Language Selection

English French German Italian Portuguese Spanish

Security

Security: Updates, Android and Logging

Filed under
Security

Canonical Outs New Kernel Security Updates for All Supported Ubuntu Releases

Filed under
Security
Ubuntu

The new kernel updates are available for Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr) operating system series and address a total of nine security vulnerabilities affecting the kernels for 64-bit, 32-bit, Raspberry Pi 2, AWS, and GCP systems, as well as cloud environments.

They address a security issue (CVE-2018-1092 and CVE-2018-1093) affecting the Ubuntu 18.04 LTS, Ubuntu 17.10, and Ubuntu 16.04 LTS releases and discovered by Wen Xu in Linux kernel's EXT4 file system implementation, which could allow an attacker to crash the vulnerable system by causing a denial of service when mounting a specially crafted EXT4 file system.

Read more

Security: Ubuntu, DragonFlyBSD, Apple Ban and Reproducible Builds

Filed under
Security
  • Canonical Outs New Kernel Security Updates for All Supported Ubuntu Releases

    Canonical released new kernel security updates for all supported Ubuntu Linux releases to address several security vulnerabilities discovered by various security researchers in the upstream Linux kernel.

    The new kernel updates are available for Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr) operating system series and address a total of nine security vulnerabilities affecting the kernels for 64-bit, 32-bit, Raspberry Pi 2, AWS, and GCP systems, as well as cloud environments.

  • DragonFlyBSD Gets Better Hardened Against CPU Speculative Execution Bugs

    While the DragonFlyBSD kernel has already landed its mitigation for Spectre V1/V2 and Meltdown CPU vulnerabilities, a fresh round of CPU bug hardening work was just merged into their kernel.

    This latest CPU bug hardening primarily revolves around a rumor that the contents of floating poiunt registers owned by another process could be speculatively detected when they are present for the running process. Intel hasn't communicated clarly over this FP register speculation, so OpenBSD already decided to rework some of their code as a safeguard and now DragonFlyBSD has too.

  • Apple Officially Bans Cryptocurrency Mining Apps For MacOS And iOS
  • Reproducible Builds: Weekly report #163

Untangle Updates NG Firewall to Improve SD-WAN Security

Filed under
GNU
Linux
Security

Untangle will announce version 14.0 of its NG Firewall platform on June 12, providing new features that enhance the security capabilities of the Linux-based platform.

Untangle NG Firewall 14.0 benefits from enhanced support for securing software-defined wide area network (SD-WAN) technology for small and medium-sized organizations. The new release also includes the latest network security and malware definition updates for the firewall platform.

"Our version releases deal with core features and functionality of the firewall," Untangle founder and Chief Product Officer Dirk Morris told eWEEK. "We constantly release updates to malware signatures, app and website classification, etc."

Read more

Open Source Security hit with bill for defamation claim

Filed under
Security
Legal

Open Source Security, maker of the grsecurity Linux kernel patches, has been directed to pay Bruce Perens and his legal team almost $260,000 following a failed defamation claim.

The security biz, and its president Brad Spengler, sued Perens last year over a blog post, alleging defamation.

Perens, one of the early leaders in the open source movement, said it was his opinion that Grsecurity's policy limiting the redistribution of its software would expose customers to claims of contributory infringement and breach of contract under the terms of the GPLv2.

Open Source Security and Spengler challenged that claim, saying it was libelous and harmed the company's business.

Last December, San Francisco magistrate judge Laurel Beeler disagreed, ruling that Perens's statement was an opinion and not libelous.

Read more

ADB Exploit

Filed under
Android
Security
  • ADB Exploit Leaves Thousands Of Android Devices Exposed To Attackers

    A network worm has surfaced on Android devices that exploits Android Debug Bridge (ADB) feature of the mobile OS – a feature that is enabled by default by phone manufacturers.

    Security researcher Kevin Beaumont revealed this issue in a blog post stating that ADB is completely unauthenticated and thousands of Android devices connected to the internet are currently being exploited through this vulnerability.

  • Root Bridge — how thousands of internet connected Android devices now have no security, and are being exploited by criminals.

    Android has a feature called Android Debug Bridge (ADB for short) which allows developers to communicate with a device remotely, to execute commands and fully control the device.

  • Tens of Thousands of Android Devices Are Exposing Their Debug Port

    The security community raised the alarm regarding a serious issue last week —that of Android devices shipping with their debug port open to remote connections.

    The issue is not new, being first spotted by the team at Qihoo 360 Netlab in February, this year, when they detected an Android worm that was spreading from Android device to Android device, infecting them with a cryptocurrency miner named ADB.Miner.

    The ADB.Miner worm exploited the Android Debug Bridge (ADB), a feature of the Android OS used for troubleshooting faulty devices.

Security: Updates, Windows Spyware, 'Buying' Security, and So-called 'Internet Of Things'

Filed under
Security
  • Security updates for Monday
  • InvisiMole: surprisingly equipped spyware, undercover since 2013

    The first part of the malware we are looking at is a wrapper DLL, compiled with the Free Pascal Compiler. From our telemetry, we have observed that this DLL is placed in the Windows folder, masquerading as a legitimate mpr.dll library file with a forged version info resource.

  • InvisiMole Spyware Turns Your Computer Into A Video Camera And Steals Secrets

    The working of this spyware can be explained using its modular architecture. The very first module is a wrapper DLL that makes the malware look like legitimate DLL file. The malware can be launched by hijacking a DLL and loading the wrapper module during the Windows startup process instead of the legitimate DLL.

  • Open Source Security Podcast: Episode 100 - You're bad at buying security, we can help! [Ed: No, you do not need to "buy security", just use stuff that is secure to begin with]
  • Yet Another Study Shows The Internet Of Things Is A Privacy And Security Dumpster Fire

    Day in and day out, it's becoming increasingly clear that the smart home revolution simply isn't all that smart.

    Security analysts like Bruce Schneier have been sounding the alarm bells for years now about the lax to nonexistent security and privacy standards inherent in the internet of broken things space. From refrigerators that leak your Gmail credentials to Barbie dolls that can be easily hacked to spy on kids, it's increasingly clear that dumber technology is often the smarter solution. Not only do many of these devices actually make us less secure, their lack of real security has resulted in their use in historically large DDoS attacks.

    Study after study shows it's a problem that's not really getting better. For example, despite a decade of reports about the lack of real security and privacy standards in smart TVs, Consumer Reports recently found that most smart TVs remain impressively open to attack and abuse. And a new study out of the UK by Which? studied 19 different smart gadgets and found a "staggering level of corporate surveillance of your home" by devices that routinely hoovered up consumer data, then funneled it out to dozens of partner companies -- often without clear consumer permission...

Tails 3.7.1 is out

Filed under
Security
Debian

This release fixes many security issues and users should upgrade as soon as possible.

Read more

Also:

Cisco Continues to Advance Snort 3 Network Security Development

Filed under
OSS
Security

The open-source Snort intrusion detection and prevention system (IPS/IDS) is gearing up for a major update that will influence the future of Cisco's next generation security appliances.

In a video interview with eWEEK, Marty Roesch vice-president and Chief Architect of Cisco's Security Business Group discusses the current state of the Snort 3.0 project. Roesch is the original author of Snort, which became the foundation of his company Sourcefire, that Cisco acquired for $2.7 billion in October 2013. Work on Snort 3 has been ongoing since at least December 2014, and since the effort got underway has been viewed as a re-thinking of how IPS/IDS works. Roesch said that Snort 3 is largely feature complete at this point and is now going though its beta development cycle.

Read more

Security Leftovers

Filed under
Security
  • Chinese hackers [sic] stole sensitive data from Navy contractor: report
  • John Kelly's phone was hacked [sic]

    Citing 2 unnamed U.S. officials, Politico says White House officials have narrowed down the time and likely location of the hack [sic]: President Donald Trump’s Washington transition headquarters, in late 2016.

  • Marcus Hutchins, WannaCry-killer, hit with four new charges by the FBI

    "Spend months and $100k+ fighting this case, then they go and reset the clock by adding even more bullshit charges like 'lying to the FBI,'" Hutchins wrote on his Twitter, calling for donations by adding a quote from Starcraft video game: "We require more minerals."

  • US Government Probes Airplane Vulnerabilities, Says Airline Hack [sic] Is ‘Only a Matter of Time’

    According to DHS and other US government documents obtained by Motherboard, the DHS is continuing to investigate how insecure commercial aircraft are to cyber attacks, with one research lab saying hacking a plane may lead to a "catastrophic disaster."

  • Stymied by browsers, attackers embed Flash 0-day inside MS Office document

    On Thursday, Adobe published a patch for the critical vulnerability, indexed as CVE-2018-5002. The stack-based buffer overflow was being triggered in an Office document that embedded a link to a Flash file stored on people.dohabayt.com. Once executed, the malicious file then downloaded a malicious payload from the same domain. That’s according to researchers from security firms Icebrg and Qihoo 360, which independently discovered the attacks and privately reported them to Adobe and wrote about it here and here.

  • In a blow to e-voting critics, Brazil suspends use of all paper ballots

    In an 8-2 majority, justices on Wednesday sided with government arguments that the paper trails posed a risk to ballot secrecy, Brazil’s Folha De S.Paulo newspaper reported on Thursday. In so doing, the justices suspended a requirement that 5 percent of Brazil’s ballot boxes this year use paper. That requirement, by Brazil’s Supreme Electoral Court, already represented a major weakening of an election reform bill passed in 2015.

Syndicate content

More in Tux Machines

Pinguy OS Puts On a Happier GNOME 3 Face

Pinguy OS 18.04 is an Ubuntu-based distribution that offers a non-standard GNOME desktop environment intended to be friendlier for new Linux users. This distro is a solid Linux OS with a focus on simple and straightforward usability for the non-geek desktop user. If you do not like tinkering with settings or having numerous power-grabbing fancy screen animations, Pinguy OS could be a good choice. The GNOME desktop is the only user interface option, but Pinguy OS' developer, Antoni Norman, tweaked the desktop environment with some different software options not usually packaged with GNOME. Read more

You Can Now Install Android 8.1 Oreo on Your Raspberry Pi 3 Model B+ Computer

Just two weeks after releasing the first build of his RaspAnd operating system based on Google's Android 8.1 Oreo mobile OS, Arne Exton today announced a new version with support for the Raspberry Pi 3 Model B+ computer. RaspAnd Oreo 8.1 Build 180717 is basically identical with RaspAnd Oreo 8.1 Build 180707 except for the fact that it now also supports the latest Raspberry Pi 3 single-board computer, the Raspberry Pi 3 Model B+, which features a more powerful 1.4GHz 64-bit quad-core processor, dual-band Wi-Fi, Bluetooth LE 4.2, faster Ethernet, and Power-over-Ethernet support. Read more

Linux Foundation and Linux Development

  • Linux Foundation launches LF Energy open source platform
    Launched with support from Europe’s biggest transmission power systems provider and other organizations, LF Energy aims to streamline everything from system operator smart assistants to smart grid control software. It will serve as an umbrella organization that supports collaboration among vendors in the energy sector to advance information and communication technologies (ICT) that impact the energy balance and brings about economic value.
  • FPGA Device Feature List Framework Coming For Linux 4.19
    There's already a new framework coming to Linux 4.19 in the form of Google's Gasket while queued this week is now another new framework: the FPGA Device Feature List.
  • AMDGPU Firmware Updated From 18.20, Vega M Blobs Added
    The latest AMDGPU firmware/microcode binary images for Radeon GPUs have landed in the Linux-Firmware Git tree. Hitting linux-firmware.git minutes ago was the latest batch of AMDGPU firmware files from Bonaire and Hawaii up through Vega 10, Polaris, and Raven hardware. The updated firmware images are the same as what AMD recently shipped with the Radeon Software 18.20 hybrid driver package. No change-logs of what is different about these updated firmware images are currently available, but most of the time it's mostly routine and mundane fixes/updates.
  • Nvidia 390.77 Linux Graphics Driver Improves Compatibility with Latest Kernels
    Nvidia released a new version of its long-lived proprietary display driver for GNU/Linux, FreeBSD, and Solaris systems to add compatibility with recent Linux kernels and fix various bugs. While not a major release, the Nvidia 390.77 proprietary graphics driver brings better compatibility with the latest Linux kernels. However, Nvidia didn't mention if it's now possible to compile its proprietary display drivers with the upcoming Linux 4.18 kernel series or just with the recent Linux 4.17 point releases. In addition to improving compatibility with recent Linux kernels, the Nvidia 390.77 proprietary display driver for Linux-based operating systems addresses a random hang issue that could occur for some users when running Vulkan apps in full-screen mode and flipping was allowed.

today's howtos