Language Selection

English French German Italian Portuguese Spanish

Security

Security: Wi-Fi, U.S. State Department Outage, Kronos, and Myths

Filed under
Security
  • One mistake people make using public Wi-Fi

     

    But if you’re sharing files on public Wi-Fi, your folders may be accessible to anyone connected to the same public network. In other words, file sharing automatically exposes your computer and everything you intend to share. Your vacation photos may end up in the wrong hands, and so could your contracts, spreadsheets, and tax information.

  • Officials: State Department suffers worldwide email outage

     

    The U.S. State Department's email system underwent a worldwide outage Friday, affecting all its unclassified communications within and outside of the department.  

  • Marcus Hutchins' code written long after Kronos: researcher

     

    The security researcher, who claimed recently to have found code written by Briton Marcus Hutchins that was used in the Kronos banking trojan by a third party, now says this code predates both Hutchins and the unknown third party that used it in Kronos.  

  • Linux security myths

Security: Hardware Back Doors, Microsoft Windows, Kronos

Filed under
Security
  • Hiding malware in boobytrapped replacement screens would undetectably compromise your mobile device

     

    On the one hand, if you let an untrusted stranger install hardware in your electronic device, you're opening yourself up to all kinds of potential mischief; on the other hand, an estimated one in five smartphones has a cracked screen and the easiest, most efficient and cheapest way to get that fixed is to go to your corner repair-shop.  

  • How hackers {sic} are targeting the shipping industry [iophk: "Microsoft TCO"]

     

    Whenever one of the firm's fuel suppliers would send an email asking for payment, the virus simply changed the text of the message before it was read, adding a different bank account number.  

  • Locky ransomware is back from the dead with two new strains [iophk: "Windows TCO"]

     

    What hasn't changed, though, is the method of distribution.Rather than rifling through the trove of spilt US National Security Agency exploits, as the groups behind WannaCry and NotPetya did, Locky is distributed via phishing emails containing malicious Microsoft Office files or zipped attachments containing a malicious script.

  • Connected cars could have an airbag problem

     

    "It's not the car manufacturers' fault, and it's not a problem introduced by them. The security issue that we leveraged in our research lies in the standard that specifies how the car device network (i.e., CAN) works," added Trend.

    [...] To eliminate the risk entirely, an updated CAN standard should be proposed, adopted, and implemented. This whole process would likely require another generation of vehicles."

  • Code chunk in Kronos malware used long before MalwareTech published it

    A chunk of code found in the Kronos bank-fraud malware originated more than six years before security researcher Marcus Hutchins is accused of developing the underlying code, a fellow security researcher said Friday.

    The conclusion, reached in an analysis of Kronos published by security firm Malwarebytes, by no means proves or disproves federal prosecutors' allegations that Hutchins wrote Kronos code and played a role in the sale of the malware. It does, however, clarify speculation over a Tweet from January 2015, in which MalwareTech—the online handle Hutchins used—complained that a complex piece of code he had published a month earlier had been added to an unnamed malware sample without his permission.

  • Secret chips in replacement parts can completely hijack your phone’s security

    People with cracked touch screens or similar smartphone maladies have a new headache to consider: the possibility the replacement parts installed by repair shops contain secret hardware that completely hijacks the security of the device.

    The concern arises from research that shows how replacement screens—one put into a Huawei Nexus 6P and the other into an LG G Pad 7.0—can be used to surreptitiously log keyboard input and patterns, install malicious apps, and take pictures and e-mail them to the attacker. The booby-trapped screens also exploited operating system vulnerabilities that bypassed key security protections built into the phones. The malicious parts cost less than $10 and could easily be mass-produced. Most chilling of all, to most people, the booby-trapped parts could be indistinguishable from legitimate ones, a trait that could leave many service technicians unaware of the maliciousness. There would be no sign of tampering unless someone with a background in hardware disassembled the repaired phone and inspected it.

Tor “can’t build free and open source tools” and stop racists from using them

Filed under
OSS
Security

The Tor Project has reiterated its absolutist commitment to free speech, saying that even though Daily Stormer recently moved to a Tor onion service, the organization won’t do anything to stop the "hate-spewing website."

Read more

Security: Updates, Reproducible Builds, Red Hat, and the Latest FUD From Black Duck

Filed under
Security

Security: Trezor, Kaspersky and Secure [sic] Enclave Processor

Filed under
Security

Security: FOSS and Ubuntu Updates, Google Leak, Automotive Industry, Secure Enclave Processor (SEP) Bypassed

Filed under
Security

Security: 'Smart' Cars, Marcus Hutchins, Coat of Windows and More

Filed under
Security

Security: Updates, CVE-2017-7543, and Windows Chaos Again

Filed under
Security
  • Security updates for Wednesday
  • Red Hat Secures Networking Flaws in OpenStack, the Linux Kernel

    Red Hat has fixed an important vulnerability in the OpenStack subsystem that’s used to manage network connectivity to and from virtual machines. If left unpatched, it could allow an attacker to access network resources from virtual machines.

    The vulnerability, tracked as CVE-2017-7543 in the Common Vulnerabilities and Exposures (CVE) database, is located in openstack-neutron, a “pluggable, scalable and API-driven” component of the Red Hat OpenStack Platform that’s used to provision networking services to virtual machines.

  • Atomicorp Releases First Kernel-Level Docker Security and is Available Today Through AWS, Azure and Direct
  • Shadow Brokers Eternal Exploits expected to remain effective

    The Shadow Brokers also leaked exploits such as EternalRomance which is similar to EternalBlue but targets Windows 7 SP1 machines using SMBv2 and targets a vulnerability in the process of handling SMBv1 transactions, EternalSynergy which uses a packet type confusion vulnerability, and EternalChampion which takes advantage of a race condition in transaction hand.

  • Shadow Brokers EternalPulsar malware: All you need to know about the leaked NSA SMB exploits

    Cylance researchers said the DoublePulsar backdoor, which experts previously said had successfully infected around 100,000 computers shortly after the exploit was leaked in April, functions as a backdoor providing hackers with secret access to Windows systems.

  • IoT Security for Developers

    Previous articles focused on how to securely design and configure a system based on existing hardware, software, IoT Devices, and networks. If you are developing IoT devices, software, and systems, there is a lot more you can do to develop secure systems.

    The first thing is to manage and secure communications with IoT Devices. Your software needs to be able to discover, configure, manage and communicate with IoT devices. By considering security implications when designing and implementing these functions you can make the system much more robust. The basic guideline is don’t trust any device. Have checks to verify that a device is what it claims to be, to verify device integrity, and to validate communications with the devices.

  • Powerful backdoor found in software used by >100 banks and energy cos. [Ed: Yet more back doors in proprietary software on Microsoft Windows]

    For 17 days starting last month, an advanced backdoor that gave attackers complete control over networks lurked in digitally signed software used by hundreds of banks, energy companies, and pharmaceutical manufacturers, researchers warned Tuesday.

    The backdoor, dubbed ShadowPad, was added to five server- or network-management products sold by NetSarang, a software developer with offices in South Korea and the US. The malicious products were available from July 17 to August 4, when the backdoor was discovered and privately reported by researchers from antivirus provider Kaspersky Lab. Anyone who uses the five NetSarang titles Xmanager Enterprise 5.0, Xmanager 5.0, Xshell 5.0, Xftp 5.0, or Xlpd 5.0, should immediately review posts here and here from NetSarang and Kaspersky Lab respectively.

Security Leftovers

Filed under
Security

Security: Update, Ransomware, Microsoft Windows at Hotels and More Black Duck FUD

Filed under
Security
  • Security updates for Tuesday
  • Open Source Security Podcast: Episode 59 - The VPN Episode
  • Update gone wrong leaves 500 smart locks inoperable

    Hundreds of Internet-connected locks became inoperable last week after a faulty software update caused them to experience a fatal system error, manufacturer LockState said.

    The incident is the latest reminder that the so-called Internet of Things—in which locks, thermostats, and other everyday appliances are embedded with small Internet-connected computers—often provide as many annoyances as they do conveniences. Over the past week, the Colorado-based company's Twitter feed has been gorged with comments from customers who were suddenly unable to lock or unlock their doors normally. Complicating the matter: the affected LockState model—the RemoteLock 6i—is included in an Airbnb partnership called Host Assist. That left many hosts unable to remotely control their locks.

  • Ransomware Targeting WordPress – An Emerging Threat

    Recently, the Wordfence team has seen ransomware being used in attacks targeting WordPress. We are currently tracking a ransomware variant we are calling “EV ransomware.” The following post describes what this ransomware does and how to protect yourself from being hit by this attack.

  • AWS unveils AI monitoring for Amazon S3
  • FancyBear Use Leaked NSA “WannaCry” Exploit To Target Hospitality Industry [Ed: The solution to this is simple: don't use Microsoft Windows at hotels]

    Microsoft has indicated that a number of different versions of Windows are vulnerable to the EternalBlue exploit, even those currently receiving support. It is imperative that IT teams from all businesses across all industries ensure that the version of Windows that they are using is not vulnerable to EternalBlue and, if so, take the necessary steps to remediate it. With three attacks using this exploit having occurred over just the past few months, we’re likely to see cybercriminals continuing to deploy it until devices are patched and it is no longer an effective vector for them to spread malware.”

  • Researcher who neutralized WCry pleads not guilty to writing banking malware

    Marcus Hutchins, the British security researcher instrumental in neutralizing the virulent WCry ransomware worm that shut down computers worldwide in May, appeared in federal court Monday and pleaded not guilty to unrelated criminal charges that he created and distributed malware that steals banking credentials.

    [...]

    Hutchins, who works for Kryptos Logic of Los Angeles, is going to live in Los Angeles while awaiting an undetermined trial date. He will be tracked by a GPS monitoring device. He has been ordered not to touch the WCry sinkhole, presumably because if it's shut off, it could possibly make the ransomware start spreading again.

  • Innovation may be outpacing security in cars [Ed: ITProPortal cites the liars from Black Duck to make it sound as though FOSS is the root of all security issues. Profitable FUD (to them).]

    As the UK government’s car cybersec guidelines recognise, innovation may be outpacing security in cars. When you put new technology into cars, you’ll inevitably run into security challenges.

Syndicate content

More in Tux Machines

today's leftovers

Audiocasts: This Week in Linux and Freedom Penguin

today's howtos

icons and Themes: Vamox , Ashes, and DamaDamas

  • Vamox Icons Offers Three Color Variants for Linux Desktop
    Vamox icons were designed as a university thesis project by Emiliano Luciani and Darío Badagnani in 2008. The objective was to design a interface of a distro that the university could use for learning about design thin free software, From start these icons were developed for Ubuntu. Now these icons has three variants blue, orange and red, which are compatible with most of the Linux desktop environments such as: Gnome, Unity, Cinnamon, Mate, Xfce and so on. We have added these icons to our PPA for Ubuntu/Linux Mint and other related distributions, If you are using distribution other than Ubuntu/Linux Mint/its derivatives then download icons and install it in one of these "~/.icons" or "/usr/share/icons/" location. If you find any missing icons or problem with this icon set then report it to creator via linked page and hopefully it will get fixed soon.
  • Ashes Is A Light Theme For Your Linux Desktop
    Ashes theme is based on Adapta and Flat-Plat theme but it includes the mixture of blue and pink color scheme with gray search entity. Usually derived themes always try to make better and enhanced version by the person who forked it, to make desktop much perfect and elegant, same thing goes for this theme, it looks and feels great on almost every desktop. Mainly it is designed to work in Unity and Gnome desktop but it can also work in other desktops such as Cinnamon, Mate, and so on. For the Gnome desktop creator have added the dark title-bar/header-bar support, so you can enable Global-Dark-Theme using Gnome-Tweak-Tool, if you prefer dark title-bars. If you are using distribution other than Ubuntu/Linux Mint/its derivatives then download theme from here and install it "~/.themes" or "/usr/share/themes/" location. If you find any kind of bug or issue within this theme then report it to creator and since this theme is in active development hopefully it will be fixed soon.
  • DamaDamas Icons Looks Great And At The Same Time Give Windows Flavor
    If you have been searching for Windows icons for your Linux desktop then you are at the right place. The DamaDamas icons are from Pisi GNU/Linux and available for every Linux distribution, these icons give Windows look and feel to your desktop. There isn't much information available for these icons but the icons are SVG format and there are almost 4000+ icons packed in very fairly sized archive. We have added these icons to our PPA and these icons are compatible with almost every desktop environment such as: Gnome, Unity, Cinnamon, Xfce, Mate, KDE Plasma and so on. If you find any missing icons or problem with this icon set then report it to creator via linked page and hopefully it will get fixed soon.