Language Selection

English French German Italian Portuguese Spanish

Security, Fear, Uncertainty, and Doubt

Filed under
Security

  • How IBM i Fits Into a Zero-Trust Security Framework [Ed: Authored by IBM shill funded by IBM]

    One of the hot new trends in cybersecurity these days is the zero-trust security model. Instead of implicitly trusting network traffic behind the firewall, zero-trust demands that traffic have explicit permission to be there. But how does that model work with the strange beast known as IBM i? IT Jungle recently sat down with PJ Kirner, the CTO and co-founder of zero-trust software provider Illumio, to find out.

    Illumio is an eight-year-old venture-backed startup based in Sunnyvale, California, that is working in the field of zero-trust security. It develops an offering, called Illumio Core, that allows companies to begin implementing the zero-trust security model in their own data centers.

    It’s a fairly radical shift in philosophy, Kirner says. “There’s a mentality change from ‘I trust everything’ to . . . ‘I need a policy enforcement point of some sort everywhere, not just in the one place at the boundary of two things,'” he says.

    When fully built out, an IT estate with an active zero-trust security model will resemble a party where only invited guests are allowed in. Building from a whitelist, or “allow list,” is starkly different than starting with a blacklist, or an “exclude list,” Kirner says. “If you start by saying just these two things are not allowed to talk, well, that’s a whole bunch of implicit trust around everything else,” he says.

    Illumio, which recently added support for IBM i systems, begins every zero-trust security engagement by making a map of network traffic behind the firewall. Illumio develops software that does this mapping, which can be quite illuminating in its own right.

  • New Windows 10 vulnerability allows anyone to get admin privileges
  • The virus rears its ugly head....

    There is a virus going around. We thought we were winning the battle against it, but powerful forces and events have allowed it to raise its ugly head and cause unforeseen additional hardship.
    People thought that it was not so bad, they did not listen to reason and take the precautionary measures necessary to protect themselves. In letting down their guard they were unprepared and unprotected.
    After months of machines being turned off, software licenses (with their expiration dates never “dormant”) are up for renewal.
    Many companies, educational institutions and public buildings (like libraries) are turning on their Wintel PCs for the first time in over a year and finding that they need to renew their licenses, not only for what is called an operating system on their computer, but also for many of the closed source, proprietary add-on software packages that owners purchased in a wild attempt to make their hardware somewhat useful.

    [...]

    This variant is called “Windows 11”, and the creator of it seems to be unable to tell you how much havoc it will create for you. Does it run on your otherwise great hardware? You have a decent processor, a lot of RAM, and you bought it just two or three years ago….but it might not run Windows 11.

  • UK.gov's Huawei watchdog says firm made 'no overall improvement' on firmware security but won't say why

    Huawei has made "no overall improvement" in software engineering processes for its UK telecoms equipment's firmware, its GCHQ overseers have warned.

    The Huawei Cyber Security Evaluation Cell (HCSEC) oversight board's annual report for 2020 was noticeably less critical than in previous years – but still says Huawei is dragging its feet in key areas.

  • Northern Train's ticketing system out to lunch as ransomware attack shuts down servers

    Publicly owned rail operator Northern Trains has an excuse somewhat more technical than "leaves on the line" for its latest service disruption: a ransomware attack that has left its self-service ticketing booths out for the count.

    "Last week we experienced technical difficulties with our self-service ticket machines, which meant all have had to be taken offline," a spokesperson for Northern Trains confirmed to the The Register.

  • Fortinet's security appliances hit by remote code execution vulnerability

    Security appliance slinger Fortinet has warned of a critical vulnerability in its products that can be exploited to allow unauthenticated attackers full control over the target system - providing a particular daemon is enabled.

    The vulnerability, discovered by Orange Group security researcher Cyrille Chatras and sent to Fortinet privately for responsible disclosure, lies in the FortiManager and FortiAnalyzer software running atop selected models in the company's FortiGate security appliance family. Should a particular daemon be enabled, the company admitted, a remote attacker can gain full control.

  • Romanian Linux Cryptojacking Cybercriminals Spotted [Ed: This is classic FUD as it's not a Linux issue but a weak password issue]

    Since at least 2020, an active threat organization based in Romania has been running a cryptojacking operation against Linux-based machines using the Golang-based SSH brute force, according to The Hacker News. The campaign's objective is to infect Linux systems with Monero mining applications.

More in Tux Machines

Microsoft's very bad year for security: A timeline

So far, 2021 has proved to be somewhat of a security annus horribilis for tech giant Microsoft, with numerous vulnerabilities impacting several of its leading services, including Active Directory, Exchange, and Azure. Microsoft is no stranger to being targeted by attackers seeking to exploit known and zero-day vulnerabilities, but the rate and scale of the incidents it has faced since early March has put the tech giant on its back foot for at least a moment or two. What follows is a timeline of the significant security events that have afflicted Microsoft in 2021, why it remains susceptible to serious vulnerabilities and attacks, and an assessment of its response according to experts from across the cybersecurity sector. Read more

Android Leftovers

Best Linux distro for power users in 2021

The Linux power user is a celebrated breed, and one that does not simply burst fully-formed from the earth. All newbies must toil long and hard with their Linux installations before they can describe themselves as one. At the very least, the power user will have a great degree of skill concerning all things Linux, whether it's the kernel, Bash or package management systems – and they won’t be afraid to get their hands dirty in the name of configuring the system. It seems, in many ways, that power users are a dying breed. Almost all modern Linux distributions require little effort to get up and running, or to install new software or configure basic functionality. By definition, no power user will want to run any of these distros. This is why, despite their popularity, the likes of Ubuntu and Mint are not featured here. On the other hand, control and flexibility are the hallmark of any distro meant for power users. The ones in this feature are user-driven, not guided. This gives them much greater adaptability, as well as allowing them to perform a diverse range of tasks. Read more

Devices: Simply NUC, Pine64, Arduino

  • Ubuntu-ready Ryzen V2000 mini-PC starts at $639

    Simply NUC has launched a $639-and-up “Cypress” mini-PC with AMD’s Ryzen V2000 plus 2.5GbE, 2x HDMI, 2x DP-ready Type-C, 3x USB 3.2 Gen2, and a 128GB SSD for one of the 2x M.2 slots. Simply NUC (or SimplyNUC) has launched a Cypress Long Life Mini mini-PC, named for its 7-year supply guarantee. The system offers pre-installed Ubuntu or Win 10 running on AMD’s 7nm, octa- and hexa-core Ryzen Embedded V2000. Pricing starts at $639 for a Cypress LLM2v5Cy SKU with the hexa-core, 2.1GHz/3.95GHz V2516, $689 for the LLM2v6CY with the hexa-core, 3.0GHz/3.95GHz V2546, and $829 for the LLM2v8CY with the top-of-the-line, octa-core 2.9GHz/4.25GHz V2748. All these prices include 4GB RAM, a 128GB SSD, 1-year support, and either no OS or pre-installed Ubuntu.

  • Build A Dog Ball Launcher That Kinda Looks Like A Dog | Hackaday

    The design is straightforward. The 3D printed housing features a large funnel into which a ball can be dropped. A servo then holds the ball while a pair of rollers are spun up by brushed DC motors. After two seconds, the servo releases the ball towards the rollers which launch the ball out of the machine. A Raspberry Pi Pico runs the show, controlling the timing of the ball launch and varying the motor speed to change the distance the ball is launched on each firing.

  • Arm adds virtual testing platform for Corstone Cortex-A and -M ref designs

    Arm has launched an “Arm Total Solutions for IoT” initiative that combines its Cortex-A- and -M based Corstone SoC reference designs with a new “Arm Virtual Hardware Targets” platform for virtual, cloud-based testing. In 2018, Arm launched an Arm Corstone subsystem product line comprising prevalidated SoC reference designs that combine its core IP with security, debug, memory subsystems, and in some cases, NPUs. Now, Arm has expanded Arm Corstone with a cloud-based Arm Virtual Hardware Targets testing and development platform aimed at IoT. Together with a new Project Centauri ecosystem initiative for Cortex-M developers, the programs are wrapped up into an “Arm Total Solutions for IoT” umbrella platform.

  • 248: PinePhone Pro: Exclusive Interview with Pine64

    This week’s episode of Destination Linux, we’re being joined by Lukasz Ericenski of Pine64 for an Exclusive Interview about the new PinePhone Pro! Then we’re going to talk about NTFS improvements coming to the Linux kernel. Plus we’ve also got our famous tips, tricks and software picks. All of this and so much more this week on Destination Linux. So whether you’re brand new to Linux and open source or a guru of sudo. This is the podcast for you.

  • Amazon offered me half of what I paid for my Galaxy S20 FE 5G. The phone is so awful that I’m considering it. – BaronHK's Rants

    I’m considering a Pine Phone Pro. My spouse laughed at me when I said it runs GNU/Linux and lets you do whatever you want. It sounds like the anti-iPhone to me. No crAPPs. No vendor lock-in. No freemium junk. But Samsung has been going downhill for years. Now, they don’t even want to talk to you unless you have thousands of dollars for a phone that will be obsolete or broken in a matter of 24-36 months (the Z series). The Pine Phone Pro is going to be $399 and Amazon is offering me a $200 gift card for this Galaxy phone. Which is half of what I paid for it last year, but I’m considering it. The stupid thing barely even works at all since T-Mobile bought Sprint and put the T-Mobile Network Experience SIM card in it. The stupid thing malfunctions the worst when I have 5G turned on, but it’s not great in LTE mode either. When it can get a network signal, the piece of trash is either beeping at me because it’s Samsung wanting me to agree to a new EULA or use Microsoft products that are also trash that I don’t want. (With NSA backdoors.) In the past 5 years, Samsung phones have gone from a couple of crapplets, just disable them, whatever, to an entire phone screaming at you that you MUST use Microsoft products.

  • Arduino Brings USB Mouse to Homebrew computer

    When building your own homebrew computer, everything is a challenge. Ultimately, that’s kind of the point. If you didn’t want to really get your hands dirty with the nuts and bolts of the thing, you wouldn’t have built it in the first place. For example, take the lengths to which [rehsd] was willing to go in order to support standard USB mice on their 6502 machine.