Language Selection

English French German Italian Portuguese Spanish

Security: Updates, Reproducible Builds and Windows 'Fun'

Filed under
Security
  • Security updates for Tuesday
  • Reproducible Builds: Weekly report #164
  • PyRoMineIoT cryptojacker uses NSA exploit to spread

    Larry Trowell, principal consultant with Synopsys Software Integrity Group, said the government shares some of the blame for the NSA exploit.

    "It's in every country's interest to develop systems enabling offensive and defensive strategies to protect individuals and national services," Trowell wrote via email. "There is no fault in that. If the NSA does have some blame to share in this situation, it is for allowing secrets to be exfiltrated -- not in developing them."

    Jett said although the NSA exploit was stolen, "they didn't create the vulnerabilities that allow for the malware to exploit devices."

    "As such, you can't hold them responsible for the malware that has emerged from the EternalRomance exploit. Vendors whose products are vulnerable to EternalRomance are responsible for resolving the exploit problem," Jett wrote. "Additionally, it has been more than a year since the NSA exploits were released, and vendors have created patches. It becomes incumbent on the users to make sure they are properly patching their software and reducing the threat surface for these exploits."

  • Can Hackers Crack the Ivory Towers?

    While both researchers agreed that their colleagues would gain from incorporating hackers' discoveries into their own work, they diverged when diagnosing the source of the gulf between the two camps and, to a degree, even on the extent of the rift.

  • 6-Year-Old Malware Injects Ads, Takes Screenshots On Windows 10

    A sneaky and persistent malware has surfaced which spams Windows 10 PCs with ads and takes screenshots to eventually send it to the attackers.

    Security researchers at Bitdefender found this malware named Zacinlo which first appeared in 2012. About 90% of Zacinlo’s victims are from the US running Microsoft Windows 10. There are other victims too from Western Europe, China, and India with a small fraction running Windows 7 or 8.

More in Tux Machines

Fresh Docker Linux Benchmarks For Summer 2018

The Docker testing was done from an Ubuntu 18.04 LTS x86_64 host running with the default Linux 4.15 kernel off the commonly-used Tyan 1U Xeon Scalable server with dual Xeon Gold 6138 processors. Docker was tested in its stock configuration on Ubuntu 18.04 LTS and each Docker container tested consecutively. Each Docker container was benchmarked in a fully-automated and reproducible manner using the open-source Phoronix Test Suite. Read more

Android Leftovers

Security: Updates, Ubuntu EoL, Passwords and More

  • Security updates for Friday
  • Ubuntu 17.10 (Artful Aardvark) End of Life reached on July 19 2018
  • Hacked Passwords Being Used In Blackmail Attempt -- Expect More Of This
    This was immediately obvious as a scam from a hacked database of passwords. Besides the fact that I haven't used that particular password in ages (and even when I did, it was the password I used for "unimportant" sites), there are a whole bunch of other reasons why it was obvious that the email was fake and it would be literally impossible for the person to have whatever it was they claimed to have on me. I found it funny enough that I reached out to some other folks to see if this was getting around, and a few people told me they'd seen similar ones, noting that the final note about sending it to "9 friends" appeared to be an increase from the usual of "5" that they had seen before. Indeed, Brian Krebs, who is always on top of these things, wrote a story about how a bunch of people got these emails last week. That one only asked for $1400, and also promised to send it to 5 friends. It has a few other slight differences to the one I received, but is pretty clearly sent by the same person/team of people with just a few modifications. Like the ones that Krebs reported on, mine appeared to come from an outlook.com email address. As Krebs notes, he expects that this particular scam is about to get a lot more popular, and will probably use a lot more recent set of passwords:
  • Hacker Summer Camp 2018: Cyberwar?
    I actually thought I was done with the pre-con portion of my Hacker Summer Camp blog post series, but it turns out that people wanted to know more about “the most dangerous network in the world”. Specifically, I got questions about how to protect yourself in this hostile environment, like whether people should bring a burner device, how to avoid getting hacked, what to do after the con, etc. [...] There’s never a guarantee of security, but with updated devices & good security hygiene, you can survive the DEF CON networks.
  • Amazon, Reddit And Others Fail To Warn Us About Dumb Passwords
    Believe it or not, there is still a large number of people who use passwords such as “password,” “password123”, “[dog’s name]1” and others along the same lines. And in the era of sophisticated hacking, these passwords are not exactly “safe.”
  • Decade of research shows little improvement in password guidance

You can now install Debian Linux apps directly from your Chromebook’s Files app

Last month, XDA-Developers spotted a string of commits on the Chromium Gerrit which indicated of an upcoming support for easy installation of Linux apps on compatible Chrome OS devices. The commits suggested that Debian (.deb) files will be clickable from the Files app, which will then trigger the installation. Now a recent commit confirms that Google is indeed adding a file handler for Debian packages within the Chrome OS Files app. Read more