Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Open-source code from Mars rover used in espionage campaign targeting Indian government

    Two open-source code libraries used in the development of the historic Mars rover have been exploited by cybercriminals and moulded into an effective espionage tool that is being used to target high-level officials in the Indian government.

    First exposed by security researchers at Palo Alto Networks, the malware, now dubbed Rover, was found in a malicious phishing email received by India's ambassador to Afghanistan that was made to look like it was sent from India's defence minister which, if opened, would have installed a slew of vicious exploits on the computer system.

    Upon analysis, the experts found the malware, which contained code that attacked a flaw in Office XP, boasted a range of spying features including the ability to hijack computer files, launch a keylogger, take screenshots and even record audio and video in real-time. All of the data compromised would be sent straight to the malware creator's command and control (C&C) server.

  • Open Source Code Of Mars Rover Being Used To Create Malware To Target Indian Government

    Last year on December 24, 2015, a potential online target was identified which was delivered via an email to a high profile Indian diplomat, an Ambassador to Afghanistan. The email was spoofed and crafted as if it was sent by the current defence minister of India, Mr. Manohar Parikar. The mail commended the Ambassador to Afghanistan on his contributions and success.

  • Report: 3.5 Million HTTPS Servers Vulnerable to DROWN

    A report released Tuesday on the DROWN vulnerability raises concerns about possible attacks that could expose encrypted communications. DROWN is a serious vulnerability that affects HTTPS and other services using SSL version 2, according to the team of security researchers who compiled the report. The protocols affected are some of the essential cryptographic protocols for Internet security. An attack could decrypt secure HTTPS communications, such as passwords or credit card numbers, within minutes.

  • OpenSSL update fixes Drown vulnerability
  • HTTPS DROWN flaw: Security bods' hearts sink as tatty protocols wash away web crypto

    DROWN (aka Decrypting RSA with Obsolete and Weakened eNcryption) is a serious design flaw that affects HTTPS websites and other network services that rely on SSL and TLS – which are core cryptographic protocols for internet security. As previously reported, about a third of all HTTPS servers are vulnerable to attack, the computer scientists behind the discovery of the issue warn.

More in Tux Machines

Security Leftovers

Leftovers: BSD

  • BSD Mag: Understanding Unikernels by Russell Pavlicek
    The number of tasks which lend themselves to being unikernels is larger than you might think. In 2015, Martin Lucina announced the successful creation of a “RAMP” stack. A variant of the common “LAMP” stack (Linux. Apache, MySQL, PHP/Python), the “RAMP” stack employs NGINX, MySQL, and PHP each built on Rumprun. Rumprun is an instance of a Rump kernel, which is a unikernel system based on the modular operating system functions found in the NetBSD project. So even this very common solution stack can be successfully converted into unikernels.
  • Summary of the preliminary LLDB support project
    Operating systems can be called monitors as they handle system calls from userland processes. A similar task is performed by debuggers as they implement monitors for traced applications and interpret various events that occurred in tracees and are messaged usually with signals to their tracers. During this month I have started a new Process Plugin within LLDB to incept NativeProcessNetBSD - copied from NativeProcessLinux - implementing basic functionality and handling all the needed events in the MonitorCallback() function. To achieve these tasks, I had to add a bunch of new ptrace(2) interfaces in the kernel to cover all that is required by LLDB monitors. The current Process Plugin for NetBSD is capable to start a process, catch all the needed events correctly and if applicable resume or step the process.
  • NetBSD Making Progress On LLDB Debugger Support
    NetBSD developers have been implementing the relevant interfaces needed for the LLVM debugger to effectively monitor and work on the operating system. As part of that they have also improved some of their own documentation, provided new ptrace interfaces, and more. Those interested in LLDB and/or NetBSD can learn more about this debugging work via this NetBSD.org blog post.

Firefox 51 Released With FLAC Audio Support, WebGL 2.0 By Default

Firefox 51.0 just hit Mozilla's FTP servers for those wanting the latest version of this open-source web-browser. Firefox 51 isn't a big feature release for end-users but notably does have support for FLAC audio, at long last! Great to see the web browsers finally shipping support out-of-the-box for this open-source audio codec. Read more

Intel Core i3 7100 Kabylake Linux Benchmarks

Last week I began delivering Linux Kabylake benchmarks with the Core i5 7600K while this week I finally am set to receive the Core i7 7700K. But for those curious how Kabylake is looking on the low-end, I picked up a Core i3 7100 as currently the cheapest Kabylake desktop processor. Here are some initial Linux benchmarks of this Core i3 processor on Ubuntu Linux. Read more