Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers: Privilege Escalation, Nayana Caught by Malware in Ads

Filed under
Security

That's random: OpenBSD adds more kernel security

Filed under
Security
BSD

OpenBSD has a new security feature designed to harden it against kernel-level buffer overruns, the "KARL" (kernel address randomised link).

The changes are described in this note to an OpenBSD developer list penned by founder and lead developer Theo de Raadt.

Read more

Security Leftovers: Security in Medicine, WannaCry, Let’s Encrypt, Rooting a Printer

Filed under
Security

Security Leftovers: Updates, 'Clouds', Cars, Erebus

Filed under
Security
  • Security updates for Friday
  • The 2 cloud security myths that must die
  • Open source security challenges in cars

    A revolution is underway in the automotive industry. The car is no longer simply a means of getting from here to there. Today’s car reaches out for music streamed from the cloud, allows hands-free phone calls, and provides real-time traffic information and personalised roadside assistance.

    Almost every modern automobile feature — speed monitoring, fuel efficiency tracking, anti-lock braking, traction and skid-control — is now digitised to provide drivers with easier, safer operation and better information.

  • Erebus Ransomware Targets Linux Servers

    The IT security researchers at Trend Micro recently discovered malware that has the potential to infect Linux-based servers. The malware, called Erebus, has been responsible for hijacking 153 Linux-based networks of a South Korean web-hosting company called NAYANA.

    [...]

    Once the user clicked on those ads, the ransomware would activate in the usual way.

Enhancing the security of the OS with cryptography changes in Red Hat Enterprise Linux 7.4

Filed under
Linux
Red Hat
Security

Today we see more and more attacks on operating systems taking advantage of various technologies, including obsolete cryptographic algorithms and protocols. As such, it is important for an operating system not only to carefully evaluate the new technologies that get introduced, but to also provide a process for phasing out technologies that are no longer relevant. Technologies with no practical use today increase the attack surface of the operating system and more specifically, in the cryptography field, introduce risks such as untrustworthy communication channels, when algorithms and protocols are being used after their useful lifetime.

Read more

Security Leftovers: CherryBlossom, Security Tps, Travel With Keys, Windows Malware in Electricity Systems, PGP Lapse

Filed under
Security
  • The CIA has lots of ways to hack your router

    According to new documents published by WikiLeaks, the CIA has been building and maintaining a host of tools to do just that. This morning, the group published new documents describing a program called Cherry Blossom, which uses a modified version of a given router’s firmware to turn it into a surveillance tool. Once in place, Cherry Blossom lets a remote agent monitor the target’s internet traffic, scan for useful information like passwords, and even redirect the target to a desired website.

  • Advanced CIA firmware has been infecting Wi-Fi routers for years

    Home routers from 10 manufacturers, including Linksys, DLink, and Belkin, can be turned into covert listening posts that allow the Central Intelligence Agency to monitor and manipulate incoming and outgoing traffic and infect connected devices. That's according to secret documents posted Thursday by WikiLeaks.

    CherryBlossom, as the implant is code-named, can be especially effective against targets using some D-Link-made DIR-130 and Linksys-manufactured WRT300N models because they can be remotely infected even when they use a strong administrative password. An exploit code-named Tomato can extract their passwords as long as a default feature known as universal plug and play remains on. Routers that are protected by a default or easily-guessed administrative password are, of course, trivial to infect. In all, documents say CherryBlossom runs on 25 router models, although it's likely modifications would allow the implant to run on at least 100 more.

  • 3 security tips for software developers

    Every developer knows the importance of following best security practices. But too often we cut corners, maybe because we have to work hard until those security practices sink in. Unfortunately, that usually takes something like seeing a security malpractice that's so bad it gets marked in indelible ink in our brains.

    I've seen a lot of instances of poor security practices during my career as a sysadmin, but the three I'm going to describe here are basic things that every software developer should avoid. It's important to note that I've seen every single one of these errors committed by large companies and experienced developers, so you can't chalk these mistakes up to novice junior engineers.

  • Travel (Linux) laptop setup

    I understand that this is way too paranoid for most people (and not nearly paranoid enough for some others -- as I like to say, IT security is just like driving on the highway in the sense that anyone going slower than you is an idiot, and anyone going faster is clearly a maniac). Whether this guide is of any use to you is entirely your call, but I hope I gave you some good ideas to help secure your digital life next time you are away from the comfort of your home or office.

  • Potent malware targets electricity systems

    "In that way, it can be immediately re-purposed in Europe and portions of the Middle East and Asia."

    In addition, it said, the malware could be adapted "with a small amount of tailoring" to render it potent against the North American power grid.

    It said that the malware can be applied to work at several electricity substations at the same time, giving it the power to create a widespread power shutdown that could last for hours and potentially days.

  • KMail’s ‘Send Later’ caused PGP encrypted private emails to be sent in plain-text

    I recently discovered the security vulnerability CVE-2017-9604 in the KDE Project’s KMail email client. This vulnerability led KMail to not encrypt email messages scheduled to be sent with a delay, even when KMail gave every indication that the email contents would be encrypted using OpenPGP.

IPFire 2.19 Linux Firewall Gets WPA Enterprise Authentication in Client Mode

Filed under
GNU
Linux
Security

Michael Tremer from the IPFire Project announced the availability of a new stable update for the IPFire 2.19 series of the open-source Linux-based firewall distribution.

IPFire 2.19 Core Update 111 is now live and it appears to be a major update adding quite a large number of new features to the firewall, along with dozens of up-to-date components. The biggest change, however, seems to be the ability for IPFire to authenticate itself with an EAP (Extensible Authentication Protocol)-enabled wireless network, supporting both TTLS and PEAP methods.

Read more

Security Leftovers: CyberSecurity, Cryptocoin, and SMB

Filed under
Security

Security Leftovers: Microsoft PowerShell Threat, DevSecOps, Botnets, USB, and Death of Microsoft's Docs.com

Filed under
Security
  • Fileless malware attack against US restaurants went undetected by most AV [Ed: Microsoft PowerShell leaves restaurants open to attacks]
  • DevSecOps is Not a Security Panacea

    Many development teams view security as an impediment to agility and innovation, but efforts over the past few years have tried to integrate security controls and testing directly into DevOps workflows without sacrificing development speed and deployment flexibility.

    Known as DevSecOps, this marriage between security and agile development aims to implement core security tasks like event monitoring, patch management, privilege control and vulnerability assessment directly into DevOps processes. This includes dynamic and static vulnerability testing at all levels of the development cycle, so that major flaws can be discovered early on, before the code makes it into production.

  • Commerce Seeks Input on Fighting Botnets

    The Commerce Department is asking for public input on what the government should do to combat cyberattacks launched by armies of infected computers.

  • ​How to use Linux's built-in USB attack protection

    There are USB sticks that will destroy your computer, USB sticks loaded with spyware, and even official enterprise USB sticks infected with malware. Last, but never least, when it comes to stealing data from a computer, you can't beat a USB stick. There are devices like the USG USB stick firewall, which can protect you, or if you're a Linux user, you can always stop attackers armed with USB sticks with USBGuard.

  • [Older] Patches Available for Linux Sudo Vulnerability
  • Lack of Experience May Plague IoT Security Startups [Ed: An even worse culprit is intelligence agencies intentionally weakening software/libraries for back door access (remote domination)]
  • Microsoft kills off Docs.com in favour of LinkedIn SlideShare

    Docs.com, which originally began as a collaboration between Microsoft and Facebook to provide a service similar to Google Docs, is being closed in favour of SlideShare, a service that Microsoft acquired along with its purchase of LinkedIn.

GNU/Linux Prevents Back Doors, Microsoft Patches Some

Filed under
GNU
Linux
Microsoft
Security
Syndicate content

More in Tux Machines

RancherOS: A tiny Linux for Docker lovers

Like the various Linux server and desktop distributions, the container-oriented Linux distributions mix and match various projects and components to construct a complete container infrastructure. These distros generally combine a minimal OS kernel, an orchestration framework, and an ecosystem of container services. RancherOS not only fits the mold, but takes the minimal kernel and the container paradigm to extremes. Read more

Review: System76’s Galago Pro solves “just works” Linux’s Goldilocks problem

The Linux world has long maintained a very specific rite of passage: wiping the default operating system from your laptop and plugging in a USB stick with your favorite distro's live CD. Some of us get a little, dare I say, giddy every time we wipe that other OS away and see that first flash of GRUB. Of course, rites of passage are supposed to be one-time events. Once you've wiped Windows or OS X a time or two, that giddiness vanishes—replaced by a feeling of annoyance, a kind of tax on being a Linux user. Read more

Didier Roche: Ubuntu GNOME Shell in Artful: Day 3

After introducing yesterday a real GNOME vanilla session, let’s see how we are using this to implement small behavior differences and transforming current Ubuntu Artful. For more background on this, you can refer back to our decisions regarding our default session experience as discussed in my blog post. Read more

GNOME and Debian: Debian Turning 24, GNOME Turning 20

  • Debian Celebrates Its 24th Birthday
    Yesterday marked GNOME turning 20 while today Debian developers and users have its 24th birthday of the project to celebrate.
  • GNOME desktop environment for Linux and BSD is 20 years old today
    When many people think of Linux, they incorrectly assume it is an operating system. Actually, Linux is merely the kernel which many operating systems leverage. An actual operating system is compromised of many things, including a user interface -- after all, users need to interface with their computer! Most computer users will obviously want a graphical UI nowadays, and for BSD and Linux-based operating systems there are many such desktop environments from which to choose. One of the most popular environments is GNOME. Not only is GNOME a DE, but it has evolved into much more, such as a collection of apps and design rules (Human Interface Guidelines). Today, GNOME is celebrating a very important milestone -- it is an impressive 20 years old!
  • Happy birthday, GNOME!
    The GNOME desktop turns 20 today, and I'm so excited! Twenty years is a major milestone for any open source software project, especially a graphical desktop environment like GNOME that has to appeal to many different users. The 20th anniversary is definitely something to celebrate!
  • Linux desktop GUI GNOME celebrates its 20th birthday
    By 1997, there had long been graphical Unix and Linux graphical user interface (GUI) desktops, but none of them had gathered much support. KDE, which was destined to become a major desktop, had started in 1996, but it was still facing opposition for its use of the Qt license. The GNOME Project, founded by Miguel de Icaza and Federico Mena Quintero on August 15, 1997, was created to build a GUI without the use of any non-General Public License (GPL) software. Thus, a struggle began between the two Linux desktops, which continues to this day.