Language Selection

English French German Italian Portuguese Spanish

Security

Imagination’s new router chips could save open source firmware from FCC rules

Filed under
OSS
Security

A company that designs MIPS processors for networking hardware says it is developing technology that would allow installation of open source firmware on wireless routers while still complying with the US Federal Communications Commission's latest anti-interference rules.

The FCC now requires router makers to prevent third-party firmware from changing radio frequency parameters in ways that could cause interference with other devices, such as FAA Doppler weather radar systems.

Read more

Also: Small footprint open source hypervisor makes highly efficient use of hardware virtualization technology in Imagination’s MIPS CPUs

Mozilla contributes to FOSS security

Filed under
Moz/FF
Security

Security Leftovers

Filed under
Security
  • University gives in to $20,000 ransomware demand

    Calgary officials agreed to pay the ransom but it will take some time for the encryption keys to be used on all of the university's infected machines, of which there are over 100. The process is time-consuming and it is not yet known if the keys will even work.

  • University of Calgary pays hackers $20,000 after ransomware attack

    A chain of hospitals in Washington, D.C., was hit in March, while a Los Angeles medical centre shelled out $17,000 earlier this year to hackers following a ransomware attack.

  • Unintended Consequences Of Slavery In IT

    Obviously many use That Other OS for valid purposes but few would do so if this incident was on their radar. There are hundreds of such malwares. How many times will the university pay up for permission to use the hardware they own? They’ve already likely paid Intel double the value for their chips, M$, even more for permission to use Intel’s chips and now a steady stream of cyber-criminals.

  • Mikko Hypponen: Real Hackers Don't Wear Hoodies (Cybercrime is Big Business)

    I'll be discussing these topics, and how they apply to open source systems and to service providers further in my keynote ("Complexity: The enemy of Security") at the OPNFV Summit in Berlin on June 22-23. See you in Berlin!

  • Password Re-user? Get Ready to Get Busy

    In the wake of megabreaches at some of the Internet’s most-recognized destinations, don’t be surprised if you receive password reset requests from numerous companies that didn’t experience a breach: Some big name companies — including Facebook and Netflix — are in the habit of combing through huge data leak troves for credentials that match those of their customers and then forcing a password reset for those users.

  • Your mobile phone account could be hijacked by an identity thief

    A few weeks ago an unknown person walked into a mobile phone store, claimed to be me, asked to upgrade my mobile phones, and walked out with two brand new iPhones assigned to my telephone numbers. My phones immediately stopped receiving calls, and I was left with a large bill and the anxiety and fear of financial injury that spring from identity theft. This post describes my experiences as a victim of ID theft, explains the growing problem of phone account hijacking, and suggests ways consumers and mobile phone carriers can help combat these scams.

  • Belgium tops list of nations most vulnerable to hacking

    A new “heat map of the internet” has revealed the countries most vulnerable to hacking attacks, by scanning the entire internet for servers with their front doors wide open.

  • Australia fourth most vulnerable nation to hacking: study

    Australia ranks fourth among the countries most vulnerable to hacking attacks, according to a study by penetration testing and information security form Rapid7.

    Belgium tops the list, followed by Tajikistan and Samoa.

    The company compiled what it calls a "heat map" of the Internet, looking for servers that had exposed ports that could be compromised.

  • University pays almost $16,000 to recover crucial data held hostage

    Canada's University of Calgary paid almost $16,000 ($20,000 Canadian, ~£10,800) to recover crucial data that has been held hostage for more than a week by crypto ransomware attackers.

    The ransom was disclosed on Wednesday morning in a statement issued by University of Calgary officials. It said university IT personnel had made progress in isolating the unnamed ransomware infection and restoring affected parts of the university network. It went on to warn that there's no guarantee paying the controversial ransom will lead to the lost data being recovered.

Security Leftovers

Filed under
Security
  • WordPress plugin with 10,000+ installations being exploited in the wild

    The attacks have been under way since last Friday and are mainly being used to install porn-related spamming scripts, according to a blog post published Thursday. The underlying vulnerability in WP Mobile Detector came to light on Tuesday in this post. The plugin has since been removed from the official WordPress plugin directory. As of Wednesday, the plugin reportedly had more than 10,000 active installations, and it appears many remained active at the time this post was being prepared.

  • Bad Intel And Zero Verification Leads To LifeLock Naming Wrong Company In Suspected Security Breach

    LifeLock has never been the brightest star in the identity fraud protection constellation. Its own CEO -- with his mouth writing checks others would soon be cashing with his credentials -- expressed his trust in LifeLock's service by publishing his Social Security number, leading directly to 13 separate cases of (successful) identity theft.

    Beyond that, LifeLock was barely a lock. It didn't encrypt stored credentials and had a bad habit of ambulance-chasing reported security breaches in hopes of pressuring corporate victims into picking up a year's worth of coverage for affected customers. This culminated in the FTC ordering it to pay a $12 million fine for its deceptive advertising, scare tactics, and inability to keep its customers' ID info safe.

  • Samba 4.4.4 Fixes a Memory Leak in Share Mode Locking, Adds systemd 230 Support

    Samba 4.4 major branch was launched on March 22, 2016, and it brought support for asynchronous flush requests, several Active Directory (AD) enhancements, a GnuTLS-based backupkey implementation, multiple CTDB (Cluster Trivial Database) improvements, a WINS nsswitch module, as well as experimental SMB3 Multi-Channel support.

  • Printer security: Is your company's data really safe?

    On March 24th of this year, 59 printers at Northeastern University in Boston suddenly output white supremacist hate literature, part of a wave of spammed printer incidents reported at Northeastern and on at least a half dozen other campuses.

    This should be no surprise to anyone who understands today's printer technology. Enterprise-class printers have evolved into powerful, networked devices with the same vulnerabilities as anything else on the network. But since, unlike with personal computers, no one sits in front of them all day, the risks they introduce are too often overlooked.

    "Many printers still have default passwords, or no passwords at all, or ten are using the same password," says Michael Howard, HP's chief security advisor, speaking of what he's seen in the field. "A printer without password protection is a goldmine for a hacker. One of the breaches we often see is a man-in-the-middle attack, where they take over a printer and divert [incoming documents] to a laptop before they are printed. They can see everything the CEO is printing. So you must encrypt."

  • We Asked An Etiquette Expert About Home Security Cameras

    Roughly the size of a soda can, sitting on a bookshelf, and whirring away some 24-hours a day, a relatively innocuous gadget may be turning friends and family away from your home. The elephant in your living room is your Internet-connected security camera, a device people are increasingly using for peace of mind in their homes. But few stop to think about the effect these devices may have on house guests. Should you tell your friends, for instance, that they’re being recorded while you all watch the big game together?

Biometric Authentication Might Come to Some Ubuntu Phones in Future OTAs

Filed under
Security
Ubuntu

Now that most of the Ubuntu Phone and Ubuntu Tablet owners are enjoying the new features implemented by the Canonical's Ubuntu Touch developers in the OTA-11 update released last week, it's time to look forward to the OTA-12.

Canonical already said a few weeks ago that the Ubuntu Touch OTA-12 software update for supported Ubuntu Phone devices, as well as the Ubuntu Tablet, is more about fixes than features, but Łukasz Zemczak's latest report suggests that the Ubuntu Touch devs are preparing the long anticipated fingerprint reader support.

Read more

Security Leftovers

Filed under
Security
  • Security updates for Monday
  • Password app developer overlooks security hole to preserve ads

    Think it's bad when companies take their time fixing security vulnerabilities? Imagine what happens when they avoid fixing those holes in the name of a little cash. KeePass 2 developer Dominik Reichl has declined to patch a flaw in the password manager's update check as the "indirect costs" of the upgrade (which would encrypt web traffic) are too high -- namely, it'd lose ad revenue. Yes, the implication is that profit is more important than protecting users.

    The impact is potentially quite severe, too. An attacker could hijack the update process and deliver malware that would compromise your PC.

  • Protecting your PC from ransomware gets harder with EMET-evading exploit

    Drive-by attacks that install the once-feared TeslaCrypt crypto ransomware are now able to bypass EMET, a Microsoft-provided tool designed to block entire classes of Windows-based exploits.

    The EMET-evading attacks are included in Angler, a toolkit for sale online that provides ready-to-use exploits that can be stitched into compromised websites. Short for Enhanced Mitigation Experience Toolkit, EMET has come to be regarded as one of the most effective ways of hardening Windows-based computers from attacks that exploit security vulnerabilities in both the operating system or installed applications. According to a blog post published Monday by researchers from security firm FireEye, the new Angler attacks are significant because they're the first exploits found in the wild that successfully pierce the mitigations.

    "The level of sophistication in exploit kits has increased significantly throughout the years," FireEye researchers wrote. "Where obfuscation and new zero days were once the only additions in the development cycle, evasive code has now been observed being embedded into the framework and shellcode."

  • Is there a future view that isn't a security dystopia?

    I recently finished reading the book Ghost Fleet, it's not a bad read if you're into what cyberwar could look like. It's not great though, I won't suggest it as the book of the summer. The biggest thing I keep thinking about is I've yet to really see any sort of book that takes place in the future, with a focus on technology, that isn't a dystopian warning. Ghost Fleet is no different.

  • Some work on a VyOS image with Let’s Encrypt certs

Tails 2.4, Edward Snowden's Favorite Anonymous Live CD, Brings Tor Browser 6.0

Filed under
GNU
Linux
Security
Debian

The Tails Project released Tails 2.4, a major version of the anonymous Live CD based on Debian GNU/Linux, which was used by ex-CIA employee Edward Snowden to stay hidden online and protect his privacy.

When compared with the previous release, we can notice that Tails 2.4 includes some big changes, among which we can mention the upgrade to Debian GNU/Linux 8.4 "Jessie" and the inclusion of the recently released Tor Browser 6.0 anonymous browser, which is based on the open-source Mozilla Firefox 45.2 web browser.

Read more

Also: TeX Live 2016 released

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security
  • Friday's security updates
  • electrum ssl vulnerabilities

    One full month after I filed these, there's been no activity, so I thought I'd make this a little more widely known. It's too hard to get CVEs assigned, and resgistering a snarky domain name is passe.

    I'm not actually using electrum myself currently, as I own no bitcoins. I only noticed these vulnerabilities when idly perusing the code. I have not tried to actually exploit them, and some of the higher levels of the SPV blockchain verification make them difficult to exploit. Or perhaps there are open wifi networks where all electrum connections get intercepted by a rogue server that successfully uses these security holes to pretend to be the entire electrum server network.

  • Stop it with those short PGP key IDs!

    PGP is secure, as it was 25 years ago. However, some uses of it might not be so.

  • Wolf: Stop it with those short PGP key IDs!
  • There's a Stuxnet Copycat, and We Have No Idea Where It Came From [iophk: "Windows strikes again"]

    After details emerged of Stuxnet, arguably the world's first digital weapon, there were concerns that other hackers would copy its techniques.

    Now, researchers have disclosed a piece of industrial control systems (ICS) malware inspired heavily by Stuxnet. Although the copycat malware—dubbed IRONGATE by cybersecurity company FireEye—only works in a simulated environment, it, like Stuxnet, replaces certain types of files, and was seemingly written to target a specific control system configuration.

    “In my mind, there is little room to say that these are the same actors,” behind Stuxnet and IRONGATE, Sean McBride, manager at FireEye iSIGHT Intelligence told Motherboard in a phone interview.

    But clearly, and perhaps to be expected, other hackers have paid very close attention to, and copied one of the most powerful pieces of malware ever, raising questions of who else might have decided to see how Stuxnet-style approaches to targeting critical infrastructure can be adapted.

  • Are firewalls still important? Making sense of networking's greatest security layer

    Firewalls have become the forgotten part of security and yet they are still the place an admin reaches goes in a crisis

  • Software Now To Blame For 15 Percent Of Car Recalls

    Apps freezing or crashing, unexpected sluggishness, and sudden reboots are all, unfortunately, within the normal range of behavior of the software in our smartphones and laptops.

    While losing that text message you were composing might be a crisis for the moment, it’s nothing compared to the catastrophe that could result from software in our cars not playing nice.

    Yes, we’re talking about nightmares like doors flying open without warning, or a sudden complete shutdown on the highway.

    The number of software-related issues, according to several sources tracking vehicle recalls, has been on the rise. According to financial advisors Stout Risius Ross (SSR), in their Automotive Warranty & Recall Report 2016, software-related recalls have gone from less than 5 percent of recalls in 2011 to 15 percent by the end of 2015.

  • Effective IT security habits of highly secure companies

    Critics may claim that applying patches “too fast” will lead to operational issues. Yet, the most successfully secure companies tell me they don’t see a lot of issues due to patching. Many say they’ve never had a downtime event due to a patch in their institutional memory.

  • Introducing Security Snake Oil

    It has become quite evident that crowd-funding websites like KickStarter do not take any consideration to review the claims made by individuals in their cyber security products. Efforts made to contact them have gone unanswered and the misleading initiatives continue to be fruitless so as a community, we have to go after them ourselves.

  • CloudFlare is ruining the internet (for me) [iophk: "FB-like bottleneck and control for now available for self-hosted sites"]

    CloudFlare is a very helpful service if you are a website owner and don’t want to deal with separate services for CDN, DNS, basic DDOS protection and other (superficial) security needs. You can have all these services in a one stop shop and you can have it all for free. It’s hard to pass up the offer and go for a commercial solution. Generally speaking, CloudFlare service is as stable as they come, their downtime and service interruption are within the same margin as other similar services, at least to my experience. I know this because I have used them for two of my other websites, until recently.

    But what about the users? If you live in a First World Country then for the most part you probably wouldn’t notice much difference, other than better speed and response time for the websites using CloudFlare services, you will be happy to know that because of their multiple datacenter locations mostly in USA, Canada, Europe and China, short downtimes won’t result in service interruptions for you because you will be automatically rerouted to their nearest CloudFlare data center and they have plenty to go around within the first world countries.

Security Leftovers

Filed under
Security
  • Hackers, your favourite pentesting OS Kali Linux can now be run in a browser
  • Core Infrastructure Initiative announces investment in security tool OWASP ZAP

    The Linux Foundation’s Core Infrastructure Initiative (CII) is continuing its commitment to help fund, support and improve open-source projects with a new investment. The organization has announced it is investing in the Open Web Application Security Project Zed Attack Proxy project (OWASP ZAP), a security tool designed to help developers identify vulnerabilities in their web apps.

  • The Linux Foundation's Core Infrastructure Initiative Invests in Security Tool for Identifying Web Application Vulnerabilities
  • Study Shows Lenovo, Other OEM Bloatware Still Poses Huge Security Risk [Ed: Microsoft Windows poses greater risks. Does Microsoft put back doors in Windows (all versions)? Yes. Does it spy on users? Yes. So why focus only on Asian OEMs all the time?]

    Lenovo hasn't had what you'd call a great track record over the last few years in terms of installing insecure crapware on the company's products. You'll recall that early last year, the company was busted for installing Superfish adware that opened all of its customers up to dangerous man-in-the-middle attacks, then tried to claim they didn't see what all the fuss was about. Not too long after that, the company was busted for using a BiOS trick to reinstall its bloatware on consumer laptops upon reboot -- even if the user had installed a fresh copy of the OS.

    Now Lenovo and its bloatware are making headlines once again, with the news that the company's "Accelerator Application" software makes customers vulnerable to hackers. The application is supposed to make the company's other bloatware, software, and pre-loaded tools run more quickly, but Lenovo was forced to issue a security advisory urging customers to uninstall it because it -- you guessed it -- opened them up to man-in-the-middle attacks.

Syndicate content

More in Tux Machines

Five reasons to switch from Windows to Linux

Linux has been in the ascendancy ever since the open source operating system was released, and has been improved and refined over time so that a typical distribution is now a polished and complete package comprising virtually everything the user needs, whether for a server or personal system. Much of the web runs on Linux, and a great many smartphones, and numerous other systems, from the Raspberry Pi to the most powerful supercomputers. So is it time to switch from Windows to Linux? Here are five reasons why. Read more

today's leftovers

Leftovers: OSS and Sharing

Security Leftovers

  • Chrome vulnerability lets attackers steal movies from streaming services
    A significant security vulnerability in Google technology that is supposed to protect videos streamed via Google Chrome has been discovered by researchers from the Ben-Gurion University of the Negev Cyber Security Research Center (CSRC) in collaboration with a security researcher from Telekom Innovation Laboratories in Berlin, Germany.
  • Large botnet of CCTV devices knock the snot out of jewelry website
    Researchers have encountered a denial-of-service botnet that's made up of more than 25,000 Internet-connected closed circuit TV devices. The researchers with Security firm Sucuri came across the malicious network while defending a small brick-and-mortar jewelry shop against a distributed denial-of-service attack. The unnamed site was choking on an assault that delivered almost 35,000 HTTP requests per second, making it unreachable to legitimate users. When Sucuri used a network addressing and routing system known as Anycast to neutralize the attack, the assailants increased the number of HTTP requests to 50,000 per second.
  • Study finds Password Misuse in Hospitals a Steaming Hot Mess
    Hospitals are pretty hygienic places – except when it comes to passwords, it seems. That’s the conclusion of a recent study by researchers at Dartmouth College, the University of Pennsylvania and USC, which found that efforts to circumvent password protections are “endemic” in healthcare environments and mostly go unnoticed by hospital IT staff. The report describes what can only be described as wholesale abandonment of security best practices at hospitals and other clinical environments – with the bad behavior being driven by necessity rather than malice.
  • Why are hackers increasingly targeting the healthcare industry?
    Cyber-attacks in the healthcare environment are on the rise, with recent research suggesting that critical healthcare systems could be vulnerable to attack. In general, the healthcare industry is proving lucrative for cybercriminals because medical data can be used in multiple ways, for example fraud or identify theft. This personal data often contains information regarding a patient’s medical history, which could be used in targeted spear-phishing attacks.
  • Making the internet more secure
  • Beyond Monocultures
  • Dodging Raindrops Escaping the Public Cloud