Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

                   

  • SolarWind, enough with the password already!

                     

                       

    This is a much delayed discussion on the complexity and nuance of the SolarWind hack. The simplistic and wrong messaging from some quarters of the infosec community has resulted in an atrocious misunderstanding of the hack in the public sphere. This has extended into the policy world as these bad takes are treated as cogent analysis.

  •                

  • Microsoft chief's claims on cloud security result in sharp rejoinder

    Comments made by Microsoft president Brad Smith to the US Senate Select Committee on Intelligence, which held a hearing on the SolarWinds attacks last week, claiming that there is more security in the cloud than in on-premises servers, have met a tough response from former NSA hacker Jake Williams, who characterised them as having caused more harm to security than the SolarWinds attackers did in the first place.

    Williams, a well-known figure in the infosec community who runs his own private security outfit, Rendition Infosec, said in a tweet: "I've been thinking a LOT about Brad Smith's testimony this week about #SolariGate. He repeatedly implies that if organisations 'just' adopt a cloud first model, they won't experience these sorts of attacks. I called that reckless then, I'm doubling down now."

    [...]

    The SolarWinds attacks were first revealed by the American security firm FireEye on 9 December, when it revealed that its Red Team tools had been stolen. Five days later, FireEye issued a blog post outlining the scale of the attack as known at that stage: a global campaign to compromise public and private sector bodies through corruption of software supply chains, using software that runs on Windows.

    FireEye chief Kevin Mandia also gave testimony to the same committee hearing.

    Williams said Smith should have offered more nuance and caveats in his statements. "With his statements that lacked appropriate nuance and caveats, I predict that Smith has caused more harm to security than the Russians did with #SolariGate in the first place," he said. "Yes, I know that's a strong statement. Yes, I mean it."

    He added: "A lot of leadership who don't know any better heard this testimony and are constructing cloud-first directives as I type this. But they're doing it without understanding the risks and trade-offs. They're doing this without the benefit of creating a strategy first."

    Microsoft has made a number of statements since the attack first came to light, initially denying its products were part of the problem, but later admitting that the attackers had accessed its source code.

  •  

  • The World Economic Forum Warns That 2021 Could Be The Year Of The CyberAttacks

    Klaus Schwab, founder of the World Economic Forum and author of the book "COVID19: The Great Reset", has repeatedly warned about the possibility of devastating large-scale cyberattacks. One of his firmest warnings was given in a heartwarming speech at the WEF-sponsored Cyber Polygon event on July 24th, 2020. The World Economic Forum Centre for Cybersecurity expects the total cost of cyberattacks this year to be $6 trillion.

    [...]

    Running up-to-date free software based solutions such as Linux and *BSD is a good preventative measure against real cyberattacks. It will, sadly, not do much difference if a government decides to cut power or Internet access as part of a global "Great Reset" agenda or because inconvenient mass-demonstrations break out.

  •            

  • Switching back to OpenSSL

                 

                   

    For most users, there should be no noticeable change. If you have any packages installed that are no longer provided by Void, or your system has explicit dependencies on LibreSSL, you will of course need to take action to ensure your system continues to function after the switch.

  •            
      

  • Microsoft patches serious NTFS drive corruption flaw in Windows 10... but there's a catch

    Around a month and a half ago we reported about a serious flaw in Windows 10 that could be exploited to corrupt the contents of an NTFS drive. With Microsoft dawdling in its response, it was down to security researchers from OSR to produce a third-party patch.

    But now Microsoft has stepped up to the plate and, finally, come up with an official fix for the flaw. Sadly, it's not all good news as the fix is not currently available for everyone.

More in Tux Machines

today's howtos

  • LFCA: Learn Binary and Decimal Numbers in Network – Part 10

    In Part 9 of the LFCA series, we covered the basics of IP addressing. To better understand IP addressing, we need to pay more attention to these two types of IP address representation – binary and decimal-dotted quad notation. As mentioned earlier, an IP address is a 32-bit binary number that is usually represented in decimal format for ease of readability. The binary format uses only the digits 1 and 0. This is the format that your computer comprehends and through which data is sent across the network. However, to make the address human-readable. It is conveyed in a dotted-decimal format which the computer later converts into binary format. As we stated earlier, an IP address is made up of 4 octets. Let’s dissect the IP address 192.168.1.5.

  • 6 advanced tcpdump formatting options

    The final article in this three-part tcpdump series covers six more tcpdump packet capturing trick options.

  • 5 Funny Commands to use in Linux and Terminal

    Not everything in Linux is serious, fortunately we can find fun programs created for the sole purpose of entertaining us. You may be wondering why? Well, because we are human and at the end of the day we need a little variety, laughter and maybe a drink on the train. And yes, speaking of the train, let’s introduce you to the first fun command-type application in Linux.

  • Ubuntu Blog: Should you ever reinstall your Linux box? If so, how?

    Broadly speaking, the Linux community can be divided into two camps – those who upgrade their operating systems in-vivo, whenever there is an option to do so in their distro of choice, and those who install from scratch. As it happens, the former group also tends to rarely reinstall their system when problems occur, while the latter more gladly jump at the opportunity to wipe the slate clean and start fresh. So if asked, who should you listen to? The question of system management in Linux is a complex one, with as wide a range of answers as there are distributions. In this blog post, we discuss the concept of reinstall, and whether it’s necessary. Then, we address several other closely related ideas like system imaging, full disk encryption, and data backups. [...] System problems are an unfortunate side effect of software usage. With some luck and operational discipline, you can avoid most of them. When they do happen, you want to know what to do. Reinstalling your Linux system is always an option, but it’s usually not necessary, even for various difficult, complex problems. Even if you do decide to reinstall, you should consider using a live session to inspect the system or perform any last-minute backups, have a solid backup procedure in place regardless, and weigh the benefits of encryption against your day-to-day needs and risks. System images can also help you reduce the hassle of getting back to speed when you do decide to “reset” your distro. That’s all we have on Linux reinstallations. If you have any comments or suggestions, please join our forum, and let us know your thoughts.

Star Labs Launches Coreboot Configurator for Its Linux Laptops

After many months of hard work, last month, Star Labs finally added support for installing the Coreboot open-source firmware in its Star LabTop Mk IV and Star LabTop Mk III Linux laptops, giving users faster boot times and a more secure boot experience where they have full control over their hardware. Today, Star Labs announced a new version of Coreboot that fixes various bugs, along with Coreboot Configurator, a new app that lets owners of its Linux-powered laptops to change various settings of the Coreboot open-source firmware via the nvramtool command-line utility. Read more

Proxmox Backup Server 1.1

We are happy to announce version 1.1 of Proxmox Backup Server! The enterprise backup solution for backing up and restoring VMs, containers, and physical hosts seamlessly integrates into the virtualization management platform Proxmox Virtual Environment, allowing users to simply add a server as a new storage target. Read more Also Debian based: Rocket.Chat Desktop

LXQt 0.17.0 Desktop Environment Released, Here’s What’s New

Arriving more than five months after LXQt 0.16.0, the LXQt 0.17.0 release is here to add an option to the Panel to make it act as a dock by automatically hiding itself when it overlaps a window, add full support for file creation times in the file manager, as well as to add support for non-LXQt apps to save their last settings when the session is terminated. Moreover, LXQt 0.17.0 add separate idle watchers for AC and battery to the Power Manager, lets users create launchers from Tools menu of the file manager, improves support for SVG icon sets, improves opening of a mixed selection of files with different mime types, and adds natural keyboard navigation on the desktop. Read more