Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Monday

    Security updates have been issued by Debian (aspell, intel-microcode, krb5, rabbitmq-server, and ruby-actionpack-page-caching), Fedora (chromium, containernetworking-plugins, containers-common, crun, fossil, podman, skopeo, varnish-modules, and vmod-uuid), Gentoo (leptonica, libsdl2, and libyang), Mageia (golang, lib3mf, nodejs, python-pip, redis, and xstream), openSUSE (containerd, crmsh, curl, icinga2, and systemd), Oracle (containerd), and Red Hat (thunderbird).

  • Running FIPS 140 workloads on Ubuntu | Ubuntu

    Even though cryptography is used by almost every application today, the implementation of it is usually delegated to specialized cryptographic libraries. There are multiple reasons for that, including that implementing cryptography is not easy, and in fact it is easy to get wrong. Small mistakes–such as reusing a nonce–may render the data encrypted by an application recognizable. At the same time, the security landscape changes so fast that secure software of 10 years ago can no longer withstand attacks that exploit newly discovered vulnerabilities. For instance, algorithms like RC4 that were dominant in the early days of Internet commerce are today considered broken.

    How can we be assured that these cryptographic applications and libraries implement cryptography correctly and follow best practices such as not using legacy cryptography? As cryptography is sensitive to governments around the world, there is no universally accepted answer yet. To address this problem in the U.S., NIST developed FIPS 140, a data protection standard that is our focus in this article.

    FIPS 140 defines security requirements related to the design and implementation of a cryptographic module, or in software terms, for an application or library implementing cryptography. The standard has multiple levels of security, from levels 1 to 4, with level 1 applying to software implementations, while level 2 and further applying to specialized hardware alongside its software. On level 1, the standard requires the use of known, secure cryptographic algorithms and modes for data protection and requires their logical separation from the application. It further includes a certification process that ensures that the claims are tested and attested by an accredited lab by NIST.

    In essence the FIPS 140 standard ensures that cryptography is implemented using well known secure designs, follows certain best practices, does not involve obscure algorithms, and that there is a due process in attestation.

  • Renewed FIPS 140-2 Validation For Red Hat Enterprise Linux 8.2 | TFiR: Interviews, News & Analysis by Swapnil Bhartiya

    Red Hat has announced the renewal of the Federal Information Processing Standard 140-2 (FIPS 140-2) security validation for Red Hat Enterprise Linux 8.2. The second FIPS certification for the Red Hat Enterprise Linux 8 platform, this validation indicates Red Hat’s leadership and commitment to providing a more secure backbone for the innovation of open hybrid cloud.

    With this validation for Red Hat Enterprise Linux 8.2, many of Red Hat’s open hybrid cloud offerings also retain the FIPS 140-2 certification as layered products building on Red Hat Enterprise Linux 8.2’s cryptography modules. These include but are not limited to: Red Hat Ceph Storage, Red Hat Gluster Storage, Red Hat OpenShift, Red Hat OpenStack Platform, Red Hat Satellite, and Red Hat Virtualization.

  • The 10 Best Tools to Scan Your Linux Server for Malware and Security Flaws

    Linux is downright one of the most popular and secure operating systems for large-scale servers. Despite its widespread usage, it remains vulnerable to cyberattacks. Hackers target servers to either shut them down or steal valuable information.

    There is a pressing need to develop counter-hacking methods to brace security breaches and malware attacks. This is possible by hiring cybersecurity professionals; unfortunately, this can prove to be a costly affair. The next best solution is to install scanning tools that fit like a hand in glove for your Linux systems.

More in Tux Machines

liveslak-1.4.0 and new ISO images are available

It’s that time again for a fresh batch of ISOs for Slackware Live Edition. The ISO files are based on Slackware-current of “Sat Oct 23 18:57:30 UTC 2021” and using the liveslak-1.4.0 scripts. The Slackware-current snapshot on which the Live ISOs are based contains a Linux 5.14.14 kernel. This is not yet the pre-emptive variant of 5.14.14 which you can find in “./testing” inside today’s Slackware-current mirrors. However, you can use liveslak’s “upslak.sh” script to easily upgrade the kernel on your persistent USB Live if you want. It’ll be interesting to see how it improves real-time performance on the DAW Live platform. Read more

Fedora 34, A Review of Flatpak-Wayland Desktop Mix Part I

Fedora already did a great job in Flatpak integration. They made their own Flatpak repository and made it easy to add Flathub.org. The initial experience is very poor, it is very slow and almost often freezing the system, although how to use it is already clear enough. Also, we think the incorrect licensing information displayed on Software is a deep issue they should fix as soon as possible. About the functionality? The apps and games we installed work well. OBS and Kooha can record screen (even camera) into videos. Those games can be played normally, with great visuals and audio, we could not tell that they use a different technology. On Flatpak, in general we want to say F34 works but with a very poor initial experience. Read more

today's leftovers

  • New Release: Tor Browser 10.5.10

    Tor Browser 10.5.10 is now available from the Tor Browser download page and also from our distribution directory.

    This version launches the Privacy is a Human Right fundraiser.

  • Celebrate CoderDojo’s 10th birthday with us!
  • Arduino device trains BMW drivers to use turn signals | Arduino Blog

    BMWs are known for many things: performance, luxury, quality, and pedigree. But BMW drivers are only known for one thing: being inconsiderate to others on the road. That stereotype is exemplified by a complete lack of turn signal usage, according to Marc Radinovic. To solve this issue and repair the reputation of BMW drivers, he turned to Arduino to create a training device. Radinovic attached this device to his own car, which he didn’t want to hack apart. So he avoided tapping into the CAN bus by utilizing an abundance of hardware. That hardware includes two Nano 33 BLE boards, an Uno WiFi Rev. 2, and a Raspberry Pi single-board computer. Each Nano 33 BLE has an integrated 9-axis IMU, which Radinovic uses to detect steering wheel movement and turn signal stalk movement.

  • Ole Aamot: GNOME Gingerblue 2.0.1 Recording Software supports XSPF 1.0

    GNOME Gingerblue 2.0.1 is Free Recording Software for GNOME. In the 2.0.1 release I have added support for XSPF 1.0 from Xiph.org.

  • Re-thinking electronic mail

    There are many problems with the existing Internet email system, such as spam, scam, surveillance, insecurity, centralization, and complexity. The problems are starting to outweigh the benefits of the system. Fixing the problems by evolving the current system seems overwhelmingly difficult. This essay examines some solutions to the problems on the assumption that a completely new, parallel email system can be built.

    This is not a proposal for a new system, but an exploration of the solution space, meant to provoke constructive discussion.

  • Destination Linux 249: The Brave and the Bold

    This week’s episode of Destination Linux, we’re going to discuss whether you or your organization should be using Brave browser and it’s new search engine. Then we’re going to discuss a new data analysis predicting some explosive growth in Linux and what this means for innovation and jobs in the open-source world. Plus we’ve also got our famous tips, tricks and software picks. All of this and so much more this week on Destination Linux. So whether you’re brand new to Linux and open source or a guru of sudo. This is the podcast for you.

  • Late Night Linux – Episode 148

    Microsoft upsets the FOSS community, Moxie trolls NFT clowns, Trump’s people don’t seem to understand licences, a 1337 haxx0r tool, KDE Korner, and more.

Security Leftovers

  • Security updates for Tuesday

    Security updates have been issued by Debian (php7.3 and php7.4), Mageia (kernel and kernel-linus), openSUSE (chromium and virtualbox), Oracle (xstream), Red Hat (kernel, rh-ruby30-ruby, and samba), and Ubuntu (binutils and mysql-5.7).

  • Hacking the World – Part 4: The Cost and Future of Hacking (Plus: Safety Tips)
  • New Investigation Shows A US Journalist Critical Of The Saudi Government Was Hit With NSO Spyware

    Malware merchant NSO Group's year of embarrassment continues. Leaked data published in July appeared to show NSO malware (namely its phone-hijacking malware Pegasus) had been used to target dissidents, journalists, religious leaders, and prominent politicians.

  • New Report Again Shows Global Telecom Networks Aren't Remotely Secure

    Last year, when everybody was freaking out over TikTok, we noted that TikTok was likely the least of the internet's security and privacy issues. In part because TikTok wasn't doing anything that wasn't being done by thousands of other app makers, telecoms, data brokers, or adtech companies in a country that can't be bothered to pass even a basic privacy law for the internet era. If we're serious about security and privacy solutions, we need to take a much broader view.

  • WAZUH The Open Source Security Platform

    With all-in-one deployment, you install and configure the Wazuh server and Elastic Stack on the same host.

  • Conti Ransom Gang Starts Selling Access to Victims

    The Conti ransomware affiliate program appears to have altered its business plan recently. Organizations infected with Conti’s malware who refuse to negotiate a ransom payment are added to Conti’s victim shaming blog, where confidential files stolen from victims may be published or sold. But sometime over the past 48 hours, the cybercriminal syndicate updated its victim shaming blog to indicate that it is now selling access to many of the organizations it has hacked.

  • Russia Challenges Biden Again With Broad Cybersurveillance Operation [iophk: Windows TCO]

    Russia’s premier intelligence agency has launched another campaign to pierce thousands of U.S. government, corporate and think-tank computer networks, Microsoft officials and cybersecurity experts warned on Sunday, only months after President Biden imposed sanctions on Moscow in response to a series of sophisticated spy operations it had conducted around the world.

  • Cyber attacks have doubled in past year, GCHQ director warns

    Mr Fleming, director of GCHQ (Government Communications Headquarters), told how attacks have doubled in the last year, with [attackers] using software to lock files on computers before stopping victims from accessing their own data, essentially holding it hostage and demanding money from them.

  • RIA: September's 190 cyber attacks highest monthly total this year so far [iophk: Windows TCO]

    A total of 190 significant cyber attacks were reported in September, the highest figure for any month this year. Several attacks took advantage of the education sector at its busiest time.

  • Microsoft claims SolarWinds attackers targeting cloud providers, MSPs [iophk: Windows TCO]

    It said in a blog post that the claimed activity had been observed in the US and Europe since May.

    News of the SolarWinds attacks came to light in December 2020, with both FireEye and Microsoft describing the attack as a global one, with a trojan being implanted into a file which was part of updates for the product; the compromised file was given the name SUNBURST. SolarWinds' Orion monitoring software, the target, runs on Windows.