Language Selection

English French German Italian Portuguese Spanish


Security Leftovers

Filed under
  • As U.S. indicts foreign hackers, American cyber spies fear arrests in tit-for-tat action

    Federal prosecutors call it a “naming and shaming” strategy against hackers working for adversary nations, but former U.S. cyber spies worry they will be the ones ending up in a foreign prison.

    Repeatedly in recent years, U.S. prosecutors have filed criminal charges against hackers working for foreign governments, saying that even if the hackers never get hauled into a U.S. courtroom, the indictments serve as a warning shot across the bow of nations like China, Iran and Russia.

  • Linus Torvalds Slams AMD CPU flaw security report

    The spectre and meldown security vulnerabilities have woken up the industry to potential security flaws in hardware that can be exploited to compromise the integrity of the native computer security role based authentication.

    Now a new report has indicated potential vulnerabilities on AMD, but Linus Torvalds has jumped into this discussion and shot down this report is not technically sound.

  • Gray Hat


    Marcus Hutchins stopped one of the most dangerous cyberattacks ever. Then the FBI arrested him. Does a hacker [sic] hero always have to have a past?

  • [Crackers] could kill patients by attacking their pacemakers, warns Royal Academy of Engineering


    The experts cautioned that pacemakers or wearable health monitors which are linked up to the [I]nternet or internal computer networks could also provide a gateway for [crackers] to plant ransomware into systems, potentially crippling in the NHS or government departments.

  • Security Vulnerability Hidden in Scarlett Johansson Image

Security Leftovers

Filed under

If you hitch a ride with a scorpion… (Coverity)

Filed under

I haven’t seen a blog post or notice about this, but according to the Twitters, Coverity has stopped supporting online scanning for open source projects. Is anybody shocked by this? Anybody?


Not sure what the story is with Coverity, but it probably has something to do with 1) they haven’t been able to monetize the service the way they hoped, or 2) they’ve been able to monetize the service and don’t fancy spending the money anymore or 3) they’ve pivoted entirely and just aren’t doing the scanning thing. Not sure which, don’t really care — the end result is the same. Open source projects that have come to depend on this now have to scramble to replace the service.


I’m not going to go all RMS, but the only way to prevent this is to have open tools and services. And pay for them.

Read more

Security: 17 Things

Filed under

A list for protecting yourself and others from the most common and easiest-to-pull-off security crimes.

I spend a lot of time giving information security advice, such as why RMF (Risk Management Framework) is too top-heavy for implementing risk management practices in small or R&D-focused organizations, what the right Apache SSL settings really are or how static analysis can help improve C code. What I'm asked for the most though isn't any of those things; it's the everyday stuff that even non-technical people can do to protect themselves from the looming but nebulous threat of an information security accident.

Read more

Security: CPU Patches, PostgreSQL, Apple 'Back Door'

Filed under
  • Canonical Releases Spectre/Meltdown Patches for Ubuntu 17.10 for Raspberry Pi 2

    Canonical published two security advisories on Thursday to announce the availability of Spectre mitigations for the ARM64 (AArch64) hardware architecture on its Ubuntu 17.10 and Ubuntu 16.04.4 LTS systems.

    In January, Canonical released several kernel updates for Ubuntu 17.10 (Artful Aardvark) and other supported Ubuntu releases with software mitigations against the Spectre and Meltdown security vulnerabilities. These patches were first released for 64-bit (amd64) architectures, and then for 32-bit (i386), PPC64el, and s390x systems.

    Today, the company announced the availability of new kernel updates that address both the Meltdown and Spectre security vulnerabilities for the ARM64 (AArch64) hardware architecture, patching the Raspberry Pi 2 kernel for Ubuntu 17.10, as well as its derivatives.

  • Oracle Patches Spectre for Red Hat

    The Red Hat community has patiently awaited a retpoline kernel implementation that remediates CVE-2017-5715 (Spectre v2) and closes all Meltdown and Spectre vulnerabilities that have captured headlines this year.

    Red Hat's initial fixes rely upon microcode updates for v2 remediation, a decision that leaves the vast majority of AMD64-capable processors in an exploitable state. Intel's new microcode has proven especially problematic; it performs badly and the January 2018 versions were plagued with stability issues that crashed many systems. It is a poor solution to a pressing problem.

  • ​Meet the Scarlett Johansson PostgreSQL malware attack

    t's not the first time an image has been used to give a victim malware, but it may be the first time it's been used so narrowly. According to the security firm Imperva, their StickyDB database management system (DBMS) honeypot has uncovered an attack that places malware, which cryptomines Monero, on PostgreSQL DBMS servers. Its attack vector? An image of Hollywood star Scarlett Johansson.

    Now, you might ask, "How many PostgreSQL DBMS servers are out there on the internet to be attacked?" The answer: "More than you'd expect." A Shodan search revealed almost 710,000 PostgreSQL servers ready to be hacked. It appears there are so many of them because it's way too easy, especially on Amazon Web Services (AWS), to set up PostgreSQL servers without security.

  • This Black Box Can ‘Unlock Your iPhone’ For Cops; Images Leaked

    The debate whether law enforcement agencies should be given exclusive access to iOS-powered Apple devices started when the FBI was unable to unlock San Bernardino shooter’s iPhone. Eventually, FBI found other ways to get inside Apple’s secured digital fortress, through an Israel-based company called Cellebrite.

    In the latest news, we have come across about a new iPhone unlocking device called GrayKey that can be used by law enforcement guys to harvest passcode of an iPhone and other iOS-powered devices such as iPads and iPods.

Security: HIPAA, Updates, Let’s Encrypt

Filed under

Security: Torvalds Rant Over AMD Flaws/Report, Intel Microcode Updates, Yahoo and Kubernetes

Filed under
  • Linus Torvalds Roasts CTS Labs After They Exposed AMD Chip Vulnerabilities

    Just a couple of days back, CTS researchers exposed more than a dozen ‘critical’ vulnerabilities in AMD chips marketed under the brand names Ryzen and Epyc. The company also claimed that a backdoor exists in AMD processors. Their revelation came with a well-decorated website, a whitepaper, and a video.

  • Torvalds wades into CTS Labs' AMD chip security report
  • Linux Torvalds casts shade on CTS Labs' AMD CPU flaw security report
  • Intel Rolls Out Updated, Post-Spectre CPU Microcode (20180312)

    Intel has published the Intel Processor Microcode Package for Linux 20180312 release with the latest improvements around the microcode-based approach for Spectre CPU vulnerability mitigation, succeeding their microcode updates from earlier in the year.

  • Judge Says Yahoo Still On The Hook For Multiple Claims Related To Three Billion Compromised Email Accounts

    A federal judge is going to let a bunch of people keep suing Yahoo over its three-year run of continual compromise. Yahoo had hoped to get the class action suit tossed, stating that it had engaged in "unending" efforts to thwart attacks, but apparently it just wasn't good enough to prevent every single one of its three billion email accounts from falling into the hands of hackers.

  • 3 best practices for securing Kubernetes environments

    The Kubernetes orchestration platform is such a gigantic open source project that its evolution is inherently rapid. The pace of change significantly increases the importance of adhering to security best practices when using the ever-changing Kubernetes platform to automate deployment, scaling, and management of containerized cloud-native applications.

    Ultimately, effective security also supports the entire Kubernetes project, since the technology's overall adoption depends on the confidence and trust that Kubernetes earns and establishes. That said, standard security procedures and practices that work well in traditional environments are often inadequate for securing Kubernetes environments, where traffic is vastly more dynamic, and where there must be security in place around the pods, containers, nodes, and images.

​Linus Torvalds slams CTS Labs over AMD vulnerability report

Filed under

CTS Labs, a heretofore unknown Tel Aviv-based cybersecurity startup, has claimed it's found over a dozen security problems with AMD Ryzen and EPYC processors. Linus Torvalds, Linux's creator, doesnt buy it.

Read more

Security: AMD, Updates, Reproducible Builds and More

Filed under
  • Israeli firm dumps AMD flaws with 24 hours notice

    Security researchers from a previously unknown Israeli company, CTS Labs, have disclosed 13 flaws in AMD processors. All can be taken advantage of only by an attacker who has already gained admin privileges within the system in question.

  • “Backdoor” Found In AMD CPUs, Researchers Discover 13 Critical Vulnerabilities In RYZEN And EPYC
  • Security updates for Wednesday
  • Reproducible Builds: Weekly report #150
  • ACME v2 and Wildcard Certificate Support is Live

    We’re pleased to announce that ACMEv2 and wildcard certificate support is live! With today’s new features we’re continuing to break down barriers for HTTPS adoption across the Web by making it even easier for every website to get and manage certificates.

    ACMEv2 is an updated version of our ACME protocol which has gone through the IETF standards process, taking into account feedback from industry experts and other organizations that might want to use the ACME protocol for certificate issuance and management some day.

    Wildcard certificates allow you to secure all subdomains of a domain with a single certificate. Wildcard certificates can make certificate management easier in some cases, and we want to address those cases in order to help get the Web to 100% HTTPS. We still recommend non-wildcard certificates for most use cases.

  • Samba critical flaws: Patch now but older open instances have 'far worse issues'
  • An overview of online ad fraud

    I have researched various aspects of the online advertisement industry for a while, and one of the fascinating topics that I have come across which I didn’t know too much about before is ad fraud. You may have heard that this is a huge problem as this topic hits the news often, and after learning more about it, I think of it as one of the major threats to the health of the Web, so it’s important for us to be more familiar with the problem.

    People have done a lot of research on the topic but most of the material uses the jargon of the ad industry so they may be inaccessible to those who aren’t familiar with it (I’m learning my way through it myself!) and also you’d need to study a lot to put a broad picture of what’s wrong together, so I decided to summarize what I have learned so far, expressed in simple terms avoiding jargon, in the hopes that it’s helpful. Needless to say, none of this should be taken as official Mozilla policy, but rather this is a hopefully objective summary plus some of my opinions after doing this research at the end.

Security: AMD and Samba Flaws

Filed under
Syndicate content