Language Selection

English French German Italian Portuguese Spanish


Security Leftovers

Filed under
  • Security updates for Thursday
  • LMAOxUS Ransomware: Another Case of Weaponized Open Source Ransomware

    An Indian developer is playing around with an open source ransomware builder, which in the long run may end up causing serious problems for innocent users.

    This developer, who goes by the nickname of Empinel and claims to be based in Mumbai, has forked the open source code of the EDA2 project, and with the help of another user, has removed the backdoor hidden in EDA2's original code.

  • Google Patches Android Security Vulnerabilities in April Update

    Google is out with its April 2017 Android security update, patching 102 different vulnerabilities in the mobile operating system. Of the vulnerabilities patched by Google this month, only 15 are rated as having critical impact.

    Not surprisingly, the mediasever component is once again being patched by Google. The Android mediasever has been patched in every Android security update issued by Google since August 2015. In the new April update, mediaserver accounts for 15 flaws in total, including six rated as critical, five as high and four with only moderate impact.

  • Can you trust Linux-based Tizen OS?
  • Insecure Samsung Tizen is riddled with security flaws
  • CloudLinux 6 Users Get New Stable Kernel Security Update to Fix CVE-2016-10229

    Following on the recent stable and Beta kernel releases for the CloudLinux 7 operating system series, CloudLinux's Mykola Naugolnyi announced earlier the availability of a new stable kernel update for CloudLinux 6 users.

    The new, updated kernel version 2.6.32-673.26.1.lve1.4.25 is out as of April 6, 2017, and it appears to patch a Linux kernel vulnerability discovered in the udp.c file, which affects kernel versions smaller than 4.5, including the Linux 2.6 kernel running on CloudLinux 6 and CloudLinux 5 Hybrid operating systems.

Security News

Filed under
  • Critical Xen hypervisor flaw endangers virtualized environments

    A critical vulnerability in the widely used Xen hypervisor allows attackers to break out of a guest operating system running inside a virtual machine and access the host system's entire memory.

    This is a serious violation of the security barrier enforced by the hypervisor and poses a particular threat to multi-tenant data centers where the customers' virtualized servers share the same underlying hardware.


    Qubes OS, an operating system that uses Xen to isolate applications inside virtual machines, also put out an advisory warning that an attacker who exploits another vulnerability, for example inside a browser, can exploit this Xen issue to compromise the whole Qubes system.

  • CentOS Linux 6.9 Drops Support for Insecure Cryptographic Algorithms & Protocols
  • Canonical Outs New Kernel Security Update for All Supported Ubuntu Releases

    Canonical released earlier a new kernel security update for all supported Ubuntu Linux releases that appears to patch a vulnerability discovered recently in the upstream Linux kernel packages.

    According to the Ubuntu Security Notice USN-3256-1 advisory, the system could be made to crash under certain conditions. The security issue (CVE-2017-7308) was discovered by Andrey Konovalov in Linux kernel's AF_PACKET implementation, which incorrectly validated some block-size data.

  • CloudLinux 7 Beta Kernel Released to Patch 2 Important Security Vulnerabilities

    CloudLinux's Mykola Naugolnyi announced today, April 5, 2017, the availability of a new Beta kernel update for users of the CloudLinux 7 operating system series, patching a couple of vulnerabilities discovered lately.

    The announcement comes just one day after CloudLinux released a new stable kernel version for CloudLinux 7 and CloudLinux 6 Hybrid users, which included a fix for an out-of-bounds heap access security issue in XFRM framework of the Linux kernel, which was patched upstream in Red Hat Enterprise Linux 7.

Security Leftovers

Filed under

Security Leftovers

Filed under

Security Leftovers

Filed under
  • Security updates for Tuesday
  • Montreal researcher helped convict one of gang behind Linux botnet

    The Montreal branch of a security company is patting itself on the back for being among the resources used by the FBI to help convict a Russian for his role in creating and spreading the Linux-based Ebury botnet.

    Alexis Dorais-Joncas, security intelligence team lead at the Montreal malware lab of ESET, said work done by researcher Marc-Étienne Léveillé contributed to the evidence mounted by the FBI which led to the guilty plea last week of Maxim Senakh to conspiring to violate the U.S. Computer Fraud and Abuse Act and to commit wire fraud. In exchange for the plea nine other charges were dropped.

  • Samsung’s Tizen is riddled with security flaws, amateurishly written [Ed: When Microsoft Peter covers anything Linux it’s basically Linux bashing… “amateurishly written”]

Security Leftovers

Filed under

Linux and IoT Security

Filed under

Security Leftovers

Filed under
  • Weekend security updates
  • Microsoft won't patch zero-day flaw affecting 600,000 web servers [iophk: "if it's running Microsoft, it should not be on the net. turn off those machines"]

    Microsoft has no plans to fix a flaw in Internet Information Services (IIS) 6.0 which could affect up to 600,000 web servers.

  • The expectation of security

    What I mean is expecting anyone to go without a "screen" for a weekend doesn't make sense. A substantial number of activities we do today rely on some sort of screen because we've replace more inefficient ways of accomplishing tasks with these screens. Need to look something up? That's a screen. What's the weather? Screen. News? Screen. Reading a book? Screen!

    You get the idea. We've replaced a large number of books or papers with a screen. But this is a security blog, so what's the point? The point is I see a lot of similarities with a lot of security people. The world has changed quite a bit over the last few years, I feel like a number of our rules are similar to anyone thinking spending time without a screen is some sort of learning experience. I bet we can all think of security people we know who think it's still 1995, if you don't know any you might be that person (time for some self reflection).

  • Why I Always Tug on the ATM

    Once you understand how easy and common it is for thieves to attach “skimming” devices to ATMs and other machines that accept debit and credit cards, it’s difficult not to closely inspect and even tug on the machines before using them. Several readers who are in the habit of doing just that recently shared images of skimmers they discovered after gently pulling on various parts of a cash machine they were about to use.

  • USB Canary: This Open Source Tool Sends SMS If A Hacker Connects A USB Device

    There are a lot of USB devices which can be fatal to your innocent machine. An office worker leaving his computer even for a short span of time is making it vulnerable to USB-led attacks.


Filed under
  • Ask Hackaday: Which Balaclava Is Best For Hacking?

    At Hackaday, we’re tapped into Hacker Culture. This goes far beyond a choice of operating system (Arch Linux, or more correctly, ‘Arch GNU/Linux’, or as I’ve recently taken to calling it, ‘Arch GNU plus Linux’). This culture infects every fiber of our soul, from music (DEF CON’s station on Soma FM), our choice in outerwear (black hoodies, duh), and our choice in laptops (covered in stickers). We all wear uniforms, although a gaggle of computer science and electronics nerds all wearing black t-shirts won’t tell you that. We all conform, whether we’re aware of it or not.

  • Bits from keyring-maint [action required]

    A potential issue in the DFSG freeness of the Debian keyrings has been brought to the attention of the keyring-maint team. We have already had a similar issue[0] in the past with OpenPGP User Attributes (commonly used to attach images to keys). This was resolved by stripping such data from the keyrings; they add no extra information that is useful for the purposes of the keyrings within the project.

    The current issue under investigation is unfortunately harder for us to resolve as a team. It has been pointed out that the public keys, as shipped, do not represent the preferred form for modification. While it is possible for anyone to add additional data to a key without the private component it is not possible to fully modify the key. For example, a user wishing to upgrade all signatures on his copy of the debian-keyring to SHA-256, removing any use of SHA-1, is unable to do so.

  • BBR: Congestion-based congestion control

    This is the story of how members of Google’s make-tcp-fast project developed and deployed a new congestion control algorithm for TCP called BBR (for Bandwidth Bottleneck and Round-trip propagation time), leading to 2-25x throughput improvement over the previous loss-based congestion control CUBIC algorithm. In fact, the improvements would have been even more significant but for the fact that throughput became limited by the deployed TCP receive buffer size. Increasing this buffer size led to a huge 133x relative improvement with BBR (2Gbps), while CUBIC remained at 15Mbps. BBR is also being deployed on YouTube servers, with a small percentage of users being assigned BBR playback.

Syndicate content

More in Tux Machines

Android Leftovers

  • Pimp your smartphone with the latest Android O Pixel launcher
    If your device is running Android 6.0.1 Marshmallow or above, you can now pimp it out with the latest Google O Pixel launcher. One of the contributors on the XDA Developers forum has recently posted the APK file, which you can install on your smartphone. Before you download the file, make sure your device can install apps that aren’t listed on the Play Store. To do so, open up the Settings menu, tap on Security, and enable the “Unknown sources” option. Once that’s done, all you have to do is download the file and then tap on it in the notification shade to install the launcher on your device.
  • Google is killing off Android's emoji blobs
    The best emojis on the market are no more: Google’s weird blobs are being retired in favour of more conventional circular yellow faces.
  • Google I/O: What about Android on Chrome OS?
    The hottest tech-show ticket these days is Google I/O. In the just-finished 2017 conference, Google announced lots of great stuff, including a lightweight version of Android, Android Go; a first look at the next version of Android, Android O; and a major upgrade to Google Home. One thing that was noticeably missing, however: big news about Android apps on Chrome OS.
  • RaspAnd Marshmallow 6.0.1 Android OS Now Available for Raspberry Pi 3 and 2 SBCs
    After informing us about the availability of a new build of his RaspAnd Nougat operating system for Raspberry Pi 3 and 2 SBCs based on Android 7.1.2, Arne Exton released an updated RaspAnd Marshmallow 6 version.

today's howtos

LinuxAndUbuntu Distro Review Of The Week - Deepin OS

​Depth/Deepin OS is not just another Linux Distro, but one with something new to show. Deepin OS is simply speaking, just beautiful. Deepin OS, formerly known as Deepin, Linux Deepin, and Hiweed GNU/Linux is a Linux distro with an identity crisis. Seriously, this distro has undergone name changes you always have to check twice if the name is still the same. And that is all the negative you are going to say about this distro. Honestly speaking, Deepin OS is surely going to blow you away. I have been keeping an eye on this distro since 2013 and it still manages to impress me. Read more

KDE Leftovers: digikam, KDevelop, Kate, GSoC, and Akademy

  • [digikam] Call to Test the Pre-Release of 5.6.0
    Once again a lot has been going on behind the scenes since the last release. The HTML gallery tool is back, database shrinking (e.g. purging stale thumbnails) is also supported on MySQL, grouping has been improved and additional sidecars can now be specified. Therefore the release of 5.6.0 will be (is already) delayed, as we would like to invite you to test all these features. As usual they are available in the pre-release bundles or obviously directly from the git repository. Please report any dysfunctions, unexpected behaviour or suggestions for improvement to our bug tracker.
  • KDevelop runtimes: Docker and Flatpak integration
    On my last blog post I discussed about how some assumptions such as the platform developed on can affect our development. We need to minimize it by empowering the developers with good tools so that they can develop properly. To that end, I introduced runtimes in our IDE to abstract platforms (much like on Gnome’s Builder or Qt Creator).
  • Kate 17.04.1 available for Windows
  • GSoC - Community Bonding Period with Krita
  • First month report: my feelings about gsoc
  • My Akademy Plans
    The Akademy programme (saturday, sunday) is actually pretty long; the conference days stretch into feels-like-evening to me. Of course, the Dutch are infamous for being “6pm at the dinner table, and eat potatoes” so my notion of evening may not match what works on the Mediterranean coast. Actually, I know it doesn’t since way back when at a Ubuntu Developer Summit in Sevilla it took some internal-clock-resetting to adjust to dinner closer to midnight than 18:00.