Language Selection

English French German Italian Portuguese Spanish

Security

Security: Windows, Salon, Fraud. Skype and More

Filed under
Security
  • Critical Telegram flaw under attack disguised malware as benign images [Ed: Windows]

    The flaw, which resided in the Windows version of the messaging app, allowed attackers to disguise the names of attached files, researchers from security firm Kaspersky Lab said in a blog post. By using the text-formatting standard known as Unicode, attackers were able to cause characters in file names to appear from right to left, instead of the left-to-right order that's normal for most Western languages.

  • Salon to ad blockers: Can we use your browser to mine cryptocurrency?

    Salon explains what's going on in a new FAQ. "How does Salon make money by using my processing power?" the FAQ says. "We intend to use a small percentage of your spare processing power to contribute to the advancement of technological discovery, evolution, and innovation. For our beta program, we'll start by applying your processing power to help support the evolution and growth of blockchain technology and cryptocurrencies."

  • Why children are now prime targets for identity theft [sic] [iophk: "the real name for this is "fraud" and there are already existing laws on it"]

    SSA believed this change would make it more difficult for thieves to “guess” someone’s SSN by looking at other public information available for that person. However, now that an SSN is not tied to additional data points, such as a location or year of birth, it becomes harder for financial institutions, health care providers, and others to verify that the person using the SSN is in fact the person to whom it was issued.

    In other words: Thieves now target SSNs issued after this change as they know your 6-year-old niece or your 4-year-old son will not have an established credit file.

  • Microsoft won't plug a huge zero-day in Skype because it'd be too much work

    The bug in the automatic updater (turd polisher) for the Windows desktop app has a ruddy great hole in it that will let dodgy DLLs through.

  • ‘I Lived a Nightmare:’ SIM Hijacking Victims Share Their Stories

    The bug itself didn’t expose anything too sensitive. No passwords, social security numbers, or credit card data was exposed. But it did expose customers’ email addresses, their billing account numbers, and the phone’s IMSI numbers, standardized unique number that identifies subscribers. Just by knowing (or guessing) customer’s phone numbers, hackers could get their target’s data.

    Once they had that, they could impersonate them with T-Mobile’s customer support staff and steal their phone numbers. This is how it works: a criminal calls T-Mobile, pretends to be you, convinces the customer rep to issue a new SIM card for your number, the criminal activates it, and they take control of your number.

Plasma 5.12.1 bugfix update lands in backports PPA for Artful 17.10

Filed under
KDE
Security

After the initial release of Plasma 5.12 was made available for Artful 17.10 via our backports PPA last week, we are pleased to say the the PPA has now been updated to the 1st bugfix release 5.12.1.

The full changelog for 5.12.1 can be found here.

Including fixes and polish for Discover and the desktop.

Also included is an update to the latest KDE Frameworks 5.43.

Upgrade instructions and caveats are as per last week’s blog post, which can be found here.

The Kubuntu team wishes users a happy experience with the excellent 5.12 LTS desktop, and thanks the KDE/Plasma team for such a wonderful desktop to package.

Read more

Security: Updates, Microsoft, Google, and Telegram

Filed under
Security
  • Security updates for Wednesday
  • Winter Olympics was hit by cyber-attack, officials confirm [Ed: This is a Microsoft Windows issue, but Bill Fates is paying The Guardian, so...]
  • Google Patches Chromebooks Against Meltdown/Spectre, Adds New Chrome OS Features

    Earlier this month, Google updated its Chrome OS computer operating system to stable version 64.0.3282.134 and platform version 10176.65.0, an update that's now available for most Chromebook devices.

    Besides the usual security improvements and bug fixes, the latest Chrome OS 64 release includes several new features that are worth mentioning, such as the ability to take screenshots by simultaneously pressing the Power and Volume Down buttons on your Chromebook with a 360-degree hinge.

  • Skype can't fix a nasty security bug without a massive code rewrite
  • Perfect Computer Security Is a Myth. But It’s Still Important [Ed: The "everything is broken" defeatism overlooks the coordinated vandalism done to put back doors in most things]

    Maybe you’ve heard it before: “Security is a myth.” It’s become a common refrain after a never-ending string of high-profile security breaches. If Fortune 500 companies with million dollar security budgets can’t lock things down, how can you?

    And there’s truth to this: perfect security is a myth. No matter what you do, no matter how careful you are, you will never be 100 percent safe from hackers, malware, and cybercrime. That’s the reality we all live in, and it’s important to keep this in mind, if only so that we can all feel more sympathy for victims.

  • Microsoft Fixes 50 Vulnerabilities In February’s Patch Tuesday Update

    Microsoft has released February’s cumulative updates for Windows 10, better known as Patch Tuesday. The reason why the update is worth getting is it comes with fixes for 50 vulnerabilities in various versions of Windows 10.

    As per the release notes, the software addressed as a part of the Patch Tuesday update are Windows OS, Microsoft Edge, Internet Explorer, Microsoft Office, Microsoft Office Services and Web Apps, and the JavaScript engine ChakraCore. In addition to security fixes, Microsoft has also made improvements to address minor glitches in Windows 10.

  • Telegram Zero-Day Vulnerability Lets Hackers Pwn Your PC to Mine Cryptocurrency

    A zero-day vulnerability was discovered by Kaspersky Lab in the Telegram Desktop app that could let hackers pwn your computer to mine for cryptocurrencies like Zcash, Monero, Fantomcoin, and others.

    Kaspersky Lab's security researchers say the zero-day vulnerability can be used to deliver multi-purpose malware to computer users using the Telegram Desktop app, including backdoors and crypto-cash mining software.

    The security company also discovered that hackers had actively exploited the vulnerability in the Telegram Desktop app, which is based on the right-to-left override Unicode method, since March last year, but only to mine cryptocurrencies like Fantomcoin, Monero, and Zcash.

Security: Telegram, Bounties and More

Filed under
Security
  • Telegram zero-day let hackers spread backdoor and cryptocurrency-mining malware

    A zero-day vulnerability in Telegram Messenger allowed attackers to spread a new form of malware with abilities ranging from creating a backdoor trojan to mining cryptocurrency.

    The attacks take advantage of a previously unknown vulnerability in the Telegram Desktop app for Windows and were spotted being used in the wild by Kaspersky Lab.

    Researchers believe the Russian cybercriminal group exploiting the zero-day were the only ones aware of the vulnerability and have been using it to distribute malware since March 2017 -- although it's unknown how long the vulnerability had existed before that date.

  • More Than 4,000 Government Websites Infected With Covert Cryptocurrency Miner

    The rise of cryptocurrency mining software like Coinhive has been a decidedly double-edged sword. While many websites have begun exploring cryptocurrency mining as a way to generate some additional revenue, several have run into problems if they fail to warn visitors that their CPU cycles are being co-opted in such a fashion. That has resulted in numerous websites like The Pirate Bay being forced to back away from the software after poor implementation (and zero transparency) resulted in frustrated users who say the software gobbled upwards of 85% of their available CPU processing power without their knowledge or consent.

    But websites that don't inform users this mining is happening are just one part of an emerging problem. Hackers have also taken to using malware to embed the mining software into websites whose owners aren't aware that their sites have been hijacked to make somebody else an extra buck. Politifact was one of several websites that recently had to admit its website was compromised with cryptocurrency-mining malware without their knowledge. Showtime was also forced to acknowledge (barely) that websites on two different Showtime domains had been compromised and infected with Coinhive-embedded malware.

  • Why Bug Bounties Matter

    Bugs exist in software. That's a fact, not a controversial statement. The challenge (and controversy) lies in how different organizations find the bugs in their software.

    One way for organizations to find bugs is with a bug bounty program. Bug bounties are not a panacea or cure-all for finding and eliminating software flaws, but they can play an important role.

  • Shell Scripting and Security

    The internet ain't what it used to be back in the old days. I remember being online back when it was known as ARPAnet actually—back when it was just universities and a handful of corporations interconnected. Bad guys sneaking onto your computer? We were living in blissful ignorance then.

    Today the online world is quite a bit different, and a quick glimpse at the news demonstrates that it's not just global, but that bad actors, as they say in security circles, are online and have access to your system too. The idea that any device that's online is vulnerable is more true now than at any previous time in computing history.

  • Security updates for Tuesday
  • Open Source Security Podcast: Episode 82 - RSA, TLS, Chrome HTTP, and PCI

Security: Meltdown, Equifax, IOC's Microsoft Experience

Filed under
Security

Qubes OS Security-Focused Operating System Now Supports Librem Linux Laptops

Filed under
OS
Security

Last year, Purism started shipping coreboot-enabled Librem laptops, and it received some interesting feedback from customers who bought them and attempted to install early release candidate images of the Qubes 4.0 operating system, reporting that the Qubes OS installer complained about IOMMU support.

Apparently, IOMMU support wasn't available in Intel's Skylake processors that powered Purism's Librem laptops, but it's supported by the coreboot firmware, formerly known as LinuxBIOS, so the company had to update its laptops to the latest coreboot release, which lets users install Qubes OS 4.0 without any warnings.

Read more

Security: Equifax, Australian, and KDE Plasma Panic

Filed under
Security

Security: Browsealoud, Updates, Apple, and Linux Patches

Filed under
Security
  • U.S., UK government websites infected with crypto-mining malware: report

    Thousands of websites, including ones run by U.S. and UK government agencies, were infected for several hours on Sunday with code that causes web browsers to secretly mine digital currencies, technology news site The Register reported.

    More than 4,200 sites were infected with a malicious version of a widely used tool known as Browsealoud from British software maker Texthelp, which reads out webpages for people with vision problems, according to The Register.

  • Security updates for Monday
  • Apple's top-secret iBoot firmware source code spills onto GitHub for some insane reason

    The confidential source code to Apple's iBoot firmware in iPhones, iPads and other iOS devices has leaked into a public GitHub repo.

  • Linux Meltdown patch: 'Up to 800 percent CPU overhead', Netflix tests show

    The Linux mitigation for Meltdown known as kernel page table isolation (KPTI) can cause a massive drain on CPU performance, according to an analysis by Brendan Gregg, a senior performance architect at Netflix.

    While Intel's Spectre mitigations have attracted the most attention for causing performance and stability problems, Gregg finds that KPTI causes the "largest kernel performance regressions I've ever seen".

  • KPTI/KAISER Meltdown Initial Performance Regressions

    The recently revealed Meltdown and Spectre bugs are not just extraordinary issues of security, but also performance. The patches that workaround Meltdown introduce the largest kernel performance regressions I've ever seen. Many thanks to the engineers working hard to develop workarounds to these processor bugs.

Security: Cryptomining, Catalin Cimpanu's Latest Scaremongering, and Tegra Flaw Helps Linux

Filed under
Linux
Security

Security: Fake Authentication 'Solution', Cryptojacking, and Meltdown's Linux Patches

Filed under
Security
Syndicate content

More in Tux Machines

Nix This Innovative OS for Its Uninviting Complexity

I had to keep reminding myself that I was not dealing with an extreme case of Arch Linux instead of GNU/Linux. NixOS is more demanding and definitely not a distro for users with anything less than advanced skills. To say NixOS comes with a steep learning curve and lots of hands-on overhead is putting it mildly. If you are a typical Linux user who lacks sysadmin training, avoid NixOS like a malware attack hiding in plain sight. Read more

Riot: A Distributed Way of Having IRC and VOIP Client and Home Server

Riot is a free and open source decentralized instant messaging application that can be considered an alternative to Slack. Take a look at features of Riot, installation procedure and usage. Read more

KDE’s New Elisa Music Player: So Close, Yet So Far Away

KDE is a working on a new music player called Elisa. Can Elisa become the new default music player in most Linux distributions? Find out in this review of Elisa music player. Read more

Collabora Online 3.2 released

Collabora Productivity, the driving force behind putting LibreOffice in the Cloud, is excited to announce a new release of its flagship enterprise-ready cloud document suite – Collabora Online 3.2, with new features and multiple improvements. Read more