appropriate action, before a potential attack strikes. 

“[Adenike] is an advocate for addressing the diversity challenge in cybersecurity and regularly discusses the topic in industry events, in blogs and in columns. She puts forward the view that by continuing to look in the same place for cybersecurity professionals, we will continue to put the same set of eyes on a rapidly evolving set of problems. Diversity challenges traditional assumptions and thought processes, bringing a fresh perspective to problems and new challenges, and Adenike is passionate about inspiring a new and diverse generation of cybersecurity professionals.”

Camilla Currin, Senior Partner Manager, Trend Micro

A senior partner manager at Trend Micro, Camilla is an inspiration to everyone—rising to any challenge whilst bringing forwards an empathetic and emotionally-intelligent attitude. A mentor and experienced industry veteran, Camilla equally devotes her time to her colleagues regardless of their position—extending from C-level executives to junior team members. 

“She’s genuinely passionate about people and their backgrounds. She continuously mentors younger team members inside the company as well as in her social circle, across the industry and in partner organizations. She looks for the best in people—always.”

Adelina Deaconu, XDR Team Lead, Heimdal Security

With Adelina overseeing the XDR team for Heimdal Security, the group was able to become a fully fledged cybersecurity tactical squad—not to mention that, with Adelina’s guidance, the XDR team facilitated the product usage process for its customers. Furthermore, Adelina strove to ensure that Heimdal’s clients were always one step ahead of the latest threat actors—surveying infiltration efforts and responding to threats in order to keep the clients’ infrastructure safe. 

“What… [is] most inspirational about Adelina as a woman in cybersecurity is the fact that she made this technical lead role her own with great skills, impeccable problem-solving, and hands-on management. Seeing a woman as a leader in her field, especially on the technical side, is something that… [is inspirational] every day.”

Katie Diacon, Director, TMT Cyber Security

A leader who puts a huge amount of trust into people and also strives to keep learning and improving, Katie has taken the KPMG resilience team to new lengths. She has facilitated several difficult Women in Cyber panel discussions and been exceptional at it, taken our Resilience team to new levels and growth, and motivated several young women (like myself) but also men. She’s also brought several new clients and empowered everyone in her team to want to play a part in the growth of the team.

“[Katie] champions women in cyberspace through sponsorship, mentorship and by providing great working opportunities. [Additionally, she] provides usable advice and guidance, leads by example, and promotes good work life balance in the workplace.”

Dasha Diaz, Founder & CEO, itrainsec

Having worked in the communications department of one of the top cybersecurity vendors, Dasha has gone on to organize top class IT security conferences—and has also founded her own company, “itrainsec”, which provides custom b2b cybersecurity trainings and organizes events worldwide involving top cybersecurity vendors. 

“Dasha has a real passion towards what she does and really understands the importance of cybersecurity. Dasha is a real professional, strong and communicative… [and she] sets the goal and meets the goal whatever it takes.”

Lauren Eickhorst, Co-Founder and COO, Aristotle Metadata

As a leader in knowledge transfer, Lauren has put forward work in the development, operationalisation and growth of Aristotle Metadata that has had an outstanding impact on the data cybersecurity landscape. Her contributions to cybersecurity include the development of data skills training videos viewed by over 300,000 global viewers, development of training to upskill data security knowledge within complex organizations, and user experience design to revolutionize the uptake of data security solutions within larger enterprise groups. Not only that, but she is also a regional President for the Data Management Association, having broadened the audience to include a younger and more diverse practitioner demographic—in turn increasing the development of the data and cybersecurity community.

“Lauren has shown herself to continuously dedicate herself to self-improvement and growth. She is current Chief Operating Officer for an increasingly international startup, President of a regional data committee, and completing her Master of Business Administration to improve her skills. Lauren is an exceptional and outstanding representative of global cybersecurity and [is] an inspiration for women seeking to join the profession.”

Carole Embling, information security manager – compliance, Metro Bank

Carole started her career in IT security at the Royal Mail Group. Having begun as a Post Office Counter Clerk, she started on the path into Information Security by being trained as a junior business consultant back in 1990. She quickly learned the ropes of Information Security as part of a special training initiative and then became part of an integral team providing security consultancy at the Royal Mail Group. She later became an Information Security Manager at RMG and after being part of multiple organisations in the capacity of Information Security Advisor/Manager, she took on her current role as the Information Security Manager – Compliance at Metro Bank.  

“Carole has fought adversity since the 1990s to champion women in cybersecurity.”

Kate Emery-James, sales director, major accounts UK&I, Trend Micro

Kate has held various executive positions in cyber and has worked hard to put D&I at the top of the agenda in each of the organisations she worked in. She’s passionate about creating a truly inclusive work environment, in which everyone feels welcome. At Trend Micro, Kate is working hard to ensure the company has a diverse pipeline of talent joining the various teams. 

“Kate [has] juggle[d] many unexpected situations, from balancing a career and small children to working with difficult customer situations – career challenges have come with lots of different guises along the way for Kate. She tends to look at situations and frame them as ‘plot twists’ which are there to ‘learn and move on’. This has and continues to inspire many around her.”

Ana Ferreira, information security & health researcher, CINTESIS

Ana Ferreira has been a cybersecurity specialist and researcher for more than 20 years now, before even cybersecurity was named as such or the realization that the inclusiveness and diversity of this field would, one day, be so relevant to its advancement. Ana was one of the pioneers in cybersecurity in Europe and she has built herself into one of the role models that can inspire all generations of women to do so too, at both a national and European level, and even worldwide, where she has recently been recognized for her work and as a barrier breaker in the area.

“Ana supports any girl that contacts her through social media, she is always encouraging us to take risks… Last but not least, she has been awarded for many scientific papers while having won the “Barrier Breaker” category of the Cybersecurity Woman of the Year Awards 2022.”

Didar Gelici, senior technology manager, risk & compliance, JustEat

Didar is an experienced information security and risk manager, enthusiastic about transitioning into AppSec and DevSecOps. She is skilled in risk and control assessments, third party due diligence and team management. Didar has BA degree focused in Management and Organization from Marmara Üniversitesi.

“Didar takes an active role in multiple communities mostly helping women in tech. She is caring and a good leader with a big smile on her face always.”

Phoebe Goddard, assistant manager, cyber security, KPMG

Phoebe has worked extensively on cyber benchmarking in her role at KMPG, having recently been promoted to assistant manager for cyber security at KPMG. She has a hard-working attitude with a solutions-oriented mindset which allows her to always get the job done.

Phoebe has a spark that is rare, I can see her reaching higher heights, she’s one to watch out for.”

Stefani Goerlich, sex, relationships & mental health therapist, Bound Together Counselling

Stefani co-hosts a podcast called Securing Sexuality, where she and her husband demystify security concerns for the non-technical and targeted communities. Stefani reaches out to security persons to ensure the advice she gives clients, i.e. applications of interest or sites, is secure. She is a voice in the confusing world of therapy and ensures legitimate help is given to persons who need it, and companies that aim to mistreat or trick people are not allowed to continue. Stefani speaks at both therapy and security conferences.

“Stefani continues to not only achieve but expand her knowledge. She is taking security training, investing time to learn more to help others. She also had a medical emergency a few years ago, which she barely survived, and yet didn’t let that slow her down.”

Tamzin Greenfield, cyber security apprentice, University of Gloucestershire + Cyber Security Associates

Tamzin has been honoured to speak at multiple events regarding diversity and entry pathways, hosted by groups such as Women in Cyber Security, CyNam, the UK Cyber Security Council, and the NCSC. She has also mentored students and sees the distinctly bold cohort that lead the future of STEM.

“Tamzin is a hugely inspirational young woman who is exceptionally dedicated to the cyber community.”

Nicola Hartland, senior VP, Falanx Cyber

Nicola leads the Innovation and Growth team within Falanx Cyber, part of Falanx Group who are listed on London’s AIM stock exchange. Falanx Cyber puts enterprise-class cyber security services within reach of every organisation. She identifies areas of cyber risk threatening the integrity of businesses and helps  provide complete end-to-end managed cyber security services to alleviate those risks.

Nicola has a unique capability to align solutions to cyber challenges.”

Charlotte Hooper, helpline manager, the Cyber Helpline

Charlotte has been instrumental in the Cyber Helpline from non-profit to registered charity and leads to build a team of responders to help the people of the UK. These responders come from all walks of life and want to help people; Charlotte makes sure The Cyber Helpline gets the right people and then trains and nurtures them so that they can make a real difference in people’s lives.

“Charlotte’s  drive and energy to always find a way and to get round blockers to make a difference is inspirational.”

Samantha Humphries, head of EMEA marketing & security strategy, Exabeam

Samantha Humphries is the Head of Security Strategy EMEA at Exabeam, a global cybersecurity leader that adds intelligence to every IT and security stack. She is responsible for ensuring Exabeam’s global markets receive relevant solutions messaging, collateral, and information.Samantha has over 21 years of experience in cyber security, and during this time has held a plethora of roles. She has defined strategy for multiple security products and technologies, helped hundreds of organisations of all shapes, sizes, and geographies recover and learn from cyberattacks, and trained many people on security concepts and solutions. In her current role she has responsibility for EMEA, Data Lake, compliance, and all things related to cloud.

Samantha’s dedication to diversity and inclusion has made her a leading figure in the cybersecurity industry. Since her early days moving from receptionist to Global Threat Response Manager at McAfee, Samantha has become one of the industry’s most impassioned advocates.” 

Nadia Kadhim, CEO & co-founder, Naq Cyber

Nadia has driven Naq to be a five million euro business serving customers all over the world. Nadia also has a passion for helping disadvantaged communities, demonstrated by her company Naq being 50% female and BAME.

Even through adversity and, frankly, when the chips were stacked against her, Nadia has demonstrated that through perseverance, she can overcome numerous obstacles to create a dynamic, fast-growing, multi-million euro business, meaning that she is a role model to young women everywhere.”

Hadis Karimipour, associate professor-chair in secure and reliable networked engineering systems, University of Calgary

Dr. Hadis Karimipour is the Canada Research Chair (Tier II) in Secure and Resilient Cyber-Physical Systems, a position awarded to exceptional emerging researchers, acknowledged as leaders by their peers. Named one of the Top 20 Women in Cyber Security in 2021 by IT World Canada, Dr. Karimipour is breaking new ground in using Artificial Intelligence (AI) for the security analysis of Critical Infrastructure (CI)—the essential systems that sustain our lives and our economy, including power grids and transportation systems. In April 2022, she received the Association of Professional Engineers and Geoscientists of Alberta Early Accomplishment Award.

Hadis always provided a healthy, unbiased, and comfortable environment with equal opportunities for all trainees in my team. She ensured that the lab setup and equipment met the needs of diverse people with different genders, races, ages, and mental or physical disabilities. She has extended her training to include skills such as social responsibility, leadership, critical thinking, and humanity alongside science and technology.”  

Seònaid Lafferty, cyber ecosystem project manager, University of Manchester

Seònaid’s foresight is converting the process of supporting SMEs through transformations that will help them grow securely on-line into a sustainable community of interest for the future. Seònaid has progressed now to managing the equally innovative North West Partnership for Security and Trust, and the University’s part in the Manchester city centre Digital Security Hub (The DiSH) which will be a home for local meetups of the communities in the regional cyber ecosystem and the start-ups and scale-ups so important to steering us all safely through the cyber threat landscape.

“Sustainability, morals and ethics, and a positive attitude just flow from Seònaid even when those about her might trample over them for glory and an easy life. Follow Seònaid and you will be sure of treading a worthwhile path through the many complementary disciplines of cybersecurity.”

The post Most Inspiring Women in Cyber Awards 2022 appeared first on IT Security Guru.

Interested In IT? Here’s How To Get Your Degree At Home

It’s no secret that the Information Technology field is growing rapidly. With new advancements in technology happening every day, businesses need IT professionals who can help keep their systems running smoothly. If you’re interested in a career in IT, but don’t want to spend years attending classes on a campus, there is good news – you can get your degree online! In this article, we will discuss how to get your degree in information technology from the comfort of your own home. We’ll cover everything from choosing an online program to getting started in your new career. So whether you’re just starting out or looking to take your skills to the next level, read on for helpful advice!

1) Decide on the IT Niche

There are a variety of different IT niches to choose from, so it’s important to decide which area you want to specialize in. Do you have a background in programming? If so, you may want to consider specializing in software development. Are you interested in network administration? If so, you could focus on learning about Cisco networks or Windows Server. Or, if you’re more interested in the business side of things, you may want to focus on finishing online masters in cyber security courses. No matter what your interests are, there is an online program that can help you get the education you need to succeed in your chosen field.

2) Choose an Online Program

Once you’ve decided on the IT niche you want to specialize in, it’s time to choose an online program. There are a variety of programs available, from associate’s degrees to master’s degrees. It’s important to do your research and find a program that fits your needs and interests. Be sure to look for a program that is accredited by a reputable organization, such as the Accreditation Board for Engineering and Technology (ABET). There are also a few other factors worth considering, such as the cost of the program, the length of time it will take to complete, and whether or not the program offers any internship or job placement opportunities.

3) Read Reviews

Once you’ve narrowed down your choices, it’s time to start reading reviews. Look for online forums where students and professionals discuss their experiences with different programs. You can also check out independent review sites, such as Consumer Reports. Reading reviews will help you get a better sense of what each program has to offer, and whether or not it’s the right fit for you. In addition, reviews can also help you identify any potential red flags, such as a high drop-out rate or negative feedback from past students.

3) Get Started!

Now that you’ve chosen an online program and gotten started, it’s time to get to work! Be sure to take advantage of all the resources available to you, including textbooks, lectures, labs, and discussion forums. And don’t forget to reach out to your instructors if you have any questions – they are there to help! This means that you should also be proactive in your studies, and not wait until the last minute to start working on assignments. With a little hard work and dedication, you’ll be well on your way to getting your degree in no time!

4) Finish Your Degree

After completing all of the required coursework, it’s time to finish your degree! This usually involves completing a final project or writing a thesis. Once you have finished all of the requirements for your degree, congratulations – you’ve done it! You should now be prepared to start your career in the IT industry.

5) Launch Your Career

So, you’ve got your degree in hand and you’re ready to launch your career. But where do you start? If you took the time to choose a program that offers internship and job placement opportunities, you may have a head start on the competition. Otherwise, it’s time to start sending out resumes and searching for open positions. The IT industry is always changing, so it’s important to keep up with the latest trends and technologies.

Getting an online IT degree can be a great way to jumpstart your career in the tech industry. By choosing a program that fits your needs and interests, and by reading reviews from past students, you can make sure that you’re getting the best possible education. And don’t forget to take advantage of all the resources available to you, including textbooks, lectures, labs, and discussion forums. With a little hard work and dedication, you’ll be well on your way to starting your career in IT!

How to Install LOMP Stack on Ubuntu

How to Install LOMP Stack on Ubuntu

Are you looking for a complete LAMP stack guide? This tutorial will show you how to install a LEMP stack on an Ubuntu 22.04 server.

What is a LOMP Stack?

LOMP stands for Linux, OpenLiteSpeed, MariaDB, and PHP. A LOMP stack is a group of open-source software that is typically installed together to enable a server to host dynamic websites and web applications.

OpenLiteSpeed is a high-performance, lightweight, open-source HTTP server. Its speed and low resource consumption make it a great choice for hosting high-traffic websites.

MariaDB is a drop-in replacement for the MySQL database server. It is fast, stable, and scalable.

PHP is a popular scripting language that is widely used for developing dynamic web applications. Most of your favorite websites run on PHP.


Before starting this guide, you will need the following:

  • A server running Ubuntu, preferably version 22.04. Try a free cloud server if you don’t have a VM or server. That’s the L of LOMP done.
  • Root user or a user with sudo privileges
  • Familiarity with the Linux command line
  • Time and patience

DigitalOcean – The developer cloud
Helping millions of developers easily build, test, manage, and scale applications of any size – faster than ever before.
How to Install LOMP Stack on Ubuntu

Get started on DigitalOcean with a $100, 60-day credit for new users.

Step 1: Installing OpenLiteSpeed

Let’s move to the O in LOMP i.e. OpenLiteSpeed.

Run the below command to add the OpenLiteSpeed repository to your server. This command downloads and runs a script that will add the OpenLiteSpeed repository to your server.

sudo wget -O - | sudo bash

Update your server’s package index again to reflect the changes made by the OpenLiteSpeed repository script.

sudo apt update -y

Then, install OpenLiteSpeed and the required dependencies.

sudo apt install openlitespeed -y

Once the installation is complete, start the OpenLiteSpeed service.

sudo systemctl start lsws

Finally, check the status of the OpenLiteSpeed service to confirm that it is running.

sudo systemctl status lsws

You will see the following output.

How to Install LOMP Stack on Ubuntu

Step 2: Accessing the OpenLiteSpeed Web Interface

OpenLiteSpeed comes with a web-based administration interface that you can use to manage your server.

Before you access the web interface, it would be wise to check and allow the required TCP ports through the UFW firewall.

Run the following commands to allow traffic on common TCP ports 80, 443, 7080, and 8088.

sudo ufw allow 7080,80,443,8088/tcp

Then, verify the changes by running the following command.

sudo ufw status

You will see the following output.

How to Install LOMP Stack on Ubuntu

With the firewall taken care of, visit the following URL in your web browser. Replace IP_ADDRESS with your server’s IP address.


You will see the following page. This page contains several examples of what you can do with OpenLiteSpeed.

How to Install LOMP Stack on Ubuntu

For example, if you click on the Test PHP button, you will see the following output. This confirms that PHP is working correctly with OpenLiteSpeed.

How to Install LOMP Stack on Ubuntu

But if you haven’t installed PHP yet, then how come it shows a PHP version? It’s because the OpenLiteSpeed server comes with a PHP version itself.

As you can see in the screenshot above, the PHP version being used is 7.4.30 but you can change it to the one you need in your application. You will learn to change this later in this tutorial.

Step 3: Installing MariaDB

The next component of the LOMP stack that you will install is MariaDB. MariaDB is a drop-in replacement for the MySQL database server. It is fast, stable, and scalable. MariaDB is also widely used with PHP applications.

Run the below command to install MariaDB.

sudo apt install mariadb-server -y

Once the installation is complete, start the MariaDB service and enable it to start on boot.

sudo systemctl start mariadb

sudo systemctl enable 

Check the status of the MariaDB service to confirm that it is running.

sudo systemctl status mariadb
How to Install LOMP Stack on Ubuntu

After the installation is complete, you should run a script that comes with MariaDB to set some basic security options for your database server.

sudo mysql_secure_installation

You will be prompted to enter the current password for the root user. Since you have just installed MariaDB, you can leave it blank and press ENTER to continue.

How to Install LOMP Stack on Ubuntu

Next, you will be asked if you want to Switch to unix_socket authentication. Press Y and ENTER to continue.

How to Install LOMP Stack on Ubuntu

MariaDB will then ask you to change the root password. Type Y and provide a strong password for the root user when prompted.

Re-enter the password to confirm it and press ENTER.

How to Install LOMP Stack on Ubuntu

For the remaining options, you can press Y and ENTER to continue. These options include removing anonymous users, disallowing remote root login, and removing the test databases, etc.

How to Install LOMP Stack on Ubuntu

Step 4: Installing PHP

You already have a PHP version installed with OpenLiteSpeed server. However, if you need a newer or specific PHP version for your application, here’s what you need to do.

Run this command to see a list of available PHP versions.

sudo apt-cache search lsphp

You will see the following output.

How to Install LOMP Stack on Ubuntu

As you can see, several different versions of PHP are available for installation. I will install version 8.1 in this tutorial, which is the latest version at the time of this writing.

The command below installs PHP 8.1, as well as the common PHP modules and the MySQL module.

sudo apt install lsphp81 lsphp81-common lsphp81-mysql -y

Step 5: Configuring OpenLiteSpeed to use the latest PHP Version

Now that you have PHP 8.1 installed let’s configure OpenLiteSpeed to use it.

Run the below command to create an admin user and set a password for the OpenLiteSpeed admin panel.

sudo /usr/local/lsws/admin/misc/

Provide a username and a strong password when prompted. Remember this information, as you will need it to log in to the admin panel later.

How to Install LOMP Stack on Ubuntu

Next, open the OpenLiteSpeed admin web interface in your web browser. The URL for the admin panel is http://your-server-ip:7080.

Provide your admin username and password and click Login.

How to Install LOMP Stack on Ubuntu

On the next screen, click Server Configuration on the left sidebar —> External App —> Click the Edit button in the LiteSpeed SAPI App row, as shown below.

How to Install LOMP Stack on Ubuntu

On the next screen, scroll down and find the Command field. Enter lsphp81/bin/lsphp in this field. This action tells OpenLiteSpeed to use PHP 8.1 when processing PHP scripts.

How to Install LOMP Stack on Ubuntu

Scroll up and click the Save button to apply the changes. Click the restart button on the top bar to restart Open LiteSpeed as shown below. This action will perform a graceful restart.

How to Install LOMP Stack on Ubuntu

At this point, your server is running the LOMP stack with PHP 8.1. To confirm, go to http://your-server-ip:8088/phpinfo.php.

As you can see below, PHP 8.1 is now the active PHP version on your server.

How to Install LOMP Stack on Ubuntu

You can now install the latest WordPress or other applications on your Ubuntu 22.04 server.

If your purpose is to host WordPress websites with LOMP stack, try GridPane. It lets you easily deploy multiple WordPress websites with your chosen tech stack.

How to Install LOMP Stack on Ubuntu


LAMP used to be the most popular stack until a few years ago. lately, the LOMP stack has gained popularity thanks to the lightweight LiteSpeed server that can be used to serve high-traffic websites.

This tutorial shows you how to properly install the LOMP stack on an Ubuntu server.

Don’t stop here, though! There are many more things you can do with your new LOMP stack server. For example, you can secure your server with a free SSL certificate from Let’s Encrypt.

Enjoy learning and exploring the server side of Linux.

Add Media Control & Remove Buttons from Ubuntu 22.10 System Menu

For Ubuntu 22.10 and other Linux with GNOME 43, it’s now easy to add Media Control, Notifications, or Volume Mixer to the top-right corner system status menu (aka Quick Settings), or remove useless buttons.

It’s ‘Quick Settings Tweaker‘, an extension for the new GNOME desktop. With it, your system menu can be configured to look like:

New items can be enabled or disabled separately and moved to top or bottom. And, it removes the corresponding items from date & time menu, so it will look like:

No media control & notifications in date time menu

As well, it allows to remove any button from the system menu that you don’t use via ON/OFF toggles. Differently, turn on a toggle will remove the corresponding button, while turn it off to leave it unchanged.

Remove useless buttons from top-right sy
stem menu

Step 1: Install ‘Quick Settings Tweaker’

For Ubuntu 22.10, firstly search for and install ‘Extension Manager’ tool from Ubuntu Software.

Install Extension Manager in Ubuntu 22.04+

Then, search for and open the tool from ‘Activities’ overview screen.

Finally, use Extension Manager to search and install the extension under ‘Browse’ tab.

For other Linux with GNOME 43, go to extension website and install via on/off toggle.

Step 2: Configure Your Gnome System Menu

After installation, either switch back ‘Installed’ tab in Extension Manager, or install and use ‘Gnome Extensions’ app to open the configuration dialog.

And here are the screenshots of the ‘Quick Settings Tweaker’ configuration pages:

5 Password Alternatives You Need to Consider

Passwords are the typical way of authentication. People create passwords to access any content online. It is also important to protect their accounts from third parties. But are passwords reliable? Our answer is negative.

Although so many websites or application force users to create strong passwords that are made up of digits, letters, and symbols and robust password security, passwords can be insufficient to provide total security. The reason for this is the improving encryption methods that are used by hackers. Hacking a password and encrypting it is not a big deal to many cyber-criminal.

Drawbacks of Passwords

  • Being easily stolen is not the only drawback of passwords. Sometimes people can forget their passwords and can not reach their accounts. It can affect the user and the customer experience in a bad manner.
  • In a large scaled organization, it is hard for IT specialists to manage whole password circulation and be sure of their safety. It is known that the majority of employees reuse passwords and put their companies’ security on the line.
  • Another disadvantage is that even if people think their passwords are unpredictable, due to the increasing number of accounts, almost all passwords became presumable. There are so many similar password combinations available.

So, we can clearly say that passwords are not effective as we thought.

Since passwords are not adequate to protect online security, different methods came into play. We call them password alternatives. Yes, they are regarded as an alternative but they do not exterminate password usage at all. You can consider them as support which are strengthen network safety in addition to passwords.

Password Alternatives That You Can Consider

● Two-Factor Authentication (2FA)

You may have heard of two-factor authentication. Using only passwords means one-factor authentication. All you need to do is type the right password. On the other hand, in a 2FA, you should do one more authentication to prove that you are that person.

The second authentication can be in different ways. For instance, to identify the user identity, some system asks for a code that is sent via telephone message or e-mail. After typing the password you should enter the right code that is sent to your e-mail or phone. When two-step has been passed, you can access what you intended to.

In some platforms, they ask users queries to obtain a correct answer. Users define these answers when they create an account. What is your first pet’s name or your favorite singer are the example questions. In the access moment, the user should answer queries correctly to reach the network.

● Multi-factor Authentication (MFA)

Multi-factor authentication is a prominent password alternative. As you can infer from the name, it takes two or more steps to authenticate an identity. Compared to 2FA, it is quite demanding and takes more time than 2FA. But the more authentication is hard the more your network is safe. So, even if the MFA method seems time-consuming and sometimes causes slowdowns, it is an indispensable way to prevent the network from threats.

In multi-factor authentication, users should persuade the system by using several methods. For instance, to confirm identity, users should enter a password, answer a security question, and fingerprint scan. Authentication methods can be combined in different forms in multi-factor authentication.

You can see the most common MFA factors below:

● Fingerprint Scan, Iris Scan, and Face ID

Fingerprint authentication is used commonly and we can consider it a remarkable way to replace or support passwords. In some workstations, employers use this method to monitor employees.

Iris scan and Face ID are also popular among workplaces and when it comes to digital tools such as tablets, smartphones, and monitors these methods are indispensable. Alongside the passwords, Face ID and Iris Scan can be used for robust network security.

● Cryptographic Devices

Cryptographic devices stand for user possessions such as tokens, smart USBs, and security keys. To access the definite resource or network, these tools should contact the device directly and instantly.

In comparison to security questions or passwords, it is much safer in terms of online security. Even if a hacker or malicious person encrypts a user password or guesses some answers; it is hard for them to obtain cryptographic devices and cause unpermitted access. You can consider these devices as almost impenetrable walls.

Which One is Better: Two-factor Authentication or Multi-factor Authentication?

Both methods have their own advantages so MFA vs 2FA is a tough decision. MFA is preferable if security is your prior concern and you are ready to sacrifice some time and labor for it. On the other hand, 2FA can be more practical for your organization.

Consider how your production may be affected if you choose MFA. If you do not have so much private data and vulnerable resources, you may consider 2FA and it may be sufficient to grant you protection. Whatever alternative method you choose, you can be sure that it is better than a single password.

In Conclusion

Password security is an erupting concern even in our daily lives. To eliminate the drawbacks of passwords there are alternative ways that organizations can give a chance. Especially when it comes to medium and large-sized organizations, password security becomes a huge problem.

Always remember that protecting company resources and private data must be your priority. To succeed in online protection, authentication methods should be robust and reliable. Trusting only a single password is not a smart idea in such a threatful digital world. Keep up with the digital era and give a try latest password alternatives.

How To Fix Spotify Not Showing As Your Discord Status?

Are you having an issue like “Spotify Not Showing as Your Discord Status”  then we have a solution. In this tutorial, we will show you solutions to fix the “Spotify Not Showing as Your Discord Status” error.

How To Fix Spotify Not Showing As Your Discord Status?

There are multiple ways to fix this issue. Let’s go through all possible solutions one by one.

Solution 1:

Check Discord Status:

Sometimes this issue occurs when your (Discord) user’s status is set to offline. You need to make sure that the Discord user’s status is set as online to show the Spotify status on the profile. To check it, click on your profile as shown below and check your current status:

Solution 2:

In this solution, we will try to fix the “Spotify Not Showing as Your Discord Status” error by clearing the Discord cache.

Clear Discord Cache

Step 1: Open the Discord Cache Folder

You need to open the Discord cache folder. For this, you need to start the Run box or you can start it by running the “Window+R” shortcut key, paste the “%APPDATA%/Discord/Cache” in its text field, and press the “OK” button. You will see the Discord cache folder.

Step 2: Clear Discord Cache

Now, Select all files and delete them from the Cache folder.

Step 3: Relink Discord Spotify

After clearing the cache. Go back to the Discord application and navigate to the “Connection” tab and click on the highlighted “Spotify” icon. You have relinked to Spotify successfully. Now, make sure the highlighted “Display Spotify as a status” toggle is enabled:

Solution 3:

In this method, you need to relink your discord and Spotify.

Relink Discord Spotify

To relink Spotify to the Discord account, you need to follow the mentioned steps.

Step 1: Open Discord

From the Start menu, launch the Discord application first:

Step 2: Visit User Settings

Now, you need to click the Gear icon to open up the User settings:

Step 3: Unlink Spotify

Now in the user setting panel, you need to open the “Connection” tab and hit on the highlighted Spotify “X” icon to unlink Spotify from your Discord account so that you can relink it again.

Step 4: Relink Spotify

Now, it’s time to relink Spotify to Discord. To do this, you need to navigate to the “Connection” tab and click on the highlighted “Spotify” icon:  You have relinked to Spotify successfully. Now, make sure the highlighted “Display Spotify as a status” toggle is enabled:




Install FFmpeg On Ubuntu 22.04 LTS

Install FFmpeg On Ubuntu 22.04 LTS

What Is FFmpeg?
FFmpeg is a cross-platform solution to record, convert and stream audio and video. It is an open-source tool that is used to decode, encode, transcode, mux, demux, stream, filter, and play multimedia files.

In this tutorial, we will show you the easy way to install FFmpeg on Ubuntu 22.04 LTS.

Install FFmpeg On Ubuntu 22.04 LTS

First, run the following commands to upgrade and update your Ubuntu 22.04 LTS:

sudo apt update &&sudo apt upgrade

Now, it’s time to install FFmpeg on Ubuntu 22.04 LTS. FFmpeg packages are available on Ubuntu repositories by default. You can easily install it with the apt command.

sudo apt install ffmpeg

To see the version of FFmpeg installed in your system, run the following command.

ffmpeg -version

Run the following command to know the available encoders or decoders:

ffmpeg -encoders
ffmpeg -decoders

How To Convert Files Using FFmpeg On Ubuntu 22.04 LTS

Run the following command to Convert a video file from mp4 to WebM:

ffmpeg -i file1name.mp4 output-file.webm

Run the following command to force the frame rate of the output file to 24 fps:

ffmpeg -i inputfilename.avi -r 24 output.avi

Run the following command to Convert an audio file from mp3 to ogg:

ffmpeg -i itsubuntu.mp3 itsubuntu.ogg

Run the following command to set the video bit rate of the output file to 64 kbit/s:

ffmpeg -i inputfilename.avi -b:v 64k -bufsize 64k output.avi



Just in case you want to remove FFmpeg from your Ubuntu, then run the following command:

sudo apt remove ffmpeg

NVIDIA Driver 520 available to install in Ubuntu 22.04 | 20.04 | 18.04

NVIDIA 520, the latest feature release of NVIDIA driver for Linux, is available to install in all current Ubuntu LTS releases.

So far, it’s NVIDIA 520.56.06 released few weeks ago with following new features:

  • Implement over-the-air (OTA )updates in the Proton and Wine NVIDIA NGX build, though needs to set “PROTON_ENABLE_NGX_UPDATER” to 1 to enable it.
  • Following extensions no longer depend on nvidia-uvm.ko at runtime:
    • VK_KHR_acceleration_structure
    • VK_KHR_deferred_host_operations
    • VK_KHR_ray_query
    • VK_KHR_ray_tracing_pipeline
    • VK_NV_cuda_kernel_launch
    • VK_NV_ray_tracing
    • VK_NV_ray_tracing_motion_blur
    • VK_NVX_binary_import
    • VK_NVX_image_view_handle
  • Fixed blank screens and hangs when starting an X server on RTX 30 series GPUs boot with HDMI.
  • Fixed a bug where Marvel’s Spider-Man Remastered would sometimes crash with Xid 13 errors on Turing and later

How to Install NVIDIA 520 in Ubuntu

NOTE: Though it’s tested and works good in my case, it might still breaks your system (usually boot into blank screen) due to various reasons (e.g., upstream bug or corrupt installation)! So don’t do it in production machine!

The driver package is available now for Ubuntu 18.04, Ubuntu 20.04, and Ubuntu 22.04. For Ubuntu 22.10 user, it’s so far in pre-released repository, though should be published soon in next few days.

1. First, it’s HIGHLY recommended to update system by launching ‘Software Updater‘ and install all available updates! And, restart your system if it asks.

2. Second, search for and open ‘Additional Drivers‘ from Activities overview screen.

3. When it opens, choose “nvidia-driver-520” from the list, and click ‘Apply Changes’ button to install the driver.

In case you don’t see the 520 driver in the list, navigate to the first ‘Ubuntu Software’ tab, and make sure the 4 repositories (main, universe, restricted, multiverse) are enabled. Finally, close and Reload, and re-open the utility.

After installation, the ‘Additional Drivers‘ utility should prompt to restart your computer to apply change.


After restarting computer, open ‘Settings‘ and navigate to ‘About‘ page to verify if your NVIDIA graphics card is in use.

And, search for and open ‘NVIDIA Settings‘ utility to for driver version, GPU switching, and other settings.

Due to bug, you can’t switch to Intel (Power Saving Mode) with the tool, you can however install an extension to do the job via system status menu option.

Install ‘Prime indicator’ for switching GPU

For Ubuntu 22.04, search for and install ‘Extension Manager‘ from Ubuntu Software app. Then, use the tool to search and install ‘Prime Inidcator’.

For Ubuntu 20.04 and Ubuntu 18.04, first open terminal (Ctrl+Alt+T) and run command to install the agent package:

sudo apt install chrome-gnome-shell

Then visit the extension web page and use the ON/OFF switch to install it:

In case you don’t see the ON/OFF switch, follow the link in that page to install browser extension and refresh.

After installing the extension, go to top-right system status menu to switch between Intel, NVIDIA, and hybrid mode.

IMPORTANT: The Extension will automatically log out once your select another GPU mode and confirm with password!!! Save your works before doing change.