Language Selection

English French German Italian Portuguese Spanish

Security

Security: Voting Safety, Intel, Windows and Linux

Filed under
Security

Security: Intel Scandals, Microsoft Patches Cause Data Loss/Corruption

Filed under
Security

Parrot 3.11 release notes

Filed under
GNU
Linux
Security

Parrot 3.11 is now available for download.

This new release introduces many improvements and security fixes compared to the previous versions. It includes by default all the spectre/meltdown security patches currently available and an updated version of the Linux 4.14 kernel.

A new car hacking menu now contains a collection of useful open source tools in the automotive industry to test real world cars or simulate CANBus networks.

Metasploit and postgresql are now patched to work flawlessly out of the box in live mode.

Other important updates include Firefox 58, increased installer stability, many updated security tools and some important graphic improvements.

Parrot Studio was reintroduced with many improvements, this special derivative of Parrot is designed for multimedia production as an improved version of Parrot Home for workstations, with many useful productivity tools pre-installed.

This release will probably be the last version of the 3.x series (except for eventual security updates), and we wanted to include some of the changes that we planned for parrot 4.x as a gift for our community.

Read more

Security: PLC, Blacksmith, Windows at NHS

Filed under
Security

  • Vulnerable industrial controls directly connected to Internet? Why not?

    As Beaumont said, "It's an open own goal." And this particular advisory doesn't stop with the PLCs. Some PLC manufacturers haven't even responded to inquiries from the DHS' National Cybersecurity and Communications Integration Center (NCCIC) about recently-discovered vulnerabilities, such as one in the Nari PCS-9611 Feeder Relay, a control system used to manage some electrical grids. The vulnerability, reported by two Kaspersky Labs researchers, "could allow a remote attacker arbitrary read/write abilities on the system."

  • Free Linux Tool Monitors Systems for Meltdown Attacks

    SentinelOne this week released Blacksmith, a free Linux tool that can detect Meltdown vulnerability exploitation attempts, so system administrators can stop attacks before they take root.

    The company has been working on a similar tool to detect Spectre vulnerability attacks.

  • Welsh NHS systems back up after computer 'chaos'

    The National Cyber Security Centre said the problems were caused by technical issues and were not the result of a cyber attack.

Security: Updates, US Senate, Malware on Social Control Media, Ubuntu 16.04.4 LTS Delay

Filed under
Security
  • Security updates for Friday
  • Senate IT Tells Staffers They're On Their Own When It Comes To Personal Devices And State-Sponsored Hackers

    Notification of state-sponsored hacking attempts has revealed another weak spot in the US government's defenses. The security of the government's systems is an ongoing concern, but the Senate has revealed it's not doing much to ensure sensitive documents and communications don't end up in the hands of foreign hackers.

    The news of the hacking attempt was greeted with assurances that nothing of value was taken.

  • Beware! Undetectable CrossRAT malware targets Windows, MacOS, and Linux systems

    According to researchers, Dark Caracal hackers do not rely on any "zero-day exploits" to distribute its malware; instead, it uses basic social engineering via posts on Facebook groups and WhatsApp messages, encouraging users to visit hackers-controlled fake websites and download malicious applications.

  • Ubuntu 16.04.4 LTS Delayed Due To Spectre & Meltdown

    Ubuntu 16.04.4 LTS had been scheduled to ship mid-February as the latest point release for this Long Term Support release, but unfortunately that is not going to happen as planned due to the Canonical kernel developers being overloaded by Spectre and Meltdown mitigation work.

    Ubuntu 16.04.4 is now being delayed by an unknown length of time, but they believe it shouldn't be more than "a few weeks" past the original 15 February ship date. They are waiting for the Spectre/Meltdown mitigation work to settle, for ensuring they are shipping qualified patches in this point release. Additionally, they have been busy with that mitigation work that they have neglected other kernel patches that may need to make it into this point release too.

Security: 'DevOps', Linux-based SkySecure, VirusTotal, DJI

Filed under
Security
  • DevOps and Security: How to Overcome Cultural Challenges and Transform to True DevSecOps

    Similar to the proliferation of mobile devices in the enterprise several years ago where organizations were feeling the pressure to have a mobile strategy but didn’t know where to start, we’re seeing the same situation with development methodologies. To accelerate development velocity, teams are feeling the pressure to “do DevOps,” and when integrating security, to “do DevSecOps.” But much like during the initial mobile wave, many companies say they’re implementing these methodologies, and might even think they are, but in reality, they’re not. Yet.

  • What does DevOps do in 2018?

    In 2018, we’re expecting DevOps to become the new norm for larger enterprise teams. This is because we’re likely to see developers on older, higher value systems implementing a more DevOps centric approach, having seen it work on projects that have traditionally been highly visible, but low value.

  • Cisco Acquires Skyport as Cyber-Security Investments Continue

    January 2018 has emerged to become a banner month for cyber-security acquisitions, with at least 10 acquisitions announced so far, four of which were announced between Jan. 22 and 25. Cisco continued the trend on Jan. 24 by announcing its intention to acquire privately-held server security startup Skyport.

    Financial terms of Cisco's Skyport acquisition are not being publicly disclosed. A Cisco spokesperson told eWEEK that the deal is expected to close in Cisco's 2018 fiscal third quarter. However,  a Cisco spokesperson said the company doesn't plan to continue marketing the existing Skyport System server security products.

    [...]

    It's the Linux-based SkySecure Server platform tied into the SkySecure Center service that further validates the integrity of firmware, BIOS, software and cryptography.

  • S for Security is Google owner Alphabet's new favorite letter

    The business will be the new home of VirusTotal, which Google acquired in 2012. Chronicle’s other story will be “a new cybersecurity intelligence and analytics platform that we hope can help enterprises better manage and understand their own security-related data.”

  • Github shrugs off drone maker DJI's crypto key DMCA takedown effort

    Github rejected a DMCA takedown request from Chinese drone-maker DJI after someone forked source code left in the open by a naughty DJI developer, The Register can reveal.

    This included AES keys permitting decryption of flight control firmware, which could allow drone fliers with technical skills to remove geofencing from the flight control software: this software prevents DJI drones from flying in certain areas such as the approach paths for airports, or near government buildings deemed to be sensitive.

    Though the released key is not for the latest firmware version, The Register has seen evidence (detailed below) that drone hackers are already incorporating it in modified firmware available for anyone to download and flash to their drones.

    DJI declined to comment for this article. Github ignored The Register's invitation to comment.

    [...]

    The code was forked by drone researcher Kevin Finisterre, who submitted a successful rebuttal to the takedown request on the grounds that Github's terms and conditions explicitly permit forking of public repos.

    "DJI mistakenly marked code repositories as public subsequently granting license for anyone to fork said repos. This accident can be evidenced by their press release," wrote Finisterre, linking to a DJI statement.

Security: Updates, Attacking Network Protocols, Hide 'N Seek, FBI, Intel, WhatsApp

Filed under
Security
  • Security updates for Thursday
  • Attacking Network Protocols

    Most of us in the Free and Open Source software world know about Wireshark and using it to capture network traffic information. This book mentions that tool, but focuses on using a different tool that was written by the author, called CANAPE.Core. Along the way, the author calls out multiple other resources for further study. I like and appreciate that very much! This is a complex topic and even a detailed and technically complex book like this one cannot possibly cover every aspect of the topic in 300 pages. What is covered is clearly expressed, technically deep, and valuable.

  • What is Hide 'N Seek? New IoT botnet uses peer-to-peer communication to infect over 20,000 devices

    "The HNS botnet communicates in a complex and decentralized manner and uses multiple anti-tampering techniques to prevent a third party from hijacking/poisoning it," Bitdefender researchers wrote in a blog post published on Wednesday (24 January). "The bot can perform web exploitation against a series of devices via the same exploit as Reaper (CVE-2016-10401 and other vulnerabilities against networking equipment)."

  • Senator Demands FBI Director Explain His Encryption Backdoor Bullshit

    "I would like to learn more about how you arrived at and justify this ill-informed policy proposal. Please provide me with a list of the cryptographers with whom you’ve personally discussed this topic since our July 2017 meeting and specifically identify those experts who advised you that companies can feasibly design government access features into their products without weakening cybersecurity. Please provide this information by February 23, 2018."

  • Intel's plan to fix Meltdown in silicon raises more questions than answers

    Why this matters: Intel has been busy working with PC makers and OS vendors like Microsoft to release microcode that includes so-called mitigations, microcode updates that patch the vulnerabilities. But even that hasn’t gone so well: Intel advised end users to stop applying patches after systems unexpectedly rebooted. Now, Intel has revealed it’s working on a more permanent fix, but the impact on users remains unknown.

  • WhatsApp Vulnerability

Subgraph: This Security-Focused Distro Is Malware’s Worst Nightmare

Filed under
Linux
Security

By design, Linux is a very secure operating system. In fact, after 20 years of usage, I have personally experienced only one instance where a Linux machine was compromised. That instance was a server hit with a rootkit. On the desktop side, I’ve yet to experience an attack of any kind.
That doesn’t mean exploits and attacks on the Linux platform don’t exist. They do. One only need consider Heartbleed and Wannacry, to remember that Linux is not invincible.

Read more

Best Linux security tools

Filed under
Linux
Security

Linux has become a popular open source alternative to the popular Windows and iOS operating systems, and a key factor behind its rise is security.

The operating system is much less likely to be a target of malware than its better-known competitors as it has far fewer users, more knowledgeable server administrators and a comprehensive permissions system that enhances its defences.

That doesn't, however, make Linux invulnerable. Here are some Linux security tools to add an extra layer of protection to the operating system.

Read more

Security: Pastejacking, Hotmail in 2018, New Incidents, Lebal Targets Microsoft Windows, and Microsoft Declines to 7% on the Web (a Lot of Unpatched Windows)

Filed under
Security
  • Pastejacking

    This demo uses JavaScript to hook into the copy event, which will fire via ctrl+c or right-click copy. Right now this demo does works in Chrome, Firefox, and Safari but not with Internet Explorer, however there is a demo below which is IE compatible.

  • ‘A sign that you’re not keeping up’ – the trouble with Hotmail in 2018

    With the passage of time and the absence of a brand overhaul, the word “hotmail” near your name started to be quite ageing; like “ntlworld” or “blueyonder”, it was a sign that you weren’t keeping up. It was a deduction that wouldn’t stand up in a court of law, but online it is inference, not certainty, that drags you down. When you could have an ageless Yahoo address, there is just no call to leave this kind of footprint, unless “incredibly old” is your calling card.

  • Shocking data breach exposes more than 220,000 organ donor records

    Lowyat.net, which previously exposed a leak of 46m citizen records belonging to Malaysian communications firms – reported Tuesday (23 January) that the details appeared to be from a central database linked to state hospitals and national transplant resource centres.

    Complete entries of personal information included ID numbers, names, email addresses, home addresses and phone numbers of 220,000 citizens recorded between January 2009 and August 2016.

  • Researchers warn new Lebal malware is seeking high-profile targets

    The vector for the attacks, which are described as being specifically targeted versus random attempts, was not through usual email attacks but camouflaged through several layers. The first attempt involves a phishing email disguised as a message from Federal Express, while the second attempt involves a malicious link pretending to be a link to Google Drive.

  • What is Lebal? New sophisticated malware found targeting several universities, government agencies

    It requests users to click on a link to download and print out an "attached label" that needs to be submitted in order to receive the parcel. The malicious link itself is disguised as a Google Drive link. Once a user clicks on it, the hackers' website pops up with the malicious "Lebal copy.exe" file ready to download.

  • Cyber crime hit 978m in 2017, caused US$172b loss

    It said that as as a result, victims globally lost US$172 billion – an average of US$142 per victim. The figure for Australia was US$1.9 billion in total. Each of these people also spent about 24 hours — or almost three full workdays — dealing with the aftermath.

  • January 2018 Web Server Survey

    While 1.5 million web-facing computers currently run Microsoft web server software, a slightly larger number – 1.8 million – run Windows operating systems. The bulk of the difference is made up of Windows computers that either run Apache or reverse-proxy traffic from backend Apache servers. The most commonly used Windows version is Windows Server 2008, followed by 2012 and then the aging, unsupported Windows Server 2003. Windows Server 2016 accounts for only 3.7% of all Windows web-facing computers at the moment, but it is steadily growing – this month, the number of Windows Server 2016 computers grew by 14% to 66,800.

Syndicate content

More in Tux Machines

Mentor Embedded Linux gains cloud-based IoT platform

Mentor announced a “Mentor Embedded IoT Framework” platform that builds on top of Mentor Embedded Linux with cloud-based IoT cloud services ranging from device authentication and provisioning to monitoring and diagnostics. Mentor’s Mentor Embedded IoT Framework (MEIF) extends its Yocto Project based Mentor Embedded Linux (MEL) and Nucleus RTOS development platforms to provide cloud services for IoT device management. The platform mediates between these platforms and cloud service backends, including Amazon Web Services (AWS), Eclipse IoT, Microsoft Azure, and Siemens MindSphere. Read more

Bang & Olufsen’s RPi add-on brings digital life to old speakers

B&O and HiFiBerry have launched an open source, DIY “Beocreate 4” add-on for the Raspberry Pi that turns vintage speakers into digitally amplified, wireless-enabled smart speakers with the help of a 180-Watt 4-channel amplifier, a DSP, and a DAC. Bang & Olufsen has collaborated with HiFiBerry to create the open source, $189 Beocreate 4 channel amplifier kit. The 180 x 140 x 30mm DSP/DAC/amplifier board pairs with your BYO Raspberry Pi 3 with a goal of upcycling vintage passive speakers. Read more

Gemini PDA will ship with Android, but it also supports Debian, Ubuntu, Sailfish, and Postmarket OS (crowdfunding, work in progress)

The makers of the Gemini PDA plan to begin shipping the first units of their handheld computer to their crowdfunding campaign backers any day now. And while the folks at Planet Computer have been calling the Gemini PDA a dual OS device (with Android and Linux support) from the get go, it turns out the first units will actually just ship with Android. Read more

Red Hat: CO.LAB, Kubernetes/OpenShift, Self-Serving 'Study' and More