Language Selection

English French German Italian Portuguese Spanish

Security: DNS, Windows, Kaspersky and Lethal USB

Filed under
Security
  • The wave of domain hijackings besetting the Internet is worse than we thought

    The report was published Wednesday by Cisco’s Talos security group. It indicates that three weeks ago, the highjacking campaign targeted the domain of Sweden-based consulting firm Cafax. Cafax’s only listed consultant is Lars-Johan Liman, who is a senior systems specialist at Netnod, a Swedish DNS provider. Netnod is also the operator of i.root, one of the Internet’s foundational 13 DNS root servers. Liman is listed as being responsible for the i-root. As KrebsOnSecurity reported previously, Netnod domains were hijacked in December and January in a campaign aimed at capturing credentials. The Cisco report assessed with high confidence that Cafax was targeted in an attempt to re-establish access to Netnod infrastructure.

  • New Windows Zero-Day Vulnerability Grants Hackers Full Control Over PCs [Ed: The NSA already had these permissions. Now everyone has these.]

    According to the latest Kaspersky Lab Report, a Windows Zero-Day vulnerability is serving as a backdoor for hackers to take control of users’ PCs.

    The latest exploit utilizes a use-after-free attack and has a technical name CVE-2019-0895. The exploit is found in win32k.sys and grants hackers Local Privilege meaning they’re able to access resources usually outside of users’ capabilities.

  • New zero-day vulnerability CVE-2019-0859 in win32k.sys
  • AP Exclusive: Mysterious operative haunted Kaspersky critics

    He also asked Giles to repeat himself or speak louder so persistently that Giles said he began wondering “whether I should be speaking into his tie or his briefcase or wherever the microphone was.”

    “He was drilling down hard on whether there had been any ulterior motives behind negative media commentary on Kaspersky,” said Giles, a Russia specialist with London’s Chatham House thinktank who often has urged caution about Kaspersky’s alleged Kremlin connections. “The angle he wanted to push was that individuals — like me — who had been quoted in the media had been induced by or motivated to do so by Kaspersky’s competitors.”

  • Feds: Saint Rose grad used 'killer' device to fry computers

    In 2016, College of Saint Rose graduate assistant Vishwanath Akuthota said he believed there was a "lot of opportunity" for him at the school.

    On Monday, federal prosecutors said he took advantage of a different kind of opportunity — access to campus — when he destroyed dozens of computers at a cost of more than $50,000.

  • Student Uses “USB Killer” To Fry $58,000 Worth of Computers

Cisco: These are the flaws DNS hijackers...

  • Cisco: These are the flaws DNS hijackers are using in their attacks

    Cisco has warned that state-backed hackers are attempting to manipulate domain name systems (DNS) by using a combination of spear phishing and a number of known software flaws.

    "DNS is a foundational technology supporting the internet. Manipulating that system has the potential to undermine the trust users have on the internet. That trust and the stability of the DNS system as a whole drives the global economy. Responsible nations should avoid targeting this system," the Cisco Talos researchers said.

Sea Turtle' Campaign

  • 'Sea Turtle' Campaign Focuses on DNS Hijacking to Compromise Targets

    For at least two years, a highly capable threat actor has been running a campaign that relied on DNS hijacking to reach their targets. In the operation, at least 40 public and private organizations in 13 countries have been compromised.

    The domain name system (DNS) is the service that allows us to access websites by typing domain names instead of IP addresses in a browser's address bar. It translates the names into the numerical destination of the server hosting the web page we want to load.

    Access to DNS records enables an attacker to replace the addresses of a target's name servers so that they point to their own infrastructure. Once in control of the name servers responsible for handling requests for IP addresses associated with web domains, the threat actor can direct victims to content on malicious servers.

State-sponsored actor targets Mideast, North Africa using DNS

  • State-sponsored actor targets Mideast, North Africa using DNS hijacking

    A new cyber threat campaign that is claimed to be targeting public and private entities, including national security organisations in the Middle East and North Africa, has been discovered by Cisco's Talos Intelligence Group.

    Researchers Danny Adamitis, David Maynor, Warren Mercer, Matthew Olney and Paul Rascagneres said in a detailed blog post that the campaign, which they had christened Sea Turtle, had kicked off probably in January 2017 and was continuing.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Programming: WebAssembly, Mozilla GFX, Qt and Python

  • WebAssembly for speed and code reuse

    Imagine translating a non-web application, written in a high-level language, into a binary module ready for the web. This translation could be done without any change whatsoever to the non-web application's source code. A browser can download the newly translated module efficiently and execute the module in the sandbox. The executing web module can interact seamlessly with other web technologies—with JavaScript (JS) in particular. Welcome to WebAssembly. As befits a language with assembly in the name, WebAssembly is low-level. But this low-level character encourages optimization: the just-in-time (JIT) compiler of the browser's virtual machine can translate portable WebAssembly code into fast, platform-specific machine code. A WebAssembly module thereby becomes an executable suited for compute-bound tasks such as number crunching. Which high-level languages compile into WebAssembly? The list is growing, but the original candidates were C, C++, and Rust. Let's call these three the systems languages, as they are meant for systems programming and high-performance applications programming. The systems languages share two features that suit them for compilation into WebAssembly. The next section gets into the details, which sets up full code examples (in C and TypeScript) together with samples from WebAssembly's own text format language.

  • Mozilla GFX: moz://gfx newsletter #47

    Hi there! Time for another mozilla graphics newsletter. In the comments section of the previous newsletter, Michael asked about the relation between WebRender and WebGL, I’ll try give a short answer here. Both WebRender and WebGL need access to the GPU to do their work. At the moment both of them use the OpenGL API, either directly or through ANGLE which emulates OpenGL on top of D3D11. They, however, each work with their own OpenGL context. Frames produced with WebGL are sent to WebRender as texture handles. WebRender, at the API level, has a single entry point for images, video frames, canvases, in short for every grid of pixels in some flavor of RGB format, be them CPU-side buffers or already in GPU memory as is normally the case for WebGL. In order to share textures between separate OpenGL contexts we rely on platform-specific APIs such as EGLImage and DXGI. Beyond that there isn’t any fancy interaction between WebGL and WebRender. The latter sees the former as a image producer just like 2D canvases, video decoders and plain static images.

  • The Titler Revamp: QML Producer in the making

    At the beginning of this month, I started testing out the new producer as I had a good, rough structure for the producer code, and was only facing a few minor problems. Initially, I was unclear about how exactly the producer is going to be used by the titler so I took a small step back and spent some time figuring out how kdenlivetitle worked, which is the producer in use. Initially, I faced integration problems (which are the ones you’d normally expect) when I tried to make use of the QmlRenderer library for rendering and loading QML templates – and most of them were resolved by a simple refactoring of the QmlRenderer library source code. To give an example, the producer traditionally stores the QML template in global variables which is taken as a character pointer argument (which is, again, traditional C) The QmlRenderer lib takes a QUrl as its parameters for loading the Qml file, so to solve this problem all I had to do was to overload the loadQml() method with one which could accommodate the producer’s needs – which worked perfectly fine. As a consequence, I also had to compartmentalise (further) the rendering process so now we have 3 methods which go sequentially when we want to render something using the library ( initialiseRenderParams( ) -> prepareRenderer( ) -> renderQml( ) ) [...] The problem was resolved (thank you JB) finally and it was not due to OpenGL but it was simply because I hadn’t created an QApplication for the producer (which is necessary for qt producers). The whole month’s been a steep curve, definitely not easy, but, I enjoyed it! Right now, I have a producer which is, now, almost complete and with a little more tweaking, will be put to use, hopefully. I’m still facing a few minor issues which I hope to resolve soon and get a working producer. Once we get that, I can start work on the Kdenlive side. Let’s hope for the best!

  • How to Make a Discord Bot in Python

    In a world where video games are so important to so many people, communication and community around games are vital. Discord offers both of those and more in one well-designed package. In this tutorial, you’ll learn how to make a Discord bot in Python so that you can make the most of this fantastic platform.

  • Qt Visual Studio Tools 2.4 RC Released

    The Visual Studio Project System is widely used as the build system of choice for C++ projects in VS. Under the hood, MSBuild provides the project file format and build framework. The Qt VS Tools make use of the extensibility of MSBuild to provide design-time and build-time integration of Qt in VS projects — toward the end of the post we have a closer look at how that integration works and what changed in the new release. Up to this point, the Qt VS Tools extension managed its own project settings in an isolated manner. This approach prevented the integration of Qt in Visual Studio to fully benefit from the features of VS projects and MSBuild. Significantly, it was not possible to have Qt settings vary according to the build configuration (e.g. having a different list of selected Qt modules for different configurations), including Qt itself: only one version/build of Qt could be selected and would apply to all configurations, a significant drawback in the case of multi-platform projects. Another important limitation that users of the Qt VS Tools have reported is the lack of support for importing Qt-related settings from shared property sheet files. This feature allows settings in VS projects to be shared within a team or organization, thus providing a single source for that information. Up to now, this was not possible to do with settings managed by the Qt VS Tools.

Screenshots/Screencasts: 10 GNU/Linux Distros (Screenshots) and New Screencast/Video of Endeavour OS 2019.08.17

  • 10 Linux distros: From different to dangerous

    One of the great benefits of Linux is the ability to roll your own. Throughout the years, individuals, organizations, and even nation states have done just that. In this gallery, we're going to showcase some of those distros. Be careful, though. You may not want to load these, or if you do, put them in isolated VMs. We're not kidding when we say they could be dangerous.

  • Endeavour OS 2019.08.17 Run Through

    In this video, we are looking at Endeavour OS 2019.08.17.

A Cycle of Renewal, Broken: How Big Tech and Big Media Abuse Copyright Law to Slay Competition

In 1950, a television salesman named Robert Tarlton put together a consortium of TV merchants in the town of Lansford, Pennsylvania to erect an antenna tall enough to pull down signals from Philadelphia, about 90 miles to the southeast. The antenna connected to a web of cables that the consortium strung up and down the streets of Lansford, bringing big-city TV to their customers — and making TV ownership for Lansfordites far more attractive. Though hobbyists had been jury-rigging their own "community antenna television" networks since 1948, no one had ever tried to go into business with such an operation. The first commercial cable TV company was born. The rise of cable over the following years kicked off decades of political controversy over whether the cable operators should be allowed to stay in business, seeing as they were retransmitting broadcast signals without payment or permission and collecting money for the service. Broadcasters took a dim view of people using their signals without permission, which is a little rich, given that the broadcasting industry itself owed its existence to the ability to play sound recordings over the air without permission or payment. The FCC brokered a series of compromises in the years that followed, coming up with complex rules governing which signals a cable operator could retransmit, which ones they must retransmit, and how much all this would cost. The end result was a second way to get TV, one that made peace with—and grew alongside—broadcasters, eventually coming to dominate how we get cable TV in our homes. By 1976, cable and broadcasters joined forces to fight a new technology: home video recorders, starting with Sony's Betamax recorders. In the eyes of the cable operators, broadcasters, and movie studios, these were as illegitimate as the playing of records over the air had been, or as retransmitting those broadcasts over cable had been. Lawsuits over the VCR continued for the next eight years. In 1984, the Supreme Court finally weighed in, legalizing the VCR, and finding that new technologies were not illegal under copyright law if they were "capable of substantial noninfringing uses." Read more

Software, HowTos and Storage

  • Pause Music When Locking The Screen And Resume On Unlock For Spotify, Rhythmbox, Others

    When you lock your computer screen (without suspending the system), most desktop audio players continue playback in the background, sometimes not emitting any sound ¹. Due to this you may unintentionally skip parts of podcasts or songs in a playlist, etc. Enter pause-on-lock, a Bash script that pauses your music player when you lock the screen and resumes playback once the screen is unlocked. pause-on-lock works on Unity, GNOME, Cinnamon and MATE desktop environments, and by default it supports Spotify and Rhythmbox. With the help of playerctl (a command line controller for controlling media players that support the MPRIS D-Bus interface), this script can extend its supported music players to many others, including Audacious, VLC, Cmus, and others.

  • Easy Way to Screen Mirroring Android on Ubuntu!

    Screen Mirroring is one of the features found on smartphones, one of which is on Android. This feature serves to display the smartphone to a computer. This is very useful for example when used for demo applications that you make, or maybe for other things related to smartphones. In Ubuntu, we can do screen mirroring with applications available on Android, for example is AirDroid which can be used for screen mirroring through a browser. But I feel less optimal when using this instant method. Because there is a lag between activity on the smartphone and on the monitor screen on the computer, and the results are less than optimal. What might be the cause because it is opened through a browser and uses wi-fi? (Personal question). I am looking for another application for screen mirroring on Ubuntu, and one of the very good applications is Scrcpy. This application can be used for screen mirroring without a root device.

  • Command line quick tips: Searching with grep
  • How to Install Cezerin on Debian 9
  • How to Create a Bootable USB Stick from the Ubuntu Terminal
  • How to Install Git on Debian 10
  • How to Copy/Move a Docker Container to Another Host
  • Six practical use cases for Nmap
  • The Next Stage of Flash Storage: Computational Storage
  • NAS upgrade

    At some point in the future I hope to spend a little bit of time on the software side of things, as some of the features of my set up are no longer working as they should: I can't remote-decrypt the main disk via SSH on boot, and the first run of any backup fails due to some kind of race condition in the systemd unit dependencies. (The first attempt does not correctly mount the backup partition; the second attempt always succeeds).

  • Storage Concepts And Technologies Explained In Detail