Security Leftovers
-
WordPress plugin with 10,000+ installations being exploited in the wild
The attacks have been under way since last Friday and are mainly being used to install porn-related spamming scripts, according to a blog post published Thursday. The underlying vulnerability in WP Mobile Detector came to light on Tuesday in this post. The plugin has since been removed from the official WordPress plugin directory. As of Wednesday, the plugin reportedly had more than 10,000 active installations, and it appears many remained active at the time this post was being prepared.
-
Bad Intel And Zero Verification Leads To LifeLock Naming Wrong Company In Suspected Security Breach
LifeLock has never been the brightest star in the identity fraud protection constellation. Its own CEO -- with his mouth writing checks others would soon be cashing with his credentials -- expressed his trust in LifeLock's service by publishing his Social Security number, leading directly to 13 separate cases of (successful) identity theft.
Beyond that, LifeLock was barely a lock. It didn't encrypt stored credentials and had a bad habit of ambulance-chasing reported security breaches in hopes of pressuring corporate victims into picking up a year's worth of coverage for affected customers. This culminated in the FTC ordering it to pay a $12 million fine for its deceptive advertising, scare tactics, and inability to keep its customers' ID info safe.
-
Samba 4.4.4 Fixes a Memory Leak in Share Mode Locking, Adds systemd 230 Support
Samba 4.4 major branch was launched on March 22, 2016, and it brought support for asynchronous flush requests, several Active Directory (AD) enhancements, a GnuTLS-based backupkey implementation, multiple CTDB (Cluster Trivial Database) improvements, a WINS nsswitch module, as well as experimental SMB3 Multi-Channel support.
-
Printer security: Is your company's data really safe?
On March 24th of this year, 59 printers at Northeastern University in Boston suddenly output white supremacist hate literature, part of a wave of spammed printer incidents reported at Northeastern and on at least a half dozen other campuses.
This should be no surprise to anyone who understands today's printer technology. Enterprise-class printers have evolved into powerful, networked devices with the same vulnerabilities as anything else on the network. But since, unlike with personal computers, no one sits in front of them all day, the risks they introduce are too often overlooked.
"Many printers still have default passwords, or no passwords at all, or ten are using the same password," says Michael Howard, HP's chief security advisor, speaking of what he's seen in the field. "A printer without password protection is a goldmine for a hacker. One of the breaches we often see is a man-in-the-middle attack, where they take over a printer and divert [incoming documents] to a laptop before they are printed. They can see everything the CEO is printing. So you must encrypt."
-
We Asked An Etiquette Expert About Home Security Cameras
Roughly the size of a soda can, sitting on a bookshelf, and whirring away some 24-hours a day, a relatively innocuous gadget may be turning friends and family away from your home. The elephant in your living room is your Internet-connected security camera, a device people are increasingly using for peace of mind in their homes. But few stop to think about the effect these devices may have on house guests. Should you tell your friends, for instance, that they’re being recorded while you all watch the big game together?
- Login or register to post comments
- Printer-friendly version
- 1058 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago