Security Leftovers
-
CVE-2016-5696 and its effects on Tor
This vulnerability is quite serious, but it doesn’t affect the Tor network any more than it affects the rest of the internet. In particular, the Tor-specific attacks mentioned in the paper will not work as described.
-
Secure Boot Failure, Response, and Mitigation
Last week, it became public that there is an attack against Secure Boot, utilizing one of Microsoft’s utilities to install a set of security policies which effectively disables bootloader verification.
-
Static Code Analyzer Reportedly Finds 10,000 Open Source Bugs
A Russian company behind the PVS-Studio static code analyzer claims to have used the tool to discover more than 10,000 bugs in various open source projects, including well-known offerings such as the Firefox Web browser and the Linux kernel.
-
Linux.Lady the Crypto-Currency Mining Trojan Discovered
Organizations reliant on Redis NoSQL a most sought after database require re-checking their configurations, security researchers advise. That's because the Linux.Lady crypto-currency Trojan, which mines digital money, has been discovered as it piggybacks on insufficient out-of-the-box security.
It is possible that a maximum of 30K Redis servers are susceptible to attack mainly since inadvertent system admins gave them an Internet connection devoid of constructing a password for them in addition to not having Redis secured by default.
-
DDoS protection in the cloud
OpenFlow and other software-defined networking controllers can discover and combat DDoS attacks, even from within your own network.
Attacks based on the distributed denial of service (DDoS) model are, unfortunately, common practice, often used to extort protection money or sweep unwanted services off the web. Currently, such attacks can reach bandwidths of 300GBps or more. Admins usually defend themselves by securing the external borders of their own networks and listening for unusual traffic signatures on the gateways, but sometimes they fight attacks even farther outside the network – on the Internet provider's site – by diverting or blocking the attack before it overloads the line and paralyzes the victim's services.
In the case of cloud solutions and traditional hosting providers, the attackers and their victims often reside on the same network. Thanks to virtualization, they could even share the same computer core. In this article, I show you how to identify such scenarios and fight them off with software-defined networking (SDN) technologies.
- Login or register to post comments
- Printer-friendly version
- 1150 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago