Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Hidden For 6 Years, ‘Slingshot’ Malware Hacks Your PC Through Your Router
  • Security updates for Tuesday
  • Microsoft Admits It Incorrectly Upgraded Some Windows 10 Users to v1709 [Ed: Windows Update is technically (not a joke) a botnet. It takes over people's PCs and hands them over for Microsoft to use up their CPU and bandwidth. Microsoft has ignored users' "update" settings since at least Windows XP days.]

    Microsoft admitted last week that it incorrectly updated some Windows 10 users to the latest version of the Windows 10 operating system —version 1709— despite users having specifically paused update operations in their OS settings.

    The admission came in a knowledge base article updated last week. Not all users of older Windows versions were forcibly updated, but only those of Windows 10 v1703 (Creators Update).

    This is the version where Microsoft added special controls to the Windows Update setting section that allow users to pause OS updates in case they have driver or other hardware issues with the latest OS version.

  • We Still Need More HTTPS: Government Middleboxes Caught Injecting Spyware, Ads, and Cryptocurrency Miners

    Last week, researchers at Citizen Lab discovered that Sandvine's PacketLogic devices were being used to hijack users' unencrypted internet connections, making yet another case for encrypting the web with HTTPS. In Turkey and Syria, users who were trying to download legitimate applications were instead served malicious software intending to spy on them. In Egypt, these devices injected money-making content into users' web traffic, including advertisements and cryptocurrency mining scripts.

    These are all standard machine-in-the-middle attacks, where a computer on the path between your browser and a legitimate web server is able to intercept and modify your traffic data. This can happen if your web connections use HTTP, since data sent over HTTP is unencrypted and can be modified or read by anyone on the network.

    The Sandvine middleboxes were doing exactly this. On Türk Telekom’s network, it was reported that when a user attempted to download legitimate applications over HTTP, these devices injected fake "redirect" messages which caused the user’s browser to fetch the file from a different, malicious, site. Users downloading common applications like Avast Antivirus, 7-Zip, Opera, CCleaner, and programs from download.cnet.com had their downloads silently redirected. Telecom Egypt’s Sandvine devices, Citizen Lab noted, were using similar methods to inject money-making content into HTTP connections, by redirecting existing ad links to affiliate advertisements and legitimate javascript files to cryptocurrency mining scripts.

  • Let’s Encrypt takes free “wildcard” certificates live
  • GuardiCore Upgrades Infection Monkey Open Source Cyber Security Testing Tool
  • A Guide To Securing Docker and Kubernetes Containers With a Firewall
  • How IBM Helps Organizations to Improve Security with Incident Response

    Protecting organizations against cyber-security threats isn't just about prevention, it's also about incident response. There are many different organizations that provide these security capabilities, including IBM X-Force Incident Response and Intelligence Services (IRIS), which is led by Wendi Whitmore.

    In the attached video interview Whitmore explains how incident response works and how she helps organizations to define a winning strategy. Succeeding at incident response in Whitmore's view, shouldn't be focused just on prevention but on building a resilient environment.

More in Tux Machines

Graphics: Wayland, RadeonSI, NVIDIA and More

  • Session suspension and restoration protocol
  • A Session Suspension & Restoration Protocol Proposed For Wayland
    KDE Wayland developer Roman Gilg who started contributing to Wayland via last year's Google Summer of Code is proposing a new Wayland protocol for dealing with desktop session suspension and restoration. This protocol extension would allow for more efficient support for client session suspension and restoration such as when you are logging out of your desktop session and want the windows restored at next log-in or if you are suspending your system. While Roman Gilg is working on this protocol with his KDE hat on, he has been talking with Sway and GNOME developers too for ensuring this protocol could work out for their needs.
  • RadeonSI Lands OpenGL 3.3 Compatibility Profile Support
    Thanks to work done over the past few months by AMD's Marek Olšák on improving Mesa's OpenGL compatibility profile support and then today carried over the final mile by Valve's Timothy Arceri, Mesa 18.2 now exposes OpenGL 3.3 under the compatibility context. Hitting Git tonight is the enabling of the OpenGL 3.3 compatibility profile for RadeonSI.
  • NVIDIA Releases DALI Library & nvJPEG GPU-Accelerated Library For JPEG Decode
    For coinciding with the start of the Computer Vision and Patern Recognition conference starting this week in Utah, NVIDIA has a slew of new software announcements. First up NVIDIA has announced the open-source DALI library for GPU-accelerated data augmentation and image loading that is optimized for data pipelines of deep learning frameworks like ResNET-50, TensorFlow, and PyTorch.
  • NVIDIA & Valve Line Up Among The Sponsors For X.Org's XDC 2018
    - The initial list of sponsors have been announced for the annual X.Org Developers' Conference (XDC2018) where Wayland, Mesa, and the X.Org Server tend to dominate the discussions for improving the open-source/Linux desktop. This year's XDC conference is being hosted in A Coruña, Spain and taking place in September. The call for presentations is currently open for X.Org/mesa developers wishing to participate.
  • Intel Broxton To Support GVT-g With Linux 4.19
    Intel developers working on the GVT-g graphics virtualization technology have published their latest batch of Linux kernel driver changes.

Fedora and Red Hat: Fedora Atomic, Fedora 29, *GPL and Openwashing ('Open Organization')

  • Fedora Atomic Workstation To Be Renamed Fedora Silverblue
    - Back in early May was the announcement of the Silverblue project as an evolution of Fedora Atomic Workstation and trying to get this atomic OS into shape by Fedora 30. Beginning with Fedora 29, the plan is to officially rename Fedora Atomic Workstation to Fedora Silverblue. Silverblue isn't just a placeholder name, but they are moving ahead with the re-branding initiative around it. The latest Fedora 29 change proposal is to officially change the name of "Fedora Atomic Workstation" to "Fedora Silverblue".
  • Fedora 29 Will Cater i686 Package Builds For x86_64, Hide GRUB On Boot
    The Fedora Engineering and Steering Committee (FESCo) approved on Friday more of the proposed features for this fall's release of Fedora 29, including two of the more controversial proposals.
  • Total War: WARHAMMER II Coming to Linux, Red Hat Announces GPL Cooperation Commitment, Linspire 8.0 Alpha 1 Released and More
    Starting today, Red Hat announced that "all new Red Hat-initiated open source projects that opt to use GPLv2 or LGPLv2.1 will be expected to supplement the license with the cure commitment language of GPLv3". The announcement notes that this development is the latest in "an ongoing initiative within the open source community to promote predictability and stability in enforcement of GPL-family licenses".
  • Red Hat Launches Process Automation Manager 7, Brackets Editor Releases Version 1.13, Qt Announces New Patch Release and More
    Red Hat today launched Red Hat Process Automation Manager 7, which is "a comprehensive, cloud-native platform for developing business automation services and process-centric applications across hybrid cloud environments". This new release expands some key capabilities including cloud native application development, dynamic case management and low-code user experience. You can learn more and get started here.
  • A summer reading list for open organization enthusiasts
    The books on this year's open organization reading list crystallize so much of what makes "open" work: Honesty, authenticity, trust, and the courage to question those status quo arrangements that prevent us from achieving our potential by working powerfully together.

Server Domination by GNU/Linux

  • Security and Performance Help Mainframes Stand the Test of Time
    As of last year, the Linux operating system was running 90 percent of public cloud workloads; has 62 percent of the embedded market share and runs all of the supercomputers in the TOP500 list, according to The Linux Foundation Open Mainframe Project’s 2018 State of the Open Mainframe Survey report. Despite a perceived bias that mainframes are behemoths that are costly to run and unreliable, the findings also revealed that more than nine in 10 respondents have an overall positive attitude about mainframe computing. The project conducted the survey to better understand use of mainframes in general. “If you have this amazing technology, with literally the fastest commercial CPUs on the planet, what are some of the barriers?” said John Mertic, director of program management for the foundation and Open Mainframe Project. “The driver was, there wasn’t any hard data around trends on the mainframe.”
  • HPE announces world's largest ARM-based supercomputer
    The race to exascale speed is getting a little more interesting with the introduction of HPE's Astra -- what will be the world's largest ARM-based supercomputer. HPE is building Astra for Sandia National Laboratories and the US Department of Energy's National Nuclear Security Administration (NNSA). The NNSA will use the supercomputer to run advanced modeling and simulation workloads for things like national security, energy, science and health care.

HHVM 3.27 Released