Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security

Security News

Filed under
Security
  • Lynis – Security Auditing and Hardening Tool for Linux/Unix Systems

    First i want to tell you about system security before going deeper about Lynis. Every system administrator should know/understand about system security, Hardening, etc,. So that we can make our system up and running smoothly without any issues otherwise we have to face so many issues.

  • Security Hygiene for Software Professionals

    As software makers, we face a unique threat model. The computers or accounts we use to develop and deliver software are of more value to an attacker than what ordinary computer users have—cloud service keys can be stolen and used for profit, and the software we ship can be loaded with malware without our knowledge. And that’s before we consider that the code we write has a tremendous value of its own and should be protected.

  • AI isn't just for the good guys anymore

    Last summer at the Black Hat cybersecurity conference, the DARPA Cyber Grand Challenge pitted automated systems against one another, trying to find weaknesses in the others' code and exploit them.

    "This is a great example of how easily machines can find and exploit new vulnerabilities, something we'll likely see increase and become more sophisticated over time," said David Gibson, vice president of strategy and market development at Varonis Systems.

    His company hasn't seen any examples of hackers leveraging artificial intelligence technology or machine learning, but nobody adopts new technologies faster than the sin and hacking industries, he said.

    "So it's safe to assume that hackers are already using AI for their evil purposes," he said.

  • MongoDB And Open Source: Super-Sized Vulnerability? [Ed: TopSpin Security is spinning and lying. MongoDB didn’t have a vulnerability, it was the fault of bad setup.]

OpenSUSE Web Site Cracked, Tumbleweed Update

Filed under
Security
Web
SUSE

Security Leftovers

Filed under
Security
  • Security advisories for Monday
  • There are no militant moderates in security
  • Exploit for Windows DoS zero-day published, patch out on Tuesday?
  • Ransomware Attack Left DC Police Surveillance Blind Shortly Before The Innauguration

    Once exclusively the domain of hospitals with comically-bad IT support, crippling ransomware attacks are increasingly beginning to impact essential infrastructure. Just ask the San Francisco MTA, whose systems were shut down entirely for a spell last fall after a hacker (with a long history of similar attacks) managed to infiltrate their network, forcing the MTA to dole out free rides until the threat was resolved. Or you could ask the St. Louis public library network, which saw 16 city branches crippled last month by a bitcoin-demanding intruder.

    We've also seen a spike in ransomware attacks on our ever-expanding surveillance and security apparatus, DC Police acknowledging this week that 70% of the city's surveillance camera DVRs were infected with malware. The infection was so thorough, DC Police were forced to acknowledge that city police cameras were unable to record much of anything during a three day stretch last month...

  • Hackers hit D.C. police closed-circuit camera network, city officials disclose

    Hackers infected 70 percent of storage devices that record data from D.C. police surveillance cameras eight days before President Trump’s inauguration, forcing major citywide reinstallation efforts, according to the police and the city’s technology office.

  • Network protection laws 'may have opposite effect'

    Laws that have been proposed by the Australian Government to guard communications networks and businesses from cyber attack and sabotage may have the opposite effect from that intended, a coalition of industry groups has warned.

    The warning came jointly from the Australian Industry Group, the Australian Information Industry Association, the Australian Mobile Telecommunications Association and Communications Alliance in a submission to the Parliamentary Joint Committee on Intelligence and Security.

  • Russians Engineer a Brilliant Slot Machine Cheat—And Casinos Have No Fix

    In early June 2014, accountants at the Lumiere Place Casino in St. Louis noticed that several of their slot machines had—just for a couple of days—gone haywire. The government-approved software that powers such machines gives the house a fixed mathematical edge, so that casinos can be certain of how much they’ll earn over the long haul—say, 7.129 cents for every dollar played. But on June 2 and 3, a number of Lumiere’s machines had spit out far more money than they’d consumed, despite not awarding any major jackpots, an aberration known in industry parlance as a negative hold. Since code isn’t prone to sudden fits of madness, the only plausible explanation was that someone was cheating.

    Casino security pulled up the surveillance tapes and eventually spotted the culprit, a black-haired man in his thirties who wore a Polo zip-up and carried a square brown purse. Unlike most slots cheats, he didn’t appear to tinker with any of the machines he targeted, all of which were older models manufactured by Aristocrat Leisure of Australia. Instead he’d simply play, pushing the buttons on a game like Star Drifter or Pelican Pete while furtively holding his iPhone close to the screen.

  • SSL or IPsec: Which is best for IoT network security?

    Internet of Things (IoT) devices are soon expected to outnumber end-user devices by as much as four to one. These applications can be found everywhere—from manufacturing floors and building management to video surveillance and lighting systems.

  • The barriers to using IoT in healthcare: What's stopping the Internet of Things from transforming the industry?

    Big things are expected of the Internet of Things (IoT) in a plethora of industries, and healthcare is no exception. The market is poised to reach $117 billion by 2020 according to business intelligence company MarketResearch.com.

    IoT covers a broad spectrum of interconnected devices communicating across the net that together can have benefits for the treatment of patients, the workloads of practitioners, and the wealth of the nation.

New CloudLinux 7 Kernel Released to Beta with Fix for "Kernel Panic" Issue, More

Filed under
Red Hat
Security

CloudLinux's Mykola Naugolnyi is announcing the availability of an updated kernel version in the Beta repositories of the Red Hat Enterprise Linux-based CloudLinux 7 operating system.

The kernel packages of CloudLinux 7 have been updated to version 3.10.0-427.36.1.lve1.4.37, and they are now available for installation directly from the updates-testing repository. Since kernel version 3.10.0-427.36.1.lve1.4.35, CloudLinux's team managed to backport a fix for a known "Kernel panic" issue.

The new updated CloudLinux 7 kernel build also attempts to implement the ability to ignore root-owned links when checking symlink ownership. Therefore, it is recommended that you update your systems to kernel version 3.10.0-427.36.1.lve1.4.37 as soon as possible.

Read more

Security News

Filed under
Security
  • This dump of Iphone-cracking tools shows how keeping software defects secret makes everyone less secure

    Last month, a hacker took 900GB of data from Cellebrite, an Israeli cyber-arms dealer that was revealed to be selling surveillance and hacking tools to Russia, the UAE, and Turkey.

    Yesterday, that hacker dumped Cellebrite's arsenal of mobile cracking tools, including a suite of tools to attack Apple's Ios devices (Iphones and Ipads).

    The dump reveals that Cellebrite seemingly repackages untested and unaudited jailbreaking tools as lawful interception products and sells them to repressive regimes. It also reveals that suppressing disclosure of security vulnerabilities in commonly used tools does not prevent those vulnerabilities from being independently discovered and weaponized -- it just means that users, white-hat hackers and customers are kept in the dark about lurking vulnerabilities, even as they are exploited in the wild, which only end up coming to light when they are revealed by extraordinary incidents like this week's dump.

  • Gentoo Developer: Is The Linux Desktop Less Secure Than Windows 10?

    Gentoo Linux developer Hanno Böck, who also writes for Golem and runs The Fuzzing Project as a software fuzzing initiative to find issues in software, presented today at FOSDEM 2017 over some Linux desktop security shortcomings and how Microsoft Windows 10 is arguably more secure out-of-the-box.

IPFire 2.19 to Bring Tor 0.2.9.9 and OpenSSL 1.0.2k with New Security Fixes

Filed under
GNU
Linux
Security

Michael Tremer announced the availability for public testing of the upcoming IPFire 2.19 Core Update 109 maintenance release of the open source Linux-based router and firewall distribution.

The most important change included in this update appears to be support for the unbound 1.6.0 recursive and caching DNS resolver in the built-in DNS proxy, which will re-activate QNAME hardening and minimisation below NX domains. The change should also make IPFire check if a router drops DNS responses that are longer than a specific threshold.

Read more

Security News

Filed under
Security
  • Vulnerability Note VU#867968

    Microsoft Windows contains a memory corruption bug in the handling of SMB traffic, which may allow a remote, unauthenticated attacker to cause a denial of service on a vulnerable system.

  • Op-ed: Windows 10 0day exploit goes wild, and so do Microsoft marketers

    There's a zero-day exploit in the wild that exploits a key file-sharing protocol in most supported versions of Windows, including Windows 10, the latest and most secure version of the Microsoft operating system. The exploit is probably not worth worrying about, but you'd never know that based on the statement Microsoft officials issued on Thursday when asked what kind of threat the exploit poses:

    "Windows is the only platform with a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible," an unnamed spokesperson replied in an e-mail. "We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection."

    An employee at Microsoft's outside PR firm, WE Communications, wouldn't explain why the statement advised customers to use Windows 10 and Edge when the exploit works on all versions of Windows and doesn't require that targets use a browser. Ars reminded the employee that an advisory issued hours earlier by the CERT Coordination Center at Carnegie Mellon University warned that the vulnerability might leave Windows users open to code-execution attacks.

  • Former GCHQ deputy: Cyber attack 'normal 21st century threat'

    A skills shortage and "chaotic" handling of personal data breaches are undermining confidence in the government's ability to protect the UK from cyber attacks.

  • Public Accounts Committee slams government on cybersecurity strategy

    The Public Accounts Committee has taken the government to task over a lack of action on addressing cyber security in the UK – and that poor reporting of breaches and low oversight in general reduces its confidence in the Cabinet Office to protect the country from cyber threats.

    The report cites cyber security as one of the biggest threats that faces the country today, but committee chair Meg Hillier said that the government’s approach to personal data breaches “has been chaotic and does not inspire confidence in its ability to take swift, coordinated and effective action in the face of higher threat attacks”.

  • Cybersecurity firms pilloried by GCHQ technical director over “witchcraft”

    “we are allowing massively incentivised companies to define the public perception of the problem”.

  • Microsoft is disabling older versions of Skype for Mac and Windows on March 1

    [Ed: Microsoft forces people to use the latest surveillance with the latest back doors for wiretaps & remote access]

Security Leftovers

Filed under
Security
  • Hosted S/MIME by Google provides enhanced security for Gmail in the enterprise [Ed: It’s not end-to-end but end-to-Google i.e. end-to-NSA PRISM]

    We are constantly working to meet the needs of our enterprise customers, including enhanced security for their communications. Our aim is to offer a secure method to transport sensitive information despite insecure channels with email today and without compromising Gmail extensive protections for spam, phishing and malware.

  • Razer Core on Linux with Razer Blade Stealth and BIOS Mod
  • How Did Cybersecurity Become So Political?

    Less than a month before he was elected president, Donald Trump promised to make cybersecurity “an immediate and top priority for my administration.” He had talked about technology often on the campaign trail—mostly to attack Hillary Clinton for using a private email server when she was Secretary of State. But less than two weeks into his presidency, it’s Trump and his team who have struggled to plug important security holes, some of which are reminiscent of Clinton’s troubles.

  • New zero-day exploit affects current Windows versions

    A new zero-day exploit that affects current versions of Windows has been released on Github, according to an announcement from the Internet Storm Centre.

    Johannes Ullrich of the ISC said the exploit implemented an SMBv3 server and clients connecting to it would be affected.

    He said he had tested it with a fully patched Windows 10 machine and experienced a blue screen of death.

    "An attacker would have to trick the client to connect to this server. It isn't clear if this is exploitable beyond a denial of service," he wrote.

Security News

Filed under
Security
Syndicate content

More in Tux Machines

Security Leftovers

  • Security updates for Monday
  • Recursive DNS Server Fingerprint Problem

    Our goal is to identify hijacked resolvers by analyzing their fingerprints, in order to increase safety of Internet users. To do that, we utilize data collected via RIPE Atlas (atlas.ripe.net).

  • Online developer tutorials are spreading XSS and SQL injection flaws

    The researchers, from across three universities in Germany and Trend Micro, checked the PHP code bases of more than 64,000 projects on Github and uncovered more than 100 vulnerabilities that they believe might have been introduced as a result of developers picking up the code that they used from online tutorials.

  • BrickerBot, the permanent denial-of-service botnet, is back with a vengeance

    BrickerBot, the botnet that permanently incapacitates poorly secured Internet of Things devices before they can be conscripted into Internet-crippling denial-of-service armies, is back with a new squadron of foot soldiers armed with a meaner arsenal of weapons.

  • Reproducible Builds: week 104 in Stretch cycle
  • Webroot antivirus goes bananas, starts trashing Windows system files
    Webroot's security tools went berserk today, mislabeling key Microsoft Windows system files as malicious and temporarily removing them – knackering PCs in the process. Not only were people's individual copies of the antivirus suite going haywire, but also business editions and installations run by managed service providers (MSPs), meaning companies and organizations relying on the software were hit by the cockup. Between 1200 and 1500 MST (1800 and 2100 UTC) today, Webroot's gear labeled Windows operating system data as W32.Trojan.Gen – generic-Trojan-infected files, in other words – and moved them into quarantine, rendering affected computers unstable. Files digitally signed by Microsoft were whisked away – but, luckily, not all of them, leaving enough of the OS behind to reboot and restore the quarantined resources.
  • How The Update Framework Improves Security of Software Updates
    Updating software is one of the most important ways to keep users and organizations secure. But how can software be updated securely? That's the challenge that The Update Framework (TUF) aims to solve. Justin Cappos, assistant professor at New York University, detailed how TUF works and what's coming to further improve the secure updating approach in a session at last week's DockerCon 17 conference in Austin, Texas. Simply using HTTPS and Transport Layer Security (TLS) to secure a download isn't enough as there have been many publicly reported instances of software repositories that have been tampered with, Cappos said.
  • Security Updates for Ubuntu Phone to End in June
    Security updates for Ubuntu phone and tablet will end this June, Canonical has confirmed. Current OTA updates are currently limited to critical fixes and security updates — a decision we were first to tell you back in January. But after June 2017 Canonical “will no longer deliver any further updates”.
  • Canonical to stop supporting Ubuntu Phone in June
    Canonical had already announced development of its Ubuntu Phone software was ending. Now we know when the final nail goes in the coffin: June.
  • Malware Hunts And Kills Poorly Secured Internet Of Things Devices Before They Can Be Integrated Into Botnets
    Researchers say they've discovered a new wave of malware with one purpose: to disable poorly secured routers and internet of things devices before they can be compromised and integrated into botnets. We've often noted how internet-of-broken-things devices ("smart" doorbells, fridges, video cameras, etc.) have such flimsy security that they're often hacked and integrated into botnets in just a matter of seconds after being connected to the internet. These devices are then quickly integrated into botnets that have been responsible for some of the worst DDoS attacks we've ever seen (including last October's attack on DYN).

GNOME/GTK News

  • The Way GNOME Handles Wallpapers Really Annoys Me
    I love GNOME Shell — and no, not just because I’ve little choice now that is Ubuntu’s default desktop! But the more I use GNOME the more I learn that the desktop environment, like every other, has its own share of quirks, bugs and inconsistencies. Like the following appreciably niche niggle in the the way GNOME handles desktop wallpapers.
  • Drag-and-drop in lists
    I’ve recently had an occasion to implement reordering of a GtkListBox via drag-and-drop (DND). It was not that complicated. Since I haven’t seen drag-and-drop used much with list boxes, here is a quick summary of what is needed to get the basics working.

Containers News

  • How Kubernetes is making contributing easy
    As the program manager of the Kubernetes community at Google, Sarah Novotny has years of experience in open source communities including MySQL and NGINX. Sarah sat down with me at CloudNativeCon in Berlin at the end of March to discuss both the Kubernetes community and open source communities more broadly. Among the topics we covered in the podcast were the challenges inherent in shifting from a company-led project to a community-led one, principles that can lead to more successful communities, and how to structure decision-making.
  • How Microsoft helped Docker with LinuxKit and Moby Project [Ed: Microsoft 'helped'... embrace, extend, coerce; haven't Docker employees learned from history?]
    Today, supporting Linux is as critical to Microsoft as it is to Red Hat and SUSE.
  • How to make branding decisions in an open community
    On April 18, Docker founder Solomon Hykes made a big announcement via a pull request in the main Docker repo: "Docker is transitioning all of its open source collaborations to the Moby project going forward." The docker/docker repo now redirects to moby/moby, and Solomon's pull request updates the README and logo for the project to match. Reaction from the Docker community has been overwhelmingly negative. As of this writing, the Moby pull request has garnered 7 upvotes and 110 downvotes on GitHub. The Docker community is understandably frustrated by this opaque announcement of a fait accompli, an important decision that a hidden inner circle made behind closed doors. It's a textbook case of "Why wasn't I consulted?"

Ubuntu 17.04: Unity's swan song?

For the most part, not much has changed on Ubuntu's Desktop edition in the past year. Unity 7 has more or less remained the same while work was progressing on the next version of the desktop, Unity 8. However, now that both desktops are being retired in favour of the GNOME desktop, running Ubuntu 17.04 feels a bit strange. This week I was running software that has probably reached the end of its life and this version of Ubuntu will only be supported for nine months. I could probably get the same desktop experience and most of the same hardware support running Ubuntu 16.04 and get security updates through to 2021 in the bargain. In short, I don't think Ubuntu 17.04 offers users anything significant over last year's 16.04 LTS release and it will be retired sooner. That being said, I could not help but be a little wistful about using Unity 7 again. Even though it has been about a year since I last used Unity, I quickly fell back into the routine and I was once more reminded how pleasant it can be to use Unity. The desktop is geared almost perfectly to my workflow and the controls are set up in a way that reduces my mouse usage to almost nothing. I find Unity a very comfortable desktop to use, especially when application menus have been moved from the top panel to inside their own windows. While there are some projects trying to carry on development of Unity, this release of Ubuntu feels like Unity's swan song and I have greatly enjoyed using the desktop this week. While there is not much new in Ubuntu 17.04, the release is pretty solid. Apart from the confusion that may arise from having three different package managers, I found Ubuntu to be capable, fairly newcomer friendly and stable. Everything worked well for me, at least on physical hardware. Unity is a bit slow to use in a virtual machine, but the distribution worked smoothly on my desktop computer. Read more