Language Selection

English French German Italian Portuguese Spanish

Security: Updates, FUD, Back Doors and More

Filed under
Security
  • Security updates for Tuesday
  • Sting Catches Another Ransomware Firm — Red Mosquito — Negotiating With “Hackers”

    ProPublica recently reported that two U.S. firms, which professed to use their own data recovery methods to help ransomware victims regain access to infected files, instead paid the hackers.

    Now there’s new evidence that a U.K. firm takes a similar approach. Fabian Wosar, a cyber security researcher, told ProPublica this month that, in a sting operation he conducted in April, Scotland-based Red Mosquito Data Recovery said it was “running tests” to unlock files while actually negotiating a ransom payment. Wosar, the head of research at anti-virus provider Emsisoft, said he posed as both hacker and victim so he could review the company’s communications to both sides.

    Red Mosquito Data Recovery “made no effort to not pay the ransom” and instead went “straight to the ransomware author literally within minutes,” Wosar said. “Behavior like this is what keeps ransomware running.”

  • Carbon Black adds Linux support and more to its endpoint protection solution

    Endpoint protection company Carbon Black is adding a number of features to its platform, including Linux support and Amazon Web Services and container protection.

    The cloud-native platform gives security and IT teams remote access to cloud workloads and containers running in their environment, making it easier to resolve configuration drift, address vulnerabilities in real time, confidently respond to incidents and demonstrate compliance with business policies and industry regulations.

    The cloud workload and container protection capabilities are available from the same universal agent and cloud-native platform protecting Microsoft Windows, macOS and Linux endpoints.

    "The industry is quickly moving into the cloud era for endpoint protection and IT operations," says Ryan Polk, Carbon Black's chief product officer. "Carbon Black is proud to be at the front edge for cloud innovation and, with this latest release, our cloud-native EPP is now protecting some of the most important and emerging cloud real estate."

    As well as supporting AWS workloads and nearly every Linux distribution released since 2011, Carbon Black's platform extends direct access to more than 1,000 individual system artifacts across all major operating systems, including the ability to check the status of disk encryption, installed applications, kernel integrity, listening network ports, logged in users, OS versions, USB devices and more.

  • Top 10 Ethical Hacking Books

    Hacking is an ongoing process of information gathering and exploitation of any target. The hackers are consistent, practical and stay updated with daily appearing vulnerabilities. The first step to exploitation is always reconnaissance. The more information you gather, the better there are chances that you will make your way through the victim boundary. The attack should be very structured and verified in a local environment before being implemented on live target. The pre requisites are Networking skills, programming languages, Linux, Bash scripting and a reasonable workstation.Ethical hacking is the application of hacking knowledge for the benefit of society through good morals, and is usually defensive in nature, based on good knowledge of the core principles.
    Many books are available on hacking, but we will discuss today the top 10 which are appreciated and recommended by the hacking community. Note: The books are in no particular order.

  • Raspberry Pi used to steal data from Nasa lab [Ed: RasPi has a major new release (4), so MSBBC needs to spread some negative things/stories about it (googlebombing?). Microsoft failed to take over Raspberry Pi Foundation like it did OLPC. BBC (run by ex-Microsoft UK people) spreads anti-RasPi news belatedly (blaming it for something unrelated) only hours after a major product release.]

    A tiny Raspberry Pi computer has been used to steal data from Nasa's Jet Propulsion Laboratory, the space agency has revealed.

    An audit report reveals the gadget was used to take about 500MB of data.

  • VMware’s Dirk Hohndel On Container Security, Mental Health And Open Source
  • Trump Ponders Banning All Chinese-Made Gear From US 5G Networks [Ed: Mandating NSA back doors everywhere]

    We've already noted extensively how the "race to fifth generation wireless (5G)" is kind of a dumb thing. While 5G is important in the way that faster, better networks are always important, the purported Earth-rattling benefits of the technology have been painfully over-hyped. And they've been painfully over-hyped largely for two reasons: one, mobile carriers want to give a kick to stalling cellphone sales numbers, and network hardware vendors like Cisco want to drive the adoption of new, more expensive, telecom hardware.

    The "race to 5G" isn't a race. And even if it were, our broadband maps are so intentionally terrible, we'd have no idea if and when we'd won it. Regardless, 5G has subsequently become a sort of magic pixie dust of tech policy conversations, justifying all manner of sometimes dubious policy. But the underlying desire to simply sell more kit has also infected the Trump administration's protectionist attacks on companies like Huawei, which is based on about 40% actual cybersecurity concerns, and 60% lobbying efforts by US hardware vendors that don't want to compete with cheaper Chinese hardware.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.