Language Selection

English French German Italian Portuguese Spanish

Security

In Defence of Dmitry Bogatov

Filed under
Security
Debian
  • Statement concerning the arrest of Dmitry Bogatov

    The Debian Project is concerned to hear that one of our members, Dmitry Bogatov, has been arrested by Russian authorities.

    Dmitry is a mathematics teacher, and an active Debian contributor. As a Debian Maintainer, he worked in the Debian Haskell group and currently maintains several packages for command line and system tools.

  • Statement regarding Dmitry Bogatov

    What we know right now is that serious accusations of wrongdoing have been made against a valued member of our community, a person who has, among other things, been a Tor relay operator, Debian Developer, GNU developer, and privacy activist. We are collecting facts, monitoring the situation closely, and sharing information with allied organizations and individuals.

  • Debian Issues Statement Over Arrested Russian Developer

    Debian developer Dmitry Bogatov was arrested by Russian authorities for running a Tor exit node and accused of supporting terrorism.

Security Leftovers and Fixes

Filed under
Security

Security and Microsoft Back/Bug Doors

Filed under
Microsoft
Security
  • Security updates for Friday
  • careful with the chrome HSTS

    I mean, yes, I set the HSTS header, but that was with the same cert that chrome is now insisting can’t be trusted. Why in the world would you permanently store “must have trusted cert” on the basis of an untrusted cert?

  • Hacked NSA tools put Windows users at possible risk

    The hacking group known as Shadow Brokers claims to have released National Security Agency malware designed to break into Windows computers. The software could make millions of Microsoft users vulnerable to malicious parties.

    [...]

    The NSA didn't immediately respond to a request for comment. But this isn't the first US intelligence agency whose tools have been leaked to the public. Just last month, WikiLeaks released techniques it claimed the CIA used for breaking into phones, computers, cars and smart TVs.

  • Leaked NSA point-and-pwn hack tools menace Win2k to Windows 8

    The Shadow Brokers have leaked more hacking tools stolen from the NSA's Equation Group – this time four-year-old exploits that attempt to hijack venerable Windows systems, from Windows 2000 up to Server 2012 and Windows 7 and 8.

    The toolkit puts into anyone's hands – from moronic script kiddies to hardened crims – highly classified nation-state-level weaponry that can potentially compromise and commandeer systems around the world. This is the same powerful toolkit Uncle Sam used once upon a time to hack into and secretly snoop on foreign governments, telcos, banks, and other organizations.

  • Microsoft blocks Kaby Lake and Ryzen PCs from Windows 7, 8 updates

    That means all updates, including security updates, will be unavailable on PCs with brand new hardware running the two older operating systems.

  • Microsoft says U.S. foreign intelligence surveillance requests more than doubled

    Microsoft said it received between 1,000 and 1,499 FISA orders for user content between January and June of 2016, compared to between 0 and 499 during both January-June 2015 as well as the second half of 2015.> Microsoft Corp (MSFT.O) said on Thursday it had received at least a thousand surveillance requests from the U.S. government that sought user content for foreign intelligence purposes during the first half of 2016.

Capsule8 Building Container-Aware Security Platform for Linux

Filed under
Linux
Security

Security startup Capsule8 emerged from its stealth mode in February with a plan to help provide a new model for application container security. In a video interview with eWEEK, Capsule8 CTO Dino Dai Zovi and CEO John Viega explain what's missing from container security today and what they are building to help fill the gap.

"Capsule8 is container-aware, real-time threat protection for Linux-based production environments," Dai Zovi said.

Dai Zovi explained that the company name Capsule8 is a pun on what it does—which is encapsulates security knowledge in software, providing a secure approach to application delivery and deployment.

Read more

An Important Linux Kernel Security Patch Is Available for CentOS 7, Update Now

Filed under
Linux
Red Hat
Security

CentOS maintainer Johnny Hughes has informed the community about the availability of yet another important kernel security update, this time for users of the CentOS Linux 7 operating system series.

Read more

Big Linux bug, low security concerns

Filed under
Linux
Security

This Linux/Android bug sure sounded bad.

The National Institute of Standards and Technology (NIST) and Symantec announced a LinuxKernel ipv4/udp.c bug that made the LinuxKernel 4.4 and earlier vulnerable to remote code-execution. In turn, an attacker could exploit this issue to execute arbitrary code. Worse still, even failed exploits might cause denial-of-service attacks.

There's only one problem with this analysis and the resulting uproar: It's wrong.

Yes, the bug existed. NIST described it as a "critical" bug, and its description makes it sound like it can open Linux and Android-powered devices to attacks via UDP network traffic. The important phrase is "sound like."

Read more

Long Term Support and Security

Filed under
Security
  • Freexian’s report about Debian Long Term Support, March 2017

    Like each month, here comes a report about the work of paid contributors to Debian LTS.

  • Unpatched vulnerability exposes Magento online shops to hacking

    An unpatched vulnerability in the Magento e-commerce platform could allow hackers to upload and execute malicious code on web servers that host online shops.

    The flaw was discovered by researchers from security consultancy DefenseCode and is located in a feature that retrieves preview images for videos hosted on Vimeo. Such videos can be added to product listings in Magento.

    The DefenseCode researchers determined that if the image URL points to a different file, for example a PHP script, Magento will download the file in order to validate it. If the file is not an image, the platform will return a "Disallowed file type" error, but won't actually remove it from the server.

  • NSA's arsenal of Windows hacking tools have leaked

    A new trove of alleged surveillance tools and exploits from the National Security Agency's elite hacking team have been released by the Shadow Brokers' hacking group.

    The group Friday appeared to release tools designed to target Windows PCs and servers, along with presentations and files purporting to detail the agency's methods of carrying out clandestine surveillance.

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security
  • Is this a Ubuntu-based Botnet deploying Tor Relays and Bridges?
  • Microsoft Word 0-day was actively exploited by strange bedfellows

    A critical Microsoft Word zero-day that was actively exploited for months connected two strange bedfellows, including government-sponsored hackers spying on Russian targets and financially motivated crooks pushing crimeware.

  • Microsoft reduces Patch Tuesday to an incomprehensible mess
  • Nation-State Hackers Go Open Source [Ed: How to associate FOSS with crime? Hmmm… let us think. Our writer Kelly Jackson Higgins can take care of that…]

    Researchers who track nation-state groups say open-source hacking tools increasingly are becoming part of the APT attack arsenal.

    Nation-state hacking teams increasingly are employing open-source software tools in their cyber espionage and other attack campaigns.

  • New release: usbguard-0.7.0

    From all the bug fixes in this release, I’d like to point out one which required a backwards incompatible change and requires an update to existing policies. The Linux USB root hub devices use the kernel version as the bcdDevice attribute value. The value is part of the USB descriptor data which USBGuard uses for computing the device hash and therefore causes the device hash to change on every kernel update. This in turn makes USBGuard rules which rely on this hash to not match and block the device. And because it’s a root hub device that gets blocked, all the other devices get blocked too. The bug fix is simple, reset the bcdDevice value to zero before hashing (applied only for the Linux root hub devices).

Security Leftovers

Filed under
Security
  • Why creating an open-source ecosystem doesn’t mean you’re taking on security risks

    Anyone who uses technology benefits from open-source software. Most applications you use have implemented open-source code to varying degrees. This isn’t just small-time developers that use this code, either. Many large enterprises rely on this software to build their own products and solutions.

    Because of this, any CIO would be wise to have their developers follow the same blueprint. However, some developers have concerns about open-source. In an open environment where any contributor can drop potentially harmful code into the global library, is it safe — or wise — to lean heavily on these development resources?

  • Security updates for Wednesday
  • 9 Ways to Harden Your Linux Workstation After Distro Installation

    So far in this series, we’ve walked through security considerations for your SysAdmin workstation from choosing the right hardware and Linux distribution, to setting up a secure pre-boot environment and distro installation. Now it’s time to cover post-installation hardening.

Syndicate content

More in Tux Machines

Radeon RX 580: AMDGPU-PRO vs. DRM-Next + Mesa 17.2-dev

Last week I posted initial Radeon RX 580 Linux benchmarks and even AMDGPU overclocking results. That initial testing of this "Polaris Evolved" hardware was done with the fully-open Radeon driver stack that most Linux enthusiasts/gamers use these days. The AMDGPU-PRO driver wasn't tested for those initial articles as it seems to have a diminishing user-base and largely focused for workstation users. But for those wondering how AMDGPU-PRO runs with the Radeon RX 580, here are some comparison results to DRM-Next code for Linux 4.12 and Mesa 17.2-dev. Read more

Void GNU/Linux Operating System Adopts Flatpak for All Supported Architectures

Void Linux, an open-source, general-purpose GNU/Linux distribution based on the monolithic Linux kernel, is the latest operating system to adopt the Flatpak application sandboxing technologies. Read more

Top 4 CDN services for hosting open source libraries

A CDN, or content delivery network, is a network of strategically placed servers located around the world used for the purpose of delivering files faster to users. A traditional CDN will allow you to accelerate your website's images, CSS files, JS files, and any other piece of static content. This allows website owners to accelerate all of their own content as well as provide them with additional features and configuration options. These premium services typically require payment based on the amount of bandwidth a project uses. Read more

Bash Bunny: Big hacks come in tiny packages

Bash Bunny is a Debian Linux computer with a USB interface designed specifically to execute payloads when plugged into a target computer. It can be used against Windows, MacOS, Linux, Unix, and Android computing devices. It features a multicolor RGB LED that indicates various statuses and a three-position selector switch: Two of the positions are used to launch payloads, while the third makes Bash Bunny appear to be a regular USB storage device for copying and modifying files. Read more