Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • New coalition aims to combat growing wave of ransomware attacks [iophk: Windows TCO]

    The California-based nonprofit aims to produce recommendations that will help governments and the private sector tackle the scourge of ransomware attacks.

    [Attackers] have increasingly used these types of attacks -- which involve accessing and encrypting the victim’s network and demanding payment to allow access again -- to hit major targets, with city governments in Atlanta, Baltimore and New Orleans severely impaired by ransomware attacks over the past two years.

    More recently, hospitals have become a target during the COVID-19 pandemic, with cyber criminals seeing vulnerable hospitals as easy targets more likely to pay a quick ransom as health care systems struggle to keep up with coronavirus cases. In some instances, the cyberattacks have been blamed for deaths due to delayed care.

  • This tiny shortcut can completely crash your Windows 10 device

    A zero-day exploit has been discovered that can crash your Windows 10 device – and, even more worrying, can be delivered inside a seemingly harmless shortcut file. The vulnerability can corrupt any NTFS-formatted hard drive and even be exploited by standard and low privilege user accounts.

    Security researcher Jonas Lykkegaard referenced the vulnerability on Twitter last week and had previously drawn attention to the issue on two previous occasions last year. Despite this, the NTFS vulnerability remains unpatched.

    There are various ways to trigger the vulnerability that involve trying to access the $i30 NTFS attribute on a folder in a particular way. One such exploit involves the creation of a Windows shortcut file that has its icon location set to C:\:$i30:$bitmap. Bleeping Computer found that this triggered the vulnerability even if users did not attempt to click on the file in question. Windows Explorer’s attempts to access the icon path in the background would be enough to corrupt the NTFS hard drive.

  • This Easily-Exploitable Windows 10 NTFS Bug Can Instantly Corrupt Your Hard Drives

    Jonas says that this Windows 10 bug isn't new and has been around since the release of Windows 10 April 2018 Update, and remains exploitable on the latest versions, as well. BleepingComputer shared that the problematic command includes $i30 string, a Windows NTFS Index Attribute associated with directories.

    [...]

    After running the command, Windows 10 will start displaying prompts to restart the device and repair the corrupted drive. Apparently, the issue also impacts some Windows XP versions and similar NTFS bugs have been known for years but are yet to be addressed by the Windows maker.

  • Nidhi Razdan, Phishing, And Three Hard Lessons

    Nidhi Razdan, a career journalist, became a victim of an elaborate phishing attack that made her quit her 21-year-old job and part with many of her personal details.

  • Windows Finger command abused by phishing to download malware

    Attackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices.

    The 'Finger' command is a utility that originated in Linux/Unix operating systems that allows a local user to retrieve a list of users on a remote machine or information about a particular remote user. In addition to Linux, Windows includes a finger.exe command that performs the same functionality.

Windows 10 bug corrupts your hard drive on seeing this file

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

IBM/Red Hat: Kafka Monthly Digest, Red Hat Upselling, and Cockpit 239

  • Kafka Monthly Digest – February 2021

    This is the 37th edition of the Kafka Monthly Digest! In this edition, I’ll cover what happened in the Apache Kafka community in February 2021.

  • 5 ways Red Hat Insights can improve your sysadmin Life

    The way we do things is changing fast. This has become a necessity as our systems get more complex, our workloads evolve, and our deployments rapidly grow in size. Thanks to the innovations brought about by openness and collaboration, we can develop tools and services to cope with these quickly evolving times. For us to reap the benefits of these advancements, we should open ourselves to carefully exploring how various tools suit our requirements and fit into or change our norms. By doing so, we may simplify a lot of our mundane tasks, reduce overhead, and address the major pain points in our operations. Having worked as a sysadmin in the past, I've discovered many automation tools and services that have made my life easier. One of the most recent is Red Hat Insights. In this article, I share five ways this service that is included with your Red Hat Enterprise Linux (RHEL) subscription can improve your life as an admin.

  • Cockpit Project: Cockpit 239

    Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from Cockpit version 239.

LibreOffice 7.1.1 Community available for download

LibreOffice 7.1.1 Community, the first minor release of the LibreOffice 7.1 family, targeted at technology enthusiasts and power users, is available for download from https://www.libreoffice.org/download/. LibreOffice 7.1.1 includes over 90 bug fixes and improvements to document compatibility. For enterprise-class deployments, TDF strongly recommends the LibreOffice Enterprise family of applications from ecosystem partners, with long-term support options, professional assistance, custom features and Service Level Agreements: https://www.libreoffice.org/download/libreoffice-in-business/. LibreOffice Community and the LibreOffice Enterprise family of products are based on the LibreOffice Technology platform, the result of years of development efforts with the objective of providing a state of the art office suite not only for the desktop but also for mobile and the cloud. Products based on LibreOffice Technology are available for major desktop operating systems (Windows, macOS, Linux and Chrome OS), mobile platforms (Android and iOS) and the cloud. They may have a different name, according to each company brand strategy, but they share the same LibreOffice unique advantages, robustness and flexibility. Read more

croc Is A Tool For Resumable, Encrypted File And Folder Transfers Between Computers (Command Line)

croc is a free and open source command line tool for secure file transfers between computers. It uses relay-assisted peer-to-peer transactions and end-to-end encryption via password-authenticated key exchange. The program is written in Go and is available for Microsoft Windows, macOS, Linux and *BSD. The idea behind croc is being able to transfer files and folders between cross-platform computers securely, fast and easy. With support for resumable, peer-to-peer transfers. As a bonus feature, croc is also able to securely transfer a short text or URL directly. The data transfer is done using a relay, either using raw TCP sockets or websockets. When the sender and the receiver are on the same LAN, croc uses a local relay, otherwise a public relay is used. Thanks to this, croc can send files between computers in the same LAN, or over the Internet, without having port-forwarding enabled. The data going through the relay is encrypted using a PAKE-generated session key. For this, croc uses code phrases, a combination of three random words. By default, a code phrase can only be used once between two parties, so an attacker would have a chance of less than 1 in 4 billion to guess the code phrase correctly to steal the data. Read more

Linux distributions: All the talent and hard work that goes into building a good one

I regularly read the Linux Mint Blog, not only because it is useful to keep up with what is happening with the Linux Mint distribution but also because it occasionally gives very interesting insights into the development and maintenance of a Linux distribution in general, and the Linux Mint distribution(s) in particular. To be honest, I was disappointed some years ago when Clem (Clement Lefebvre) discontinued his Segfault blog, because it always contained good technical information and interesting insights. Read more