Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security
  • Linux Botnets on a Rampage [Ed: Kaspersky marketing in essence]

    Linux-operated botnet Distributed Denial of Service attacks surged in this year's second quarter, due to growing interest in targeting Chinese servers, according to a Kaspersky Lab report released this week. South Korea kept its top ranking for having the most command-and-control servers. Brazil, Italy and Israel ranked among the leaders behind South Korea for hosting C&C servers, according to Kaspersky Lab. DDoS attacks affected resources in 70 countries, with targets in China absorbing 77 percent of all attacks.

  • Machine-Learning Algorithm Combs the Darknet for Zero Day Exploits, and Finds Them

    In April, cybersecurity experts found an exploit based on this vulnerability for sale on a darknet marketplace where the seller was asking around $15,000. In July, the first malware appeared that used this vulnerability. This piece of malware, the Dyre Banking Trojan, targeted users all over the world and was designed to steal credit-card numbers from infected computers.

    The episode provided a key insight into the way malware evolves. In the space of just a few months, hackers had turned a vulnerability into an exploit, offered this for sale, and then saw it developed into malware that was released into the wild.

  • Frequent password changes are the enemy of security, FTC technologist says

    Shortly after Carnegie Mellon University professor Lorrie Cranor became chief technologist at the Federal Trade Commission in January, she was surprised by an official agency tweet that echoed some oft-repeated security advice. It read: "Encourage your loved ones to change passwords often, making them long, strong, and unique." Cranor wasted no time challenging it.

    The reasoning behind the advice is that an organization's network may have attackers inside who have yet to be discovered. Frequent password changes lock them out. But to a university professor who focuses on security, Cranor found the advice problematic for a couple of reasons. For one, a growing body of research suggests that frequent password changes make security worse. As if repeating advice that's based more on superstition than hard data wasn't bad enough, the tweet was even more annoying because all six of the government passwords she used had to be changed every 60 days.

  • Managing Encrypted Backups in Linux, Part 2

    In part 1, we learned how to make simple automated unencrypted and encrypted backups. In this article, I will show you how to fine-tune your file selection, and how to backup your encryption keys.

  • Getting started with Tails, the encrypted, leave-no-trace operating system

    Tails, an encrypted and anonymous OS that bundles widely used open source privacy tools on a tiny device, is one of the most secure operating systems in the world. The Linux distribution rose to popularity when it was revealed Edward Snowden relied on Tails to secure his identity while sharing NSA secrets with journalists Glenn Greenwald and Laura Poitras. In the past half decade, Tails has been embraced as an essential security suite by journalists, hackers, and IT workers.

    Tails is an acronym for The Amnesic Incognito Live System. The OS runs Debian and is easy to run on Macs and PCs from a USB drive. Tails encrypts all local files, runs every internet connection through Tor and blocks all non-secure connections, and provides a suite of secure communication tools like the Tor browser, HTTPS Everywhere, OpenPGP, the Claws Mail client, I2P, an IP address overlay network, and a Windows 8 camouflage mode to deter over-the-shoulder snooping.

  • Never Trust a Found USB Drive, Black Hat Demo Shows Why [Ed: Windows autoruns stuff]

    Does dropping an infected USB drive in a parking work when it comes to a hacker luring its prey into a digital trap? The answer is a resounding yes.

    At Black Hat USA, security researcher Elie Bursztein shared the results of an experiment where he dropped 297 USB drives with phone-home capabilities on the University of Illinois Urbana-Champaign campus. He also explained how an attacker might program and camouflage a malicious USB drive outfitted with a Teensy development board to take over a target’s computer within seconds after plugging the drive in.

Security News

Filed under
Security
  • Security updates for Thursday
  • Risk From Linux Kernel Hidden in Windows 10 Exposed at Black Hat [Ed: "Alex Ionescu, chief architect at Crowdstrike" - well, enough says. CrowdStrike Microsoft-tied. CrowdStrike are the same chronic liars who recently accused Russia of DNC leaks despite lack of evidence. The corporate press cited them. How can GNU and Linux running under a piece of malware with keyloggers and back doors be the main security concern?]
  • Italian-based Android RAT spies on mobiles in Japan and China, say researchers

    Researchers discover an Italian-based Android RAT designed for spying that is targeting mobile devices using their unique identification codes

  • keysafe

    Have you ever thought about using a gpg key to encrypt something, but didn't due to worries that you'd eventually lose the secret key? Or maybe you did use a gpg key to encrypt something and lost the key. There are nice tools like paperkey to back up gpg keys, but they require things like printers, and a secure place to store the backups.

    I feel that simple backup and restore of gpg keys (and encryption keys generally) is keeping some users from using gpg. If there was a nice automated solution for that, distributions could come preconfigured to generate encryption keys and use them for backups etc. I know this is a missing peice in the git-annex assistant, which makes it easy to generate a gpg key to encrypt your data, but can't help you back up the secret key.

    So, I'm thinking about storing secret keys in the cloud. Which seems scary to me, since when I was a Debian Developer, my gpg key could have been used to compromise millions of systems. But this is not about developers, it's about users, and so trading off some security for some ease of use may be appropriate. Especially since the alternative is no security. I know that some folks back up their gpg keys in the cloud using DropBox.. We can do better.

More Security News

Filed under
Security
  • Kaminsky Warns Black Hat Audience of Risks to the Internet
  • Severe vulnerabilities discovered in HTTP/2 protocol
  • ChaosKey v1.0 Released — USB Attached True Random Number Generator

    Support for this device is included in Linux starting with version 4.1. Plug ChaosKey into your system and the driver will automatically add entropy into the kernel pool, providing a constant supply of true random numbers to help keep the system secure.

    ChaosKey is free hardware running free software, built with free software on a free operating system.

  • Changes for GnuPG in Debian

    The GNU Privacy Guard (GnuPG) upstream team maintains three branches of development: 1.4 ("classic"), 2.0 ("stable"), and 2.1 ("modern").

    They differ in various ways: software architecture, supported algorithms, network transport mechanisms, protocol versions, development activity, co-installability, etc.

    Debian currently ships two versions of GnuPG in every maintained suite -- in particular, /usr/bin/gpg has historically always been provided by the "classic" branch.

    That's going to change!

    Debian unstable will soon be moving to the "modern" branch for providing /usr/bin/gpg. This will give several advantages for Debian and its users in the future, but it will require a transition. Hopefully we can make it a smooth one.

Security Leftovers

Filed under
Security
  • Kaspersky Lab Launches Bug Bounty Program With HackerOne

    The security firm allocates $50,000 to pay security researchers for responsibly disclosing flaws in its security products.
    Kaspersky Lab is no stranger to the world of vulnerability research, but the company is now opening up and enabling third-party security researchers to disclose vulnerabilities about Kaspersky's own software.

  • Reproducible builds for PaX/Grsecurity

    A series of scripts are created to do reproducible builds for Linux kernel with PaX/Grsecurity patch set.

    Thanks to:

    PaX/Grsecurity
    Debian GNU/Linux Community
    Shawn C[a.k.a “Citypw”]
    Linux From Scratch

    Without the contributions of the projects, community and people, the scripts cannot be accomplished.

  • Four flaws in HTTP/2 could bring down web servers

    SECURITY RESEARCHERS have uncovered at least four flaws in the HTTP/2 protocol, the successor to HTTP that was launched properly only in May last year, after Google rolled up its SPDY project into HTTP/2 in February.

    The flaws enable attackers to slow web servers by overwhelming them with seemingly innocent messages that carry a payload of gigabytes of data, putting them into infinite loops and even causing them to crash.

    The HTTP/2 protocol can be divided into three layers: the transmission layer, including streams, frames and flow control; the HPACK binary encoding and compression protocol; and the semantic layer, which is an enhanced version of HTTP/1.1 enriched with server-push capabilities.

Security News

Filed under
Security

Security News

Filed under
Security
  • Security Issue in Windows leaks Login Data [Ed: designed for back door access]

    An issue in all Windows systems might leak the user’s Windows login and password information. This is especially critical if the user is using a Microsoft account because this is linked to a number of other services the user may be using.

  • Get ready for an Internet of Things disaster, warns security guru Bruce Schneier

    Security guru Bruce Schneier, the author of multiple encryption algorithms, founder of security company Counterpane, and former chief technology officer of BT Managed Security Solutions, has warned that the ‘craze' for connecting devices to the internet with little thought about security will result in a major disaster.

    Schneier warned that "integrity and availability threats" are much worse than "confidentiality threats" with devices connected to the internet.

    "It's one thing if your smart door lock can be eavesdropped upon to know who is home. It's another thing entirely if it can be hacked to allow a burglar to open the door - or prevent you from opening your door. A hacker who can deny you control of your car, or take over control, is much more dangerous than one who can eavesdrop on your conversations or track your car's location," Schneier wrote.

    He continued: "With the advent of the Internet of Things and cyber-physical systems in general, we've given the internet hands and feet: the ability to directly affect the physical world. What used to be attacks against data and information have become attacks against flesh, steel, and concrete."

  • New Presidential Directive on Incident Response

    Last week, President Obama issued a policy directive (PPD-41) on cyber-incident response coordination. The FBI is in charge, which is no surprise. Actually, there's not much surprising in the document. I suppose it's important to formalize this stuff, but I think it's what happens now.

  • Kazakh dissidents and lawyers hit by cyber attacks: researchers

    Hackers believed to be working on behalf of Kazakhstan government officials tried to infect lawyers and other associates of exiled dissidents and publishers with spyware, according to a report to be presented at this week's Black Hat security conference in Las Vegas.

    The hacking campaign was part of a complicated tale that also involved physical surveillance and threats of violence - a rare instance of cyber attacks coming alongside real-world crimes.

    It is also unusual in that the campaign involved an Indian company that was apparently hired by the hackers, and it targeted Western lawyers along with alleged opponents of the Kazakh government.

    A spokesman at the Kazakhstan embassy in Washington did not respond to emailed questions.

  • Bruce Schneier: major IoT disaster could happen at any time

    THE CRAZE for connecting anything and everything and controlling it over the internet will result in a major disaster without better built-in security, according to security expert Bruce Schneier.

    Furthermore, if secret services really are trying to influence elections by hacking the systems of political parties and releasing embarrassing emails, they will almost certainly attempt to hack into the increasing number of internet-connected voting machines for the same ends.

    Schneier is the author of multiple encryption algorithms, founder of security company Counterpane, and former chief technology officer of BT Managed Security Solutions.

    "It's one thing if your smart door lock can be eavesdropped on to know who is home. It's another thing entirely if it can be hacked to allow a burglar to open the door or prevent you opening your door," Schneier wrote in an article published by Motherboard.

  • Linux botnets on the rise, says Kaspersky DDoS report [Ed: Kaspersky marketing with dramatic and misleading headlines]
  • Hackers break into Telegram, revealing 15 million users’ phone numbers

    Iranian hackers have compromised more than a dozen accounts on the Telegram instant messaging service and identified the phone numbers of 15 million Iranian users, the largest known breach of the encrypted communications system, cyber researchers told Reuters.

    The attacks, which took place this year and have not been previously reported, jeopardized the communications of activists, journalists and other people in sensitive positions in Iran, where Telegram is used by some 20 million people, said independent cyber researcher Collin Anderson and Amnesty International technologist Claudio Guarnieri, who have been studying Iranian hacking groups for three years.

    Telegram promotes itself as an ultra secure instant messaging system because all data is encrypted from start to finish, known in the industry as end-to-end encryption. A number of other messaging services, including Facebook Inc’s WhatsApp, say they have similar capabilities.

Tor 0.2.8.6

Filed under
Software
OSS
Security
Debian
  • Tor 0.2.8.6 is released

    Hi, all! After months of work, a new Tor release series is finally stable.

  • Tor browser a bit too unique?

    Ok, this is scary: tor browser on https://browserprint.info/test -- "Your browser fingerprint appears to be unique among the 8,440 tested so far. Currently, we estimate that your browser has a fingerprint that conveys 13.04 bits of identifying information."

  • Debian Project Enhances the Anonymity and Security of Debian Linux Users via Tor

    The Debian Project, through Peter Palfrader, announced recently that its services and repositories for the Debian GNU/Linux operating system would be accessible through the Tor network.

    To further enhance the anonymity and security of users when either accessing any of the Debian online services, such as the Debian website or Wiki, as well as when using the Debian GNU/Linux operating system, the Debian Project partnership with the Tor Project to enable Tor onion services for many of their services.

Gentoo-Based Pentoo 2015.0 Linux Distro for Ethical Hackers Gets New RC Release

Filed under
Gentoo
Security

The Pentoo Linux development team proudly announces today, August 2, 2016, the availability for download of the fifth Release Candidate (RC) build towards the Pentoo 2015.0 GNU/Linux operating system.

We don't write so often about the Pentoo GNU/Linux operating system because new releases are being made available to the public online when a new DEF CON event (the world's largest annual hacker convention) is taking place. So yes, it's now a tradition to see a new Pentoo release around a DEF CON conference.

Read more

Security Leftovers

Filed under
Security
Syndicate content

More in Tux Machines

Windows, Mac or Linux... Which operating system best suits your business?

Linux is a free alternative. Apart from the zero-cost factor, it's still less prone to viruses than Windows. Most Linux machines start out as Windows computers that are reformatted. Linux is also adaptable -- Linux is an OS kernel, not a full system, but is the heart of software distributions such as Ubuntu or Fedora. As for cons, Linux is more complex to learn and use. There are also far fewer programs written for Linux systems. Of course, someone with an advanced online computer science master’s degree will help you make the most of a Linux system by supplying the skills needed to innovate and implement custom solutions for your business environment. Read more

LinuxCon, Linux at 25, and Linux Development

5 Ways to Solve the Open Source Industry's Biggest Problems

Over the last decade, open source software and its audience of end users have greatly matured. Once only used by a small subset of tech-savvy early adopters, the convenience, effectiveness and cost savings of open source solutions are now driving enterprise IT to explore more ways to take advantage of the power of open source in their daily business operations. In today's economy, enterprise IT has less to gain from developing and licensing software and more to gain from actively working with existing open source technology. However, the march toward open source still faces major obstacles before it becomes mainstream. In this slideshow, Travis Oliphant, CEO and founder of Continuum Analytics, outlines five challenges preventing enterprise IT from shifting to open source and tips for tackling them to keep the future of open source heading in the right direction. The road may be winding, but it will eventually lead companies to open source to help them innovate and as the way of the future. Read more Also: Latest attacks on privacy...

Security News

  • Jay Beale: Linux Security and Remembering Bastille Linux
    Security expert and co-creator of the Linux-hardening (and now Unix-hardening) project Bastille Linux. That’s Jay Beale. He’s been working with Linux, and specifically on security, since the late 1980s. The greatest threat to Linux these days? According to Beale, the thing you really need to watch out for is your Android phone, which your handset manufacturer and wireless carrier may or may not be good about updating with the latest security patches. Even worse? Applications you get outside of the controlled Google Play and Amazon environments, where who-knows-what malware may lurk. On your regular desktop or laptop Linux installation, Beale says the best security precaution you can take is encrypting your hard drive — which isn’t at all hard to do. He and I also talked a bit, toward the end, about how “the Linux community” was so tiny, once upon a time, that it wasn’t hard to know most of its major players. He also has some words of encouragement for those of you who are new to Linux and possibly a bit confused now and then. We were all new and confused once upon a time, and got less confused as we learned. Guess what? You can learn, too, and you never know where that knowledge can take you.
  • Automotive security: How safe is a next-generation car?
    The vehicles we drive are becoming increasingly connected through a variety of technologies. Features such as keyless entry and self-diagnostics are becoming commonplace. Unfortunately, they can also introduce IT security issues.
  • Let's Encrypt: Every Server on the Internet Should Have a Certificate
    The web is not secure. As of August 2016, only 45.5 percent of Firefox page loads are HTTPS, according to Josh Aas, co-founder and executive director of Internet Security Research Group. This number should be 100 percent, he said in his talk called “Let’s Encrypt: A Free, Automated, and Open Certificate Authority” at LinuxCon North America. Why is HTTPS so important? Because without security, users are not in control of their data and unencrypted traffic can be modified. The web is wonderfully complex and, Aas said, it’s a fool’s errand to try to protect this certain thing or that. Instead, we need to protect everything. That’s why, in the summer of 2012, Aas and his friend and co-worker Eric Rescorla decided to address the problem and began working on what would become the Let’s Encrypt project.
  • OpenSSL 1.1 Released With Many Changes
    OpenSSL 1.1.0 was released today as a major update to this free software cryptography and SSL/TLS toolkit. In addition to OpenSSL 1.1 rolling out a new build system and new security levels and support for pipelining and a new threading API, security additions to OpenSSL 1.1 include adding the AFALG engine, support for ChaChao20 in libcrypto/libssl, scrypto algorithm support, and support for X25519, among many other additions.
  • Is Windows ​10’s ‘Hidden Administrator Account’ a security risk? [Ed: Damage control from Microsoft Jack (Jack Schofield) because Microsoft Windows is vulnerable by design]