Security Leftovers
-
Security updates for Tuesday
Security updates have been issued by Debian (checkstyle), Fedora (poppler), Oracle (kernel), Red Hat (389-ds:1.4, java-1.7.1-ibm, java-1.8.0-ibm, nss-softokn, and spice-gtk), and Scientific Linux (spice-gtk).
-
The Linux Kernel Now Seeing Patches For AMD SEV-ES "Encrypted State" Support
While since 2016~2017 AMD has been posting Linux kernel patches for Secure Memory Encryption (SME) and Secure Encrypted Virtualization, coming out this morning is finally the first public patch series wiring up the Linux kernel for SEV-ES as further enhancing virtualization encryption.
On top of the Secure Encrypted Virtualization support that's been plumbed into the mainline Linux kernel and related components for a while now, AMD and SUSE developers have sent out the patches today for SEV "Encrypted State" support.
-
Outlaw Hacking Group Updates Toolkit To Mine Monero (XMR) And Kill Off The Competition
The cybersecurity firm Trend Micro says it has detected the Outlaw hacking group has been upgrading its stealing-from-enterprises data kit for about half a year already.
Outlaw has been very quiet since June 2019, only to become active again in December, when it started making upgrades to the stealing data kits. It seems now they’re able to target more systems, says a Trend Micro analysis from February 10. They can steal data from the finance and automotive industries.
-
Hackers Group “Outlaw” Back to Business with Updated Kit
The “Outlaw” hacking group has emerged out of the shadows again, and according to the analysis of Trend Micro researchers, they are using updated exploitation kits. As it becomes evident now, the cybercriminals had paused their activity in order to work on their toolkits, which is crucially important when trying to launch successful attacks. The updates bring better target scanning capabilities, improved evasion techniques, looped file execution via error messages, and detection and removal of previous versions of miners used by the same actors. Right now, the group is tentatively testing their new tools in the wild by targeting new and old targets in the United States and Europe.
-
Lessons learned maintaining EdgeDeflector for Windows 10
Three years ago, I released EdgeDeflector; a tiny open-source utility program for Windows 10. It reinforces the default web browser setting in situations when Microsoft ignores its own setting and pushes you to use its Edge browser instead. It’s a tiny software project that I’ve not had to write any new code for in years. However, supporting it has proven a frustrating experience. The origin story of EdgeDeflector is a tiny act of rebellion against tech behemoths abusing their market positions. Microsoft uses Windows 10 features like Search, Cortana, and others to force users to open links in its Microsoft Edge web browser. The operating system has a default web browser setting, but Microsoft circumvents this setting in certain parts of its operating system. It doesn’t respect the choices of its consumers to not use its software. EdgeDeflector gave back this control. EdgeDeflector was positively received by users and has been downloaded over 300 000 times. 265 000 through the project page on GitHub and 35 000 times from mirrors. It popped up in all the Windows news/fan blogs within a few months of its launch. It still occasionally receives coverage from tech blogs with nothing more original to cover. Also: I opened up Edge to test something and it added BING as a search provider in Firefox. The only thing in there before was DuckDuckGo.
Guake 3.7.0 Drop-Down Terminal Released With Option To Change Terminal Colors On A Per-Tab Basis, More
Guake drop-down terminal version 3.7.0 has been released with the ability to set terminal background and foreground color on a per-tab basis, an option to only show the last directory of the current path as the terminal name, and more. Guake is a drop-down terminal for GNOME-based desktops with many cool features like split terminal functionality, session save and restore, transparency, 150+ built-in color schemes, and more. It's inspired by the famous Quake console that can be revealed and hidden using a single key. Show Guake using the assigned key (F12 by default), execute the command you want or take a quick look at some long-running command's output, then press the key again (or set Guake to automatically hide when it loses focus) to hide the terminal so you can go back to what you were doing previously with minimal interference.
