Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security
  • Security advisories for Wednesday
  • Malware Found on New Windows Computers (Not What You Think)

    It appears that the office supply giant, Office Depot, isn’t adverse to tarnishing its reputation if there’s a buck or two to be made in the process.

    KIRO TV in Seattle reported on November 15 that it had taken brand new out-of-the-box computers that had never been connected to the Internet to Office Depot stores, both in Washington state and Portland, Oregon, and told the repair desk staff that “it’s running a little slow.” In four out of six cases they were told the computer was infected with viruses and would require an up to $180 fix.

    After declining the “fix,” they took the “virus laden” machines to a Seattle security outfit, IOActive, which reexamined the machines. “We found no symptoms of malware when we operated them,” an employee with the firm, Will Longman, said. “Nor did we find any actual malware.”

    In the two cases where undercover reporters weren’t told that their computers showed evidence of an infection, they were advised to install antivirus software. In one of the two stores, a technician evidently noticed that the machine was new and told the reporter to “ignore the test results.”

  • FBI Hacked into 8,000 Computers in 120 Countries Using A Single Warrant

    The FBI hacked into more than 8,000 computers in 120 different countries with just a single warrant during an investigation into a dark web child pornography website, according to a newly published court filings.

    This FBI's mass hacking campaign is related to the high-profile child pornography Playpen case and represents the largest law enforcement hacking campaign known to date.

    The warrant was initially issued in February 2015 when the FBI seized the Playpen site and set up a sting operation on the dark web site, in which the agency deployed malware to obtain IP addresses from alleged site's visitors.

  • How Unikernels Can Better Defend against DDoS Attacks

    On the episode of The New Stack Makers podcast, Dell EMC CTO Idit Levine, an EMC chief technology officer at the cloud management division and office of the CTO, discussed how unikernels are poised to offer all of the developer flexibility afforded to containers, while striving for better security and integrations with many of today’s top container platforms. She spoke with SolarWinds Cloud Technology Lead Lee Calcote at KubeCon 2016:

  • Exploit Code Bypasses Linux Security Features Leaving Systems Vulnerable
  • Researcher writes codeless exploit that bypasses Linux security measures

    If you’re a Linux administrator, then you’re likely aware that even being fully up to date on all of the patches for your Linux distribution of choice is no guarantee that you’re free from vulnerabilities. Linux is made up of numerous components, any of which can open up an installation to one exploit or another.

Tor phone (Android)

Filed under
Android
Security
  • Tor phone is antidote to Google “hostility” over Android, says developer

    The Tor Project recently announced the release of its prototype for a Tor-enabled smartphone—an Android phone beefed up with privacy and security in mind, and intended as equal parts opsec kung fu and a gauntlet to Google.

    The new phone, designed by Tor developer Mike Perry, is based on Copperhead OS, the hardened Android distribution profiled first by Ars earlier this year.

  • Tor-Enabled Phone Offers Various Layers Of Security

    We’ve seen all sorts of Android smartphones released over the years, from the ones that ship with Google’s stock Android or a third-party skin, to the ones that sport two displays, are curved or have heavy security features. There are tons of different smartphones available out there, and a number of different OS’ available for those smartphones, and that’s the true beauty of Android. Now, some of you have probably heard of a Tor-enabled smartphone by Tor Project. This smartphone put a huge emphasis on security and privacy, and those of you who are very concerned about such issues should be interested, though do keep in mind that the Tor-enabled smartphone actually references software that can be installed on a smartphone, not the actual hardware smartphone that will be available for sale, just to make that clear.

Elegant 0-day unicorn underscores “serious concerns” about Linux security

Filed under
Linux
Security
  • Elegant 0-day unicorn underscores “serious concerns” about Linux security [Ed: Molehill becomes mountain in the hands of Dan Goodin]

    Recently released exploit code makes people running fully patched versions of Fedora and other Linux distributions vulnerable to drive-by attacks that can install keyloggers, backdoors, and other types of malware, a security researcher says.

  • Researcher writes codeless exploit that bypasses Linux security measures

    If you’re a Linux administrator, then you’re likely aware that even being fully up to date on all of the patches for your Linux distribution of choice is no guarantee that you’re free from vulnerabilities. Linux is made up of numerous components, any of which can open up an installation to one exploit or another.

Security Leftovers

Filed under
Security
  • Beware: ScanGuard Scam

    My wife called this to my attention; a web site called "smartwebuser.org" (I refuse to post a link) that warned "If you live in Canada and have a Linux computer which is over 6 months old, then we advise you to keep reading." What followed was a puff piece for something called ScanGuard. It sounded suspiciously to me like all those "cleanup" apps that are advertised in email and occasionally on TV, that promise to protect your PC from viruses and malware, and make it run a zillion times faster. It sounded like a scam to me.

  • The Urgency of Protecting Your Online Data With Let's Encrypt

    We understand that online security is a necessity, so why is only 48.5% of online traffic encrypted? Josh Aas, co-founder of Let's Encrypt, gives us a simple answer: it's too difficult. So what do we do about it? Aas has answers for that as well in his LinuxCon North America presentation.

    Aas explains how the Achilles heel of managing Web encryption is not encryption itself, but authentication, which requires trusted third parties, and secure mechanisms for managing the trust chain. He says, "The encryption part is relatively easy. It's a software stack...it comes on most operating systems by default. It just needs to be configured. Most Web servers tie into it directly and take care of things for you. Your biggest challenge is protecting your private key. The authentication part is a bit of a nightmare, and it has been for a while, so if you want to authenticate, the way this works on the web is you need to get a certificate from a certificate authority, and it's complicated, even for really smart people like my friend Colin here at Cisco."

  • Is encrypted e-mail a must in the Trump presidential era?

    With Donald Trump poised to take over the U.S. presidency, does it make sense for all of us to move to encrypted e-mail if we want to preserve our privacy? Encrypted e-mail provider ProtonMail says yes, indeed.

  • New IoT botnet behind fake Instagram, Twitter and YouTube profiles

    Hackers have created thousands of fake accounts on popular social media platforms like Instagram, Twitter, YouTube and Periscope, via an IoT botnet, using the Linux/Moose malware. Security researchers claim that fake social media accounts are created by hackers to randomly follow people and browse content, in efforts to make the bots seem more "human" and avoid spam filters.

    According to security researchers, the Linux/Moose botnet is a "new generation" IoT botnet that operates on embedded systems such as routers, rather than computers. This makes the bot much more difficult to detect. The botnet can function on even limited computational power and specialises in "social media fraud".

  • Great. Now Even Your Headphones Can Spy on You

    Cautious computer users put a piece of tape over their webcam. Truly paranoid ones worry about their devices’ microphones, some even crack open their computers and phones to disable or remove those audio components so they can’t be hijacked by hackers. Now one group of Israeli researchers has taken that game of spy-versus-spy paranoia a step further, with malware that converts your headphones into makeshift microphones that can slyly record your conversations.

  • Watch out: ɢoogle.com isn’t the same as Google.com

    If you don’t watch where you’re going on the internet, you might be headed down a dark alley before you know it.

    Like a lot of big websites, we use Google Analytics to keep track of traffic on TNW. A few weeks ago, however, we spotted something that looked a bit out of the ordinary.

KDE Plasma 5.8.4 LTS Desktop Environment Released for Linux with More Bug Fixes

Filed under
KDE
Security

Today, November 22, 2016, KDE announced the release of the fourth maintenance update to the long-term supported KDE Plasma 5.8 desktop environment for Linux-based operating systems.

Read more

Security News

Filed under
Security
  • Security advisories for Monday
  • Fast security is the best security

    DevOps security is a bit like developing without a safety net. This is meant to be a reference to a trapeze act at the circus for those of you who have never had the joy of witnessing the heart stopping excitement of the circus trapeze. The idea is that when you watch a trapeze act with a net, you know that if something goes wrong, they just land in a net. The really exciting and scary trapeze acts have no net. If these folks fall, that's pretty much it for them. Someone pointed out to me that the current DevOps security is a bit like taking away the net.

  • Detecting fraudulent signups?

    I run a couple of different sites that allow users to sign-up and use various services. In each of these sites I have some minimal rules in place to detect bad signups, but these are a little ad hoc, because the nature of "badness" varies on a per-site basis.

  • Reproducible Builds: week 82 in Stretch cycle

    What happened in the Reproducible Builds effort between Sunday November 13 and Saturday November 19 2016...

Linux Kernel 3.2.84 LTS Released, Adds over 200 Improvements and Bug Fixes

Filed under
Linux
Security

On November 20, 2016, Linux kernel maintainer Ben Hutchings announced the release of the eighty-fourth maintenance update to the long-term supported Linux 3.2 kernel series.

Read more

Also: Linux Kernel 3.16.39 LTS Is a Massive Maintenance Update with 420 Improvements

Linux versus Unix hot patching

Filed under
GNU
Linux
Security

There has always been a debate about how close Linux can get to the real operating system (OS), the core proprietary Unix variants that for two decades defined the limits of non-mainframe scalability and reliability.

But times are changing, and the new narrative may be when will Unix catch up to Linux on critical reliability, availability, and serviceability (RAS) features such as hot patching?

Hot patching, the ability to apply updates to the OS kernel while it is running, is a long sought-after but elusive feature of a production OS.

It is sought after because both developers and operations teams recognise that bringing down an OS instance that is doing critical high-volume work is at best disruptive and at worst a logistical nightmare. Its level of difficulty also makes it somewhat elusive.

There have been several failed attempts and implementations that almost worked, but they were so fraught with exceptions that they were not really useful in production.

Read more

Also: Can I interest you in talking about Security?

Security Leftovers

Filed under
Security

Security News

Filed under
Security
  • Security updates for Friday
  • Serious Linux Vulnerability Found By Just Holding Down The Enter Key For 70 Seconds

    Security researchers have found a rather frightening vulnerability in Linux that could ultimately allow an attacker to copy, modify, or destroy the contents of a hard drive, along with with configure the network to exfiltrate data. That in and of itself is cause for concern, but the real harrowing part about this is how easy it is to activate—an attacker need only boot up the system and hold down the enter key for 70 seconds.

  • Open Source Software: Secure Except When It Isn't

    There is still a flaw in the open source security model which the Core Infrastructure Initiative only partly addressed. Remember the thousands and thousands of eyes looking for vulnerabilities in the code? While that may be true in a generalized sense, there are some small but important projects that are flying under the radar and don't seem to be getting the necessary attention.

  • Adobe Fined $1M in Multistate Suit Over 2013 Breach; No Jail for Spamhaus Attacker

    Adobe will pay just $1 million to settle a lawsuit filed by 15 state attorneys general over its huge 2013 data breach that exposed payment records on approximately 38 million people. In other news, the 39-year-old Dutchman responsible for coordinating an epic, weeks-long distributed denial-of-service attack against anti-spam provider Spamhaus in 2013 will avoid any jail time for his crimes thanks to a court ruling in Amsterdam this week.

    On Oct. 3, 2013, KrebsOnSecurity broke the story that Adobe had just suffered a breach in which hackers siphoned usernames, passwords and payment card data on 38 million customers. The intruders also made off with digital truckloads of source code for some of Adobe’s most valuable software properties — including Adobe Acrobat and Reader, Photoshop and ColdFusion.

  • Half of companies have been hit with ransomware in the past year

    MORE TERRIFYING SECURITY RESEARCH has discovered that almost half of a collection of firms surveyed admitted that they have been the victim of a ransomware attack.

    Endpoint security outfit SentinelOne said that the ransomware attacks do not just go after monies these days, but have darker aims and can be used to threaten and terrorise people.

    "[Our] results point to a significant shift for ransomware. It's no longer just a tool for cyber crime, but a tool for cyber terrorism and espionage," said Tony Rowan, chief security consultant at SentinelOne, in the firm's Ransomware Research Data Summary (PDF).

  • Security Of FLOSS

    I’ve worked with IT since the 1960s. I’ve seen systems that fell down just idling. I’ve seen systems that were insecure by design. Their creators just didn’t seem to care. I’ve seen systems that were made to get you. Their creators wanted to own your soul. I’ve also used FLOSS.

Syndicate content

More in Tux Machines

Development News

  • KDevelop 5.0.3 Open-Source IDE Improves GitHub Handling Authentication, More
    The development behind the open-source and cross-platform KDevelop IDE (Integrated Development Environment) was proud to announce on the first day of December the availability of the third point release for KDevelop 5.0 stable series. KDevelop 5.0.3 arrives one and a half months after the second maintenance update, but it's a small bugfix release that attempts to patch a total of nine issues reported by users since then. However, it's a recommended update for all users. "We are happy to announce the release of KDevelop 5.0.3, the third bugfix and stabilization release for KDevelop 5.0. An upgrade to 5.0.3 is strongly recommended to all users of 5.0.0, 5.0.1 or 5.0.2," reads the release announcement.
  • PHP 7.1.0
    The PHP development team announces the immediate availability of PHP 7.1.0.
  • PHP 7.1 Makes Its Debut
    This first major update to last year's huge PHP 7.0 release builds several new features on top. Introduced by PHP 7.1 is nullable types, a void return type, a iterable pseudo-type, class constant visibility modifiers, support for catching multiple exception types, and many other language enhancements plus more performance optimizations and other work.

Games for GNU/Linux

OSS Leftovers

SUSE Leftovers

  • openSUSE Tumbleweed – Review of the Week 2016/48
    After releasing daily snapshots without interruption for 17 days, Tumbleweed did slow down a bit during the last week. As already mentioned in my last review, 1124 had been canceled due to an issue with sddm installing strange branding configurations. And later on, we ‘broke’ our own staging setup and needed to bootstrap a few of them, making the throughput much lower than you were used to. So, we ended up with 3 snapshots since my last review: 1125, 1128 and 1129.
  • Highlights of YaST development sprint 28
    November is over, Santa Claus elves start to stress and the YaST team brings you one of the last reports of 2016. Let’s see what’s new in YaSTland.