Language Selection

English French German Italian Portuguese Spanish

Exploit published for Snort open-source IDS

Filed under
Security

Security researchers posted code on Tuesday capable of compromising computers running the most recent versions of the Snort open-source intrusion detection system.

The exploit will work in most cases, according to The Hacker's Choice security group, which published the code.

The published exploit comes exactly one week after Internet Security Systems and the US-CERT announced the existence of a flaw in how the Snort preprocessor for BackOrifice parses hostile data.

Full Brief.

More in Tux Machines

Boards With Linux

  • Latest Linux Maker Boards Gamble on Diversity
    As usual, last week’s Embedded World show in Nuremberg, Germany was primarily focused on commercial embedded single board computers (SBCs), computer-on-modules, and rugged industrial systems for the OEM market. Yet, we also saw a growing number of community-backed maker boards, which, like most of the commercial boards, run Linux. The new crop shows the growing diversity of hacker SBCs, which range from completely open source models to proprietary prototyping boards that nevertheless offer low prices and community services such as forums and open source Linux distributions.
  • Rugged, expandable 3.5-inch Skylake SBC supports Linux
    Diamond’s 3.5-inch “Venus” SBC offers an Intel 6th Gen CPU, -40 to 85°C support, up to 20GB of ruggedized RAM, and mini-PCIe and PCIe/104 OneBank.
  • How enthusiasts designed a powerful desktop PC with an ARM processor

    The purpose of the gathering was to get the ball rolling for the development of a real desktop based on ARM. The PC will likely be developed by 96boards, which provides specifications to build open-source development boards.

Has Interest in Ubuntu Peaked?

This graph represents Google search volume for Ubuntu (the OS) from 2004 until now, 2017. Looking at the image it us hard to not conclude one thing: that interest in Ubuntu has peaked. Read more Also: Ubuntu splats TITSUP bug spread in update

Leftovers: OSS

Security Leftovers

  • Windows flaw lets attackers take over A-V software

    A 15-year-old flaw in every version of Windows right from XP to Windows 10 allows a malicious attacker to take control of a system through the anti-virus software running on the system.

  • Google Continues to Make Strides in Improving Android Security
  • Google cites progress in Android security, but patching issues linger
  • Dark Matter
    Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware. Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting" allowing an attacker to boot its attack software for example from a USB stick "even when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.