Security
Canonical and IBM Leftovers
Submitted by Roy Schestowitz on Monday 27th of June 2022 06:15:41 AM Filed under-
What’s new in Security for Ubuntu 22.04 LTS?
Canonical Ubuntu 22.04 LTS is the latest long term support release of Ubuntu, one of the world’s most popular Linux distributions. As a Long Term Support release, Ubuntu 22.04 LTS will be supported for 10 years, receiving both extended security updates and kernel livepatching via an Ubuntu Advantage subscription (which is free for personal use). This continues the benchmark of Ubuntu LTS releases serving as the most secure foundation on which to both develop and deploy Linux applications and services. In this blog post, we take a look at the various security features and enhancements that have gone into this new release since the Ubuntu 20.04 LTS release. For a more detailed examination of some of these features, be sure to check out the previous articles in this series which cover the improvements delivered across each interim release of Ubuntu in the past 2 years between 20.04 LTS and 22.04 LTS.
-
We Still Want IBM i On The Impending Power E1050
In March last year, as Big Blue was finishing up the development of the Power10 family of Power Systems machines, we wrote an essay explaining that we wanted IBM i to be a first-class operating system citizen on the four-socket Power E1050 machine, which we finally expect to see launch on July 12 if the rumors are correct.
-
Big Blue Tweaks IBM i Pricing Ahead Of Subscription Model
Back in May, Big Blue said that it was going to be simplifying the IBM i stack ahead of a move to subscription pricing for systems software as well as hardware that runs it. To do that means zeroing out prices for a slew of things that had price tags on them formerly.
-
Guru: The Finer Points of Exit Points
Many years ago, we received a call from an IBM i customer stating that all exit points were gone and the QAUDJRN and receivers were missing. Then the question, “Do you think we’ve been hacked?” Truth was, the exit points weren’t gone; the associated programs had been de-registered. Conclusion, they had most likely been compromised.
-
IBM i Licensing, Part 3: Can The Hardware Bundle Be Cheaper Than A Smartphone?
How many monthly iPhone bills is a Power10-based entry server worth?
-
Guild Mortgage Takes The 20-Year Option For Modernization
When Kurt Reheiser returned to the IBM i server after a 15-year hiatus away the platform, things weren’t a lot different than how he left them.
- Login or register to post comments
- Printer-friendly version
- Read more
- 3442 reads
- PDF version
Security Leftovers
Submitted by Roy Schestowitz on Sunday 26th of June 2022 03:10:55 PM Filed under-
odcast: Why there were 56 OT vulnerabilities this week
This week we cover the Ericsson mobility report that offers some stats on cellular IoT connections, including the surprising nugget that we won’t see 4G/5G connections surpass 2G/3G connections until some time next year. Then we hit another report. This one is from NPR and covers the state of audio and smart speakers. It proves that growth is slowing for smart speakers and that we may not do as many things with voice as we think. In dystopian news we cover China using COVID tracking apps to lock down protesters, and Microsoft stopping sales of some facial recognition tools. In new product news we talk about the latest Philips Hue gear, a new material that could generate electricity for wearables, and new MCUs from NXP. We also address the closure of SmartDry and explain how Google’s update on the Nest Max Hub may break your Nest x Yale lock. We end by answering a listener question about more accurate motion sensors.
-
Cortex XSOAR Tips & Tricks – Creating indicator relationships in automations
In Cortex XSOAR, indicators are a key part of the platform as they visualize the Indicators Of Compromise (IOC) of a security alert in the incident to the SOC analyst and can be used in automated analysis workflows to determine the incident outcome. If you have a Cortex XSOAR Threat Intelligence Management (TIM) license, it is possible to create predefined relationships between indicators to describe how they relate to each other. This enables the SOC analyst to do a more efficient incident analysis based on the indicators associated to the incident.
-
Social Engineering Kill–Chain: Predicting, Minimizing & Disrupting Attack Verticals
It was a Friday afternoon when Bill was on his way back home from work when he received a call that made him take the next U-turn back to his office. It was one of these calls that he was dedicating all of his working hours to avoid. He was not given much detail through the phone, but it seems that Andre, someone working in the account payments department, had just fallen victim to a scam and had proceeded to a hefty payment. A scam? Bill recalled all the training videos he had put this department through. What went wrong?
-
Daycare apps are insecure surveillance dumpster-fires
Apps are like software, only worse.
-
12 best patch management software and tools for 2022
These 12 tools approach patching from different perspectives. Understanding their various approaches can help you find the right product for your needs.
- Login or register to post comments
- Printer-friendly version
- Read more
- 2356 reads
- PDF version
Arti 0.5.0 is released: Robustness and API improvements
Submitted by Roy Schestowitz on Saturday 25th of June 2022 01:45:01 PM Filed underArti is our ongoing project to create a working embeddable Tor client in Rust. It’s not ready to replace the main Tor implementation in C, but we believe that it’s the future.
Right now, our focus is on making Arti production-quality, by stress-testing the code, hunting for likely bugs, and adding missing features that we know from experience that users will need. We're going to try not to break backward compatibility too much, but we'll do so when we think it's a good idea.
- Login or register to post comments
- Printer-friendly version
- Read more
- 4542 reads
- PDF version
Security Leftovers
Submitted by Roy Schestowitz on Friday 24th of June 2022 08:17:22 PM Filed under-
Reproducible Builds: Supporter spotlight: Hans-Christoph Steiner of the F-Droid project
The Reproducible Builds project relies on several projects, supporters and sponsors for financial support, but they are also valued as ambassadors who spread the word about our project and the work that we do.
This is the fifth instalment in a series featuring the projects, companies and individuals who support the Reproducible Builds project. We started this series by featuring the Civil Infrastructure Platform project and followed this up with a post about the Ford Foundation as well as a recent ones about ARDC, the Google Open Source Security Team (GOSST) and Jan Nieuwenhuizen on Bootstrappable Builds, GNU Mes and GNU Guix.
-
Citrix Releases Security Updates for Hypervisor | CISA
Citrix has released security updates to address vulnerabilities that could affect Hypervisor. An attacker could exploit one of these vulnerabilities to take control of an affected system.
-
Ransomware groups targeting Mitel VoIP zero-day - The Record by Recorded Future
Ransomware groups are targeting a zero-day affecting a Linux-based Mitel VoIP appliance, according to researchers from CrowdStrike.
The zero-day – tagged as CVE-2022-29499 – was patched in April by Mitel after CrowdStrike researcher Patrick Bennett discovered the issue during a ransomware investigation.
In a blog post on Thursday, Bennett explained that after taking the Mitel VoIP appliance offline, he discovered a “novel remote code execution exploit used by the threat actor to gain initial access to the environment.”
- 2 comments
- Printer-friendly version
- Read more
- 3517 reads
- PDF version
Security features in Red Hat Enterprise Linux 9
Submitted by Rianne Schestowitz on Friday 24th of June 2022 07:22:04 PM Filed underRed Hat Enterprise Linux 9 (RHEL 9) is the latest version of Red Hat’s flagship operating system, released at the Red Hat Summit in May 2022. New capabilities added to RHEL 9 help simplify how organizations manage security and compliance when deploying new systems or managing existing infrastructure. This article takes a brief look at three of the new security features available in this release.
The default superuser account in Unix- and Linux-based systems is "root". Because the username is always "root" and access rights are unlimited, this account is the most valuable target for hackers. Attackers use bots to scan for systems with exposed SSH ports, and when found, they attempt to use common usernames and brute-force passwords to gain entry. Of course, the impact of a successful exploit would be a lot lower if the compromised user has unprivileged access. The breach would then be contained and limited to one user only.
- Login or register to post comments
- Printer-friendly version
- Read more
- 4010 reads
- PDF version
Security Leftovers
Submitted by Roy Schestowitz on Friday 24th of June 2022 02:17:03 PM Filed under-
Security updates for Friday
Security updates have been issued by Fedora (ntfs-3g and ntfs-3g-system-compression), SUSE (389-ds, chafa, containerd, mariadb, php74, python3, salt, and xen), and Ubuntu (apache2).
-
On the Dangers of Cryptocurrencies and the Uselessness of Blockchain
Earlier this month, I and others wrote a letter to Congress, basically saying that cryptocurrencies are an complete and total disaster, and urging them to regulate the space. Nothing in that letter is out of the ordinary, and is in line with what I wrote about blockchain in 2019. In response, Matthew Green has written—not really a rebuttal—but a “a general response to some of the more common spurious objections…people make to public blockchain systems.”
-
4 CNCF Projects For Key Management - Container Journal
The nuances of cloud-native architecture necessitate some new approaches to security. Not only are container-based microservices inherently distributed, but there is a rising number of dependencies within the software supply chain. As a result, developers are faced with storing and accessing many types of secrets, including API keys, encryption keys, JSON Web Tokens (JWTs) and others when building cloud-native applications based on containers and running on platforms like Kubernetes. But, leaving such secrets exposed within your codebase goes against security best practices, as an attacker could easily access them.
Software components must verify every request is coming from a legitimate source, known as authentication, and they must confirm the requesting party has the required permissions to access a resource, known as authorization. As part of this mission, we’ve seen a lot of development activity around automating secret issuance and distribution to securely store and distribute passwords among services.
-
Panchan: A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers [Ed: How Microsoft-friendly sites distract from the biggest culprit and badmouth Linux and Golang at the same time (simply because you can install malware)]
- Login or register to post comments
- Printer-friendly version
- Read more
- 3499 reads
- PDF version
Security Leftovers
Submitted by Roy Schestowitz on Thursday 23rd of June 2022 01:15:30 PM Filed under-
Closing the Cybersecurity Talent Gap With New Candidate Pools [Ed: Decades of back doors have meant security failures and a lack of people traintd to understand real security]
HR and security leaders must deploy new strategies to attract, hire, and retain cyber professionals while looking for ways to leverage the transferable skills and potential of untapped talent.
Demand for cybersecurity talent has reached an historic high: 63% of businesses say they have unfilled security positions, and 60% experienced difficulties retaining qualified cybersecurity professionals in 2021, according to the ISACA State of Cybersecurity 2022 report. And information security analyst jobs are expected to grow faster than the average for all other occupations.
-
Reproducible Builds (diffoscope): diffoscope 217 released
The diffoscope maintainers are pleased to announce the release of diffoscope version 217. This version includes the following changes:
* Update test fixtures for GNU readelf 2.38 (now in Debian unstable). * Be more specific about the minimum required version of readelf (ie. binutils) as it appears that this "patch" level version change resulted in a change of output, not the "minor" version. (Closes: #1013348) * Don't leak the (likely-temporary) pathname when comparing PDF documents.
-
On the Subversion of NIST by the NSA
-
Security updates for Thursday
Security updates have been issued by Debian (chromium, firejail, and request-tracker4), Fedora (ghex, golang-github-emicklei-restful, and openssl1.1), Oracle (postgresql), Scientific Linux (postgresql), Slackware (openssl), SUSE (salt and tor), and Ubuntu (apache2 and squid, squid3).
-
Raphaël Hertzog: Freexian’s report about Debian Long Term Support, May 2022
Like each month, have a look at the work funded by Freexian’s Debian LTS offering.
Debian project funding
Two [1, 2] projects are in the pipeline now. Tryton project is in a final phase. Gradle projects is fighting with technical difficulties.
In May, we put aside 2233 EUR to fund Debian projects.
We’re looking forward to receive more projects from various Debian teams! Learn more about the rationale behind this initiative in this article.
-
Enterprise Linux Security Episode 33 - Patch your Confluence Server! - Invidious
Atlassian software is constantly under attack, and often the source of many lost weekends for IT admins. Recently, a brand-new vulnerability has been discovered - CVE-2022-26134. This particular vulnerability is remotely exploitable, and has been listed as critical. In this episode, Jay and Joao discuss this vulnerability, as well as some of the struggles around Atlassian software in general.
- Login or register to post comments
- Printer-friendly version
- Read more
- 3565 reads
- PDF version
Security Leftovers
Submitted by Roy Schestowitz on Wednesday 22nd of June 2022 06:51:55 PM Filed under-
Security updates for Wednesday [LWN.net]
Security updates have been issued by Debian (exo and ntfs-3g), Fedora (collectd, golang-github-cli-gh, grub2, qemu, and xen), Red Hat (httpd:2.4, kernel, and postgresql), SUSE (drbd, fwupdate, neomutt, and trivy), and Ubuntu (apache2, openssl, openssl1.0, and qemu).
-
CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report
CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography or broken authentication schemes, insecure firmware updates and remote code execution via native functionality.
-
Useful web hosting tips that can help secure your site
Website security is about preparing for the worst if applied security mechanisms fail. After all, protecting your site from every threat on the book can be laborious. However, it does not mean website owners should not try. It simply refers to the two sides of the coin: preventing attacks or other interruptions and mitigating successful ones.
Thus, it might be an excellent idea to review the security of your business website to ensure you don’t end up a victim of vicious attacks. Considering that, here are the top 7 definitive web hosting tips to help secure your site for the foreseeable future.
-
Free Training Course Teaches How to Secure a Software Supply Chain with Sigstore [Ed: OpenSSF (former Microsoft) telling you to deny people who want to run applications of their choice; they call that "security"]
-
Learn the Principles of DevSecOps in New, Free Training Course [Ed: This is what Zemlin et al are 'teaching']
At the most basic level, there is nothing separating DevSecOps from the DevOps model. However, security, and a culture designed to put security at the forefront has often been an afterthought for many organizations. But in a modern world, as costs and concerns mount from increased security attacks, it must become more prominent. It is possible to provide continuous delivery, in a secure fashion. In fact, CD enhances the security profile. Getting there takes a dedication to people, culture, process, and lastly technology, breaking down silos and unifying multi-disciplinary skill sets. Organizations can optimize and align their value streams towards continuous improvement across the entire organization.
-
Keeping PowerShell: Measures to Use and Embrace [Ed: Has CISA become a "damage control" or PR department of Microsoft?]
Cybersecurity authorities from the United States, New Zealand, and the United Kingdom have released a joint Cybersecurity Information Sheet (CIS) on PowerShell. The CIS provides recommendations for proper configuration and monitoring of PowerShell, as opposed to removing or disabling it entirely due to its use by malicious actors after gaining access into victim networks. These recommendations will help defenders detect and prevent abuse by malicious cyber actors, while enabling legitimate use by administrators and defenders.
-
For a few days earlier this year, rogue GitHub apps could have hijacked countless repos
A GitHub bug could have been exploited earlier this year by connected third-party apps to hijack victims' source-code repositories.
For almost a week in late February and early March, rogue applications could have generated scoped installation tokens with elevated permissions, allowing them to gain otherwise unauthorized write or administrative access to developers' repos. For example, if an app was granted read-only access to an organization or individual's code repo, the app could effortlessly escalate that to read-write access.
This security blunder has since been addressed and before any miscreants abused the flaw to, for instance, alter code and steal secrets and credentials, according to Microsoft's GitHub, which assured The Register it's "committed to investigating reported security issues."
This is good news, because according to Aqua Security researchers, exploitation would have had a massive impact on "basically everyone." In effect, this is a near hit for the industry as miscreants could have exploited the hole to exfiltrate cloud credentials from private repos or potentially tamper with software projects.
-
Google Releases Security Updates for Chrome | CISA
Google has released Chrome version 103.0.5060.53 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.
- Login or register to post comments
- Printer-friendly version
- Read more
- 2345 reads
- PDF version
TrueNAS SCALE adds SMB Clustering and HA in 2nd Major Update
Submitted by Roy Schestowitz on Wednesday 22nd of June 2022 06:35:40 PM Filed underTrueNAS SCALE 22.02.2 (“Angelfish”) was released today after the previous versions were deployed on over 20,000 active systems. TrueNAS SCALE 22.02.2 includes the completion of SMB clustering and the delivery of High Availability (HA) on TrueNAS M-Series systems. This release is complemented by the new functionality in TrueCommand that provides wizards for creating SMB clusters.
TrueNAS SCALE continues with system count growth at over 100% per quarter since the start of the BETA process in mid 2021. There is widespread adoption by Linux admins and great feedback as TrueNAS SCALE matures.
- Login or register to post comments
- Printer-friendly version
- Read more
- 2940 reads
- PDF version
Proprietary Failures
Submitted by Roy Schestowitz on Wednesday 22nd of June 2022 08:44:54 AM Filed under-
Cloudflare outage brings hundreds of sites, services temporarily offline
The company faced similar issues last week when an outage in the India region caused several services including Discord, Shopify, Canva and GitLab to suffer from network performance issues across India, Indonesia and Eastern Europe.
-
Microsoft’s Outlook email taken down by global internet outage
According to website monitoring service Down Detector, affected users are seeing messages telling them they have been unable to connect to a server, and are struggling to connect to the service from across a range of devices.
The monitoring service showed it began receiving reports of problems at around 9am on Tuesday.
-
Microsoft Outlook outage: Email service down with company working on fix after service inaccessible
However, the outage appears to be unrelated to an issue at web infrastructure firm Cloudflare which took a large number of popular websites offline earlier on Tuesday morning.
-
Former NSA chief warns of Russian cyberattacks against US financial sector
Alexander made his remarks during a cyber webinar hosted by IronNet, a cybersecurity firm founded and led by the retired general. Alexander was joined by other panelists who discussed several key issues, including how nation-state threat actors such as Russia will use cyber as a weapon to target banks and other financial institutions.
Following the invasion of Ukraine, the U.S. and Western Europe imposed crippling economic sanctions against Russia, including cutting the country off from roughly $600 billion in reserves held by the Central Bank of Russia, suspending its access to the U.S. dollar and banning the state banks from using SWIFT, a messaging system used by banks to conduct international transactions.
- Login or register to post comments
- Printer-friendly version
- Read more
- 2643 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
47 weeks 1 day ago
47 weeks 2 days ago
47 weeks 2 days ago
47 weeks 2 days ago
47 weeks 2 days ago
47 weeks 2 days ago
47 weeks 2 days ago
47 weeks 3 days ago
47 weeks 3 days ago
47 weeks 3 days ago