Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Chris Lamb: Free software activities in July 2021

    One of the original promises of open source software is that distributed peer review and transparency of process results in enhanced end-user security. However, whilst anyone may inspect the source code of free and open source software for malicious flaws, almost all software today is distributed as pre-compiled binaries. This allows nefarious third parties to compromise systems by injecting malicious code into ostensibly secure software during the various compilation and distribution processes. The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

    [...]

    As part of my role of being the assistant Secretary of the Open Source Initiative and a board director of Software in the Public Interest I attended their respective monthly meetings. As outlined in last months posts, however, my term on the OSI board has been slightly extended due to the discovery of a vulnerability in OSI's recent election — as a result, the 2021 election is currently being re-run.

  • Aaron Portnoy – ‘There’s no silver bullet for ransomware or supply chain attacks’ [Ed: When you receive packages from Microsoft/GitHub/NPM you're basically begging for malware. Not just PRISM; Microsoft literally brings people from the NSA to run GitHub/NPM.]
  • This Week In Security: Fail2RCE, TPM Sniffing, Fishy Leaks, And Decompiling | Hackaday

    Fail2ban is a great tool for dynamically blocking IP addresses that show bad behavior, like making repeated login attempts. It was just announced that a vulnerability could allow an attacker to take over a machine by being blocked by Fail2ban. The problem is in the mail-whois action, where an email is sent to the administrator containing the whois information. Whois information is potentially attacker controlled data, and Fail2ban doesn’t properly sterilize the input before piping it into the mail binary. Mailutils has a feature that uses the tilde key as an escape sequence, allowing commands to be run while composing a message. Fail2ban doesn’t sanitize those tilde commands, so malicious whois data can trivially run commands on the system. Whois is one of the old-school unix protocols that runs in the clear, so a MItM attack makes this particularly easy. If you use Fail2ban, make sure to update to 0.10.7 or 0.11.3, or purge any use of mail-whois from your active configs.

  • Ransomware Changes: DoppelPaymer Rebrands; Babuk Evolves

    One example is the DoppelPaymer - aka DopplePaymer - ransomware-as-a-service operation, which has gone relatively quiet since early May, posting no victims to its data leak site since May 6 and no leaked files since June 25. But one expert says the operation appears to have been rebranded by its operator, Evil Corp, in an attempt to avoid sanctions imposed on the crime group in December 2019 by the U.S. Treasury Department’s Office of Foreign Assets Control.

    The Babuk ransomware operation also recently appears to have altered its approach - if not splintered - following its late-April ransomware attack against the Metropolitan Police Department of Washington, D.C.

  • The Week in Ransomware - July 30th 2021 - €1 billion saved

    We also saw ransomware groups continue to innovate with LockBit 2.0 now using group policies to automate the deployment of their ransomware over a Windows domain.

    I shared what I know about the inner conflict of the Babuk ransomware gang...

  • Secure applications with Keycloak authentication tool [Ed: Is this journalism or "sales"?]

More in Tux Machines

Games: Proton, Neptune 15 v2, and VR

  • What is Proton? | TechRadar

    You may have seen lots of mentions of Proton with the upcoming launch of the Steam Deck handheld game console, but what is it, and how does it work? Proton is a piece of software created by Valve and CodeWeavers that acts as a compatibility layer that allows games designed for the Windows 10 and Windows 11 operating systems to run in Linux with a minimal impact on performance. Proton is based on the existing WINE tool, which allowed Windows applications to run in Linux, with Valve and CodeWeavers taking the tech and using it to specifically run games. This is incredibly useful, as the vast majority of games are coded for Windows, due to the sheer popularity of Microsoft’s operating system. Linux, a free and open-source operating system, is relatively niche, which meant that many game developers couldn’t – or wouldn’t – spend resources on making a port of their games to run natively on Linux.

  • Neptune 15 v2 from Juno is a Linux Gaming Laptop with 240 Hz Display

    The Neptune 15″ V2 from Juno Computers is powered by Intel’s 10th-gen Comet Lake chipsets, and can be configured with up to 64GB of RAM. Nowadays, it is a little difficult to choose a perfect Linux gaming laptop, but it is not impossible to get it. As well as, these laptops are prepaid with full advantages like an additional graphic card with a brilliant CPU. In fact, some of the best Linux gaming laptops offer up the same durability and premium design as their Windows counterparts. They’ll also cost less since there’s no Windows license included with the laptop.

  • Humble has a nice looking VR bundle if you need some more games | GamingOnLinux

    Do you have a VR kit that's begging to be played? Check out the Fall VR Emporium Bundle over on Humble Bundle. Sadly, there's not many native / supported Linux VR games and so you're going to need Steam Play Proton to enjoy this set of games.

Plasma 5.23 Anniversary Edition Beta available for testing

Are you using Kubuntu 21.04 Hirsute Hippo, our current Stable release? Or are you already running our development builds of the upcoming 21.10 Impish Indri? We currently have Plasma 5.22.90 (Plasma 5.23 Anniversary Edition Beta) available in our Beta PPA for Kubuntu 21.04, and 21.10 development series. However this is a beta release, and we should re-iterate the disclaimer from the upstream release announcement... Read more Also: Using KNotifications in QML

Top 20 Open-source solutions for Photographers

In today world, editing photos is a critical component in the overall photography process, and it was taken a new level of importance. As demand continues to rise and the market is filled with plenty of capable options, we will suggest top 20 apps to enhance your photography workflow. We take many free high-quality photo editors without having to pay for an expensive program to edit your image like a pro. Read more

LibreOffice 8.0 New tabbed interface layout available

Muttakin Rizal ( Rizal Muttaqin ), one of the designers LibreOffice office suite, has published in his blog, the user interface possible development plan LibreOffice 8.0. The most notable innovation is the built-in support for tabs, through which you can quickly switch between different documents, similar to how switching between sites is carried out in modern browsers. If necessary, each tab can be unpinned in the form of a separate window, or vice versa, convert the window into a tab. It is also possible to collapse all tabs into a drop-down list accessible by pressing the “^” button. The header also shows a LibreOffice button to launch the initial interface, which was previously shown when starting or closing all documents, to open a file, visually evaluate recently opened documents, or create a new document based on a template. Read more