Language Selection

English French German Italian Portuguese Spanish


Security News

Filed under
  • Friday's security updates
  • Ten-year-old Windows Media Player hack is the new black, again

    Net scum are still finding ways to take down users with a decade-old Windows Media Player attack.

    The vector is a reborn social engineering hatchet job not seen in years in which attackers convince users to run executable content through Windows Media Player's Digital Rights Management (DRM) functionality.

    Windows Media Player will throw a DRM warning whenever users do not have the rights to play content, opening a URL through which a licence can be acquired.

    Now malware villains are packing popular movies with malicious links so that the DRM warning leads to sites where they're fooled into downloading trojans masquerading as necessary video codecs.

  • Luabot Malware Turning Linux Based IoT Devices into DDoS Botnet

    The IT security researchers at MalwareMustDie have discovered a malware that is capable of infecting Linux-based Internet of Things (IoT) devices and web servers to launch DDoS (Distributed Denial of Service) attacks.

Security News

Filed under

Security News

Filed under

Wireshark 2.2

Filed under
  • Wireshark 2.2 Released

    Wireshark 2.2 features "Decode As" improvements, the various UIs now support exporting packets as JSON, there is new file format decoding support, and a wide range of new protocol support. New protocol coverage includes Apache Cassandra, USB3 Vision Protocol, USIP protocol, UserLog protocol, Zigbee Protocol Clusters, Cisco ttag, and much more.

  • Wireshark 2.2.0 Is Out as the World's Most Popular Network Vulnerability Scanner

    Today, September 7, 2016, the development team behind the world's most popular network protocol analyzer, Wireshark, proudly announced the release of a new major stable version, namely Wireshark 2.2.

    After being in development for the past couple of months, Wireshark 2.2.0 has finally hit the stable channel, bringing with it a huge number of improvements and updated protocols. For those of you who never heard of Wireshark, we want to remind them that it's an open-source network vulnerability scanner used by security researchers and network administrators for development, analysis, troubleshooting, as well as education purposes.

Security News

Filed under
  • New release: usbguard-0.6.0

    Another milestone behind us. The 0.6.0 release brings the promissed CentOS/RHEL 7 compatibility. This means that our Copr EPEL-7 repository as well as Fedora’s EPEL-7 repository will now provide the latest versions of USBGuard. Check it out!

    One more very good piece of news is that USBGuard was accepted in Debian and is available in Sid (unstable). A big thanks goes to Muri Nicanor and others involved in this packaging effort!

  • StartSSL customers, it is time to leave. Now!

    While listening to the Security Now podcast, I have listened first with amusement then with horror to Steve reading email from Mozilla about the security problems with WoSign CA.

    Their list of woes is long, read the linked email for details, but one thing turned up during the email which I was not aware of: StartCom (owner of the StartSSL certificate authority) was apparently recently bought by WoSign CA! Apparently one of the security bugs StartSSL has (had?) was that with properly modified POST request (yes, I guess you can do it in the Developer Tools of your Firefox) you can get certificate linked to the root ceritificate “CA 沃通根证书” (or “WoSign CA Free SSL Certificate G2” with another value of the parameter). Awesome!

    What’s even more interesting is that I am a paying customer of StartSSL CA and I have never been made aware of the change of ownership. The only other mention of the possible change of ownership I found was on the Wikipedia page, which linked to the blogpost, which is now unavailable due to “legal review of the site” […]. Even better!

  • Debian GNU/Linux Fixes Dangerous TCP Flaw In New Update
  • Why Security Performance Will be Key in NFV

    There is growing evidence that the data center is driving toward a more software-centric security model that will be core to network functions virtualization (NFV) and software-defined networking (SDN) technology. This new model means that security performance in NFV will be key.

  • How to enable server-side encryption in Nextcloud

    Out of the box, Nextcloud servers do not run with server-side encryption. Follow these steps to enable an extra layer of security for Nextcloud.

  • Umbreon rootkit targets Linux on x86, ARM [Ed: nonsensical marketing hype from Trend Micro]
  • Pokemon Themed 'Umbreon' Rootkit Hides In Linux Systems
  • Taking umbrage at Umbreon, the Linux rootkit that likes to hide
  • Linux rootkit, named for Pokémon's Umbreon, targets Linux

Calamares 2.4 Universal Linux Installer Gets Its First Point Release to Fix Bugs

Filed under

The Calamares team announced recently the availability of the first point release to the new stable series of the distribution-independent system installer used in many GNU/Linux distributions, Calamares 2.4.

Read more

Security News

Filed under
  • Security advisories for Monday
  • Stealthy, tricky to remove rootkit targets Linux systems on ARM and x86 [Ed: IDG covers this nonsense from Trend Micro (not a real risk, just the name Pokémon for better headlines])
  • You can't weigh risk if you don't know what you don't know

    If any of us have ever been in a planning meeting, a variant of this has no doubt come up at some point. It came up for me last week, and every time I hear it I think about all things we don't know we don't know. If you're not familiar with the concept, it works a bit like this. I know I don't know to drive a boat. But because I know I don't know this, I could learn. If you know you lack certain knowledge, you could find a way to learn it. If you don't know what you don't know, there is nothing you can do about it. The future is often an unknown unknown. There is nothing we can do about the future in many instances, you just have to wait until it becomes a known, and hope it won't be anything too horrible. There can also be blindness when you think you know something, but you really don't. This is when people tend to stop listening to the actual experts because they think they are an expert.

Security News

Filed under
  • Pokémon-inspired rootkit attacks Linux systems [Ed: Media hyping up "Linux" threat which requires 1) the cracker has access to the device. 2) cracker installs malware.]

    Provides backdoor and traffic-hiding capabilities.

    A new persistent stealthy malware that can give attackers full control over Linux servers has been discovered by researchers.

    Researcher Fernando Mercês with security vendor Trend Micro said the malware - a rootkit family - is named after a character in the Pokémon fantasy game called Umbreon.

    Umbreon is a dark Pokémon that hides in the night, an "appropriate characteristic for a rootkit," Mercês wrote.

  • Pokémon-loving VXer targets Linux with 'Umbreon' rootkit [Ed: More hysteria, now in British media, over something that's not a real risk, thanks to self promotion]
  • ,

  • LuaBot Is the First Botnet Malware Coded in Lua Targeting Linux Platforms [Ed: so don’t install malware]

    Unlike Mirai, which is the fruit of a two-year-long coding frenzy, LuaBot is in its early stages of development, with the first detection being reported only a week ago and a zero detection rate on VirusTotal for current samples.

  • Nearly 800,000 Brazzers Porn Site Accounts Exposed in Forum Hack [Ed: Remember Canonical having Ubuntu Forums cracked, twice, due to proprietary vBulletin? Well, vBulletin -- again.]

    Nearly 800,000 accounts for popular porn site Brazzers have been exposed in a data breach. Although the data originated from the company's separate forum, Brazzers users who never signed up to the forum may also find their details included in the dump.

    Motherboard was provided the dataset by breach monitoring site for verification purposes. The data contains 790,724 unique email addresses, and also includes usernames and plaintext passwords. (The set has 928,072 entries in all, but many are duplicates.)

    Troy Hunt, a security researcher and creator of the website Have I Been Pwned? helped verify the dataset by contacting subscribers to his site, who confirmed a number of their details from the data.

Debian plugs Linux 'TCP snoop' bug

Filed under

Debian's maintainers have moved to plug the TCP snooping flaw that emerged in August 2016.

The bug, CVE-2016-5696, was spotted by University of California Riverside's Zhiyun Qian and his collaborators and published in August.

It enabled an attack against Linux (and Android) implementations of RFC 5961, which used challenge ACK packets to try and harden Linux. The implementation bug, present in the kernel since 2012, meant targets could be fooled into rate-limiting their challenge ACKs, letting an attacker work out sequence numbering when it resumed.

Read more

Syndicate content

More in Tux Machines

Leftovers: KDE


  • 4 Useful Cinnamon Desktop Applets
    The Cinnamon desktop environment is incredibly popular, and for good reason. Out of the box it offers a clean, fast and well configured desktop experience. But that doesn’t mean that you can’t make it a little better with a few nifty extras. And that’s where Cinnamon Applets come in. Like Unity’s Indicator Applets and GNOME Extensions, Cinnamon Applets let you add additional functionality to your desktop quickly and easily.
  • GNOME Core Apps Hackfest
    The hackfest is aimed to raise the standard of the overall core experience in GNOME, this includes the core apps like Documents, Files, Music, Photos and Videos, etc. In particular, we want to identify missing features and sore points that needs to be addressed and the interaction between apps and the desktop. Making the core apps push beyond the limits of the framework and making them excellent will not only be helpful for the GNOME desktop experience, but also for 3rd party apps, where we will implement what they are missing and also serve as an example of what an app could be.
  • This Week in GTK+ – 21
    In this last week, the master branch of GTK+ has seen 335 commits, with 13631 lines added and 37699 lines removed.

Leftovers: OSS and Sharing

  • Puppet Unveils New Docker Build and Phased Deployments
    Puppet released a number of announcements today including the availability of Puppet Docker Image Build and a new version of Puppet Enterprise, which features phased deployments and situational awareness. In April, Puppet began helping people deploy and manage things like Docker, Kubernetes, Mesosphere, and CoreOS. Now the shift is helping people manage the services that are running on top of those environments.
  • 9 reasons not to install Nagios in your company
  • Top 5 Reasons to Love Kubernetes
    At LinuxCon Europe in Berlin I gave a talk about Kubernetes titled "Why I love Kubernetes? Top 10 reasons." The response was great, and several folks asked me to write a blog about it. So here it is, with the first five reasons in this article and the others to follow. As a quick introduction, Kubernetes is "an open-source system for automating deployment, scaling and management of containerized applications" often referred to as a container orchestrator.
  • Website-blocking attack used open-source software
    Mirai gained notoriety after the Krebs attack because of the bandwidth it was able to generate — a record at well over 600 gigabits a second, enough to send the English text of Wikipedia three times in two seconds. Two weeks later, the source code for Mirai was posted online for free.
  • Alibaba’s Blockchain Email Repository Gains Technology from Chinese Open Source Startup
    Onchain, an open-source blockchain based in Shanghai, will provide technology for Alibaba’s first blockchain supported email evidence repository. Onchain allows fast re-constructions for public, permissioned (consortium) or private blockchains and will eventually enable interoperability among these modes. Its consortium chain product, the Law Chain, will provide technology for Ali Cloud, Alibaba’s computing branch. Ali Cloud has integrated Onchain’s Antshares blockchain technology to provide an enterprise-grade email repository. Onchain provides the bottom-layer framework for Ali Cloud, including its open-source blockchain capabilities, to enable any company to customize its own enterprise-level blockchain.
  • Netflix on Firefox for Linux
    If you're a Firefox user and you're a little fed up with going to Google Chrome every time in order to watch Netflix on your Linux machine, the good news is since Firefox 49 landed, HTML5 DRM (through the Google Widevine CDM (Content Decryption Manager) plugin) is now supported. Services that use DRM for HTML5 media should now just work, such as Amazon Prime Video. Unfortunately, the Netflix crew haven't 'flicked a switch' yet behind the scenes for Firefox on Linux, meaning if you run Netflix in the Mozilla browser at the moment, you'll likely just come across the old Silverlight error page. But there is a workaround. For some reason, Netflix still expects Silverlight when it detects the user is running Firefox, despite the fact that the latest Firefox builds for Linux now support the HTML5 DRM plugin.
  • IBM Power Systems solution for EnterpriseDB Postgres Advanced Server
    The primary focus of this article is on the use, configuration, and optimization of PostgreSQL and EnterpriseDB Postgres Advanced Server running on the IBM® Power Systems™ servers featuring the new IBM POWER8® processor technology. Note: The Red Hat Enterprise Linux (RHEL) 7.2 operating system was used. The scope of this article is to provide information on how to build and set up of PostgreSQL database from open source and also install and configure EnterpriseDB Postgres Advanced Server on an IBM Power® server for better use. EnterpriseDB Postgres Advanced Server on IBM Power Systems running Linux® is based on the open source database, PostgreSQL, and is capable of handling a wide variety of high-transaction and heavy-reporting workloads.
  • Valgrind 3.12 Released With More Improvements For Memory Debugging/Checking
  • [Valgrind] Release 3.12.0 (20 October 2016)
  • Chain Launches Open Source Developer Platform [Ed: If it’s openwashing, then no doubt Microsoft is involved]
  • LLVM Still Looking At Migration To GitHub
    For the past number of months the LLVM project has been considering a move from their SVN-based development process to Git with a focus on GitHub. That effort continues moving forward.
  • Lumina Desktop 1.1 Released With File Manager Improvements
    Lumina is a lightweight Qt-based desktop environment for BSD and Linux. We show you what's new in its latest release, and how you can install it on Ubuntu.
  • Study: Administrations unaware of IT vendor lock-in
    Public policy makers in Sweden have limited insight on how IT project can lead to IT vendor lock-in, a study conducted for the Swedish Competition Authority shows. “An overwhelming majority of the IT projects conducted by schools and public sector organisations refer to specific software without considering lock-in and different possible negative consequences”, the authors conclude.
  • How open access content helps fuel growth in Indian-language Wikipedias
    Mobile Internet connectivity is growing rapidly in rural India, and because most Internet users are more comfortable in their native languages, websites producing content in Indian languages are going to drive this growth. In a country like India in which only a handful of journals are available in Indian languages, open access to research and educational resources is hugely important for populating content for the various Indian language Wikipedias.
  • Where to find the world's best programmers
    One source of data about programmers' skills is HackerRank, a company that poses programming challenges to a community of more than a million coders and also offers recruitment services to businesses. Using information about how successful coders from different countries are at solving problems across a wide range of domains (such as "algorithms" or "data structures" or specific languages such as C++ or Java), HackerRank's data suggests that, overall, the best developers come from China, followed closely by Russia. Alarmingly, and perhaps unexpectedly, the United States comes in at 28th place.

OSS in the Back End

  • AtScale Delivers Findings on BI-Plus-Hadoop
    Business intelligence is the dominant use-case for IT organizations implementing Hadoop, according to a report from the folks at AtScale. The benchmark study also shows which tools in the Haddop ecosystem are best for particular types of BI queries. As we've reported before, tools that demystify and function as useful front-ends and connectors for the open source Hadoop project are much in demand. AtScale, billed as “the first company to allow business users to do business intelligence on Hadoop,” focused its study on the strengths and weaknesses of the industry’s most popular analytical engines for Hadoop – Impala, SparkSQL, Hive and Presto.
  • Study Says OpenStack at Scale Can Produce Surprising Savings
    Revenues from OpenStack-based businesses are poised to grow by 35 percent a year to more than $5 billion by 2020, according to analysts at 451 Research. In its latest Cloud Price Index, 451 Research analyzes the costs associated with using various cloud options to determine when it becomes better value to use a self-managed private cloud instead of public or managed cloud services. The idea is to createa complex pricing model that takes into consideration the major factors impacting total cost of ownership (TCO), including salaries and workload requirements.The 451 study found that because of the prevalence of suitably qualified administrators, commercial private cloud offerings such as VMware and Microsoft currently offer a lower TCO when labor efficiency is below 400 virtual machines managed per engineer. But where labor efficiency is greater than this, OpenStack becomes more financially attractive. In fact, past this tipping point, all private cloud options are cheaper than both public cloud and managed private cloud options.
  • How OpenStack mentoring breaks down cultural barriers
    Victoria Martinez de la Cruz is no stranger to OpenStack's mentorship opportunities. It's how she got her own start in OpenStack, and now a few years later is helping to coordinate many of these opportunities herself. She is speaking on a panel on mentoring and internships later this week at OpenStack Summit in Barcelona, Spain. In this interview, we catch up with Victoria to learn more about the details of what it's like to be a part of an open source internship, as well as some helpful advice for people on both sides of the mentoring process.