Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security
  • Home-router IoT Devices Compromised for Building DDoS Botnet

    IoT (Internet-of-Thing) devices have been used to make a botnet earlier also just like attackers recently compromised 8 different popular home-routers that are IoT brands to make a botnet out of them which executed a DDoS attack at the application-level against several servers of certain website. Discoverer of this application-level DDoS alternatively HTTPS flood assault of Layer 7 is Sucuri the security company.

  • New Linux Trojan Discovered Coded in Mozilla's Rust Language [Ed: don’t install it. Easy.]

    A new trojan coded in Rust is targeting Linux-based platforms and adding them to a botnet controlled through an IRC channel, according to a recent discovery by Dr.Web, a Russian antivirus maker.

    Initial analysis of this trojan, detected as Linux.BackDoor.Irc.16, reveals this may be only a proof-of-concept or a testing version in advance to a fully weaponized version.

    Currently, the trojan only infects victims, gathers information about the local system and sends it to its C&C server.

  • The Limits of SMS for 2-Factor Authentication

    A recent ping from a reader reminded me that I’ve been meaning to blog about the security limitations of using cell phone text messages for two-factor authentication online. The reader’s daughter had received a text message claiming to be from Google, warning that her Gmail account had been locked because someone in India had tried to access her account. The young woman was advised to expect a 6-digit verification code to be sent to her and to reply to the scammer’s message with that code.

  • Telnet is not dead – at least not on ‘smart’ devices

    Depending on your age, you either might or might not have used Telnet to connect to remote computers in the past. But regardless of your age, you would probably not consider Telnet for anything you currently use. SSH has become the de facto standard when it comes to remote shell connection as it offers higher security, data encryption and much more besides.

    When we created our first honeypots for the Turris project (see our older blog articles – 1, 2, 3), we started with SSH and Telnet, because both offer interactive console access and thus are very interesting for potential attackers. But SSH was our main goal, while Telnet was more of a complimentary feature. It came as a great surprise to discover that the traffic we drew to the Telnet honeypots is three orders of magnitude higher than in the case of SSH (note the logarithmic scale of the plot below). Though there is a small apples-to-oranges issue, as we compare the number of login attempts for Telnet with the number of issued commands for SSH, the huge difference is obvious and is also visible in other aspects, such as in the number of unique attacker IP addresses.

  • Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years

    vDOS — a “booter” service that has earned in excess of $600,000 over the past two years helping customers coordinate more than 150,000 so-called distributed denial-of-service (DDoS) attacks designed to knock Web sites offline — has been massively hacked, spilling secrets about tens of thousands of paying customers and their targets.

    The vDOS database, obtained by KrebsOnSecurity.com at the end of July 2016, points to two young men in Israel as the principal owners and masterminds of the attack service, with support services coming from several young hackers in the United States.

  • Cisco’s Network Bugs Are Front and Center in Bankruptcy Fight

    Game of War: Fire Age, your typical melange of swords and sorcery, has been one of the top-grossing mobile apps for three years, accounting for hundreds of millions of dollars in revenue. So publisher Machine Zone was furious when the game’s servers, run by hosting company Peak Web, went dark for 10 hours last October. Two days later, Machine Zone fired Peak Web, citing multiple outages, and later sued.

    Then came the countersuit. Peak Web argued in court filings that Machine Zone was voiding its contract illegally, because the software bug that caused the game outages resided in faulty network switches made by Cisco Systems, and according to Peak Web’s contract with Machine Zone, it wasn’t liable. In December, Cisco publicly acknowledged the bug’s existence—too late to help Peak Web, which filed for bankruptcy protection in June, citing the loss of Machine Zone’s business as the reason. The Machine Zone-Peak Web trial is slated for March 2017.

    “Machine Zone wasn’t acting in good faith,” says Steve Morrissey, a partner at law firm Susman Godfrey, which is representing Peak Web. “They were trying to get out of the contract.” Machine Zone has disputed that assertion in court documents, but it declined to comment for this story. Cisco also declined to comment on the case, saying only that it tries to publish confirmed problems quickly.

    There’s buggy code in virtually every electronic system. But few companies ever talk about the cost of dealing with bugs, for fear of being associated with error-prone products. The trial, along with Peak Web’s bankruptcy filings, promises a rare look at just how much or how little control a company may have over its own operations, depending on the software that undergirds it. Think of the corporate computers around the world rendered useless by a faulty update from McAfee in 2010, or of investment company Knight Capital, which lost $458 million in 30 minutes in 2012—and had to be sold months later—after new software made erratic, automated stock market trades.

Free Software Foundation stresses necessity of full user control over Internet-connected devices

Filed under
GNU
Security

The Internet of Things (IoT) refers to the integration of Internet technology into a wider range of home devices than previously envisaged by most users. Early adopters of IoT may now have homes with Internet-connected lightbulbs, alarm systems, baby monitors and even coffee machines. Internet integration allows owners to have greater flexibility over their devices, making it possible to turn on their air conditioning as they leave work to cool the house before they return, to have curtains that automatically close based on sunset time, or lights that automatically turn off after the owner has left the house. Each individual benefit may seem marginal, but overall they add significant benefit to the owners.

Read more

Security News

Filed under
Security
  • Friday's security updates
  • Ten-year-old Windows Media Player hack is the new black, again

    Net scum are still finding ways to take down users with a decade-old Windows Media Player attack.

    The vector is a reborn social engineering hatchet job not seen in years in which attackers convince users to run executable content through Windows Media Player's Digital Rights Management (DRM) functionality.

    Windows Media Player will throw a DRM warning whenever users do not have the rights to play content, opening a URL through which a licence can be acquired.

    Now malware villains are packing popular movies with malicious links so that the DRM warning leads to sites where they're fooled into downloading trojans masquerading as necessary video codecs.

  • Luabot Malware Turning Linux Based IoT Devices into DDoS Botnet

    The IT security researchers at MalwareMustDie have discovered a malware that is capable of infecting Linux-based Internet of Things (IoT) devices and web servers to launch DDoS (Distributed Denial of Service) attacks.

Security News

Filed under
Security

Security News

Filed under
Security

Wireshark 2.2

Filed under
Software
Security
  • Wireshark 2.2 Released

    Wireshark 2.2 features "Decode As" improvements, the various UIs now support exporting packets as JSON, there is new file format decoding support, and a wide range of new protocol support. New protocol coverage includes Apache Cassandra, USB3 Vision Protocol, USIP protocol, UserLog protocol, Zigbee Protocol Clusters, Cisco ttag, and much more.

  • Wireshark 2.2.0 Is Out as the World's Most Popular Network Vulnerability Scanner

    Today, September 7, 2016, the development team behind the world's most popular network protocol analyzer, Wireshark, proudly announced the release of a new major stable version, namely Wireshark 2.2.

    After being in development for the past couple of months, Wireshark 2.2.0 has finally hit the stable channel, bringing with it a huge number of improvements and updated protocols. For those of you who never heard of Wireshark, we want to remind them that it's an open-source network vulnerability scanner used by security researchers and network administrators for development, analysis, troubleshooting, as well as education purposes.

Security News

Filed under
Security
  • New release: usbguard-0.6.0

    Another milestone behind us. The 0.6.0 release brings the promissed CentOS/RHEL 7 compatibility. This means that our Copr EPEL-7 repository as well as Fedora’s EPEL-7 repository will now provide the latest versions of USBGuard. Check it out!

    One more very good piece of news is that USBGuard was accepted in Debian and is available in Sid (unstable). A big thanks goes to Muri Nicanor and others involved in this packaging effort!

  • StartSSL customers, it is time to leave. Now!

    While listening to the Security Now podcast, I have listened first with amusement then with horror to Steve reading email from Mozilla about the security problems with WoSign CA.

    Their list of woes is long, read the linked email for details, but one thing turned up during the email which I was not aware of: StartCom (owner of the StartSSL certificate authority) was apparently recently bought by WoSign CA! Apparently one of the security bugs StartSSL has (had?) was that with properly modified POST request (yes, I guess you can do it in the Developer Tools of your Firefox) you can get certificate linked to the root ceritificate “CA 沃通根证书” (or “WoSign CA Free SSL Certificate G2” with another value of the parameter). Awesome!

    What’s even more interesting is that I am a paying customer of StartSSL CA and I have never been made aware of the change of ownership. The only other mention of the possible change of ownership I found was on the Wikipedia page, which linked to the blogpost, which is now unavailable due to “legal review of the site” […]. Even better!

  • Debian GNU/Linux Fixes Dangerous TCP Flaw In New Update
  • Why Security Performance Will be Key in NFV

    There is growing evidence that the data center is driving toward a more software-centric security model that will be core to network functions virtualization (NFV) and software-defined networking (SDN) technology. This new model means that security performance in NFV will be key.

  • How to enable server-side encryption in Nextcloud

    Out of the box, Nextcloud servers do not run with server-side encryption. Follow these steps to enable an extra layer of security for Nextcloud.

  • Umbreon rootkit targets Linux on x86, ARM [Ed: nonsensical marketing hype from Trend Micro]
  • Pokemon Themed 'Umbreon' Rootkit Hides In Linux Systems
  • Taking umbrage at Umbreon, the Linux rootkit that likes to hide
  • Linux rootkit, named for Pokémon's Umbreon, targets Linux

Calamares 2.4 Universal Linux Installer Gets Its First Point Release to Fix Bugs

Filed under
GNU
Linux
Security

The Calamares team announced recently the availability of the first point release to the new stable series of the distribution-independent system installer used in many GNU/Linux distributions, Calamares 2.4.

Read more

Security News

Filed under
Security
  • Security advisories for Monday
  • Stealthy, tricky to remove rootkit targets Linux systems on ARM and x86 [Ed: IDG covers this nonsense from Trend Micro (not a real risk, just the name Pokémon for better headlines])
  • You can't weigh risk if you don't know what you don't know

    If any of us have ever been in a planning meeting, a variant of this has no doubt come up at some point. It came up for me last week, and every time I hear it I think about all things we don't know we don't know. If you're not familiar with the concept, it works a bit like this. I know I don't know to drive a boat. But because I know I don't know this, I could learn. If you know you lack certain knowledge, you could find a way to learn it. If you don't know what you don't know, there is nothing you can do about it. The future is often an unknown unknown. There is nothing we can do about the future in many instances, you just have to wait until it becomes a known, and hope it won't be anything too horrible. There can also be blindness when you think you know something, but you really don't. This is when people tend to stop listening to the actual experts because they think they are an expert.

Syndicate content

More in Tux Machines

Eight great Linux gifts for the holiday season

Do you want to give your techie friend a very Linux holiday season? Sure you do! Here are some suggestion to brighten your favorite Tux fan's day. Read more Also: More Random Gift Ideas For Linux Enthusiasts & Others Into Tech Which open source gift is at the top of your holiday wish list?

Ubuntu-Based ExTiX OS Updated for Intel Compute Sticks with Improved Installer

GNU/Linux developer Arne Exton announced this past weekend the release of an updated build of his Ubuntu-based ExTiX Linux distribution for Intel Compute Stick devices. Last month, we reported on the initial availability of a port of the ExTiX operating system for Intel Compute Sticks, boasting the lightweight and modern LXQt 0.10.0 desktop environment and powered by the latest Linux 4.8 kernel, tweaked by Arne Exton for Intel Atom processors. And now, ExTiX Build 161203 is out as a drop-in replacement for Build 161119, bringing a much-improved Ubiquity graphics installer that should no longer crash, as several users who attempted to install the Ubuntu-based GNU/Linux distro on their Intel Compute Stick devices reported. Read more Also: Debian-Based SparkyLinux 4.5 Brings Support for exFAT Filesystems, systemd 232 4MLinux 20.1 Linux Distro Released with Kernel 4.4.34 LTS to Restore PAE Support

Today in Techrights

Canonical Releases Snapcraft 2.23 Snap Creator for Ubuntu 16.04 LTS and 16.10

Canonical's Snappy development team have released a new maintenance version of the Snapcraft 2.x tool that lets applications developers package their apps as Snap packages for Ubuntu and other GNU/Linux distributions that support Snaps. Read more