Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • SELinux and --no-new-privs and the setpriv command.
  • Qualcomm study says sure, you can control a drone over LTE

    Internet-connected drones will be necessary if you're going to see fliers that can communicate when they're delivering packages, livestreaming video or otherwise coordinating with the outside world. But how well can you control them over an LTE data connection when they're soaring hundreds of feet above the ground? Quite well, if you ask Qualcomm. The chip maker has published the results of a trial run using LTE-linked drones, and it believes that they're ready for prime time... mostly.

    The dry run (which included over 1,000 flights) showed that existing cellular networks are up to the job. Drones will still get a strong LTE signal at altitudes as high as 400 feet, and they get "comparable" coverage. In fact, they have an advantage over the phone in your pocket -- they don't have to hand over connections as often as ground-based devices.

  • Fake Google Docs phishing deluge hits Gmail
  • 7 Steps to Fight Ransomware

    Perpetrators are shifting to more specific targets. This means companies must strengthen their defenses, and these strategies can help.

    Ransomware can be a highly lucrative system for extracting money from a customer. Victims are faced with an unpleasant choice: either pay the ransom or lose access to the encrypted files forever. Until now, ransomware has appeared to be opportunistic and driven through random phishing campaigns. These campaigns often, but not always, rely on large numbers of emails that are harvested without a singular focus on a company or individual.

  • Open Source Security Audit 'Should Be a Wake-Up Call' [Ed: Microsoft-connected media uses Microsoft-connected Black Duck to smear FOSS]

pfSense 2.3.4 RELEASE Now Available!

Filed under
Security
BSD

We are happy to announce the release of pfSense® software version 2.3.4!

This is a maintenance release in the 2.3.x series, bringing stability and bug fixes, fixes for a few security issues, and a handful of new features. The full list of changes is on the 2.3.4 New Features and Changes page, including a list of FreeBSD and internal security advisories addressed by this release.

This release includes fixes for 24 bugs and 11 Features.

Read more

Security Leftovers

Filed under
Security
  • CII Project Advances Linux Kernel Security as Firm Ends Free Patches

    There has been some public discussion in the last week regarding the decision by Open Source Security Inc. and the creators of the Grsecurity® patches for the Linux kernel to cease making these patches freely available to users who are not paid subscribers to their service. While we at the Core Infrastructure Initiative (CII) would have preferred them to keep these patches freely available, the decision is absolutely theirs to make.

    From the point of view of the CII, we would much rather have security capabilities such as those offered by Grsecurity® in the main upstream kernel rather than available as a patch that needs to be applied by the user. That said, we fully understand that there is a lot of work involved in upstreaming extensive patches such as these and we will not criticise the Grsecurity® team for not doing so. Instead we will continue to support work to make the kernel as secure as possible.

  • Google Was Warned About This Week’s Mass Phishing Email Attack Six Years Ago

    For almost six years, Google knew about the exact technique that someone used to trick around one million people into giving away access to their Google accounts to hackers on Wednesday. Even more worrisome: other hackers might have known about this technique as well.

  • Mobile phone security's been busted for years, and now 2-factor auth is busted too [iophk: "now we are reminded that a phone never was a second authentication factor"]

    SS7 is now confirmed to be exploited in the wild, with crooks taking big scores through it.

  • We Were Warned About Flaws in the Mobile Data Backbone for Years. Now 2FA Is Screwed.

    But on Wednesday, German newspaper The Süddeutsche Zeitung reported that financially-motivated hackers {sic} had used those flaws to help drain bank accounts.

  • Mac malware: Coming soon to a computer near you

    In fact, the number of malware attacks on Apple’s operating system skyrocketed by 744 percent in 2016. Despite this, most people still believe that Macs don’t get viruses. Add to this the fact that, despite the seeming ubiquity of Apple’s products, the company’s user base is still growing. There are nearly 100 million Apple users worldwide, myself included.

  • IT meltdown forces Barts Health NHS Trust to cancel hundreds of appointments

    Earlier thsi year, Barts Health admitted that it has fallen victim to a "ransomware virus attack," likely because it's PCs are still running Microsoft's now-defunct Windows [...]

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

Kali Linux Review: Not Everyone’s Cup of Tea

Filed under
Reviews
Security

Kali Linux has gained a lot of popularity recently. And there is a reason for that. Hacking is back as the cool-thing-to-do in popular culture and this can be attributed significantly to the TV series Mr. Robot.

Kali is one of the few hacking focused Linux distributions and quite obviously, Mr. Robot’s popularity helped Kali Linux in getting new users. The graph below validates this claim.

Read more

Security Leftovers

Filed under
Security
  • Security updates for Wednesday
  • Serverless Security implications—from infra to OWASP
  • Xen hypervisor faces third highly critical VM escape bug in 10 months

    The Xen paravirtualization mode is proving to be a constant source of serious vulnerabilities, allowing attackers to escape from virtual machines

  • Security like it's 2005!

    The 2017 world has a solution to these problems. Use the cloud. Stuff as a Service is without question the way to solve these problems because it makes them go away. There are plenty who will naysay public cloud citing various breeches, companies leaking data, companies selling data, and plenty of other problems. The cloud isn't magic, but it lets you trade a lot of horrible problems for "slightly bad". I guarantee the problems with the cloud are substantially better than letting most people try to run their own infrastructure. I see this a bit like airplane vs automobile crashes. There are magnitudes more deaths by automobile every year, but it's the airplane crashes that really get the attention. It's much much safer to fly than to drive, just as it's much much safer to use services than to manage your own infrastructure.

  • Security Sessions: Why CSOs should care about machine learning
  • Reproducible builds folks: Reproducing R packages
  • Hacker Extortion Attempt Falls Flat Because Netflix Actually Competes With Piracy

    A hacking group calling itself TheDarkOverlord (TDO) has tried, and failed (so far) to extort Netflix and several other companies after stumbling onto a server of unreleased content. TDO was apparently able to compromise the servers of an audio post-production company by the name of Larson Studios. Among the content acquired from the hackers were ten episodes of the as-yet-unreleased new season of the popular Netflix show "Orange is the New Black," which isn't supposed to see full release until June. Outside of some free advertising in the news media and some wasted calories, the group's efforts don't appear to have culminated in much.

  • Free search engine tool hunts down malware-infected computers

    Internet search engine Shodan provides enterprise security teams a wealth of information about open ports on servers and other internet-connected devices. Now, as part of a partnership with threat intelligence company Recorded Future, security analysts and researchers can work with Shodan to uncover systems manipulated to control malware-infected devices.

Security Leftovers

Filed under
Security
  • Personal Security Takes A Hit With Public Release Of NSA's Hacking Toolkit [Ed: Moral of the story is, don't use NSA back doors facilities like Microsoft Windows. Microsoft is in bed with the NSA.]

    Former members of Team Espionage recently expressed their concern that the Shadow Brokers' dump of NSA Windows exploits had done serious damage to the security of the nation. The unwanted exposure of NSA power tools supposedly harmed intelligence gathering efforts, even though the tools targeted outdated operating systems and network software.

  • Finnish technology firm wins contract from US Marine Corps

    Sensofusion, a Vantaa-based developer of drone countermeasures, has been awarded a contract by the US Marine Corps Warfighting Laboratory (MCWL) and the Defence Innovation Unit Experimental (DIUx) to further develop its proprietary technology, Airfence.

  • LibreSSL 2.5.4 Released

    This is the first stable fix release for the LibreSSL 2.5.x branch.

  • security things in Linux v4.11

    Building on the efforts of Elena Reshetova, Hans Liljestrand, and David Windsor to port PaX’s PAX_REFCOUNT protection, Peter Zijlstra implemented a new kernel API for reference counting with the addition of the refcount_t type. Until now, all reference counters were implemented in the kernel using the atomic_t type, but it has a wide and general-purpose API that offers no reasonable way to provide protection against reference counter overflow vulnerabilities. With a dedicated type, a specialized API can be designed so that reference counting can be sanity-checked and provide a way to block overflows. With 2016 alone seeing at least a couple public exploitable reference counting vulnerabilities (e.g. CVE-2016-0728, CVE-2016-4558), this is going to be a welcome addition to the kernel. The arduous task of converting all the atomic_t reference counters to refcount_t will continue for a while to come.

Security Leftovers

Filed under
Security
Syndicate content

More in Tux Machines

Games: Ostriv, Back to Bed, EVERSPACE, Hiveswap: Act 1

Openwashing and Microsoft FUD

BlueBorne Vulnerability Is Patched in All Supported Ubuntu Releases, Update Now

Canonical released today new kernel updates for all of its supported Ubuntu Linux releases, patching recently discovered security vulnerabilities, including the infamous BlueBorne that exposes billions of Bluetooth devices. The BlueBorne vulnerability (CVE-2017-1000251) appears to affect all supported Ubuntu versions, including Ubuntu 17.04 (Zesty Zapus), Ubuntu 16.04 LTS (Xenial Xerus) up to 16.04.3, Ubuntu 14.04 LTS (Trusty Tahr) up to 14.04.5, and Ubuntu 12.04 LTS (Precise Pangolin) up to 12.04.5. Read more

Security: Updates, 2017 Linux Security Summit, Software Updates for Embedded Linux and More

  • Security updates for Tuesday
  • The 2017 Linux Security Summit
    The past Thursday and Friday was the 2017 Linux Security Summit, and once again I think it was a great success. A round of thanks to James Morris for leading the effort, the program committee for selecting a solid set of talks (we saw a big increase in submissions this year), the presenters, the attendees, the Linux Foundation, and our sponsor - thank you all! Unfortunately we don't have recordings of the talks, but I've included my notes on each of the presentations below. I've also included links to the slides, but not all of the slides were available at the time of writing; check the LSS 2017 slide archive for updates.
  • Key Considerations for Software Updates for Embedded Linux and IoT
    The Mirai botnet attack that enslaved poorly secured connected embedded devices is yet another tangible example of the importance of security before bringing your embedded devices online. A new strain of Mirai has caused network outages to about a million Deutsche Telekom customers due to poorly secured routers. Many of these embedded devices run a variant of embedded Linux; typically, the distribution size is around 16MB today. Unfortunately, the Linux kernel, although very widely used, is far from immune to critical security vulnerabilities as well. In fact, in a presentation at Linux Security Summit 2016, Kees Cook highlighted two examples of critical security vulnerabilities in the Linux kernel: one being present in kernel versions from 2.6.1 all the way to 3.15, the other from 3.4 to 3.14. He also showed that a myriad of high severity vulnerabilities are continuously being found and addressed—more than 30 in his data set.
  • APNIC-sponsored proposal could vastly improve DNS resilience against DDoS