Language Selection

English French German Italian Portuguese Spanish

Security

GNU/Linux Security: A look at QubesOS

Filed under
OS
Reviews
Security

Using GNU/Linux is by default more secure than using Microsoft Windows, this is common knowledge; however just because you use GNU/Linux, does not mean that your system is secure, and that is why some distributions have been created in order to maximize security; such as QubesOS.

QubesOS is very different from your typical run of the mill distro, such as Ubuntu or even the more hardcore like Arch Linux and Gentoo. QubesOS runs multiple virtual machines linked together under a single user-interface, to form a container based / compartmentalized operating system.

Read more

Security Leftovers

Filed under
Security
  • SELinux and --no-new-privs and the setpriv command.
  • Qualcomm study says sure, you can control a drone over LTE

    Internet-connected drones will be necessary if you're going to see fliers that can communicate when they're delivering packages, livestreaming video or otherwise coordinating with the outside world. But how well can you control them over an LTE data connection when they're soaring hundreds of feet above the ground? Quite well, if you ask Qualcomm. The chip maker has published the results of a trial run using LTE-linked drones, and it believes that they're ready for prime time... mostly.

    The dry run (which included over 1,000 flights) showed that existing cellular networks are up to the job. Drones will still get a strong LTE signal at altitudes as high as 400 feet, and they get "comparable" coverage. In fact, they have an advantage over the phone in your pocket -- they don't have to hand over connections as often as ground-based devices.

  • Fake Google Docs phishing deluge hits Gmail
  • 7 Steps to Fight Ransomware

    Perpetrators are shifting to more specific targets. This means companies must strengthen their defenses, and these strategies can help.

    Ransomware can be a highly lucrative system for extracting money from a customer. Victims are faced with an unpleasant choice: either pay the ransom or lose access to the encrypted files forever. Until now, ransomware has appeared to be opportunistic and driven through random phishing campaigns. These campaigns often, but not always, rely on large numbers of emails that are harvested without a singular focus on a company or individual.

  • Open Source Security Audit 'Should Be a Wake-Up Call' [Ed: Microsoft-connected media uses Microsoft-connected Black Duck to smear FOSS]

pfSense 2.3.4 RELEASE Now Available!

Filed under
Security
BSD

We are happy to announce the release of pfSense® software version 2.3.4!

This is a maintenance release in the 2.3.x series, bringing stability and bug fixes, fixes for a few security issues, and a handful of new features. The full list of changes is on the 2.3.4 New Features and Changes page, including a list of FreeBSD and internal security advisories addressed by this release.

This release includes fixes for 24 bugs and 11 Features.

Read more

Security Leftovers

Filed under
Security
  • CII Project Advances Linux Kernel Security as Firm Ends Free Patches

    There has been some public discussion in the last week regarding the decision by Open Source Security Inc. and the creators of the Grsecurity® patches for the Linux kernel to cease making these patches freely available to users who are not paid subscribers to their service. While we at the Core Infrastructure Initiative (CII) would have preferred them to keep these patches freely available, the decision is absolutely theirs to make.

    From the point of view of the CII, we would much rather have security capabilities such as those offered by Grsecurity® in the main upstream kernel rather than available as a patch that needs to be applied by the user. That said, we fully understand that there is a lot of work involved in upstreaming extensive patches such as these and we will not criticise the Grsecurity® team for not doing so. Instead we will continue to support work to make the kernel as secure as possible.

  • Google Was Warned About This Week’s Mass Phishing Email Attack Six Years Ago

    For almost six years, Google knew about the exact technique that someone used to trick around one million people into giving away access to their Google accounts to hackers on Wednesday. Even more worrisome: other hackers might have known about this technique as well.

  • Mobile phone security's been busted for years, and now 2-factor auth is busted too [iophk: "now we are reminded that a phone never was a second authentication factor"]

    SS7 is now confirmed to be exploited in the wild, with crooks taking big scores through it.

  • We Were Warned About Flaws in the Mobile Data Backbone for Years. Now 2FA Is Screwed.

    But on Wednesday, German newspaper The Süddeutsche Zeitung reported that financially-motivated hackers {sic} had used those flaws to help drain bank accounts.

  • Mac malware: Coming soon to a computer near you

    In fact, the number of malware attacks on Apple’s operating system skyrocketed by 744 percent in 2016. Despite this, most people still believe that Macs don’t get viruses. Add to this the fact that, despite the seeming ubiquity of Apple’s products, the company’s user base is still growing. There are nearly 100 million Apple users worldwide, myself included.

  • IT meltdown forces Barts Health NHS Trust to cancel hundreds of appointments

    Earlier thsi year, Barts Health admitted that it has fallen victim to a "ransomware virus attack," likely because it's PCs are still running Microsoft's now-defunct Windows [...]

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

Kali Linux Review: Not Everyone’s Cup of Tea

Filed under
Reviews
Security

Kali Linux has gained a lot of popularity recently. And there is a reason for that. Hacking is back as the cool-thing-to-do in popular culture and this can be attributed significantly to the TV series Mr. Robot.

Kali is one of the few hacking focused Linux distributions and quite obviously, Mr. Robot’s popularity helped Kali Linux in getting new users. The graph below validates this claim.

Read more

Security Leftovers

Filed under
Security
  • Security updates for Wednesday
  • Serverless Security implications—from infra to OWASP
  • Xen hypervisor faces third highly critical VM escape bug in 10 months

    The Xen paravirtualization mode is proving to be a constant source of serious vulnerabilities, allowing attackers to escape from virtual machines

  • Security like it's 2005!

    The 2017 world has a solution to these problems. Use the cloud. Stuff as a Service is without question the way to solve these problems because it makes them go away. There are plenty who will naysay public cloud citing various breeches, companies leaking data, companies selling data, and plenty of other problems. The cloud isn't magic, but it lets you trade a lot of horrible problems for "slightly bad". I guarantee the problems with the cloud are substantially better than letting most people try to run their own infrastructure. I see this a bit like airplane vs automobile crashes. There are magnitudes more deaths by automobile every year, but it's the airplane crashes that really get the attention. It's much much safer to fly than to drive, just as it's much much safer to use services than to manage your own infrastructure.

  • Security Sessions: Why CSOs should care about machine learning
  • Reproducible builds folks: Reproducing R packages
  • Hacker Extortion Attempt Falls Flat Because Netflix Actually Competes With Piracy

    A hacking group calling itself TheDarkOverlord (TDO) has tried, and failed (so far) to extort Netflix and several other companies after stumbling onto a server of unreleased content. TDO was apparently able to compromise the servers of an audio post-production company by the name of Larson Studios. Among the content acquired from the hackers were ten episodes of the as-yet-unreleased new season of the popular Netflix show "Orange is the New Black," which isn't supposed to see full release until June. Outside of some free advertising in the news media and some wasted calories, the group's efforts don't appear to have culminated in much.

  • Free search engine tool hunts down malware-infected computers

    Internet search engine Shodan provides enterprise security teams a wealth of information about open ports on servers and other internet-connected devices. Now, as part of a partnership with threat intelligence company Recorded Future, security analysts and researchers can work with Shodan to uncover systems manipulated to control malware-infected devices.

Security Leftovers

Filed under
Security
  • Personal Security Takes A Hit With Public Release Of NSA's Hacking Toolkit [Ed: Moral of the story is, don't use NSA back doors facilities like Microsoft Windows. Microsoft is in bed with the NSA.]

    Former members of Team Espionage recently expressed their concern that the Shadow Brokers' dump of NSA Windows exploits had done serious damage to the security of the nation. The unwanted exposure of NSA power tools supposedly harmed intelligence gathering efforts, even though the tools targeted outdated operating systems and network software.

  • Finnish technology firm wins contract from US Marine Corps

    Sensofusion, a Vantaa-based developer of drone countermeasures, has been awarded a contract by the US Marine Corps Warfighting Laboratory (MCWL) and the Defence Innovation Unit Experimental (DIUx) to further develop its proprietary technology, Airfence.

  • LibreSSL 2.5.4 Released

    This is the first stable fix release for the LibreSSL 2.5.x branch.

  • security things in Linux v4.11

    Building on the efforts of Elena Reshetova, Hans Liljestrand, and David Windsor to port PaX’s PAX_REFCOUNT protection, Peter Zijlstra implemented a new kernel API for reference counting with the addition of the refcount_t type. Until now, all reference counters were implemented in the kernel using the atomic_t type, but it has a wide and general-purpose API that offers no reasonable way to provide protection against reference counter overflow vulnerabilities. With a dedicated type, a specialized API can be designed so that reference counting can be sanity-checked and provide a way to block overflows. With 2016 alone seeing at least a couple public exploitable reference counting vulnerabilities (e.g. CVE-2016-0728, CVE-2016-4558), this is going to be a welcome addition to the kernel. The arduous task of converting all the atomic_t reference counters to refcount_t will continue for a while to come.

Syndicate content

More in Tux Machines

Direct Rendering Manager and VR HMDs Under Linux

  • Intel Prepping Support For Huge GTT Pages
    Intel OTC developers are working on support for huge GTT pages for their Direct Rendering Manager driver.
  • Keith Packard's Work On Better Supporting VR HMDs Under Linux With X.Org/DRM
    Earlier this year Keith Packard started a contract gig for Valve working to improve Linux's support for virtual reality head-mounted displays (VR HMDs). In particular, working on Direct Rendering Manager (DRM) and X.Org changes needed so VR HMDs will work well under Linux with the non-NVIDIA drivers. A big part of this work is the concept of DRM leases, a new Vulkan extension, and other changes to the stack.

Software: Security Tools, cmus, Atom-IDE, Skimmer Scanner

  • Security Tools to Check for Viruses and Malware on Linux
    First and foremost, no operating system is 100 percent immune to attack. Whether a machine is online or offline, it can fall victim to malicious code. Although Linux is less prone to such attacks than, say, Windows, there is no absolute when it comes to security. I have witnessed, first hand, Linux servers hit by rootkits that were so nasty, the only solution was to reinstall and hope the data backup was current. I’ve been a victim of a (very brief) hacker getting onto my desktop, because I accidentally left desktop sharing running (that was certainly an eye opener). The lesson? Even Linux can be vulnerable. So why does Linux need tools to prevent viruses, malware, and rootkits? It should be obvious why every server needs protection from rootkits — because once you are hit with a rootkit, all bets are off as to whether you can recover without reinstalling the platform. It’s antivirus and anti-malware where admins start getting a bit confused. Let me put it simply — if your server (or desktop for that matter) makes use of Samba or sshfs (or any other sharing means), those files will be opened by users running operating systems that are vulnerable. Do you really want to take the chance that your Samba share directory could be dishing out files that contain malicious code? If that should happen, your job becomes exponentially more difficult. Similarly, if that Linux machine performs as a mail server, you would be remiss to not include AV scanning (lest your users be forwarding malicious mail).
  • cmus – A Small, Fast And Powerful Console Music Player For Linux
    You may ask a question yourself when you see this article. Is it possible to listen music in Linux terminal? Yes because nothing is impossible in Linux. We have covered many popular GUI-based media players in our previous articles but we didn’t cover any CLI based media players as of now, so today we are going to cover about cmus, is one of the famous console-based media players among others (For CLI, very few applications is available in Linux).
  • You Can Now Transform the Atom Hackable Text Editor into an IDE with Atom-IDE
    GitHub and Facebook recently launched a set of tools that promise to allow you to transform your Atom hackable text editor into a veritable IDE (Integrated Development Environment). They call the project Atom-IDE. With the release of Atom 1.21 Beta last week, GitHub introduced Language Server Protocol support to integrate its brand-new Atom-IDE project, which comes with built-in support for five popular language servers, including JavaScript, TypeScript, PHP, Java, C#, and Flow. But many others will come with future Atom updates.
  • This open-source Android app is designed to detect nearby credit card skimmers
    Protecting our data is a constant battle, especially as technology continues to advance. A recent trend that has popped up is the installation of credit card skimmers, especially at locations such as gas pumps. With a simple piece of hardware and 30 seconds to install it, a hacker can easily steal credit card numbers from a gas pump without anyone knowing. Now, an open-source app for Android is attempting to help users avoid these skimmers.

Servers: Microservice, Clear Linux/Containers, Spaceborne Computer

  • Microservice architecture takes a whole new approach to infrastructure
    With services like Netflix, Uber, YouTube, and Facebook, most people are used to apps that respond quickly, work efficiently, and are updated regularly. Patience is no longer a virtue, and thanks to apps like the ones mentioned above, when people use applications, they expect blistering speeds and uninterrupted service. If you do not provide that, users aren’t exactly starved for choice; it takes less than a minute to delete an app and download something else as a replacement.
  • Clear Linux Project Announces the Next Generation of Intel's Clear Containers
    Intel's Clear Linux and Clear Containers teams are happy to introduce the next-generation of Intel's Clear Containers project, version 3.0, which bring many important new features and performance improvements. Rewritten in the Go language, Intel Clear Containers 3.0 introduces support for leveraging code used for namespace-based containers and better integrates into the container ecosystem, allowing support for Docker container engine and Kubernetes. It also improves the compatibility with the POSIX family of standards. "Today’s release presents a generational and architectural shift to utilize virtcontainers, a modular and hypervisor agnostic library for hardware virtualized containers. Clear Containers 3.0 is written in Go language and boasts an OCI compatible runtime implementation (cc-runtime) that works both on top of virtcontainers, and as a platform for deployment," said Amy L Leeland, Technical Program Manager, Intel Corporation.
  • “Spaceborne” Linux Supercomputer Starts Running In Space, Achieves 1 Teraflop Speed
    About one month ago, the HPE’s Spaceborne Computer was launched into the space using SpaceX Dragon Spacecraft. This beast was launched as a result of a partnership between Hewlett Packard Enterprise (HPE) and NASA to find out how high-performance computers perform in space. Now, this supercomputer is fully installed and operational in ISS. The performance experiment will be carried out for one year, which is roughly the time it will take for a spacecraft to travel to Mars. At the moment, lots of calculations for space research projects are carried out on Earth, but this brings in an unavoidable factor of latency.

System76's Pop!_OS Linux to Get a Beta Release Next Week with HiDPI Improvements

System76 is getting ready to unleash the first Beta release of their upcoming Pop!_OS Linux distribution, which should be available to download next week based on the Ubuntu 17.10 Final Beta. It appears that System76's development team recently dropped focus on the Pop!_OS Installer, which they develop in collaboration with the elementary OS team, to concentrate on fixing critical bugs and add the final touches to the Beta release. They still need to add some patches to fix backlight brightness issues on Nvidia GPUs. Read more