Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security
  • Friday's security updates
  • Ten-year-old Windows Media Player hack is the new black, again

    Net scum are still finding ways to take down users with a decade-old Windows Media Player attack.

    The vector is a reborn social engineering hatchet job not seen in years in which attackers convince users to run executable content through Windows Media Player's Digital Rights Management (DRM) functionality.

    Windows Media Player will throw a DRM warning whenever users do not have the rights to play content, opening a URL through which a licence can be acquired.

    Now malware villains are packing popular movies with malicious links so that the DRM warning leads to sites where they're fooled into downloading trojans masquerading as necessary video codecs.

  • Luabot Malware Turning Linux Based IoT Devices into DDoS Botnet

    The IT security researchers at MalwareMustDie have discovered a malware that is capable of infecting Linux-based Internet of Things (IoT) devices and web servers to launch DDoS (Distributed Denial of Service) attacks.

Security News

Filed under
Security

Security News

Filed under
Security

Wireshark 2.2

Filed under
Software
Security
  • Wireshark 2.2 Released

    Wireshark 2.2 features "Decode As" improvements, the various UIs now support exporting packets as JSON, there is new file format decoding support, and a wide range of new protocol support. New protocol coverage includes Apache Cassandra, USB3 Vision Protocol, USIP protocol, UserLog protocol, Zigbee Protocol Clusters, Cisco ttag, and much more.

  • Wireshark 2.2.0 Is Out as the World's Most Popular Network Vulnerability Scanner

    Today, September 7, 2016, the development team behind the world's most popular network protocol analyzer, Wireshark, proudly announced the release of a new major stable version, namely Wireshark 2.2.

    After being in development for the past couple of months, Wireshark 2.2.0 has finally hit the stable channel, bringing with it a huge number of improvements and updated protocols. For those of you who never heard of Wireshark, we want to remind them that it's an open-source network vulnerability scanner used by security researchers and network administrators for development, analysis, troubleshooting, as well as education purposes.

Security News

Filed under
Security
  • New release: usbguard-0.6.0

    Another milestone behind us. The 0.6.0 release brings the promissed CentOS/RHEL 7 compatibility. This means that our Copr EPEL-7 repository as well as Fedora’s EPEL-7 repository will now provide the latest versions of USBGuard. Check it out!

    One more very good piece of news is that USBGuard was accepted in Debian and is available in Sid (unstable). A big thanks goes to Muri Nicanor and others involved in this packaging effort!

  • StartSSL customers, it is time to leave. Now!

    While listening to the Security Now podcast, I have listened first with amusement then with horror to Steve reading email from Mozilla about the security problems with WoSign CA.

    Their list of woes is long, read the linked email for details, but one thing turned up during the email which I was not aware of: StartCom (owner of the StartSSL certificate authority) was apparently recently bought by WoSign CA! Apparently one of the security bugs StartSSL has (had?) was that with properly modified POST request (yes, I guess you can do it in the Developer Tools of your Firefox) you can get certificate linked to the root ceritificate “CA 沃通根证书” (or “WoSign CA Free SSL Certificate G2” with another value of the parameter). Awesome!

    What’s even more interesting is that I am a paying customer of StartSSL CA and I have never been made aware of the change of ownership. The only other mention of the possible change of ownership I found was on the Wikipedia page, which linked to the blogpost, which is now unavailable due to “legal review of the site” […]. Even better!

  • Debian GNU/Linux Fixes Dangerous TCP Flaw In New Update
  • Why Security Performance Will be Key in NFV

    There is growing evidence that the data center is driving toward a more software-centric security model that will be core to network functions virtualization (NFV) and software-defined networking (SDN) technology. This new model means that security performance in NFV will be key.

  • How to enable server-side encryption in Nextcloud

    Out of the box, Nextcloud servers do not run with server-side encryption. Follow these steps to enable an extra layer of security for Nextcloud.

  • Umbreon rootkit targets Linux on x86, ARM [Ed: nonsensical marketing hype from Trend Micro]
  • Pokemon Themed 'Umbreon' Rootkit Hides In Linux Systems
  • Taking umbrage at Umbreon, the Linux rootkit that likes to hide
  • Linux rootkit, named for Pokémon's Umbreon, targets Linux

Calamares 2.4 Universal Linux Installer Gets Its First Point Release to Fix Bugs

Filed under
GNU
Linux
Security

The Calamares team announced recently the availability of the first point release to the new stable series of the distribution-independent system installer used in many GNU/Linux distributions, Calamares 2.4.

Read more

Security News

Filed under
Security
  • Security advisories for Monday
  • Stealthy, tricky to remove rootkit targets Linux systems on ARM and x86 [Ed: IDG covers this nonsense from Trend Micro (not a real risk, just the name Pokémon for better headlines])
  • You can't weigh risk if you don't know what you don't know

    If any of us have ever been in a planning meeting, a variant of this has no doubt come up at some point. It came up for me last week, and every time I hear it I think about all things we don't know we don't know. If you're not familiar with the concept, it works a bit like this. I know I don't know to drive a boat. But because I know I don't know this, I could learn. If you know you lack certain knowledge, you could find a way to learn it. If you don't know what you don't know, there is nothing you can do about it. The future is often an unknown unknown. There is nothing we can do about the future in many instances, you just have to wait until it becomes a known, and hope it won't be anything too horrible. There can also be blindness when you think you know something, but you really don't. This is when people tend to stop listening to the actual experts because they think they are an expert.

Security News

Filed under
Security
  • Pokémon-inspired rootkit attacks Linux systems [Ed: Media hyping up "Linux" threat which requires 1) the cracker has access to the device. 2) cracker installs malware.]

    Provides backdoor and traffic-hiding capabilities.

    A new persistent stealthy malware that can give attackers full control over Linux servers has been discovered by researchers.

    Researcher Fernando Mercês with security vendor Trend Micro said the malware - a rootkit family - is named after a character in the Pokémon fantasy game called Umbreon.

    Umbreon is a dark Pokémon that hides in the night, an "appropriate characteristic for a rootkit," Mercês wrote.

  • Pokémon-loving VXer targets Linux with 'Umbreon' rootkit [Ed: More hysteria, now in British media, over something that's not a real risk, thanks to self promotion]
  • ,

  • LuaBot Is the First Botnet Malware Coded in Lua Targeting Linux Platforms [Ed: so don’t install malware]

    Unlike Mirai, which is the fruit of a two-year-long coding frenzy, LuaBot is in its early stages of development, with the first detection being reported only a week ago and a zero detection rate on VirusTotal for current samples.

  • Nearly 800,000 Brazzers Porn Site Accounts Exposed in Forum Hack [Ed: Remember Canonical having Ubuntu Forums cracked, twice, due to proprietary vBulletin? Well, vBulletin -- again.]

    Nearly 800,000 accounts for popular porn site Brazzers have been exposed in a data breach. Although the data originated from the company's separate forum, Brazzers users who never signed up to the forum may also find their details included in the dump.

    Motherboard was provided the dataset by breach monitoring site Vigilante.pw for verification purposes. The data contains 790,724 unique email addresses, and also includes usernames and plaintext passwords. (The set has 928,072 entries in all, but many are duplicates.)

    Troy Hunt, a security researcher and creator of the website Have I Been Pwned? helped verify the dataset by contacting subscribers to his site, who confirmed a number of their details from the data.

Debian plugs Linux 'TCP snoop' bug

Filed under
Security
Debian

Debian's maintainers have moved to plug the TCP snooping flaw that emerged in August 2016.

The bug, CVE-2016-5696, was spotted by University of California Riverside's Zhiyun Qian and his collaborators and published in August.

It enabled an attack against Linux (and Android) implementations of RFC 5961, which used challenge ACK packets to try and harden Linux. The implementation bug, present in the kernel since 2012, meant targets could be fooled into rate-limiting their challenge ACKs, letting an attacker work out sequence numbering when it resumed.

Read more

Syndicate content

More in Tux Machines

today's howtos

Leftovers: Ubuntu

  • Ubuntu Phone, Sep 2016 - Vorsprung durch Touch
    The Ubuntu Phone is getting better, and with every new iteration of the OTA, my little BQ Aquaris E4.5 is gaining more speed and functionality. Like in the air force, with an avionics upgrade, which transforms ancient wings into a powerful and modern bird of prey. Only the pace of advancement is lagging behind the market. See what Android and iOS can do, even Windows Phone, and you realize how late and insufficiently meaningful the Ubuntu Phone really is. This has to change, massively. This latest round does bring some fine goods to the table - more speed and stability, better icons, more overall visual polish, incremental improvements in the applications and the scopes. But that's not enough to win the heart of the average user. A more radical, app-centric effort is required. More focus on delivering the mobile experience, be it as it may. Ubuntu cannot revolutionalize that which is already considered the past. It can only join the club and enjoy the benefits of a well-established reality. And that is a kickass app stack that makes the touch device worth using in the first place. Still, it's not all gloomy. E4.5 is a better product now than it was a year ago, fact. Ubuntu Phone is a better operating system than it was even this spring, fact. So maybe one day we will see Ubuntu become an important if not dominant player in the phone and tablet space. It sure is heading in the right direction, my only fear is the availability of resources to pull off this massive rehaul that is needed to make it stand up to the old and proven giants. And that's it really. If you're keen on Linux (not Android) making it in the mobile world, do not forget to check my Ubuntu tablet review! Especially the convergence piece. On that merry note, you do remember that I'm running a wicked contest this year, too? He/she who reads my books might get a chance to win an M10 tablet. Indeed. Off you go, dear readers. Whereas I will now run the same set of tests we did here on the Aquaris tablet, and see how it likes the OTA-12 upgrade. The end.
  • Ubuntu 16.10 Unity 8 - new window snapping feature
  • Ubuntu Online Summit for Ubuntu 17.04 is Taking Place In Mid-November
  • Ubuntu Online Summit: 15-16 November 2016

Leftovers: OSS and Sharing

  • 10 Top Open Source Artificial Intelligence Tools for Linux
    In this post, we shall cover a few of the top, open-source artificial intelligence (AI) tools for the Linux ecosystem. Currently, AI is one of the ever advancing fields in science and technology, with a major focus geared towards building software and hardware to solve every day life challenges in areas such as health care, education, security, manufacturing, banking and so much more.
  • List of FLOSS International Conferences September 2016 Materials
  • This Week In Servo 78
    Our overall roadmap is available online and now includes the initial Q3 plans. From now on, we plan to include the quarterly plan with a high-level breakdown in the roadmap page.
  • Firefox 49 Release: Find out what is new
    Firefox 49.0 is the next major stable release of the web browser. Firefox 48.0.2 and earlier versions of Firefox can be updated to the new release.
  • Open-Source Climate Change Data From NASA, NOAA, & Others Available For 1st Time
    Climate change has many components — rising sea levels, alterations in rainfall patterns, and an increase in severe storm activity, among others. Communities around the world are faced with the need to plan for climate change but don’t have the information available to do so effectively.
  • Another Setback for 3D Printed Gun Advocate Cody Wilson as Court of Appeals Rules That National Security Concerns Outweigh Free Speech
    It’s been a long, drawn-out battle, beginning in 2013 when Cody Wilson, founder of Defense Distributed, published the open source files for his 3D printed handgun, the Liberator, online. The State Department ordered that he take the files down, and Wilson complied, but not before thousands had downloaded them and spread them elsewhere on the Internet. In 2015, with the help of gun rights organization The Second Amendment Foundation, Wilson filed a federal lawsuit claiming that the State Department had violated not only his Second Amendment but his First Amendment rights. By suppressing his right to share information online, Wilson argued, the State Department was violating his right to free speech.
  • In 3D-Printed Gun Case, Federal Court Permits Speech Censorship in the Name of Alleged National Security
  • Oracle tries playing nice with Java EE rebels
    With Oracle now trying to get back on track with advancing enterprise Java, the company is seeking rapprochement with factions that had sought to advance the platform on their own. The two groups involved are mostly amenable to patching up the relationship. Oracle's Anil Gaur, group vice president of engineering, said this week he had already been in touch with some of the concerned parties. The two factions include Java EE Guardians, led by former Oracle Java EE evangelist Reza Rahman, and Microprofile.io, which has included participation from Red Hat and IBM.

GNU News