Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Fresh ransomware samples indicate REvil is back [Ed: Microsoft Windows TCO]

    New ransomware samples analyzed by Secureworks' threat intelligence team are the latest indication that high-profile ransomware operation REvil is once again up and running after months of relative inactivity.

    Secureworks' Counter Threat Unit (CTU) investigated samples that were uploaded to the VirusTotal analysis service and found some showing that the developer of the code has access to REvil's source code, "reinforcing the likelihood that the threat group has reemerged," the researchers wrote in a blog post this week.

  • US-Led Seizure of RaidForums May Defy Lasting Effect on Security | TechNewsWorld

    The U.S. Department of Justice on Tuesday announced it seized the website and user database for RaidForums, a popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015.

    The DOJ also charged the alleged administrator of RaidForums — 21-year-old Diogo Santos Coelho, of Portugal — with six criminal counts, including conspiracy, access device fraud, and aggravated identity theft.

  • Malware goes regional as attackers change tactics [Ed: Microsoft Windows TCO]

    One such trend is that most recent malware attacks came from within the same region as the victim, a marked difference from previous years, according to Netskope, which believes this is a strategic tactic used by attackers to avoid geofencing filters and other prevention measures.

    [...]

    Netskope said that EXE and DLL files account for nearly half of all malware downloads as malicious actors continue to see Microsoft Windows as a prime target for attacks.

  • iOS, Android stores host more than 1.5 million 'abandoned' apps [Ed: Orphaned does not mean malicious]
  • OpenSSF Adds Open Source Package Analysis Tool Prototype

    The Open Source Security Foundation (OpenSSF) has made available a prototype of a package analysis tool that has already identified more than 200 malicious packages uploaded to PyPI and npm software components.

  • OpenSSF announces 15 new members to tackle supply chain security challenges

    The Open Source Security Foundation (OpenSSF) announced 15 new members from leading software development, cybersecurity, financial services, communications, and academic sectors.

  • Google to create security team for open source projects [Ed: Google works for the NSA. No security professional (a real security person) would take this seriously. Google: we worry about Open Source security! Meanwhile a Google engineer slips backdoored encryption into Linux kernel...]
  • Groundhog Day For Malware - IT Jungle [Ed: "This content is sponsored by iTech Solutions." IT Jungle has rapidly become a puff piece dump of IBM, Intel etc.]

    “The IFS just like a UNIX or Windows file system is susceptible to viruses, the i/OS is NOT.”

    Okay, this comment is pretty much false information. First, the IFS is called the Integrated File System because it’s exactly that. It literally contains ALL TEN IBM i file systems! Here they all are for good measure:

  • IBM Tackles Talent Shortage and Cybersecurity Crisis with New and Expanded Partnerships [Ed: IBM is moaning about talent shortage while laying off some of its most experienced workers]
  • Security is a pain for American Dental Association: Ransomware infection feared [Ed: The huge cost of using Microsoft Windows]

    The Black Basta crime gang has claimed it infected the American Dental Association with ransomware.

  • Microsoft closes Windows LSA hole under active attack [Ed: While the media obsesses over "Linux" (systemd) bugs that could be exploited, by a local user, Microsoft has these blunders that the media typically shies away from (zero-days, unlike Linux, and far more severe too)]
  • Microsoft patches Windows LSA spoofing zero-day under active attack (CVE-2022-26925) [Ed: With Microsoft, security is not a possibility. Microsoft security advice (that would actually work): turn off the computer until we issue a patch for the zero-day remotely-exploitable hole.]

    May 2022 Patch Tuesday is here, and Microsoft has marked it by releasing fixes for 74 CVE-numbered vulnerabilities, including one zero-day under active attack (CVE-2022-26925) and two publicly known vulnerabilities (CVE-2022-29972 and CVE-2022-22713).

  • US offers $15m reward for information about Conti ransomware gang [Ed: Microsoft Windows is costing the US taxpayers, too]
  • US, Europe formally blame Russia for data wiper attacks against Ukraine, Viasat [Ed: Windows TCO; But the Linux Foundation will carry on badmouth Linux security while taking Microsoft cash, just like Zemlin the wife. The Zemlin family bags more money from Microsoft than the Linux Foundation bags from Microsoft.]

    WhisperGate corrupts an infected Windows system's master boot record, displays a fake ransom note, and irreversibly scrambles documents based on their file extensions, according to the US government's Cybersecurity and Infrastructure Security Agency (CISA). Ghostwriter, a crew thought to be connected to Russia's GRU military intelligence service, started using this strain of malware against organizations in Ukraine on January 15, we're told.

  • Crook jailed for selling stolen credentials on dark web • The Register

    The prosecution's documents [PDF] detail an unnamed, dark-web marketplace on which usernames and passwords along with personal data, including more than 330,000 dates of birth and social security numbers belonging to US residents, were bought and sold illegally.

More in Tux Machines

Ubuntu 20.04 LTS Users Can Now Finally Upgrade to Ubuntu 22.04 LTS, Here’s How

For those of you not in the know, Canonical opens the upgrade path from the previous Ubuntu LTS release to the new Ubuntu LTS release about six months after the launch of the latter, but not after it publishes the first point release to the new Ubuntu LTS series (in this case Ubuntu 22.04.1 LTS). This is done to ensure a safe upgrade process. Read more

today's leftovers

  • /usr/games removed from the default $PATH

    So when you next sit down on a fresh snapshot install and want to do a quick rot13 or do a round of tetris, you may need to specify the full path.

  • Mike Blumenkrantz: New News

    I’m going to kick off this post and month by saying that in my defense, I was going to write this post weeks ago, but then I didn’t, and then I got sidetracked, but I had the screenshots open the whole time so it’s not like I forgot, but then I did forget for a little while, and then my session died because the man the myth the legend the as-seen-on-the-web-with-a-different-meaning Adam “ajax” Jackson pranked me with a GLX patch, but I started a new session, and gimp recovered my screenshots, and I remembered I needed to post, and I got distracted even more, and now it’s like three whole weeks later and here we are at the post I was going to write last month but didn’t get around to but now it’s totally been gotten to. You’re welcome. [...] Render passes control how rendering works. There’s load operations which determine how data is retrieved from the framebuffer (I also hate framebuffers) attachments, there’s store operations which determine how data is stored back to the attachments (I hate this part too), and then there’s “dependencies” (better believe I hate these) which manage synchronization between operations, and input attachments (everyone hates these) which enable reading attachment data in shaders, and then also render pass instances have to be started and stopped any time any attachments or framebuffer geometry changes (this sucks), and to top it all off, transfer operations can’t be executed while render passes are active (mega sucks). Also there’s nested render passes, but I’m literally fearing for my life even mentioning them where other driver developers can see, so let’s move on.

  • The 5 Top App Definition and Build Tools From CNCF - Container Journal

    Kubernetes has evolved to become the foundation of the modern cloud-native stack. Yet, adopting this lovable beast of a container platform doesn’t come without its hurdles. Thankfully, many toolsets now exist to help engineers package, deploy and manage applications using Kubernetes. Below, we’ll look at some graduated and incubating CNCF tools that fit under the application definition and image build category. These open source packages address the operational concerns of Kubernetes, making it easier to install dependencies, generate Kubernetes operators, containerize VMs and more. If you want to improve the developer experience around Kubernetes adoption, these tools are an excellent first place to look.

  • CloudNativeDay: Google Sees Containers Improving App Reliability - Container Journal

    Containers and serverless computing frameworks play a critical role in making environments more resilient as organizations increasingly depend on the availability of applications to drive revenue. Steve McGhee, co-author of Enterprise Roadmap to SRE: How to Build and Sustain an SRE Function and a reliability advocate at Google, tells attendees at the virtual CloudNativeDay summit that smaller containers coupled with serverless computing frameworks make it simpler to build modular components that not only isolate dependencies but also make it easier to restore services in the event of a disruption.

Open Hardware/Modding: DAC2 Pro, Raspberry Pi, and More

  • HiFiBerry DAC2 Pro & HD review

    On the more affordable end is the DAC2 Pro. This features a dedicated 192kHz/24-bit DAC, low-jitter clocks, and low-noise voltage regulators, all with the purpose of producing the best sound possible at that price point. It also features a headphone amplifier for convenience.

  • Classroom activities to discuss machine learning accuracy and ethics | Hello World #18

    In Hello World issue 18, available as a free PDF download, teacher Michael Jones shares how to use Teachable Machine with learners aged 13–14 in your classroom to investigate issues of accuracy and ethics in machine learning models.

  • The Hacking of Starlink Terminals Has Begun

    Today, Lennert Wouters, a security researcher at the Belgian university KU Leuven, will reveal one of the first security breakdowns of Starlink’s user terminals, the satellite dishes (dubbed Dishy McFlatface) that are positioned on people’s homes and buildings. At the Black Hat security conference in Las Vegas, Wouters will detail how a series of hardware vulnerabilities allow attackers to access the Starlink system and run custom code on the devices.

  • Open source chips from Germany are possible

    In order to be able to have semiconductor components manufactured that reliably do not contain any hidden or unwanted functions, the respective contract manufacturer must disclose the Process Design Kit (PDK) for his manufacturing technology. Until now, only the US contract manufacturer SkyWater has provided such an open-source PDK. Now the IHP Solutions department of the Leibniz Institute for High-Performance Microelectronics (IHP) in Frankfurt an der Oder is following suit.

    Frank Vater from the IHP announced at the Free Silicon Conference (FSiC) 2022 in Paris that the PDK for the in-house 130-nanometer manufacturing technology S13G2 would be disclosed. This allows chips with digital, analog and high-frequency circuit parts to be manufactured.

  • From Product To Burnout To Open-Source: The Ergo S-1 Keyboard Story

    [Andrew] from [Wizard Keyboards] emailed us and asked if we were interested in his story of developing an ergonomic keyboard as a product. Many of us can relate to trying to bring one of our ideas to market. [Andrew], being a mechanical keyboard geek, knew a niche with no product to satisfy it, and had a vision he wanted to implement. He started meticulously going through steps for bringing his keyboard idea into life as a manufacturable product, and gave himself six months to get it done.

  • A Fast Linear Actuator Entirely In One PCB

    There are many ways to make a linear actuator, a device for moving something is a straight line. Most of the easier to make ones use a conventional motor and a mechanical linkage such as a rack and pinion or a lead screw, but [Ben Wang] has gone for something far more elegant. His linear actuator uses a linear motor, a linear array of coils for the motor phases, working against a line of magnets. Even better than that, he’s managed to make the whole motor out of a single PCB. And it’s fast!

  • Your MicroPython Board Can Be Your Tinkering Peripheral

    [Brian Pugh] has shared a cool new project that simultaneously runs on desktop Python and MicroPython – the Belay library. This library lets you control a MicroPython device seamlessly from your Python code – interacting with real-world things like analog/digital trinkets, servos, Neopixels and displays, without having to create your own firmware or APIs.

Programming Leftovers

  • This Week In Rust: This Week in Rust 455
  • Bash Functions Tutorial

    A Bash function is a collection of commands that can be executed repeatedly. The goal of the function is to make the Bash scripts easier to read and prevent you from typing the same script often. Bash functions are considerably constrained in comparison to those of the majority of programming languages. For step-by-step execution, this file contains various commands. Although these commands can be entered simply into the command line, it is more convenient to save all interconnected commands for a given operation in a single file from a reusability perspective. We can utilize that file to run the specified set of commands, a single time or multiple times, depending on our needs. We will go through the fundamentals of Bash functions in this lesson and demonstrate how to use them in shell scripts.

  • Is Qt Right for Your Project? - KDAB

    One of the most difficult choices to make when starting any new software project is that of the programming language and framework your team will use to create it. Should you stick with Qt because it’s the best tool for the job? Should you switch to something that uses web-based technology or is designed explicitly for mobile? Is Python a better choice to integrate in machine-learning capabilities? Determining the right framework can be very difficult. Web resources often provide conflicting guidance or are subjectively based on a single developer’s perspective. Rarely does anyone create a substantial program in multiple frameworks that would allow a true comparison; creating a completely duplicate program of any complexity is very difficult and time consuming. It’s not surprising then that developers often follow the course of least resistance. Without a clear reason to switch, they default to language and framework of their previous project, reusing software that is already familiar. Since the choice of a software stack is so important to guiding the project’s future course, it’s worth treating initial software selection as a strategic decision rather than the unconscious assumption that it can sometimes be. We have certainly done a good deal of Qt development and believe it’s a great tool. However, it’s not the only tool in the toolbox. In fact, there are occasions where it’s not a great fit.

  • Qt Creator 8.0.1 released

    We are happy to announce the release of Qt Creator 8.0.1!

  • Test against what won't change

    Generally, a software system will expose some kind of interface to allow it to be used - a web service might have a REST API, a local tool might have a command line, or a library might expose a set of public functions or classes. We tend to put extra effort into thinking through the design of these public interfaces because once they're exposed, making changes without breaking functionality for those who are using them is very difficult. This also applies to external components that our system is dependent on - for instance an external microservice will have its own API that seldom changes, and our database schema will change slowly because making non-backwards-compatible schema changes is difficult and risky.

  • How I merge PRs in curl

    The preferred method of providing changes to the curl project, be it source code, documentation or web site contents, is by submitting a pull-request. A “PR”. On the curl repository on GitHub.

    When a proposed curl change, bugfix or improvement is submitted as a PR on GitHub, it gets built, checked, tested and verified in countless ways and a few hundred developers get a notification about it.

  • The case against a C alternative

    Like several others I am writing an alternative to the C language (if you read this blog before then this shouldn't be news!). My language (C3) is fairly recent, there are others: Zig, Odin, Jai and older languages like eC. Looking at C++ alternatives there are languages like D, Rust, Nim, Crystal, Beef, Carbon and others.

    But is it possible to replace C? Let's consider some arguments against.

  • More sanity checks for Limine Installer

    Mike has been very helpful, testing Limine Installer on old computers.

  • A gentle introduction to HTML

    I feel confident in claiming that HTML is the most widely used markup language ever. While other markup languages exist, including nroff and groff, LaTeX, and Markdown, no other markup language is as widespread as the Hyper Text Markup Language. HTML is the de facto language of the Web. First implemented in web browsers in 1994, the language continues to evolve. Yet the basics of HTML remain the same.

    If you are just getting started in HTML, I wanted to offer this gentle introduction to learning HTML. I focus on the essentials of HTML to build a basic understanding of how HTML works. You can use this as a starting point to learn more about HTML.