Security: DNS Typosquatting, Encryption and Firewalls, Vista 10 Compromised, Stack Clash, CherryBlossom, Russia and Epyc
-
Practical waterholing through DNS typosquatting
Typosquatting has been known and abused since the 90’s, mostly for phishing, but is it still profitable for water-hole kind of attacks?
-
Encryption and Firewalls – Unleaded Hangout
-
Windows 10 S security brought down by, of course, Word macros [Ed: By Microsoft Peter (damage control)]
But if that protection is flawed—if the bad guys can somehow circumvent it—then the value of Windows 10 S is substantially undermined. The downside for typical users will remain, as there still won't be any easy and straightforward way to install and run arbitrary Windows software. But the upside, the protection against malware, will evaporate.
-
Microsoft claims on Windows 10 S security blown away
Microsoft's claims that no known ransomware can run on Windows 10 S have been blown sky high by a researcher – in just three hours.
-
A Stack Clash disclosure post-mortem
-
Hardened/Gentoo Hardened and Stack Clash
-
[Older] If your home wifi router is on this list, it might be vulnerable to CIA hacking tools
For the past four months, WikiLeaks has been slowly publishing a series of documents that describe a plethora of hacking tools, which the anti-secrecy organization says belong to the US Central Intelligence Agency. The latest release, published June 15, is a batch of documents describing tools that can be used to hack home wifi routers.
The collection of tools, which the documents refer to as “CherryBlossom,” can be used to monitor internet activity on networks that use the routers it infects. CherryBlossom infects routers by identifying their make and model and injecting malicious firmware into them. This kind of hack, when successful, is nearly impossible to detect because it infects the hardware itself and is not something anti-virus software is capable of checking.
-
Under pressure, Western tech firms bow to Russian demands to share cyber secrets
Western technology companies, including Cisco, IBM and SAP, are acceding to demands by Moscow for access to closely guarded product security secrets, at a time when Russia has been accused of a growing number of cyber attacks on the West, a Reuters investigation has found.
Russian authorities are asking Western tech companies to allow them to review source code for security products such as firewalls, anti-virus applications and software containing encryption before permitting the products to be imported and sold in the country. The requests, which have increased since 2014, are ostensibly done to ensure foreign spy agencies have not hidden any "backdoors" that would allow them to burrow into Russian systems.
-
AMD’s Epyc is a major advance in security
AMD’s Zen core has been revealed in detail but with Epyc the company added a few juicy details. SemiAccurate is particularly interested in the security aspects on the new CPU line which is what we will discuss here.
- Login or register to post comments
- Printer-friendly version
- 5620 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago