Language Selection

English French German Italian Portuguese Spanish

Proprietary Software and Security

Filed under
Microsoft
Security
  • Microsoft warns attack could compromise Windows domain controllers and servers

    Microsoft has acknowledged a newly-discovered version of an attack on a long-vulnerable Windows single sign-on protocol called NTLM — short for New Technology LAN Manager — that is still used in the operating system as a backup to the newer Kerberos authentication protocol.

  • PlugwalkJoe Does the Perp Walk

    One day after last summer’s mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to have been involved in the incident. When the U.S. Justice Department last week announced O’Connor’s arrest and indictment, his alleged role in the Twitter compromise was well covered in the media.

  • South Africa Port Operator Declares Force Majeure Over Cyber Attack

    Transnet SOC Ltd., South Africa’s state-owned ports and freight-rail company, declared force majeure at the country’s key container terminals after disruptions caused by a cyber attack five days ago.

  • [Cr]ackers spreading malware through Discord: Report

    Leading cybersecurity firm Sophos on Monday warned users that popular chat platform Discord is being used by [cr]ackers for spreading malware.

    The firm said that the findings are based on analysis of more than 1,800 malicious files detected by Sophos telemetry on the Discord Content Management Network (CDN).

  • ‘Holy moly!’: Inside Texas’ fight against a ransomware hack [iophk: Windows TCO]

    Texas communities struggled for days with disruptions to core government services as workers in small cities and towns endured a cascade of frustrations brought on by the sophisticated cyberattack, according to thousands of pages of documents reviewed by The Associated Press and interviews with people involved in the response. The AP also learned new details about the attack’s scope and victims, including an Air Force base where access to a law enforcement database was interrupted, and a city forced to operate its water-supply system manually.

  • Chat logs show how Egregor, an $80 million ransomware gang, handled negotiations with little mercy [iophk: Windows TCO]

    Egregor has since disappeared, following an international sting in February. Now, though, more than 100 pages of Egregor negotiation transcripts — obtained and analyzed by IBM Security X-Force and its partner company Cylera, and reviewed by CyberScoop — shed light on the oft-opaque structure of a ransomware operation. The discussion records also demonstrate how victims proved most effective at convincing their extortionists to reduce the amount demanded to decrypt their systems, with one medical organization turning a $15 million ransom into a $2 million payment.

  • Paul E. Mc Kenney: Confessions of a Recovering Proprietary Programmer, Part XVIII: Preventing Involuntary Generosity

    I recently learned that all that is required for someone to take out a loan in some random USA citizen's name is that citizen's full name, postal address, email address, date of birth, and social security number. If you are above a certain age, all of these are for all intents and purposes a matter of public record. If you are younger, then your social security number is of course supposed to be secret—and it will be, right up to that data breach that makes it available to all the wrong people.

    This sort of thing can of course be a bit annoying to our involuntarily generous USA citizen. Fortunately, there are quite a few things you can do, although I will not try to reproduce the entirety of the volumes of good advice that are available out there. Especially given that laws, processes, and procedures are all subject to change.

  • OpenBSD full Tor setup

    If for some reasons you want to block all your traffic except traffic going through Tor, here is how to proceed on OpenBSD.

    The setup is simple and consists at installing Tor, running the service and configure the firewall to block every requests that doesn't come from the user _tor used by Tor daemon.

  • Dead Drops and Security Through Obscurity

    There’s massive confusion in the security community around Security Through Obscurity.

    In general, most people know it’s bad, but they can’t say exactly why. And because of this, people tend to think the “Obscurity” in “Security Through Obscurity” equates to secrecy, meaning if you hide anything, it’s Security Through Obscurity.

    This is incorrect, and Dead Drops are a great example.

  • Preventing Data Exfiltration with eBPF

    Consider a service invoking webhooks. It will be running with limited data access but must be able to communicate with the entire Internet. Contrast that to an SSH session that’s been opened for troubleshooting purposes. It will have access to the entire machine but does not egress to an arbitrary IP.

More in Tux Machines

Software: Matrix, Ktube, and Monero P2Pool

  • Chat Bubbles on Element and Several Matrix Apps

    This simple comparison wants to help everyone adopt alternative messaging technology, Matrix, with suitable user interface to them. We call Matrix Apps to instant messengers like Element, Fluffy, Nheko, Schildi and Spectral as they are created based upon the said technology. We will start by setting up criteria first that includes chat bubbles, then going through these messengers one by one, and you will see their pictures here along with a little comments from me. I hope you can pick up the messenger with UI you love the most from here.

  • Ktube Media Downloader lets you download YouTube videos easily on Linux

    I always like to tell people about how I have been using Linux as my primary operating system for over ten years. I love Linux, I understand it, it’s free and above all, it fits my workflow in a way Microsoft’s Windows (with all its goodness) probably never will. That also means I love and am a command-line ninja but I also know one thing, a lot of people out there fear and hate the command line.

  • Monero P2Pool V1.0 Is Released

    The latest version of P2Pool, a decentralized Monero mining pool has released. This is the first official release, signaling an invitation for more users to try out the new software.

Better Support & Performance For OpenACC Kernels Is Coming To GCC

While the GNU Compiler Collection has supported OpenACC for a few years now as this parallel programming standard popular with GPUs/accelerators, the current implementation has been found to be inadequate for many real-world HPC workloads leveraging OpenACC. Fortunately, Siemens has been working to improve GCC's OpenACC kernels support. GCC's existing OpenACC kernels construct has been found to be "unable to cope with many language constructs found in real HPC codes which generally leads to very bad performance." Fortunately, improvements are on the way and could potentially be mainlined in time for next year's GCC 12 stable release. Read more

Security Leftovers

  • Database containing 106m Thailand travelers' details leaked • The Register

    A database containing personal information on 106 million international travelers to Thailand was exposed to the public internet this year, a Brit biz claimed this week. Bob Diachenko, head of cybersecurity research at product-comparison website Comparitech, said the Elasticsearch data store contained visitors' full names, passport numbers, arrival dates, visa types, residency status, and more. It was indexed by search engine Censys on August 20, and spotted by Diachenko two days later. There were no credentials in the database, which is said to have held records dating back a decade. “There are many people who would prefer their travel history and residency status not be publicized, so for them there are obvious privacy issues,” wrote Comparitech editor Paul Bischoff on the company’s blog.

  • Break out your emergency change process and patch this ransomware-friendly bug ASAP, says VMware

    VMware has disclosed a critical bug in its flagship vSphere and vCenter products and urged users to drop everything and patch it. The virtualization giant also offered a workaround.

  • Reproducible Builds (diffoscope): diffoscope 185 released

    The diffoscope maintainers are pleased to announce the release of diffoscope version 185. This version includes the following changes:

    [ Mattia Rizzolo ]
    * Fix the autopkgtest in order to fix testing migration: the androguard
      Python module is not in the python3-androguard Debian package
    * Ignore a warning in the tests from the h5py package that doesn't concern
      diffoscope.
    
    [ Chris Lamb ]
    * Bump Standards-Version to 4.6.0.
    

GNOME 41 Released. This is What's New.

GNOME team announced the release of GNOME 41 with some exceptional changes and updates. We wrap up the release in this post. Read more