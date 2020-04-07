Security Leftovers
-
Security updates for Thursday
Security updates have been issued by CentOS (firefox, ipmitool, krb5-appl, and telnet), Debian (ceph and firefox-esr), Mageia (firefox), openSUSE (bluez and exiv2), Red Hat (firefox), SUSE (ceph, libssh, mgetty, permissions, python-PyYAML, rubygem-actionview-4_2, and vino), and Ubuntu (libiberty and libssh).
-
NASA CIO Agencywide Memo: Alert: Cyber Threats Significantly Increasing During Coronavirus Pandemic [iophk: Windows TCO]
A new wave of cyber-attacks is targeting Federal Agency Personnel, required to telework from home, during the Novel Coronavirus (COVID-19) outbreak. During the past few weeks, NASA’s Security Operations Center (SOC) mitigation tools have prevented success of these attempts. Here are some examples of what’s been observed in the past few days: [...]
-
Apple Safari Flaws Enable One-Click Webcam Access
A security researcher has disclosed vulnerabilities in Apple’s Safari browser that can be used to snoop on iPhones, iPads and Mac computers using their microphones and cameras. To exploit the flaws in a real-world attack, all an attacker would need to do is convince a victim to click one malicious link.
Security researcher Ryan Pickren has revealed details on seven flaws in Safari, including three that could be used in a kill chain to access victims’ webcams. The vulnerabilities were previously submitted to Apple via its bug-bounty program and have been patched – however, technical details of the flaws, including a proof of concept (PoC) attack, were kept under wraps until Pickren’s recent disclosure.
-
OK Zoomer: avoiding a privacy disaster in the post-coronavirus world
It would be an understatement to say that Covid-19 has affected practically every aspect of our lives, given the scale of the transformation. Its impact on privacy, too, is evident. Last week, this blog wrote about a rush by governments around the world to use smartphones to help enforce quarantines and carry out contact tracing. However, a problem can also be an opportunity. One technology company is not just coping with the coronavirus wave, but thriving. Almost overnight, the videoconferencing app Zoom, hitherto mainly used by companies, became an indispensable tool for life under lockdown, and its most representative social platform.
-
Security monitoring in Linux with Tripwire
Every sysadmin loses sleep every once and a while over system intrusions. Nobody wants a server they're responsible for to be compromised. The problem is, even though you may review logs regularly, a truly effective system intrusion doesn't leave obvious logs lying around. This makes it difficult to know definitively whether your systems are secure.
In addition to setting SELinux to Enforcing and implementing regular pentests, one of the best ways to monitor your system for security breaches is to — well, monitor your system for security breaches. If that seems easier said than done, then you need to try Tripwire. Tripwire is a file integrity monitoring tool that watches for changes to critical files on your system. This article shows you how to install, setup, and use Tripwire on your network.
Tripwire is both a company and an open-source code base. You can purchase monitoring from Tripwire, or you can use the GPLv2 code they've made available on GitHub. The usual trade-offs apply. If you pay for it, Tripwire does most of the hard work for you, and all you have to do is pay attention to the reports. If you implement Tripwire yourself, then you get to set it up and configure it on your own.
-
sshd attack traffic
I firmly believe that security through obscurity is a fail. However, I do believe that all things being equal, making it a bit more obscure is better as long as you aren’t introducing more failure points, like a port knocker that has it’s own security bugs. Thus I’ve always run my sshd service on an alternative port. It’s simple, and keeps my logs clean and shouldn’t cause any additional security risks. Of course I use a secure configuration and keep my software up to date. However, I found out that in the past few weeks that my port of choice has been discovered.
After the sad realization that I would need to pick a more random port I decided to look at the attempts to brute force my sshd service and summarize what I found.
-
Remote Linux Desktops Made Easier & More Secure Than Ever
-
Why I Don’t Use A Static Site Generator
Yeah, I hear you, WordPress is less secure than a static site. There’s no getting away from that fact – there’s no admin interface for a threat actor to compromise.
For me, the potential risk of running WordPress vs a static site is what’s important here. By using strong passwords, multi-factor authentication and good InfoSec hygiene, the potential attack surface of WordPress is significantly reduced.
-
- Login or register to post comments
- Printer-friendly version
- 856 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
today's howtos
Open Hardware and Some Traps
Google Chromebook vs. Gallium Chromebook
Chromebooks have been improving a lot over the years. They’re not just web browsers with keyboards anymore. Many Chromebooks can now run Linux programs via an included Crostini virtual machine container, and many can also run Android apps. (As long as it’s not enrolled in enterprise management: Be careful about buying refurbished Chromebooks.) Those additions can greatly improve the usefulness of Chromebooks and greatly reduces their limitations. A few months ago, I wrote that a $99 Chromebook with Gallium OS installed is so much better. That was just an editorial with a “how to” though and I didn’t provide any in-depth experimentation or proof, so that’s what we’re going to do in this article. I bought two refurbished $60 Lenovo N22 Chromebooks and installed Gallium OS on one of them while letting the other one update itself to the latest version of Chrome OS 80. This is after I got them un-enrolled from Google’s Enterprise Management of course.
Canonical/Ubuntu: Snap Store, Center for Internet Security (CIS) and MAAS
Recent comments
13 min 27 sec ago
16 min 35 sec ago
21 min 13 sec ago
45 min 25 sec ago
1 hour 23 min ago
1 hour 38 min ago
1 hour 57 min ago
3 hours 2 min ago
3 hours 9 min ago
3 hours 11 min ago