Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • The Lingering Mess from Default Insecurity

    These vulnerable devices tend to coalesce in distinct geographical pools with deeper pools in countries with more ISPs that shipped them direct to customers without modification. SEC Consult said it found heavy concentrations of the exposed Ubiquiti devices in Brazil (480,000), Thailand (170,000) and the United States (77,000).

    SEC Consult cautions that the actual number of vulnerable Ubiquiti systems may be closer to 1.1 million. Turns out, the devices ship with a cryptographic certificate embedded in the router’s built-in software (or “firmware”) that further weakens security on the devices and makes them trivial to discover on the open Internet. Indeed, the Censys Project, a scan-driven Internet search engine that allows anyone to quickly find hosts that use that certificate, shows exactly where each exposed router resides online.

  • Public Beta: December 3, 2015

    Let’s Encrypt will enter Public Beta on December 3, 2015. Once we’ve entered Public Beta our systems will be open to anyone who would like to request a certificate. There will no longer be a requirement to sign up and wait for an invitation.

    Our Limited Beta started on September 12, 2015. We’ve issued over 11,000 certificates since then, and this operational experience has given us confidence that our systems are ready for an open Public Beta.

  • ​Linux ransomware rising? Linux.Encoder.1 now infects thousands of websites [Ed: Tung hypes up already-patched Magento bug]

    The security firm said the ransomware was infecting Linux web servers by exploiting unpatched instances of the widely-used Magento CMS.

More in Tux Machines

Who's new

  • OzarkJoe
  • trendoceangd
  • Onzarwadabun
  • kmcmillan
  • Marius Nestor