Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Tor browser co-creator: Experian breach shows encryption may not be security panacea

    The Experian/T-Mobile hack may be more worrisome than Experian’s carefully worded description of it suggests, some security experts said Friday.

    One is the co-creator of the Tor secure browser, David Goldschlag, (now SVP of strategy at Pulse Secure). Goldschlag previously was head of mobile at McAfee, and also once worked at the NSA.

    I asked Goldschlag a simple question: “After the Office of Personnel Management and Experian hacks, is there reason to fear that hackers now have the means to steal actual financial information (credit card numbers, etc.) from banks or insurers?”

  • AV-TEST tests Linux security solutions against Linux and Windows threats

    To do so, it is often sufficient to copy files from a Linux environment to Windows.” it further adds. The most obvious mode of attack involves luring victims to install software or updates via third-party package sources. The team conducted test by running 16 different Anti-virus solutions and splitting test session into three distinct phases,

    The detection of Windows malware
    The detection of Linux malware and
    The test for false positives.

    Out of 16 antivirus solutions 8 detected between 95-99% of the 12,000 Windows threat used in the test: The Anti-virus solutions that helped in detection include Bitdefender, ESET, Avast, F-Secure, eScan, G Data, Sophos and Kaspersky Lab (server version).

  • Outlook.com had classic security blunder in authentication engine

    The cross-site request forgery vulnerability means that any user visiting a malicious page can have their accounts hijacked without further interaction.

    The since-patched hole existed in Microsoft Live.com and could have been spun into a dangerous worm, Wineberg says.

  • Meet the White Team, Makers of the Linux.Wifatch Viligante Malware

    However, Softpedia News noted that the Linux.Wifatch source code has not been released in its entirety. That’s likely because the White Team is worried that traditional cybercriminals would exploit the malware for more nefarious purposes. It also explains why it was a clandestine operation in which router owners weren’t aware their systems had been infected, even if it was only to defend them against black-hat attackers.

    Whether or not anyone appreciates the White Team’s form of vigilante security tactics, they may believe the work should serve as a warning to those who don’t follow basic data protection procedures, Hacked said. For example, there are still untold numbers of home routers that use default passwords and leave admin access wide open to malware and other threats.

  • Practical SHA-1 Collision Months, Not Years, Away
  • Search engine can find the VPN that NUCLEAR PLANT boss DIDN'T KNOW was there - report

    The nuclear industry is ignorant of its cybersecurity shortcomings, claimed a report released today, and despite understanding the consequences of an interruption to power generation and the related issues, cyber efforts to prevent such incidents are lacking.

    The report adds that search engines can "readily identify critical infrastructure components with" VPNs, some of which are power plants. It also adds that facility operators are "sometimes unaware of" them.

    Nuclear plants don't understand their cyber vulnerability, stated the Chatham House report, which found industrial, cultural and technical challenges affecting facilities worldwide. It specifically pointed to a "lack of executive-level awareness".

More in Tux Machines

today's howtos

  1. How to Install Google Fonts on Fedora Desktop

    Google Fonts is a free interactive directory of over 1200 font families that Google has made available to developers and designers. The project was developed in 2010 to combat the licensing and compatibility issues that web developers faced when using proprietary fonts. Most of the fonts are published under the SIL Open Font License and others under Apache. This has enabled users to make use of fonts on their websites and in different projects without the need to upload them to their own servers.

  2. Edit audio on Linux with Audacity | Opensource.com

    The Audacity sound editor is one of those open source applications that filled a niche that seemingly nobody else realized existed. Initially developed at Carnegie Mellon University at a time when many people still thought computers were just for office and schoolwork, and you required special DSP peripherals for serious multimedia work. Audacity recognized that, occasionally, the average computer user needed to edit audio. The Audacity team has consistently provided an open source application for recording and cleaning up sound in the two decades since. I use Audacity a lot, and being an editor by training, I'm used to significant and usually single-key keyboard shortcuts in my applications. By building shortcuts around single letters, you can have one hand on the mouse and one on the keyboard, so the delay between choosing a tool or an important function and clicking the mouse is mere milliseconds. Throughout this article, I'll highlight the keyboard shortcut I use in Audacity if you want to optimize your own settings.

  3. How to Install Telegram Desktop on ArchLinux – NextGenTips

    In this tutorial, we are going to learn how to install Telegram desktop on our ArchLinux. Telegram is a freeware, cross-platform, cloud-based instant messaging service. The service provides end-to-end encrypted video calling, VoIP, file sharing, etc.

  4. How to Install Google Chrome on CentOS 9 Stream

    Google Chrome is the most used Internet Explorer software on the earth, with a recent update in 2021 that Chrome is currently the primary browser of more than 2.65 billion internet users. However, as you would know, after installing CentOS 9 Stream, only Mozilla Firefox is packaged with the distribution but luckily, installing Google Chrome is a straightforward task. In the following tutorial, you will learn how to install Google Chrome in three various ways in stable, beta, or unstable versions on CentOS 9 Stream.

  5. How to Add User to Sudoers on CentOS Stream

    When installing CentOS Stream, the user account created during the initial setup has sudo rights if you selected the user to be an admin and create a root account. However, there may be a need to add additional sudo users or to remove the access. This is a straightforward process with a few commands. In the following tutorial, you will learn to add a user to the sudoers group on any CentOS Stream distribution.

  6. Scp Command In Linux Example : How To Use SCP Commands To Securely Transfer Files | Itsubuntu.com

    SCP is a protocol for securely transferring files between a local host and a remote host, or between two remote hosts. It is based on the Secure Shell (SSH) protocol. “SCP” refers to the Secure Copy Protocol. SCP or Secure copy protocol is easy to use and is included by default in most Linux and Unix distributions.

  7. How To Use Guake Terminal Under Wayland (GNOME) - Linux Uprising Blog

    This article explains how to get Guake drop-down terminal to work properly under Wayland (GNOME). I've tested this using GNOME desktop running on Ubuntu 21.10 with a single monitor, because I currently don't have access to multiple monitors. Guake is a Python-based drop-down terminal for the GNOME desktop which includes split terminal functionality, session save/restore (restores panes and tabs), support for transparency, and many other features. It's inspired by the famous Quake console - the terminal stays hidden until you press a key (default is F12). Execute a command, then press the same key again to hide the terminal, going back to your previous task without breaking your workflow. You can also set Guake to automatically hide when it loses focus.

Xfce’s Apps Update for November 2021: New Releases of Mousepad, Ristretto, and Whisker Menu

In November 2021, the Xfce developers managed to update the Whisker Menu plugin that provides an alternate menu for the Xfce desktop environment up to version 2.7.0. Whisker Menu 2.6.2 was released on mid-November to properly prevent interactive search in the treeview, as well as to fix menu toggling after pressing the Esc key and background shifting when showing the menu. Whisker Menu 2.7.0 was released later in November with lots of goodies, including support for rounded profile picture, the ability to show categories as icons on top or bottom, optional AccountsService support, Catfish search action, support for CSS classes for theming, improved search result relevance. Read more

Krita 5.0 Arrives Just in Time for Christmas, New Beta Is Out Now for Public Testing

The third beta of Krita 5.0 is here with lots of improvements and bug fixes to make the final release more stable and reliable. For example, it improves the alpha-mask PNG brush tips, adds support for loading the thumbnails for MYB mypaint brushes in a bundle, and fixes performance issues in the Magnetic Selection tool and textured brushes. It also fixes drag and drop of remote images, as well as copy/paste of images from the Google Chrome web browser, disables subpixel translation in the Transform tool, improves the styling of the tagging widget, updates the detection of the Intel GPU driver version, and makes the line tool’s preview faster. Read more

Android Leftovers