Language Selection

English French German Italian Portuguese Spanish

Security: Windows Back Doors, China Plans to Create a Technology Security Management System and More

Filed under
Security
  • Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

    But according to Joe Stewart, a seasoned malware analyst now consulting with security firm Armor, the malicious software used in the Baltimore attack does not contain any Eternal Blue exploit code. Stewart said he obtained a sample of the malware that he was able to confirm was connected to the Baltimore incident.

  • China Plans to Create a Technology Security Management System

    The National Development and Reform Commission has been tasked with setting up the list system which aims to “more effectively forestall and defuse national security risks,” Xinhua reported on Saturday. Details on the measures will be provided in the near future, according to the news agency.

  • BGP event sends European mobile traffic through China Telecom for 2 hours

    The incident started around 9:43am UTC on Thursday (2:43am California time). That's when AS21217, the autonomous system belonging to Switzerland-based data center colocation company Safe Host, improperly updated its routers to advertise it was the proper path to reach what eventually would become more than 70,000 Internet routes comprising an estimated 368 million IP addresses. China Telecom's AS4134, which struck a network peering arrangement with Safe Host in 2017, almost immediately echoed those routes rather than dropping them, as proper BGP filtering practices dictate. In short order, a large number of big networks that connect to China Telecom began following the route.

    The result: much of the traffic destined for telecommunications providers using the affected IP addresses passed through China Telecom equipment before either being sent to their final stop or being dropped during long waits caused by the roundabout paths. [...]

  • Fortune 500 company Tech Data leaks 264GB of private data

    While the card numbers were obfuscated, the data wasn't encrypted, and it's possible there's more than this: going through an entire 264GB file is somewhat time-consuming, after all. The site did say the sample its reporters saw contained "tens of thousands of customers," and it was a fraction of the larger database.

    This data was kept on a server for support agents to look at for troubleshooting purposes, but the company had neglected to put a password on it - meaning anybody with access to a web browser could look at the logs at will.

  • An Open Source Program Aims to Help Idaho Shore Up Cyberdefenses

    The mitigation of phishing is a top priority for Idaho, said ITS Administrator Jeff Weak. Phishing is the practice of sending emails that appear to be from a reputable source but hide malware links or try to convince users to reveal personal or system information.

    “Phishing, in general, that’s our biggest threat because we can stop a lot of the payload of most malware coming through. We have multiple layers of detection going through our email system so it will strip out virtually anything that looks out of place,” Weak said. “Where that gets tricky is in hyperlinks and things of that nature that look natural to an email or if it’s embedded into another link inside of a Word document, for example.”

    Idaho is currently in its second year of mandated cybersecurity training for state employees, he said. The learning modules, provided by KnowBe4, include a phishing course. One goal is to educate personnel on differentiating emails that make it past current cyberdefenses and into their inboxes.

  • Malicious Actors Create “Frankenstein Monsters” by Combining Open Source Components [Ed: TechNadu has somehow managed to blame security issues in Windows (which is insecure by design) on "open source"; amazing spin]

    Examples of these open source and freely available components include a tool that leverages MSBuild to execute a PowerShell command, another GitHub hosted project called Fruityc2 that is used to build stagers, the “PowerShell Empire”, and an article to help the attackers detect whether their software is running in a virtual machine or not. The reason for using open source tools is not only because they are free and readily available, but also because they feature higher operational security and make the malicious activities and the group behind them harder to detect. Custom tools on the other side leave unique traces, as they are developed by specific groups of hackers.

  • Checkmarx Makes SCA Market Waves with Enhanced Open Source Security Offering

More in Tux Machines

DebConf19 invites you to Debian Open Day at the Federal University of Technology - Paraná (UTFPR), in Curitiba

DebConf, the annual conference for Debian contributors and users interested in improving the Debian operating system, will be held in Federal University of Technology - Paraná (UTFPR) in Curitiba, Brazil, from July 21 to 28, 2019. The conference is preceded by DebCamp from July 14 to 19, and the DebConf19 Open Day on July 20. The Open Day, Saturday, 20 July, is targeted at the general public. Events of interest to a wider audience will be offered, ranging from topics specific to Debian to the greater Free Software community and maker movement. The event is a perfect opportunity for interested users to meet the Debian community, for Debian to broaden its community, and for the DebConf sponsors to increase their visibility. Less purely technical than the main conference schedule, the events on Open Day will cover a large range of topics from social and cultural issues to workshops and introductions to Debian. Read more

Sparky Linux 5.8

Today we are looking at Sparky Linux 5.8. This point release of Sparky 5 comes with LXQt 0.14.1, Debian Buster, Linux Kernel 4.19 and uses about 350MB of ram when idling. Sparky Linux LXQt has become one of my favorites, as it has a modern feeling, with the latest of Qt and the stability of Debian, makes it one great combination. Enjoy! Read more Direct/video: Sparky Linux 5.8 Run Through Under an hour ago:

  • What?s next Sparky?

    As before, after releasing a new stable version of Sparky, there are a few changes to do. So… Sparky 4 “Tyche” is moved to oldstable line now. The latest 4.11 release is the last one of the 4 line, but it is still supported, the next 2 years about. Sparky 5 “Nibiru” just released, moving it from testing to stable line. The stable live/install media are available for i686, amd64 & armhf archs (the same as the older release).

Android Leftovers

Fedora and IBM/Red Hat: Network Security Toolkit (NST), Fedora CoreOS and Openwashing at OSCON

  • Network Security Toolkit (NST) 30 SVN 11210, which is Based on Fedora 30

    Network Security Toolkit (NST) is a Linux-based live operating system that provides a set of free and open-source computer security and networking tools to perform routine security and networking diagnostic and monitoring tasks. It is based on Fedora and NST has included comprehensive set of Open Source Network Security Tools, which is published in sectools.org website. It is offering an advanced Web User Interface (GUI) for system/network administrator, which allows them to configure many network and security applications. NST Team is pleased to announce the latest NST release of “NST 30 SVN:11210” on 1th July 2019.

  • Fedora announces the first preview release of Fedora CoreOS as an automatically updating Linux OS for containerized workloads

    Three days ago, Fedora announced the first preview release of the open-source project Fedora CoreOS as a secure and reliable host for computer clusters. It is specifically designed for running containerized workloads with automatic updates to the latest OS improvements, bug fixes, and security updates. It is secure, minimal, monolithic and is optimized for working with Kubernetes. The main goal of Fedora CoreOS is to be a reliable container host to run containerized workloads securely and at scale. It integrates Ignition from Container Linux technology and rpm-ostree and SELinux hardening from Project Atomic Host. Fedora CoreOS is expected to be a successor to Container Linux eventually. The Container Linux project will continue to be supported throughout 2019, leaving users with ample time to migrate and provide feedback. Fedora has also assured Container Linux users that continued support will be provided to them without any disruption. Fedora CoreOS will also become the successor to Fedora Atomic Host. The current plan is for Fedora Atomic Host to have at least a 29 version and 6 months of lifecycle.

  • IBM helps developers use open source and machine learning

    As artificial intelligence and machine learning become more widespread, it's essential that developers have access to the latest models and data sets. Today at the OSCON 2019 open source developer conference, IBM is announcing the launch of two new projects for developers.