Language Selection

English French German Italian Portuguese Spanish

Security

Ethical Hacking OS Parrot Security 3.9 Officially Out, Parrot 4.0 In the Works

Filed under
OS
Security

Just a minor improvement to the Parrot Security 3.x series of the Linux-based operating system used by security researchers for various pentesting and ethical hacking tasks, Parrot Security OS 3.9 is here with all the latest security patches and bug fixes released upstream in the Debian GNU/Linux repositories.

But it also looks like it ships with some important new features that promise to make the ethical hacking computer operating system more secure and reliable. One of these is a new sandbox system based on the Firejail SUID program and designed to add an extra layer of protection to many apps, protecting users from 0day attacks.

Read more

Latest IPFire 2.19 Linux Firewall Update Patches OpenSSL, Wget Vulnerabilities

Filed under
Linux
Security

Coming only a few days after the Core Update 115 release, which introduced a new IPFire Captive Portal allowing for easy access control of wireless and wired networks, along with updated OpenVPN configuration options, the IPFire 2.19 Core Update 116 release patches important security vulnerabilities.

For starters, the update bumps the OpenSSL version to 1.0.2m, a release that addresses two security flaws affecting modern AMD Ryzen and Intel Broadwell processors, as well as certificate data. More details about the two vulnerabilities are available at CVE-2017-3736 and CVE-2017-3735.

Read more

Security: Marcher, WPA2, Updates, Reproducible Builds and More

Filed under
Security

Kernel: USB Vulnerabilities in Linux, Linux Foundation Adds B9lab

Filed under
Linux
Security
  • Linux kernel: multiple vulnerabilities in the USB subsystem
  • More Than One Dozen USB Vulnerabilities Published For The Linux Kernel

    Made public on Monday were details on 14 known security vulnerabilities within the Linux kernel's USB subsystem while there is also known to be more similar bugs that are yet to be resolved.

    The good news about these USB vulnerabilities is that they would require any rogue individual to first have created a specially-crafted USB device and to have physical address to the vulnerable Linux system.

  • B9lab Joins Hyperledger Project and Linux Foundation

    B9lab is pleased to announce it has joined the Hyperledger Project and the Linux Foundation. This follows the recent launch of their in-depth Hyperledger Fabric course for software engineers. Over the past two years B9lab has been committed to providing high quality education and certification to the wider blockchain industry for both developers and stakeholders.

Security: MINIX, DDOS, Bugs and Malware

Filed under
Security

KDE Plasma 5.11.3 Desktop Environment Released with 40 Bugfixes and Improvements

Filed under
KDE
Security

The KDE Plasma 5.11.3 software update comes two weeks after the KDE Plasma 5.11.2 release, and it appears to include a total of 40 changes, improving Plasma Desktop, Plasma Workspace, Plasma Discover, Plasma Addons, Plasma Networkmanager, KScreen, KWin, Milou, plasma-integration, kactivitymanagerd, and System Settings.

"Today KDE releases a Bugfix update to KDE Plasma 5, versioned 5.11.3. Plasma 5.11 was released in October with many feature refinements and new modules to complete the desktop experience. This release adds a fortnight's worth of new translations and fixes from KDE's contributors. The bugfixes are typically small but important," said KDE in today's announcement.

Read more

CAINE 9.0 Linux Helps Investigators With Computer Security Forensics

Filed under
Linux
Security

While there are many security-focused Linux distributions on the market, one distribution distinguishes itself by targeting forensic investigators. Instead of penetration testing tools, CAINE - which is an acronym for Computer Aided INvestigative Environment and was investigated to version 9.0 on Oct. 25 - is loaded with applications and tools to help investigators find the clues and data points that are required for computer security forensics.

Read more

Oracle Linux and GNOME

Filed under
GNOME
Security
  • Oracle Linux Security Developer To AMD: "Smatch" Your Driver

    Dan Carpenter of Oracle who is responsible for security audits of the Linux kernel is not happy with the current state of the AMDGPU DRM code-base.

    Carpenter fired off an email today on the public kernel mailing list with the title: AMD, please run Smatch on your driver. The Smatch he is referring to is a static analysis tool he designed for working on the Linux kernel.

  • Longtime GNOME Contributor & Oracle Principal UX Designer Leaves The Company

    The latest talent to have departed Oracle is a longtime GNOME contributor who has at Oracle/Sun Microsystems for nearly the past two decades.

    Calum Benson who had been involved with GNOME since 2000 and was particularly active during the Sun Microsystems days with GNOME 1.x and GNOME 2.x, involved in improving the usability of GNOME, has announced his sunset at Oracle.

IPFire 2.19 - Core Update 116 released

Filed under
GNU
Linux
Security

Just days after releasing Core Update 115 with our brand new Captive Portal, we are releasing the next update for IPFire which is necessary because some security vulneratbilities have been found in some packages that IPFire uses. Those are openssl and wget, but this update also brings some smaller bug fixes.

Read more

MINIX: ​Intel's hidden in-chip operating system

Filed under
OS
Hardware
Security

Why? Let's start with what. Matthew Garrett, the well-known Linux and security developer who works for Google, explained recently that, "Intel chipsets for some years have included a Management Engine [ME], a small microprocessor that runs independently of the main CPU and operating system. Various pieces of software run on the ME, ranging from code to handle media DRM to an implementation of a TPM. AMT [Active Management Technology] is another piece of software running on the ME."

In May, we found out that AMT had a major security flaw, which had been in there for nine -- count 'em -- nine years.

"Fixing this requires a system firmware update in order to provide new ME firmware (including an updated copy of the AMT code)," Garrett wrote. "Many of the affected machines are no longer receiving firmware updates from their manufacturers, and so will probably never get a fix," he said. "Anyone who ever enables AMT on one of these devices will be vulnerable."

[...]

The Electronic Frontier Foundation (EFF) has called for Intel to provide a way for users to disable ME. Russian researchers have found a way to disable ME after the hardware has initialized, and the main processor has started. That doesn't really help much. ME is already running by then.

But Minnich found that what's going on within the chip is even more troubling. At a presentation at Embedded Linux Conference Europe, he reported that systems using Intel chips that have AMT, are running MINIX.

If you learned about operating systems in the late '80s and early '90s, you knew MINIX as Andrew S Tanenbaum's educational Unix-like operating system. It was used to teach operating system principles. Today, it's best known as the OS that inspired Linus Torvalds to create Linux.

So, what's it doing in Intel chips? A lot. These processors are running a closed-source variation of the open-source MINIX 3. We don't know exactly what version or how it's been modified since we don't have the source code.

Read more

Syndicate content

More in Tux Machines

today's howtos

Linux Microsoft Office Alternatives

Despite what you may have been led to believe, there are in fact a number of solid Linux alternatives for Microsoft Office available. In fact, there are even options available with varied levels of docx support, if that is something relevant to your business. This article will explore my recommended Microsoft Office alternatives for Linux. Some of them you've likely heard of, others may be cloud/server based options that you might not have thought much about until now. Read more Also: The best open source video editors 2018: free to download, edit, use and share

Security: Updates, WordPress, Hardware Patches, and Open Source Security Podcast

  • Security updates for Tuesday
  • WordPress 4.9.2 Security and Maintenance Release
    WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for most use cases, they have been removed from WordPress.
  • Debian-Based SolydXK Linux OS Receives Patch for Meltdown Security Vulnerability
    The Debian-based SolydXK Linux operating system has been updated today with patches for the Meltdown security vulnerability, as well as various other new features and improvements. To mitigate the Meltdown security exploit that allows a locally installed program to access the memory, including the kernel memory, and steal sensitive information like passwords and encryption keys, the SolydXK 201801 ISO images are now powered by the latest kernel release with patches against this vulnerability.
  • Chakra GNU/Linux Now Patched Against Meltdown & Spectre Security Vulnerabilities
    It's time for users of the Chakra GNU/Linux operating system to patch their systems against the Meltdown and Spectre security vulnerabilities as new kernel updates landed today in the repos. Publicly disclosed earlier this month, the Meltdown and Spectre security vulnerabilities are affecting us all, but OS vendors and OEMs are trying their best to mitigate them so that no user can be the victim of attacks where their sensitive data is at risk of getting in the hands of the wrong person.
  • Open Source Security Podcast: Episode 78 - Risk lessons from Hawaii

GNOME Devs to Users: Desktop Icons Are Moving to GNOME Shell with GNOME 3.28

There appears to be a lot of fuss lately about the removal of an option from the GNOME desktop environment that allows users to display icons on their desktops. Long story short, last month, near the Christmas holidays, GNOME developer Carlos Soriano shared his plans on removing a so-called "the desktop" feature from the Nautilus file manager starting with the upcoming GNOME 3.28 release of the desktop environment, proposing its integration into the GNOME Shell component. The feature is there to handle application icons on the user's workspace, but it shouldn't have been implemented in Nautilus in the first place, according to the developer. So for the GNOME devs to be able to add new features to the Nautilus file manager, they need to remove its ability to handle desktop icons and place the code somewhere else. Read more