Language Selection

English French German Italian Portuguese Spanish

Security

Microsoft Begs, Bugs, and Bug Doors

Filed under
Microsoft
Security
  • Don't install our buggy Windows 10 Creators Update, begs Microsoft

    Microsoft has urged non-tech-savvy people – or anyone who just wants a stable computer – to not download and install this year's biggest revision to Windows by hand. And that's because it may well bork your machine.

    It's been two weeks since Microsoft made its Creators Update available, and we were previously warned it will be a trickle-out rather than a massive rollout. Now, Redmond has urged users to stop manually fetching and installing the code, and instead wait for it to be automatically offered to your computer when it's ready.

  • Microsoft Word flaw took so long to fix that hackers used it to send fraud software to millions of computers

    A flaw in Microsoft Word took the tech giant so long to fix that hackers were able to use it to send fraud software to millions of computers, it has been revealed.

    The security flaw, officially known as CVE-2017-0199, could allow a hacker to seize control of a personal computer with little trace, and was fixed on April 11 in Microsoft's regular monthly security update - nine months after it was discovered.

Security Leftovers

Filed under
Security

Security updates and no more patches from grsecurity (without a fee)

Filed under
Security
  • Security updates for Wednesday
  • GrSecurity Kernel Patches Will No Longer Be Free To The Public

    The GrSecurity initiative that hosts various out-of-tree patches to the mainline Linux kernel in order to enhance the security will no longer be available to non-paying users.

    GrSecurity has been around for the better part of two decades and going back to the 2.4 kernel days. In 2015 the stable GrSecurity patches became available to only commercial customers while the testing patches had still been public. That's now changing with all GrSecurity users needing to be customers.

  • Passing the Baton: FAQ

    This change is effective today, April 26th 2017. Public test patches have been removed from the download area. 4.9 was specifically chosen as the last public release as being the latest upstream LTS kernel will help ease the community transition.

  • grsecurity - Passing the Baton

    Anyone here use grsecurity and have any thoughts about this?

More Coverage of Kali Linux 2017.1 Release

Filed under
GNU
Linux
Security
  • Kali Linux 2017.1 Security OS Brings Wireless Injection Attacks to 802.11 AC

    Offensive Security, the developers of the BackTrack-derived Kali Linux open-source, security-oriented operating system announced the availability of the Kali Linux 2017.1 rolling release.

    Since Kali Linux become a rolling distro, the importance of such updated images was never the same, but Kali Linux 2017.1 appears to be a major release of the ethical hacking distro, adding a bunch of exciting new features and improvements to the Debian-based operating system.

  • Kali Linux 2017.1 Released With New Features | Download ISO Files And Torrents Here

    Offensive Security has updated the Kali Linux images with new features and changes. Termed Kali Linux 2017.1, this release comes with support for wireless injection attacks to 802.11ac and Nvidia CUDA GPU. You can simply update your existing installation by running few commands if you don’t wish to download the updated images from Kali repos.

Security Leftovers

Filed under
Security
  • NSA backdoor detected on >55,000 Windows boxes can now be remotely removed

    After Microsoft officials dismissed evidence that more than 10,000 Windows machines on the Internet were infected by a highly advanced National Security Agency backdoor, private researchers are stepping in to fill the void. The latest example of this open source self-help came on Tuesday with the release of a tool that can remotely uninstall the DoublePulsar implant.

  • Turns out, pacemaker security is terrifying

    Ultimately, St. Jude Medical's stock plunged as much as 10 percent in the aftermath. The company launched a lawsuit against MedSec and Muddy Waters, and the three firms skirmished in the press again when MedSec's findings were allegedly reproduced by security firm Bishop Fox. What's more, the second set of researchers claimed they could take over the pacemakers at a distance of around 10 feet.

  • Chrome, Firefox, and Opera users beware: This isn’t the apple.com you want
  • [Older] Phishing with Unicode Domains

    From a security perspective, Unicode domains can be problematic because many Unicode characters are difficult to distinguish from common ASCII characters. It is possible to register domains such as "xn--pple-43d.com", which is equivalent to "аpple.com". It may not be obvious at first glance, but "аpple.com" uses the Cyrillic "а" (U+0430) rather than the ASCII "a" (U+0061). This is known as a homograph attack.

  • New Strain of Linux Malware Could Get Serious [Ed: ECT thinks that people having default username+password is a "Linux" issue? Seriously?

    A new strain of malware targeting Linux systems, dubbed "Linux/Shishiga," could morph into a dangerous security threat.

    Eset on Tuesday disclosed the threat, which represents a new Lua family unrelated to previously seen LuaBot malware.

Kali Linux 2017.1 Release

Filed under
GNU
Linux
Security

Finally, it’s here! We’re happy to announce the availability of the Kali Linux 2017.1 rolling release, which brings with it a bunch of exciting updates and features. As with all new releases, you have the common denominator of updated packages, an updated kernel that provides more and better hardware support, as well as a slew of updated tools – but this release has a few more surprises up its sleeve.

Read more

Also: Kali Linux repository HTTPS support

More Security Leftovers

Filed under
Security

GNU/Linux Desktop Security

Filed under
GNU
Linux
Security
  • How to Safely and Securely Back Up Your Linux Workstation

    Even seasoned system administrators can overlook Linux workstation backups or do them in a haphazard, unsafe manner. At a minimum, you should set up encrypted workstation backups to external storage. But it’s also nice to use zero-knowledge backup tools for off-site/cloud backups for more peace of mind.

    Let’s explore each of these methods in more depth. You can also download the entire set of recommendations as a handy guide and checklist.

  • Google zero-trust security framework goes beyond passwords

    With a sprawling workforce, a wide range of devices running on multiple platforms, and a growing reliance on cloud infrastructure and applications, the idea of the corporate network as the castle and security defenses as walls and moats protecting the perimeter doesn’t really work anymore. Which is why, over the past year, Google has been talking about BeyondCorp, the zero-trust perimeter-less security framework it uses to secure access for its 61,000 employees and their devices.

Security Leftovers

Filed under
Security
  • Security updates for Monday
  • Recursive DNS Server Fingerprint Problem

    Our goal is to identify hijacked resolvers by analyzing their fingerprints, in order to increase safety of Internet users. To do that, we utilize data collected via RIPE Atlas (atlas.ripe.net).

  • Online developer tutorials are spreading XSS and SQL injection flaws

    The researchers, from across three universities in Germany and Trend Micro, checked the PHP code bases of more than 64,000 projects on Github and uncovered more than 100 vulnerabilities that they believe might have been introduced as a result of developers picking up the code that they used from online tutorials.

  • BrickerBot, the permanent denial-of-service botnet, is back with a vengeance

    BrickerBot, the botnet that permanently incapacitates poorly secured Internet of Things devices before they can be conscripted into Internet-crippling denial-of-service armies, is back with a new squadron of foot soldiers armed with a meaner arsenal of weapons.

  • Reproducible Builds: week 104 in Stretch cycle
  • Webroot antivirus goes bananas, starts trashing Windows system files

    Webroot's security tools went berserk today, mislabeling key Microsoft Windows system files as malicious and temporarily removing them – knackering PCs in the process.

    Not only were people's individual copies of the antivirus suite going haywire, but also business editions and installations run by managed service providers (MSPs), meaning companies and organizations relying on the software were hit by the cockup.

    Between 1200 and 1500 MST (1800 and 2100 UTC) today, Webroot's gear labeled Windows operating system data as W32.Trojan.Gen – generic-Trojan-infected files, in other words – and moved them into quarantine, rendering affected computers unstable. Files digitally signed by Microsoft were whisked away – but, luckily, not all of them, leaving enough of the OS behind to reboot and restore the quarantined resources.

  • How The Update Framework Improves Security of Software Updates

    Updating software is one of the most important ways to keep users and organizations secure. But how can software be updated securely? That's the challenge that The Update Framework (TUF) aims to solve.

    Justin Cappos, assistant professor at New York University, detailed how TUF works and what's coming to further improve the secure updating approach in a session at last week's DockerCon 17 conference in Austin, Texas. Simply using HTTPS and Transport Layer Security (TLS) to secure a download isn't enough as there have been many publicly reported instances of software repositories that have been tampered with, Cappos said.

  • Security Updates for Ubuntu Phone to End in June

    Security updates for Ubuntu phone and tablet will end this June, Canonical has confirmed. Current OTA updates are currently limited to critical fixes and security updates — a decision we were first to tell you back in January. But after June 2017 Canonical “will no longer deliver any further updates”.

  • Canonical to stop supporting Ubuntu Phone in June

    Canonical had already announced development of its Ubuntu Phone software was ending. Now we know when the final nail goes in the coffin: June.

  • Malware Hunts And Kills Poorly Secured Internet Of Things Devices Before They Can Be Integrated Into Botnets

    Researchers say they've discovered a new wave of malware with one purpose: to disable poorly secured routers and internet of things devices before they can be compromised and integrated into botnets. We've often noted how internet-of-broken-things devices ("smart" doorbells, fridges, video cameras, etc.) have such flimsy security that they're often hacked and integrated into botnets in just a matter of seconds after being connected to the internet. These devices are then quickly integrated into botnets that have been responsible for some of the worst DDoS attacks we've ever seen (including last October's attack on DYN).

Security Leftovers

Filed under
Security
  • More Windows PCs infected with NSA backdoor DoublePulsar [Ed: Look what Microsoft's back doors for the NSA are causing this month; recall Snowden's leaks about it.]

    Although the exact number varies among security researchers, the DoublePulsar infection rate is climbing

  • NSA-linked hacking tools released by Shadow Brokers have compromised almost 200,000 Windows PCs
  • 'Beautiful' NSA hacking tool DoublePulsar infects almost 200,000 Windows PCs

    Tools supposedly developed by the US National Security Agency (NSA) leaked early this month by the Shadow Brokers hacking group are being used in attacks on Windows PCs.

    The tools, released to the open-source developer website Github, have been gratefully scooped up by malware writers of varying levels of competency and pimped via phishing emails across the internet.

    And researchers at Swiss security company Binary Edge claim to have found 183,107 compromised PCs connected to the internet after conducting a scan for the DoublePulsar malware. Conducted every day over the past four days, the number of infected PCs has increased dramatically with each scan, according to Binary Edge.

  • Three months on, no Linksys router patches for remote holes

    More than three months after being informed about remotely exploitable vulnerabilities in 25 router models, Linksys is yet to issue patches to remedy them.

  • [Older] Tracing Spam: Diet Pills from Beltway Bandits

    Here’s the simple story of how a recent spam email advertising celebrity “diet pills” was traced back to a Washington, D.C.-area defense contractor that builds tactical communications systems for the U.S. military and intelligence communities.

  • Top-ranked programming Web tutorials introduce vulnerabilities into software

    “[Our findings] suggest that there is a pressing need for code audit of widely consumed tutorials, perhaps with as much rigor as for production code,” they pointed out.

  • [Old] PHP: a fractal of bad design

    PHP is an embarrassment, a blight upon my craft. It’s so broken, but so lauded by every empowered amateur who’s yet to learn anything else, as to be maddening. It has paltry few redeeming qualities and I would prefer to forget it exists at all.

  • The Cloud Foundry Approach to Container Storage and Security

    Recently, The New Stack published an article titled “Containers and Storage: Why We Aren’t There Yet” covering a talk from IBM’s James Bottomley at the Linux Foundation’s Vault conference in March. Both the talk and article focused on one of the central problems we’ve been working to address in the Cloud Foundry Foundation’s Diego Persistence project team, so we thought it would be a good idea to highlight the features we’ve added to mitigate it. Cloud Foundry does significantly better than what the article suggests is the current state of the art on the container security front, so we’ll cover that here as well.

Syndicate content

More in Tux Machines

Distributions News: Ubuntu, Manjaro, and Lakka

  • Ubuntu founder retakes the CEO throne, many employees gone
    Mark Shuttleworth, the founder of Canonincal has once again returned to his positition of CEO, as Jane Silber, the previous CEO now heads to the Board of Directors; and big changes happen to the staff lineup as a result. In a blog bost by Sibler, she says, “I originally agreed to be CEO for 5 years and we’ve extended my tenure as CEO by a couple of years already. We’ve been preparing for a transition for some time by strengthening the executive leadership team and maturing every aspect of the company, and earlier this year Mark and I decided that now is the time to effect this transition.”
  • [Video] Manjaro 17.0 KDE Edition - See What’s New
    Manjaro 17.0 KDE is the latest release of Manjaro Linux. This release brings new KDE Plasma 5.9.x as desktop environment include the most of KDE applications 16.12 and KDE Frameworks 5.32.
  • Make your own NES Classic Edition with Lakka 2.0 LibreELEC Linux distro and Raspberry Pi
    The NES Classic Edition is a very fun nostalgia-based gaming console. As someone who grew up with Nintendo, I knew I wanted the mini system as soon as it was announced. A family member was able to score me one on launch day, and I've been very happy with it. Unfortunately, other people have not been so lucky. Supply was very limited and it has since been discontinued. If you do not already have it, you are sort of out of luck without paying high prices on eBay or Craigslist. If you are only looking to replay the NES games of your youth, and you are OK with doing it in an unofficial way, emulation is another route. In fact, if you'd rather not play these games on your PC, you can instead use a Linux-based operating system and a Raspberry Pi (or other devices) hooked to a television. One such distro is Lakka, which just reached version 2.0. It is arguably better than an NES Classic Edition as it can also play games from other systems, such as SNES, Sega Genesis, Nintendo 64, PlayStation 1, and many more.

Software: Monitoring Tools, VSXu, and FSearch

today's howtos

Linux Mint's Plans

  • Some Of The Features Coming To Linux Mint's Cinnamon 3.4 Desktop
    In the latest monthly progress report on Linux Mint, some of the upcoming changes for the GNOME3-forked Cinnamon Desktop Environment were shared.
  • Monthly News – April 2017
    Many thanks to all the people who donated to us and who help to fund our project. Donations are down to about 60% of what they were last year, but they’re still quite high. In the first trimesters of 2015, 2016 and 2017 we respectively received $23k, $40k and $25k. Our development team has gotten bigger and our budget is being extended to include some administrators and designers. Other figures and metrics indicate we’re growing so this probably just reflects an exceptional year for donations in 2016.
  • Linux Mint Is Adopting LightDM as its Login Manager
    Linux Mint is adopting the LightDM display manager to handle and authenticate user sessions. Revealing plans in its latest monthly update, Mint says it will formally drop the MDM Display Manager (MDM) in favour of LightDM with Mint 18.2, release date for which is as-yet unknown. The popular Ubuntu-based Linux distribution mooted a possible switch earlier this year, noting that it had a key feature MDM lacks (guest sessions), and has become something of a standard across distributions.
  • Linux Mint 13 support ends, LMDE to get MATE 1.18 soon, big changes heading to Cinnamon
    The news from the Linux Mint team was quite interesting this week. First up, Linux Mint 13 has officially hit EOL (end of life), so you really do need to upgrade. LMDE (Linux Mint Debian Edition) is set to get the MATE desktop version 1.18 "this week" and they have ported mintMenu over to GTK3, since the rest of MATE is now using GTK3 too it makes sense.