Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • LeChiffre Ransomware Hits Three Indian Banks, Causes Millions in Damages

    An unknown hacker has breached the computer systems of three banks and a pharmaceutical company and infected most of their computers with crypto-ransomware.

    The incident took place at the start of January, all companies were located in India, and the hacker(s) used the LeChiffre ransomware family to encrypt files on the infected computers.

  • LeChiffre, Ransomware Ran Manually

    It encrypts files and appends to their names an extension “.LeChiffre”.

  • when preloads go sideways

    One solution would be to install an alternative operating system, like OpenBSD. Sorry, I meant to say ARCH LINUX.

    I note that a fair bit of the above foolishness revolves around adding some amount of pollution to the OS’s cabal store. Maybe we can use an OS that comes with a store we trust? For example, there’s several ways a user can install OpenBSD and verify that cert.pem has only the 4943 lines it’s supposed to have. That only pushes the question back a step, however. What lines are supposed to be in this file?

    [...]

    The trials and tribulations of bundleware mirror those of the government. For as long as most traffic was unencrypted, it was easy to inject value. But as sites started moving to full time https, the well of value started to dry up, requiring workarounds to stay in the game. Governments are facing much the same challenge, hence the large number of proposals to build a socialized, universal AV software, so that all citizens can enjoy its benefits on both desktop and mobile. How else will TrendMicro keep us safe from Let’s Encrypt?

    When asked to comment, Hillary Clinton responded with a statement. “I clearly specified that the problem was to be solved by Silicon Valley’s best and brightest, not bumbling mediocrity.” Donald Trump promised to build a wall around malware and make the neckbeards pay for it. Carly Fiorina simply tweeted, “Go Iowa!”

  • Microsoft putting users at risk by forcing Windows 10 upgrade

    Microsoft is forcing Windows users to upgrade to Windows 10 by quietly slipping in code through its regular updates. This has been confirmed by multiple sources.

    But what of those Windows users who want to stick with a known devil — in this case, their own versions of Windows, be they 7, 8 or 8.1 — until a little more is known by the public at large about the strengths and weaknesses of Windows 10?

  • Playing with Letsencrypt

    While I'm not convinced that encrypting everything by default is necessarily a good idea, it is certainly true that encryption has its uses. Unfortunately, for the longest time getting an SSL certificate from a CA was quite a hassle -- and then I'm not even mentioning the fact that it would cost money, too. In that light, the letsencrypt project is a useful alternative: rather than having to dabble with emails or webforms, letsencrypt does everything by way of a few scripts. Also, the letsencrypt CA is free to use, in contrast to many other certificate authorities.

More in Tux Machines

Today in Techrights

Web Server Setup Series - Fix CWP Errors & Warnings To Improve Server Security

​Welcome to the second part of the web server setup series. In this part, I'll show you how to fix CWP (CentOS web panel) errors and warnings, create new user accounts, create hosting packages, and create FTP account. So let's start. Read
more

How To Make Good Use Of 'grep' Command

​Linux and UNIX systems come with a shell command known as ‘grep’. This simply looks for a specified text, or pattern, in a file or an entire directory. The most common usage is for quickly searching a file for occurrences of a pattern, which can be in plain text, or in the form of a regular expression. Here, the patterns used will be simple text rather than regular expressions. Read
more

Android Leftovers