Language Selection

English French German Italian Portuguese Spanish

Security

Security: Permissions, Misconfigured ADB, and Microsoft Neglect

Filed under
Security
  • Work a command-line interface in Linux with these permissions and prompts

    The command-line interface is an integral part of the Linux management environment. With sudo permissions and remote connectivity, working with a command line is easy.

  • Android Devices With Misconfigured ADB, a Ripe Target for Cryptojacking Malware

    Poorly configured Android devices, where the Android Debug Bridge is left enabled, have become an attractive target for hackers. According to researchers, adversaries are using the common misconfiguration to install cryptojacking malware on a wide selection of Android-based IoT devices ranging from maritime computer systems, TVs, DVRs and some mobile phone models.

    Android Debug Bridge (ADB) is an Android OS developer function that, when enabled, allows remote users to access a Unix shell to conduct command line device maintenance. According to researcher Kevin Beaumont, thousands of Android type devices ship with ADB enabled, allowing hackers to remotely access them.

  • Microsoft reveals which Windows bugs it might decide not to fix

    The Register sometimes hears from security researchers who feel that Microsoft has not responded to bug reports with appropriate haste. This document and its eventual finalised successor should help to explain such incidents to researchers. It’s also of interest to end-users because by explaining bugs that Microsoft won’t rush to fix it offers some more detail about the risks that come with running Windows.

Security: Updates, Android and Logging

Filed under
Security

Canonical Outs New Kernel Security Updates for All Supported Ubuntu Releases

Filed under
Security
Ubuntu

The new kernel updates are available for Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr) operating system series and address a total of nine security vulnerabilities affecting the kernels for 64-bit, 32-bit, Raspberry Pi 2, AWS, and GCP systems, as well as cloud environments.

They address a security issue (CVE-2018-1092 and CVE-2018-1093) affecting the Ubuntu 18.04 LTS, Ubuntu 17.10, and Ubuntu 16.04 LTS releases and discovered by Wen Xu in Linux kernel's EXT4 file system implementation, which could allow an attacker to crash the vulnerable system by causing a denial of service when mounting a specially crafted EXT4 file system.

Read more

Security: Ubuntu, DragonFlyBSD, Apple Ban and Reproducible Builds

Filed under
Security
  • Canonical Outs New Kernel Security Updates for All Supported Ubuntu Releases

    Canonical released new kernel security updates for all supported Ubuntu Linux releases to address several security vulnerabilities discovered by various security researchers in the upstream Linux kernel.

    The new kernel updates are available for Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr) operating system series and address a total of nine security vulnerabilities affecting the kernels for 64-bit, 32-bit, Raspberry Pi 2, AWS, and GCP systems, as well as cloud environments.

  • DragonFlyBSD Gets Better Hardened Against CPU Speculative Execution Bugs

    While the DragonFlyBSD kernel has already landed its mitigation for Spectre V1/V2 and Meltdown CPU vulnerabilities, a fresh round of CPU bug hardening work was just merged into their kernel.

    This latest CPU bug hardening primarily revolves around a rumor that the contents of floating poiunt registers owned by another process could be speculatively detected when they are present for the running process. Intel hasn't communicated clarly over this FP register speculation, so OpenBSD already decided to rework some of their code as a safeguard and now DragonFlyBSD has too.

  • Apple Officially Bans Cryptocurrency Mining Apps For MacOS And iOS
  • Reproducible Builds: Weekly report #163

Untangle Updates NG Firewall to Improve SD-WAN Security

Filed under
GNU
Linux
Security

Untangle will announce version 14.0 of its NG Firewall platform on June 12, providing new features that enhance the security capabilities of the Linux-based platform.

Untangle NG Firewall 14.0 benefits from enhanced support for securing software-defined wide area network (SD-WAN) technology for small and medium-sized organizations. The new release also includes the latest network security and malware definition updates for the firewall platform.

"Our version releases deal with core features and functionality of the firewall," Untangle founder and Chief Product Officer Dirk Morris told eWEEK. "We constantly release updates to malware signatures, app and website classification, etc."

Read more

Open Source Security hit with bill for defamation claim

Filed under
Security
Legal

Open Source Security, maker of the grsecurity Linux kernel patches, has been directed to pay Bruce Perens and his legal team almost $260,000 following a failed defamation claim.

The security biz, and its president Brad Spengler, sued Perens last year over a blog post, alleging defamation.

Perens, one of the early leaders in the open source movement, said it was his opinion that Grsecurity's policy limiting the redistribution of its software would expose customers to claims of contributory infringement and breach of contract under the terms of the GPLv2.

Open Source Security and Spengler challenged that claim, saying it was libelous and harmed the company's business.

Last December, San Francisco magistrate judge Laurel Beeler disagreed, ruling that Perens's statement was an opinion and not libelous.

Read more

ADB Exploit

Filed under
Android
Security
  • ADB Exploit Leaves Thousands Of Android Devices Exposed To Attackers

    A network worm has surfaced on Android devices that exploits Android Debug Bridge (ADB) feature of the mobile OS – a feature that is enabled by default by phone manufacturers.

    Security researcher Kevin Beaumont revealed this issue in a blog post stating that ADB is completely unauthenticated and thousands of Android devices connected to the internet are currently being exploited through this vulnerability.

  • Root Bridge — how thousands of internet connected Android devices now have no security, and are being exploited by criminals.

    Android has a feature called Android Debug Bridge (ADB for short) which allows developers to communicate with a device remotely, to execute commands and fully control the device.

  • Tens of Thousands of Android Devices Are Exposing Their Debug Port

    The security community raised the alarm regarding a serious issue last week —that of Android devices shipping with their debug port open to remote connections.

    The issue is not new, being first spotted by the team at Qihoo 360 Netlab in February, this year, when they detected an Android worm that was spreading from Android device to Android device, infecting them with a cryptocurrency miner named ADB.Miner.

    The ADB.Miner worm exploited the Android Debug Bridge (ADB), a feature of the Android OS used for troubleshooting faulty devices.

Security: Updates, Windows Spyware, 'Buying' Security, and So-called 'Internet Of Things'

Filed under
Security
  • Security updates for Monday
  • InvisiMole: surprisingly equipped spyware, undercover since 2013

    The first part of the malware we are looking at is a wrapper DLL, compiled with the Free Pascal Compiler. From our telemetry, we have observed that this DLL is placed in the Windows folder, masquerading as a legitimate mpr.dll library file with a forged version info resource.

  • InvisiMole Spyware Turns Your Computer Into A Video Camera And Steals Secrets

    The working of this spyware can be explained using its modular architecture. The very first module is a wrapper DLL that makes the malware look like legitimate DLL file. The malware can be launched by hijacking a DLL and loading the wrapper module during the Windows startup process instead of the legitimate DLL.

  • Open Source Security Podcast: Episode 100 - You're bad at buying security, we can help! [Ed: No, you do not need to "buy security", just use stuff that is secure to begin with]
  • Yet Another Study Shows The Internet Of Things Is A Privacy And Security Dumpster Fire

    Day in and day out, it's becoming increasingly clear that the smart home revolution simply isn't all that smart.

    Security analysts like Bruce Schneier have been sounding the alarm bells for years now about the lax to nonexistent security and privacy standards inherent in the internet of broken things space. From refrigerators that leak your Gmail credentials to Barbie dolls that can be easily hacked to spy on kids, it's increasingly clear that dumber technology is often the smarter solution. Not only do many of these devices actually make us less secure, their lack of real security has resulted in their use in historically large DDoS attacks.

    Study after study shows it's a problem that's not really getting better. For example, despite a decade of reports about the lack of real security and privacy standards in smart TVs, Consumer Reports recently found that most smart TVs remain impressively open to attack and abuse. And a new study out of the UK by Which? studied 19 different smart gadgets and found a "staggering level of corporate surveillance of your home" by devices that routinely hoovered up consumer data, then funneled it out to dozens of partner companies -- often without clear consumer permission...

Tails 3.7.1 is out

Filed under
Security
Debian

This release fixes many security issues and users should upgrade as soon as possible.

Read more

Also:

Cisco Continues to Advance Snort 3 Network Security Development

Filed under
OSS
Security

The open-source Snort intrusion detection and prevention system (IPS/IDS) is gearing up for a major update that will influence the future of Cisco's next generation security appliances.

In a video interview with eWEEK, Marty Roesch vice-president and Chief Architect of Cisco's Security Business Group discusses the current state of the Snort 3.0 project. Roesch is the original author of Snort, which became the foundation of his company Sourcefire, that Cisco acquired for $2.7 billion in October 2013. Work on Snort 3 has been ongoing since at least December 2014, and since the effort got underway has been viewed as a re-thinking of how IPS/IDS works. Roesch said that Snort 3 is largely feature complete at this point and is now going though its beta development cycle.

Read more

Syndicate content

More in Tux Machines

Red Hat changes its open-source licensing rules

From outside programming circles, software licensing may not seem important. In open-source, though, licensing is all important. So, when leading Linux company Red Hat announces that -- from here on out -- all new Red Hat-initiated open-source projects that use the GNU General Public License(GPLv2) or GNU Lesser General Public License (LGPL)v2.1 licenses will be expected to supplement the license with GPL version 3 (GPLv3)'s cure commitment language, it's a big deal. Read more

Android Leftovers

Gentoo-Based Porteus Kiosk 4.7 Brings More Mitigations Against Spectre Flaws

Powered by the long-term supported Linux 4.14.50 kernel, Porteus Kiosk 4.7.0 is the second release of the operating system in 2018 and comes five months after version 4.6 to introduce more mitigations against the Spectre security vulnerabilities, though the next-gen Spectre flaws require microcode firmware updates for Intel CPUs. "Newly discovered "Spectre Next Generation" vulnerabilities require updated microcode from Intel which is not available yet. Please consider enabling automatic updates service for your kiosks to receive latest fixes and patches as soon as they become available," reads today's announcement. Read more

Linspire 8 Enters Development Based on Ubuntu 18.04 LTS, Freespire 3.0.9 Is Out

Freespire 3.0.9 is a small incremental update of the free and open-source GNU/Linux distribution that includes all the latest security and software updates released upstream until June 11, 2018. It also introduces new light and dark modes, a full instance of the Calligra office suite, and replaces Mozilla Thunderbird with Kontact. The developers recommend all users running the Freespire 3.0 operating system series on their personal computers to run a system-wide update if they want to upgrade to Freespire 3.0.9 and receive all the latest changes. On the other hand, new users are encouraged to download the Freespire 3.0.9 ISO image. Read more Also: Linspire 8.0 Alpha 1 Released