Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • Russian government hackers penetrated DNC, stole opposition research on Trump [Ed: Microsoft Windows again]

    Russian government hackers penetrated the computer network of the Democratic National Committee and gained access to the entire database of opposition research on GOP presidential candidate Donald Trump, according to committee officials and security experts who responded to the breach.

  • Bears in the Midst: Intrusion into the Democratic National Committee

    The COZY BEAR intrusion relied primarily on the SeaDaddy implant developed in Python and compiled with py2exe and another Powershell backdoor with persistence accomplished via Windows Management Instrumentation (WMI) system, which allowed the adversary to launch malicious code automatically after a specified period of system uptime or on a specific schedule. The Powershell backdoor is ingenious in its simplicity and power. It consists of a single obfuscated command setup to run persistently, such as...

  • Big data will fix internet security ... eventually [Ed: Microsoft’s Grimes says mass surveillance (‘big data’) will fix Internet security eventually]

    I’ve always thought that improved computer security controls would “fix” the internet and stop persistent criminality -- turns out it might be big data analytics instead.

  • Symantec dons a Blue Coat [Ed: two evil companies are now one]

    Symantec will pay US$4.65 billion in an all-cash deal to buy privately-held Blue Coat to ramp up its enterprise security offerings.

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security
  • Security advisories for Monday
  • Outdated authentication practices create an opportunity for threat hunter Infocyte

    “Having Linux allows us to look at web servers, for instance. If you’re going to bypass the biometrics, you’re going to need to get into that system itself,” Gerritz says. “That’s where we come in, is finding people who have inserted themselves under that authentication layer.”

  • Cable Sees NFV Enhancing Network Security

    Network functions virtualization is all the rage because of the money it can save, and because of the network flexibility it helps afford, but the cable industry is enthused about NFV for yet another, less publicized benefit: the potential NFV creates for improving network security.

  • IoT Consensus - A Solution Suggestion to the 'Baskets of Remote' Problem by Benedikt Herudek

    Bitcoin is able to integrate and have endpoints (in Bitcoin terminology ‘wallets’ and ‘miners’) seamlessly talk to each other in a large and dynamic network. Devices and their protocols do not have the ability to seamlessly communicate with other devices. This presentation will try to show where Bitcoin and the underlying Blockchain and Consenus Technology can offer an innovative approach to integrating members of a large and dynamic network.

  • Ready to form Voltron! why security is like a giant robot make of lions

    Due to various conversations about security this week, Voltron came up in the context of security. This is sort of a strange topic, but it makes sense when we ponder modern day security. If you talk to anyone, there is generally one thing they push as a solution for a problem. This is no different for security technologies. There is always one thing that will fix your problems. In reality this is never the case. Good security is about putting a number of technologies together to create something bigger and better than any one thing can do by itself.

  • Email Address Disclosures, Preliminary Report, June 11 2016

    On June 11 2016 (UTC), we started sending an email to all active subscribers who provided an email address, informing them of an update to our subscriber agreement. This was done via an automated system which contained a bug that mistakenly prepended between 0 and 7,618 other email addresses to the body of the email. The result was that recipients could see the email addresses of other recipients. The problem was noticed and the system was stopped after 7,618 out of approximately 383,000 emails (1.9%) were sent. Each email mistakenly contained the email addresses from the emails sent prior to it, so earlier emails contained fewer addresses than later ones.

  • Universities Become New Target for Ransomware Attacks [iophk: "Calgary has no excuse, given the particular tech activity headquartered specifically in their town. Some top Univ executives need firing +fines for having allowed Microsoft into their infrastructure."]

    This week the University of Calgary in Canada admitted paying C$20,000 (€13,900) to a hacker to regain access to files stored in 600 computers, after it suffered a ransomware attack compromising over 9,000 email accounts. In order to receive the keys, the school paid the equivalent of C$20,000 in Bitcoins.

  • Blue Coat to Sell Itself to Symantec, Abandoning I.P.O. Plans

    Blue Coat Systems seemed poised to begin life as a public company, after selling itself to a private equity firm last year.

    Now, the cybersecurity software company plans to sell itself to Symantec instead.

    Blue Coat said late on Sunday that it would sell itself to Symantec for $4.65 billion. As part of the deal, Blue Coat’s chief executive, Greg Clark, will take over as the chief executive of the combined security software maker.

    To help finance the transaction, Blue Coat’s existing majority investor, Bain Capital, will invest an additional $750 million in the deal. The private equity firm Silver Lake, which invested $500 million in Symantec in February, will invest an additional $500 million.

Security Leftovers

Filed under
Security

App stores and Linux repositories: Maybe the worst ideas ever

Filed under
Linux
Security

Technically, since we’re talking about Linux and free/open source software here, there’s nothing stopping someone from cloning the entire repository for a system before it goes offline and then providing that repository as a service to people who still want it. But this is a big undertaking and is something that a casual user of a platform simply isn’t going to do.

In my case, I absolutely would have done this for my N810. I would have cloned the entire repository, including system updates, and hosted it on my server for personal use (and provided it to anyone else who needed it). Would I have ever bothered to update it? Probably not. But I would have had it there for as long as I ran that device. But, alas, I didn’t know the company was killing the entire repository (perhaps I should have expected it, but I didn’t). So, I’m plum out of luck. Plus, I’m weird. Most people would absolutely not clone a repository and self-host it. That's just a crazy thing to do.

Read more

Security Leftovers

Filed under
Security
  • EFF's Badge Hack Pageant Returns to DEF CON

    We are proud to announce the return of EFF's Badge Hack Pageant at the 24th annual DEF CON hacking conference in Las Vegas. EFF invites all DEF CON attendees to stretch their creative skills by reinventing past conference badges as practical, artful, and over-the-top objects of their choosing. The numerous 2015 pageant entries included a crocheted badge cozy, a quadcopter, counterfeit badges, a human baby, a breathalyzer, a dazzling array of LED shows, and more than one hand-made record player that would make MacGyver weep. We encourage you to join us and contribute something whether you are a crafter, a beginner, or a hardware hacking wizard. It's a great summer project so get started now and enjoy a great show!

  • @Deray’s Twitter Hack Reminds Us Even Two-Factor Isn’t Enough

    This has been the week of Twitter hacks, from Mark Zuckerberg to a trove of millions of passwords dumped online to, most recently, Black Lives Matter activist DeRay McKesson.

  • System calls for memory protection keys

    "Memory protection keys" are an Intel processor feature that is making its first appearance in Skylake server CPUs. They are a user-controllable, coarse-grained protection mechanism, allowing a program to deny certain types of access to ranges of memory. LWN last looked at kernel support for memory protection keys (or "pkeys") at the end of 2015. The system-call interface is now deemed to be in its final form, and there is a push to stage it for merging during the 4.8 development cycle. So the time seems right for a look at how this feature will be used on Linux systems.

YubiKey NEO: Ubuntu 16.04 usefulness (+ review)

Filed under
Reviews
Security
Ubuntu

I got a hold of a YubiKey NEO, so I was wondering how useful it is and what can I do with it. Here’s my “tutorial” on setting it up using Ubuntu 16.04 and actually using it.

Read more

Tails 2.4 Launched With TOR 6.0 — Best Linux Distro For Anonymity And Privacy

Filed under
GNU
Linux
Security
Debian

Tails is a popular privacy-focused Linux distribution–here are some other Linux distros for different purposes–with an aim to provide anonymous computing experience. This distro was most famously used by NSA whistleblower Edward Snowden.

If you are acquainted with Tails, you might be knowing that Tails forces all the network activity to go through the TOR network, making your all activities anonymous. Being a Live Linux distro, it can be booted from an SD card, DVD, or USB drive.

Read more

Security Leftovers

Filed under
Security
  • Massive DDoS attacks reach record levels as botnets make them cheaper to launch

    There were 19 distributed denial-of-service (DDoS) attacks that exceeded 100 Gbps during the first three months of the year, almost four times more than in the previous quarter.

    Even more concerning is that these mega attacks, which few companies can withstand on their own, were launched using so-called booter or stresser botnets that are common and cheap to rent. This means that more criminals can now afford to launch such crippling attacks.

  • Twitter locks user accounts that need 'extra protection'

    Better safe than sorry, or so goes Twitter's latest thinking.

    The social network on Friday maintained it was not the victim of a hack or data breach, as previously reported. But Michael Coates, Twitter's head of information security, wrote in a blog post that the company has identified some accounts that need "extra protection." Those accounts have been locked, requiring users to reset their passwords in order to access them.

Security Leftovers

Filed under
Security
  • Tuesday's security updates
  • Security advisories for Wednesday
  • Thursday's security updates
  • Security advisories for Friday
  • Slicing Into a Point-of-Sale Botnet

    Point-of-sale based malware has driven most of the credit card breaches over the past two years, including intrusions at Target and Home Depot, as well as breaches at a slew of point-of-sale vendors. The malware usually is installed via hacked remote administration tools. Once the attackers have their malware loaded onto the point-of-sale devices, they can remotely capture data from each card swiped at that cash register.

  • Microsoft's BITS file transfer tool fooled into malware distribution

    Researchers at Dell SecureWorks have spotted a new and dangerous way to misuse of Microsoft's Background Intelligent Transfer Service (BITS).

    While working on a customer clean-up project, SecureWorks staff found that attackers had created self-contained BITS tasks that didn't appear in the registries of affected machines, and their footprints were limited to entries on the BITS database.

    The attack was spotted on a Windows 7 machine in an academic administration environment.

Syndicate content

More in Tux Machines

Games for GNU/Linux

  • Stardew Valley is now in beta for Linux
    The Stardew Valley developer tweeted out a password for a beta, but after discussing it with them on their forum I was able to show them that we can't actually access it yet. While what I was telling them may not have been entirely correct (SteamDB is confusing), the main point I made was correct. Normal keys are not able to access the beta yet, but beta/developer keys can, as it's not currently set for Linux/Mac as a platform for us.
  • Physics-based 3D puzzler Human: Fall Flat released on Steam for Linux
    Human: Fall Flat is an open-ended physics puzzler with an optional local co-op mode, developed by No Brakes Games, and available now on Steam for Linux.
  • 7 Mages brings a touch more of traditional dungeon crawling to Linux
    Controlling a party of adventurers, exploring dungeons and fighting weird magical creatures is an RPG tradition as old as the genre. Expect all that and more in this modern iteration of the classical dungeon crawler.

Linux and Graphics

Security News

  • Security advisories for Monday
  • EU to Give Free Security Audits to Apache HTTP Server and Keepass
    The European Commission announced on Wednesday that its IT engineers would provide a free security audit for the Apache HTTP Server and KeePass projects. The EC selected the two projects following a public survey that took place between June 17 and July 8 and that received 3,282 answers. The survey and security audit are part of the EU-FOSSA (EU-Free and Open Source Software Auditing) project, a test pilot program that received funding of €1 million until the end of the year.
  • What is your browser really doing?
    While Microsoft would prefer you use its Edge browser on Windows 10 as part of its ecosystem, the most popular Windows browser is Google’s Chrome. But there is a downside to Chrome – spying and battery life. It all started when Microsoft recently announced that its Edge browser used less battery power than Google Chrome, Mozilla Firefox or Opera on Windows 10 devices. It also measured telemetry – what the Windows 10 device was doing when using different browsers. What it found was that the other browsers had a significantly higher central processing unit (CPU), and graphics processing unit (GPU) overhead when viewing the same Web pages. It also proved that using Edge resulted in 36-53% more battery life when performing the same tasks as the others. Let’s not get into semantics about which search engine — Google or Bing — is better; this was about simple Web browsing, opening new tabs and watching videos. But it started a discussion as to why CPU and GPU usage was far higher. And it relates to spying and ad serving.
  • Is Computer Security Becoming a Hardware Problem?
    In December of 1967 the Silver Bridge collapsed into the Ohio River, killing 46 people. The cause was determined to be a single 2.5 millimeter defect in a single steel bar—some credit the Mothman for the disaster, but to most it was an avoidable engineering failure and a rebuttal to the design philosophy of substituting high-strength non-redundant building materials for lower-strength albeit layered and redundant materials. A partial failure is much better than a complete failure. [...] In 1996, Kocher co-authored the SSL v3.0 protocol, which would become the basis for the TLS standard. TLS is the difference between HTTP and HTTPS and is responsible for much of the security that allows for the modern internet. He argues that, barring some abrupt and unexpected advance in quantum computing or something yet unforeseen, TLS will continue to safeguard the web and do a very good job of it. What he's worried about is hardware: untested linkages in digital bridges.
  • Your Smart Robot Is Coming in Five Years, But It Might Get Hacked and Kill You
    A new report commissioned by the Department of Homeland Security forecasts that autonomous artificially intelligent robots are just five to 10 years away from hitting the mainstream—but there’s a catch. The new breed of smart robots will be eminently hackable. To the point that they might be re-programmed to kill you. The study, published in April, attempted to assess which emerging technology trends are most likely to go mainstream, while simultaneously posing serious “cybersecurity” problems. The good news is that the near future is going to see some rapid, revolutionary changes that could dramatically enhance our lives. The bad news is that the technologies pitched to “become successful and transformative” in the next decade or so are extremely vulnerable to all sorts of back-door, front-door, and side-door compromises.
  • Trump, DNC, RNC Flunk Email Security Test
    At issue is a fairly technical proposed standard called DMARC. Short for “domain-based messaging authentication reporting and conformance,” DMARC tries to solve a problem that has plagued email since its inception: It’s surprisingly difficult for email providers and end users alike to tell whether a given email is real – i.e. that it really was sent by the person or organization identified in the “from:” portion of the missive.
  • NIST Prepares to Ban SMS-Based Two-Factor Authentication
    The US National Institute of Standards and Technology (NIST) has released the latest draft version of the Digital Authentication Guideline that contains language hinting at a future ban on SMS-based Two-Factor Authentication (2FA). The Digital Authentication Guideline (DAG) is a set of rules used by software makers to build secure services, and by governments and private agencies to assess the security of their services and software. NIST experts are constantly updating the guideline, in an effort to keep pace with the rapid change in the IT sector.
  • 1.6m Clash of Kings forum accounts 'stolen'
    Details about 1.6 million users on the Clash of Kings online forum have been hacked, claims a breach notification site. The user data from the popular mobile game's discussion forum were allegedly targeted by a hacker on 14 July. Tech site ZDNet has reported the leaked data includes email addresses, IP addresses and usernames.
  • Hacker steals 1.6 million accounts from top mobile game's forum
    [Ed: vBulletin is proprietary software -- the same crap Canonical used for Ubuntu forums]

The saga continues with Slackware 14.2

Slackware is the oldest surviving Linux distribution and has been maintained since its birth by Patrick Volkerding. Slackware has a well deserved reputation for being stable, consistent and conservative. Slackware is released when it is ready, rather than on a set schedule, and fans of the distribution praise its no-frills and no-fuss design. Slackware adheres to a "keep it simple" philosophy similar to Arch Linux, in that the operating system does not do a lot of hand holding or automatic configuration. The user is expected to know what they are doing and the operating system generally stays out of the way. The latest release of Slackware, version 14.2, mostly offers software updates and accompanying hardware support. A few new features offer improved plug-n-play support for removable devices and this release of Slackware ships with the PulseAudio software. PulseAudio has been commonly found in the audio stack of most Linux distributions for several years, but that is a signature of Slackware: adding new features when they are needed, not when they become available. In this case PulseAudio was required as a dependency for another package. Slackware 14.2 is available in 32-bit and 64-bit builds for the x86 architecture. There is also an ARM build. While the main edition of Slackware is available as an installation disc only, there is a live edition of Slackware where we can explore a Slackware-powered desktop environment without installing the distribution. The live edition can be found on the Alien Base website. Both the live edition and the main installation media are approximately 2.6GB in size. For the purposes of this review I will be focusing on the main, installation-only edition. Booting from the install media brings us to a text screen where we are invited to type in any required kernel parameters. We can press the Enter key to take the default settings or wait two minutes for the media to continue booting. A text prompt then offers to let us load an alternative keyboard layout or use the default "US" layout. We are then brought to a text console where a brief blurb offers us tips for setting up disk partitions and swap space. The helpful text says we can create partitions and then run the system installer by typing "setup". Read more