Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security

Security News

Filed under
Security
  • HP shutting down default FTP, Telnet access to network printers

    Security experts consider the aging FTP and Telnet protocols unsafe, and HP has decided to clamp down on access to networked printers through the remote-access tools.

    Some of HP's new business printers will, by default, be closed to remote access via protocols like FTP and Telnet. However, customers can activate remote printing access through those protocols if needed.

  • Google Chrome 55 Fixes Flaws, Blocks Flash
  • Cyberattacks are going to get a lot worse, former NSA official says

    The face of cybercrime is changing. Healthcare has gone from a declared mission of stealing personal data to much more disruptive issues. In fact, healthcare has seen the largest jump in ransomware attacks than in any other industry.

    When Joel Brenner opened the HIMSS Privacy & Security Forum in Boston Monday morning, the Massachusetts Institute of Technology research fellow - who focuses on cybersecurity, privacy and intelligence policy - and former senior counsel at the National Security Agency, didn’t sugarcoat the state of healthcare security.

    The government isn’t going to sort out that problem until we suffer some great losses, Brenner said.

  • Google Debuts Continuous Fuzzer for Open Source Software

    A new Google program aimed at continuously fuzzing open source software has already detected over 150 bugs.

    The program, OSS-Fuzz, currently in beta mode, is designed to help unearth programming errors in open source software via fuzz testing. Fuzz testing, or fuzzing is when bits of randomly generated code is inputted into programs as a means to discover code and security flaws.

  • Chrome 55 Now Blocks Flash, Uses HTML5 by Default

    Chrome 55, released earlier this week, now blocks all Adobe Flash content by default, according to a plan set in motion by Google engineers earlier this year.

    Back in May, Google's staff announced that starting with Q4 2016, Chrome would use HTML5 by default, while Flash would be turned off.

    While some of the initial implementation details of the "HTML5 By Default" plan changed since May, Flash has been phased out in favor of HTML5 as the primary technology for playing multimedia content in Chrome.

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security
  • Ransomware: Windows is the elephant in the room

    Ransomware has slowly become the most common and most difficult threat posed to companies and individuals alike over the last year.

    And there is one common thread to practically all ransomware attacks: Windows.

    Microsoft acolytes, supporters and astro-turfers can scream till they are blue in the face, but it is very rare to see ransomware that attacks any other platform.

    Of course, these Redmond backers are careful to say that ransomware attacks "computer users", not Windows users.

    But statistics tell the truth. In 2015, the average number of infections hitting Windows users was between 23,000 and 35,000, according to Symantec.

    In March, this number ballooned to 56,000 with the arrival of the Locky ransomware. And in the first quarter of 2016, US$209 million was paid by Windows users in order to make their locked files accessible again.

  • GCC Tackling Support For ARMv8-M Security Extensions

    GCC developers have been working to support the compiler-side changes for dealing with ARMv8-M Security Extensions.

Security News

Filed under
Security
  • What's the most secure operating system?

    Deciding what operating system (OS) to keep your computer running smoothly—and with the highest level of security—is a controversial yet frequent question many business owners, government officials, and ordinary Joes and Janes ask.

    There are many different operating systems—the software at the base of every computer, controlling the machine's array of functions—like Mac OS10, which comes pre-loaded on Apple laptops and desktops, and Microsoft Windows that's on the majority of personal computers. Google's Android and Apple's iOS for mobile devices are designed specifically for devices with smaller touchscreens.

    Whatever OS you use—and many users are very loyal to their operating system of choice and will argue that their's is the best—it's not entirely secure or private. Hackers are still infiltrating systems every day, and they can easily target victims with malware to spy on users and disable their operating system altogether.

    Because of this, choosing a secure system is essential to staying secure online. Below are the top three secure operating systems that will help users take the next step to ensure proper cyber and hardware security.

  • New IoT Botnet, Attackers Target Tor, and More…

    Firefox’s emergency security patch: If you use Firefox at all, and I’m assuming that most of you do, you might want to run an update to get the latest security patch from Mozilla. The patch was rushed to market on November 30 to fix a zero day vulnerability that was being exploited in the wild to attack the Firefox based Tor browser.

    In a blog post on Wednesday, Mozilla’s security head Daniel Veditz wrote, “The exploit in this case works in essentially the same way as the ‘network investigative technique’ used by FBI to deanonymize Tor users…. This similarity has led to speculation that this exploit was created by FBI or another law enforcement agency. As of now, we do not know whether this is the case. If this exploit was in fact developed and deployed by a government agency, the fact that it has been published and can now be used by anyone to attack Firefox users is a clear demonstration of how supposedly limited government hacking can become a threat to the broader Web.”

Security Leftovers

Filed under
Security
  • Security updates for Friday
  • Understanding SELinux Roles

    I received a container bugzilla today for someone who was attempting to assign a container process to the object_r role. Hopefully this blog will help explain how roles work with SELinux.

    When we describe SELinux we often concentrate on Type Enforcement, which is the most important and most used feature of SELinux. This is what describe in the SELinux Coloring book as Dogs and Cats. We also describe MLS/MCS Separation in the coloring book.

  • The Internet Society is unhappy about security – pretty much all of it

    The Internet Society (ISOC) is the latest organisation saying, in essence, “security is rubbish – fix it”.

    Years of big data breaches are having their impact, it seems: in its report released last week, it quotes a 54-country, 24,000-respondent survey reporting a long-term end user trend to become more fearful in using the Internet (by Ipsos on behalf of the Centre for International Governance Innovation).

    Report author, economist and ISOC fellow Michael Kende, reckons companies aren't doing enough to control breaches.

    “According to the Online Trust Alliance, 93 per cent of breaches are preventable” he said, but “steps to mitigate the cost of breaches that do occur are not taken – attackers cannot steal data that is not stored, and cannot use data that is encrypted.”

  • UK's new Snoopers' Charter just passed an encryption backdoor law by the backdoor

    Among the many unpleasant things in the Investigatory Powers Act that was officially signed into law this week, one that has not gained as much attention is the apparent ability for the UK government to undermine encryption and demand surveillance backdoors.

    As the bill was passing through Parliament, several organizations noted their alarm at section 217 which obliged ISPs, telcos and other communications providers to let the government know in advance of any new products and services being deployed and allow the government to demand "technical" changes to software and systems.

  • EU budget creates bug bounty programme to improve cybersecurity

    Today the European Parliament approved the EU Budget for 2017. The budget sets aside 1.9 million euros in order to improve the EU's IT infrastructure by extending the free software audit programme (FOSSA) that MEPs Max Anderson and Julia Reda initiated two years ago, and by including a bug bounty approach in the programme that was proposed by MEP Marietje Schaake.

  • Qubes OS Begins Commercialization and Community Funding Efforts

    Since the initial launch of Qubes OS back in April 2010, work on Qubes has been funded in several different ways. Originally a pet project, it was first supported by Invisible Things Lab (ITL) out of the money we earned on various R&D and consulting contracts. Later, we decided that we should try to commercialize it. Our idea, back then, was to commercialize Windows AppVM support. Unlike the rest of Qubes OS, which is licensed under GPLv2, we thought we would offer Windows AppVM support under a proprietary license. Even though we made a lot of progress on both the business and technical sides of this endeavor, it ultimately failed.

    Luckily, we got a helping hand from the Open Technology Fund (OTF), which has supported the project for the past two years. While not a large sum of money in itself, it did help us a lot, especially with all the work necessary to improve Qubes’ user interface, documentation, and outreach to new communities. Indeed, the (estimated) Qubes user base has grown significantly over that period. Thank you, OTF!

  • Linux Security Basics: What System Administrators Need to Know

    Every new Linux system administrator needs to learn a few core concepts before delving into the operating system and its applications. This short guide gives a summary of some of the essential security measures that every root user must know. All advice given follows the best security practices that are mandated by the community and the industry.

  • BitUnmap: Attacking Android Ashmem

    The law of leaky abstractions states that “all non-trivial abstractions, to some degree, are leaky”. In this blog post we’ll explore the ashmem shared memory interface provided by Android and see how false assumptions about its internal operation can result in security vulnerabilities affecting core system code.

Parental Controls for Linux Unleashed

Filed under
GNU
Linux
Security

For years, one of the overlooked areas for the Linux desktop was access to “effective” parental controls. Back in 2003, I remember the now defunct Linspire (then known as Lindows) offered a proprietary option called SurfSafe. Surprisingly, at least back then, the product worked very well in providing accurate content filtering capabilities; something that was not,in fact, available and easy-to-use at that time.

Years later, an open-source alternative was released to the greater Linux community known as GNOME Nanny. Fantastic in terms of usage control, its web content web filter was laughably terrible. As expected, crowd-sourcing a filtering list isn’t a great solution. And like SurfSafe, the project is now defunct.

Read more

Mofo Linux: The Raw Materials for Security

Filed under
GNU
Linux
Security
Ubuntu

The developers of Mofo Linux talk a good game. From the name’s origin in abusive street slang to its self-description on the home page as “Linux designed to defeat state censorship and surveillance,” Mofo presents itself as a champion of security and privacy. Nor is the claim unjustified. However, rather than putting security and privacy into the hands of ordinary users, Mofo simply presents the tools and leaves users to figure them out with a minimum of help. The result is a promising distribution that with only slightly more work, could be a leading one.

Just possibly, though, this approach is a deliberate tactic, and not the carelessness it appears. Based on Ubuntu, the current release of Mofo offers nothing different in the way of productivity tools. It uses Unity for a desktop, and its applications are the standard GNOME ones. In fact, Mofo shows such little interest in such matters that it does not bother to change the title bar in the installer from Ubuntu.

Read more

Security News

Filed under
Security
  • Mozilla Patches Zero-Day Flaw in Firefox

    Mozilla moves quickly to fix vulnerability that was being actively exploited in attacks against Tor Browser, which is based on Firefox.

    Late afternoon on November 30, Mozilla rushed out an emergency update for its open-source Firefox web browser, fixing a zero-day vulnerability that was being actively exploited by attackers. The vulnerability was used in attacks against the Tor web browser which is based on Firefox.

  • Thursday's security advisories
  • 'Fatal' flaws found in medical implant software

    Security flaws found in 10 different types of medical implants could have "fatal" consequences, warn researchers.

    The flaws were found in the radio-based communications used to update implants, including pacemakers, and read data from them.

    By exploiting the flaws, the researchers were able to adjust settings and even switch off gadgets.

    The attacks were also able to steal confidential data about patients and their health history.

    A software patch has been created to help thwart any real-world attacks.

    The flaws were found by an international team of security researchers based at the University of Leuven in Belgium and the University of Birmingham.

  • Lenovo: If you value your server, block Microsoft's November security update

    Lenovo server admins should disable Windows Update and apply a UEFI fix to avoid Microsoft’s November security patches freezing their systems.

    The world’s third-largest server-maker advised the step after revealing that 19 configurations of its x M5 and M6 rack, as well as its x6 systems are susceptible.

  • Symantec and VMware patches, Linux encryption bug: Security news IT leaders need to know
  • UK homes lose internet access after cyber-attack

    More than 100,000 people in the UK have had their internet access cut after a string of service providers were hit by what is believed to be a coordinated cyber-attack, taking the number affected in Europe up to about a million.

    TalkTalk, one of Britain’s biggest service providers, the Post Office and the Hull-based KCom were all affected by the malware known as the Mirai worm, which is spread via compromised computers.

    The Post Office said 100,000 customers had experienced problems since the attack began on Sunday and KCom put its figure at about 10,000 customers since Saturday. TalkTalk confirmed that it had also been affected but declined to give a precise number of customers involved.

  • New Mirai Worm Knocks 900K Germans Offline

    More than 900,000 customers of German ISP Deutsche Telekom (DT) were knocked offline this week after their Internet routers got infected by a new variant of a computer worm known as Mirai. The malware wriggled inside the routers via a newly discovered vulnerability in a feature that allows ISPs to remotely upgrade the firmware on the devices. But the new Mirai malware turns that feature off once it infests a device, complicating DT’s cleanup and restoration efforts.

Security News

Filed under
Security
  • Security advisories for Wednesday
  • What Malware Is on Your Router?

    Mirai is exposing a serious security issue with the Internet of Things that absolutely must be quickly handled.

    Until a few days ago, I had been seriously considering replacing the 1999 model Apple Airport wireless router I’ve been using since it was gifted to me in 2007. It still works fine, but I have a philosophy that any hardware that’s more than old enough to drive probably needs replacing. I’ve been planning on taking the 35 mile drive to the nearest Best Buy outlet on Saturday to see what I could get that’s within my price range.

    After the news of this week, that trip is now on hold. For the time being I’ve decided to wait until I can be reasonably sure that any router I purchase won’t be hanging out a red light to attract the IoT exploit-of-the-week.

    It’s not just routers. I’m also seriously considering installing the low-tech sliding door devices that were handed out as swag at this year’s All Things Open to block the all-seeing-eye of the web cams on my laptops. And I’m becoming worried about the $10 Vonage VoIP modem that keeps my office phone up and running. Thank goodness I don’t have a need for a baby monitor and I don’t own a digital camera, other than what’s on my burner phone.

  • National Lottery 'hack' is the poster-girl of consumer security fails

    IN THE NEW age of hacking, you don't even need to be a hacker. National Lottery management company Camelot has confirmed that up to 26,500 online accounts for their systems may have been compromised in an attempted hack, that required no hacking.

    It appears the players affected have been targetted from hacks to other sites, and the resulting availability of their credentials on the dark web. With so many people using the same password across multiple sites, it takes very little brute force to attack another site, which is what appears to have happened here.

  • Mozilla and Tor release urgent update for Firefox 0-day under active attack

    "The security flaw responsible for this urgent release is already actively exploited on Windows systems," a Tor official wrote in an advisory published Wednesday afternoon. "Even though there is currently, to the best of our knowledge, no similar exploit for OS X or Linux users available, the underlying bug affects those platforms as well. Thus we strongly recommend that all users apply the update to their Tor Browser immediately."

    The Tor browser is based on the open-source Firefox browser developed by the Mozilla Foundation. Shortly after this post went live, Mozilla security official Daniel Veditz published a blog post that said the vulnerability has also been fixed in a just-released version of Firefox for mainstream users. On early Wednesday, Veditz said, his team received a copy of the attack code that exploited a previously unknown vulnerability in Firefox.

  • Tor Browser 6.0.7 is released

    Tor Browser 6.0.7 is now available from the Tor Browser Project page and also from our distribution directory.

    This release features an important security update to Firefox and contains, in addition to that, an update to NoScript (2.9.5.2).

    The security flaw responsible for this urgent release is already actively exploited on Windows systems. Even though there is currently, to the best of our knowledge, no similar exploit for OS X or Linux users available the underlying bug affects those platforms as well. Thus we strongly recommend that all users apply the update to their Tor Browser immediately. A restart is required for it to take effect.

    Tor Browser users who had set their security slider to "High" are believed to have been safe from this vulnerability.

  • Firefox 0-day in the wild is being used to attack Tor users

    Firefox developer Mozilla and Tor have patched the underlying vulnerability, which is found not only in the Windows version of the browser, but also the versions of Mac OS X and Linux.

    There's a zero-day exploit in the wild that's being used to execute malicious code on the computers of people using Tor and possibly other users of the Firefox browser, officials of the anonymity service confirmed Tuesday.

    Word of the previously unknown Firefox vulnerability first surfaced in this post on the official Tor website. It included several hundred lines of JavaScript and an introduction that warned: "This is an [sic] JavaScript exploit actively used against TorBrowser NOW." Tor cofounder Roger Dingledine quickly confirmed the previously unknown vulnerability and said engineers from Mozilla were in the process of developing a patch.

  • Mozilla Patches SVG Animation Remote Code Execution in Firefox and Thunderbird

    If you've been reading the news lately, you might have stumbled upon an article that talked about a 0-day vulnerability in the Mozilla Firefox web browser, which could be used to attack Tor users running Tor Browser on Windows systems.

Syndicate content

More in Tux Machines

Games for GNU/Linux

Linux Devices

  • This week in vc4 (2016-12-05): SDTV, 3DMMES, HDMI audio, DSI
    The Raspberry Pi Foundation recently started contracting with Free Electrons to give me some support on the display side of the stack. Last week I got to review and release their first big piece of work: Boris Brezillon's code for SDTV support. I had suggested that we use this as the first project because it should have been small and self contained. It ended up that we had some clock bugs Boris had to fix, and a bug in my core VC4 CRTC code, but he got a working patch series together shockingly quickly. He did one respin for a couple more fixes once I had tested it, and it's now out on the list waiting for devicetree maintainer review. If nothing goes wrong, we should have composite out support in 4.11 (we're probably a week late for 4.10).
  • Raspberry Pi VC4 Driver Work On SDTV, HDMI Audio & More
    Eric Anholt's latest weekly blog post on the VC4 development highlights SDTV support coming together, the Raspberry Pi Foundation contracting Free Electrons to provide more development help on the display stack, HDMI audio support for VC4 DRM driver continuing to inch along, DSI fixes, some code generation improvements for VC4 Gallium3D, and other work.
  • Rugged Skylake embedded PC has wide range power
    Axiomtek’s “eBOX565-500-FL” computer runs Linux or Windows on dual-core Intel 6th Gen CPUs, and offers four USB 3.0 ports and wide-range power. The eBOX565-500-FL updates the two-year-old eBOX560-880-FL embedded PC, which provides dual-core Intel 4th Gen “Haswell” Core and Celeron CPUs. The very similar eBOX565-500-FL instead taps the 14nm Intel 6th Gen “Skylake” ULT processors, once again offering two dual-core options: the 2.4GHz Core i5-6300U and the 2.0GHz Celeron 3955U.

Servers/Networks

  • Docker acquires file syncing and sharing app Infinit, will open-source the software
    Docker, the startup that pushes open source software for packaging up code into containers that can be deployed on many machines, today announced its latest acquisition: file transfer app Infinit. Yes, that’s right, Docker bought a company with a consumer-friendly app. It lets you sync files to your other devices or send them to others.
  • How Virtualized Networks Will Save Us From Dropped Calls
    We’ve all been the victim of a dropped mobile phone call and know how frustrating it can be. However, virtualized networks provide network operators with powerful tools to detect and recover from network disruptions, or “faults,” that can drop calls for thousands of subscribers simultaneously. The Open Platform for Network Functions Virtualization (OPNFV) project together with OpenStack have developed features in software that add resiliency to mobile networks and enable them to recover from network and other outages.
  • It’s Brexploitation! Microsoft punishes UK for Brexit with cloud price-gouging
    “My own story would not have been possible but for the democratizing force of Microsoft technology reaching me where I was growing up,” CEO Satya Nadella told shareholders this week. But the price of that “democratizing force” is about to go up, with Britons uniquely singled out. Microsoft has reiterated to Azure customers that prices will go up by 22 per cent from January 1st. The problem? The price rise is far greater than any exchange rate post-Brexit fluctuations might justify. Microsoft’s biggest European data centre is in Dublin, a member of the Euro currency. The Euro hovered around €1.28 to one pound for the first six months of the year, before crashing after Brexit. It’s now €1.19, a depreciation of just 9 cents, or 7 per cent. The value of the British pound has weakened more dramatically against the US dollar, dropping by 18.9 per cent since 24 June - the day after Brits voted to leave the EU. For new Office or Azure cloud customers in the UK, no exchange rate can justify any price rise at all. In September, Microsoft made Azure available in UK data centres.

Android Leftovers