Language Selection

English French German Italian Portuguese Spanish

Security

GNU/Linux Desktop Security

Filed under
GNU
Linux
Security
  • How to Safely and Securely Back Up Your Linux Workstation

    Even seasoned system administrators can overlook Linux workstation backups or do them in a haphazard, unsafe manner. At a minimum, you should set up encrypted workstation backups to external storage. But it’s also nice to use zero-knowledge backup tools for off-site/cloud backups for more peace of mind.

    Let’s explore each of these methods in more depth. You can also download the entire set of recommendations as a handy guide and checklist.

  • Google zero-trust security framework goes beyond passwords

    With a sprawling workforce, a wide range of devices running on multiple platforms, and a growing reliance on cloud infrastructure and applications, the idea of the corporate network as the castle and security defenses as walls and moats protecting the perimeter doesn’t really work anymore. Which is why, over the past year, Google has been talking about BeyondCorp, the zero-trust perimeter-less security framework it uses to secure access for its 61,000 employees and their devices.

Security Leftovers

Filed under
Security
  • Security updates for Monday
  • Recursive DNS Server Fingerprint Problem

    Our goal is to identify hijacked resolvers by analyzing their fingerprints, in order to increase safety of Internet users. To do that, we utilize data collected via RIPE Atlas (atlas.ripe.net).

  • Online developer tutorials are spreading XSS and SQL injection flaws

    The researchers, from across three universities in Germany and Trend Micro, checked the PHP code bases of more than 64,000 projects on Github and uncovered more than 100 vulnerabilities that they believe might have been introduced as a result of developers picking up the code that they used from online tutorials.

  • BrickerBot, the permanent denial-of-service botnet, is back with a vengeance

    BrickerBot, the botnet that permanently incapacitates poorly secured Internet of Things devices before they can be conscripted into Internet-crippling denial-of-service armies, is back with a new squadron of foot soldiers armed with a meaner arsenal of weapons.

  • Reproducible Builds: week 104 in Stretch cycle
  • Webroot antivirus goes bananas, starts trashing Windows system files

    Webroot's security tools went berserk today, mislabeling key Microsoft Windows system files as malicious and temporarily removing them – knackering PCs in the process.

    Not only were people's individual copies of the antivirus suite going haywire, but also business editions and installations run by managed service providers (MSPs), meaning companies and organizations relying on the software were hit by the cockup.

    Between 1200 and 1500 MST (1800 and 2100 UTC) today, Webroot's gear labeled Windows operating system data as W32.Trojan.Gen – generic-Trojan-infected files, in other words – and moved them into quarantine, rendering affected computers unstable. Files digitally signed by Microsoft were whisked away – but, luckily, not all of them, leaving enough of the OS behind to reboot and restore the quarantined resources.

  • How The Update Framework Improves Security of Software Updates

    Updating software is one of the most important ways to keep users and organizations secure. But how can software be updated securely? That's the challenge that The Update Framework (TUF) aims to solve.

    Justin Cappos, assistant professor at New York University, detailed how TUF works and what's coming to further improve the secure updating approach in a session at last week's DockerCon 17 conference in Austin, Texas. Simply using HTTPS and Transport Layer Security (TLS) to secure a download isn't enough as there have been many publicly reported instances of software repositories that have been tampered with, Cappos said.

  • Security Updates for Ubuntu Phone to End in June

    Security updates for Ubuntu phone and tablet will end this June, Canonical has confirmed. Current OTA updates are currently limited to critical fixes and security updates — a decision we were first to tell you back in January. But after June 2017 Canonical “will no longer deliver any further updates”.

  • Canonical to stop supporting Ubuntu Phone in June

    Canonical had already announced development of its Ubuntu Phone software was ending. Now we know when the final nail goes in the coffin: June.

  • Malware Hunts And Kills Poorly Secured Internet Of Things Devices Before They Can Be Integrated Into Botnets

    Researchers say they've discovered a new wave of malware with one purpose: to disable poorly secured routers and internet of things devices before they can be compromised and integrated into botnets. We've often noted how internet-of-broken-things devices ("smart" doorbells, fridges, video cameras, etc.) have such flimsy security that they're often hacked and integrated into botnets in just a matter of seconds after being connected to the internet. These devices are then quickly integrated into botnets that have been responsible for some of the worst DDoS attacks we've ever seen (including last October's attack on DYN).

Security Leftovers

Filed under
Security
  • More Windows PCs infected with NSA backdoor DoublePulsar [Ed: Look what Microsoft's back doors for the NSA are causing this month; recall Snowden's leaks about it.]

    Although the exact number varies among security researchers, the DoublePulsar infection rate is climbing

  • NSA-linked hacking tools released by Shadow Brokers have compromised almost 200,000 Windows PCs
  • 'Beautiful' NSA hacking tool DoublePulsar infects almost 200,000 Windows PCs

    Tools supposedly developed by the US National Security Agency (NSA) leaked early this month by the Shadow Brokers hacking group are being used in attacks on Windows PCs.

    The tools, released to the open-source developer website Github, have been gratefully scooped up by malware writers of varying levels of competency and pimped via phishing emails across the internet.

    And researchers at Swiss security company Binary Edge claim to have found 183,107 compromised PCs connected to the internet after conducting a scan for the DoublePulsar malware. Conducted every day over the past four days, the number of infected PCs has increased dramatically with each scan, according to Binary Edge.

  • Three months on, no Linksys router patches for remote holes

    More than three months after being informed about remotely exploitable vulnerabilities in 25 router models, Linksys is yet to issue patches to remedy them.

  • [Older] Tracing Spam: Diet Pills from Beltway Bandits

    Here’s the simple story of how a recent spam email advertising celebrity “diet pills” was traced back to a Washington, D.C.-area defense contractor that builds tactical communications systems for the U.S. military and intelligence communities.

  • Top-ranked programming Web tutorials introduce vulnerabilities into software

    “[Our findings] suggest that there is a pressing need for code audit of widely consumed tutorials, perhaps with as much rigor as for production code,” they pointed out.

  • [Old] PHP: a fractal of bad design

    PHP is an embarrassment, a blight upon my craft. It’s so broken, but so lauded by every empowered amateur who’s yet to learn anything else, as to be maddening. It has paltry few redeeming qualities and I would prefer to forget it exists at all.

  • The Cloud Foundry Approach to Container Storage and Security

    Recently, The New Stack published an article titled “Containers and Storage: Why We Aren’t There Yet” covering a talk from IBM’s James Bottomley at the Linux Foundation’s Vault conference in March. Both the talk and article focused on one of the central problems we’ve been working to address in the Cloud Foundry Foundation’s Diego Persistence project team, so we thought it would be a good idea to highlight the features we’ve added to mitigate it. Cloud Foundry does significantly better than what the article suggests is the current state of the art on the container security front, so we’ll cover that here as well.

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security
  • >10,000 Windows computers may be infected by advanced NSA backdoor

    Security experts believe that tens of thousands of Windows computers may have been infected by a highly advanced National Security Agency backdoor. The NSA backdoor was included in last week's leak by the mysterious group known as Shadow Brokers.

  • [Old] New ‘BrickerBot’ malware attack kills unsecured Internet of Things devices

    BrickerBot works in similar fashion to Mirai in that both programs attempt to leverage the tendency for users to neglect to change the factory default username and password combo that ships on IoT devices.

  • The 8 Best Free Anti-Virus Programs for Linux

    Although Linux operating systems are fairly stable and secure, they may not completely be immune to threats. All computer systems can suffer from malware and viruses, including those running Linux-based operating systems. However, the number of critical threats to Linux-based operating systems is still way lower than threats for Windows or OS X.

    Therefore, we need to protect our Linux systems from the various forms of threats such as viruses that can be transmitted in many ways including malicious code, email attachments, malicious URLs, rootkits to mention but a few.

    In this article, we will talk about 8 best free anti-virus programs for Linux systems.

Security Leftovers

Filed under
Security
  • Security updates for Friday
  • Network Firewalls: How to Protect Your Network from Unauthorized Access
  • The Architecture of the Web Is Unsafe for Today's World

    The Internet is based on protocols that assume content is secure. A new, more realistic model is needed.

    Twenty-eight years ago, British computer scientist Tim Berners-Lee proposed a system to link text documents across a computer network. It changed the way the world communicates and does business. From its humble beginnings, the Internet has become a complex, dynamic, and heterogeneous environment.

    Today, the Internet revolution's main instrument, the Web browser, exposes users to unbounded malicious content and has become unmanageable.

    How did browsers become such a liability? Because they're based on an ancient set of communication rules, protocols that assume connections are secure and content is safe. The openness and utility of the protocols led to enormous innovation. But today, with all its sophistication, the Web is still based on protocols that weren't designed for security or enterprise-class management.

  • In encrypted-messaging market, open source not only key to success [Ed: Overlooked the point that easy-to-use programs whose sources code you cannot study are worse than nothing, just a trap. In this age of government-mandated back doors in programs and protocols the term "proprietary encryption" should be a paradox.]

    A couple months ago, one of the oldest encrypted, ephemeral messaging apps, Wickr, decided to open up its cryptographic code for the world. By allowing hackers and developers to examine their crypto code, it reasoned, it could earn a veritable security merit badge. And the approach had already boosted the appeal of another secure-messaging app, Signal.

    At least on the surface, Wickr’s open-source move appears to be paying off. Scott Stender, vice president of cryptography at NCC Group, a British company that specializes in helping clients manage cybersecurity risks, says it influenced his company’s decision to use Wickr, which incorporates end-to-end encryption, to keep its internal communications private.

  • Self Driving Taxis Are Going To Be A Nightmare To Secure, Warns Ex-Uber Security Researcher [Ed: Trams, trains, subways etc. go on rails; flights managed by programs nowadays. But there's a reason a pilot/driver is still crucial. Same for cars. Unless your driver/pilot is a suicidal maniac (which happens), the negative impact of accident on her/him helps secure the passengers.]

    So over the last few years you probably remember seeing white hat hackers demonstrate how easily most modern smart cars can be hacked, often with frightening results. Cybersecurity researchers Charlie Miller and Chris Valasek have made consistent headlines in particular by highlighting how they were able to manipulate and disable a Jeep Cherokee running Fiat Chrysler's UConnect platform. Initially, the duo documented how they were able to control the vehicle's internal systems -- or kill it's engine entirely -- from an IP address up to 10 miles away.

Security Leftovers

Filed under
Security

Black Duck Attacks FOSS Again, for Marketing Purposes, Pretends It's "Research"

Filed under
OSS
Security

Security Leftovers

Filed under
Security
  • 'Benign' worm seeks out vulnerable smart devices

    A "benign" worm is scouring the net seeking out poorly protected smart gadgets.

    CCTV systems, routers, digital video recorders and other internet-of-things (IoT) devices are now believed to be harbouring the Hajime worm.

  • How to manage the computer-security threat

    COMPUTER security is a contradiction in terms. Consider the past year alone: cyberthieves stole $81m from the central bank of Bangladesh; the $4.8bn takeover of Yahoo, an internet firm, by Verizon, a telecoms firm, was nearly derailed by two enormous data breaches; and Russian hackers interfered in the American presidential election.

    Away from the headlines, a black market in computerised extortion, hacking-for-hire and stolen digital goods is booming. The problem is about to get worse. Computers increasingly deal not just with abstract data like credit-card details and databases, but also with the real world of physical objects and vulnerable human bodies. A modern car is a computer on wheels; an aeroplane is a computer with wings. The arrival of the “Internet of Things” will see computers baked into everything from road signs and MRI scanners to prosthetics and insulin pumps. There is little evidence that these gadgets will be any more trustworthy than their desktop counterparts. Hackers have already proved that they can take remote control of connected cars and pacemakers.

  • Security updates for Thursday
  • Open Source Remote Access Trojan Targets Telegram Users

    Remote access Trojans are mainly used to steal consumer data, either for consumers themselves or the conglomerate keeping this information safe from prying eyes. However, it appears criminals are looking at a different approach for these tools right now. A new open source remote access Trojan can now be used to extract data from the Telegram communication platform.

Syndicate content

More in Tux Machines

Oracle: New VirtualBox 5.2 Beta, SPARC M8 Processors Launched

  • VirtualBox 5.2 to Let Users Enable or Disable Audio Input and Output On-the-Fly
    Oracle announced new updates for its popular, cross-platform and open-source virtualization software, the third Beta of the upcoming VirtualBox 5.2 major release and VirtualBox 5.1.28 stable maintenance update. We'll start with the stable update, VirtualBox 5.1.28, as it's more important for our readers using Oracle VM VirtualBox for all of their virtualization needs. The VirtualBox 5.1 maintenance release 28 is here to improve audio support by fixing various issues with both the ALSA and OSS backends, as well as an accidental crash with AC'97.
  • SPARC M8 Processors Launched
    While Oracle recently let go of some of their SPARC team, today marks the launch of the SPARC M8. The initial SPARC M8 line-up includes the T8-1, T8-2, T8-4. M8-8, and SuperCluster M8-8 servers.

Wikileaks Releases Spy Files Russia, CCleaner Infected, Equifax Has a Dirty Little Secret

  • Spy Files Russia
    This publication continues WikiLeaks' Spy Files series with releases about surveillance contractors in Russia. While the surveillance of communication traffic is a global phenomena, the legal and technological framework of its operation is different for each country. Russia's laws - especially the new Yarovaya Law - make literally no distinction between Lawful Interception and mass surveillance by state intelligence authorities (SIAs) without court orders. Russian communication providers are required by Russian law to install the so-called SORM ( Система Оперативно-Розыскных Мероприятий) components for surveillance provided by the FSB at their own expense. The SORM infrastructure is developed and deployed in Russia with close cooperation between the FSB, the Interior Ministry of Russia and Russian surveillance contractors.
  • Malware-Infected CCleaner Installer Distributed to Users Via Official Servers for a Month
    Hackers have managed to embed malware into the installer of CCleaner, a popular Windows system optimization tool with over 2 billion downloads to date. The rogue package was distributed through official channels for almost a month. CCleaner is a utilities program that is used to delete temporary internet files such as cookies, empty the Recycling Bin, correct problems with the Windows Registry, among other tasks. First released in 2003, it has become hugely popular; up to 20 million people download it per month. Users who downloaded and installed CCleaner or CCleaner Cloud between Aug. 15 and Sept. 12 should scan their computers for malware and update their apps. The 32-bit versions of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 were affected.
  • Equifax Suffered a Hack [sic] Almost Five Months Earlier Than the Date It Disclosed
  • This is why you shouldn’t use texts for two-factor authentication

    For a long time, security experts have warned that text messages are vulnerable to hijacking — and this morning, they showed what it looks like in practice.

Amazon Changes Rental ('Cloud') Model on GNU/Linux

Devices/Hardware: Embedded/Boards, CODESYS, and EPYC Linux Performance

  • Linux friendly IoT gateway runs on 3.5-inch Bay Trail SBC
    While the MB-80580 SBC lists SATA II, the gateway indicates SATA III. Also, the gateway datasheet notes that the RS232 ports can all be redirected to RS232/422/485. Software includes Windows IoT Core and Server, as well as Yocto, Ubuntu Snappy Core, and CentOS Linux distributions.
  • Rugged panel PC scales up to a 19-inch touchscreen
    The fanless, IP65-rated WinSystems “PPC65B-1x” panel PC runs Linux or Win 10 on a quad-core Atom E3845, and offers 10.4 to 19-inch resistive touchscreens.
  • CODESYS announces CODESYS-compatible SoftPLC for open Linux device platforms
  • EPYC Linux performance from AMD
    Phoronix have been hard at work testing out AMD's new server chip, specifically the 2.2/2.7/3.2GHz EPYC 7601 with 32 physical cores.  The frequency numbers now have a third member which is the top frequency all 32 cores can hit simultaneously, for this processor that would be 2.7GHz.  Benchmarking server processors is somewhat different from testing consumer CPUs, gaming performance is not as important as dealing with specific productivity applications.   Phoronix started their testing of EPYC, in both NUMA and non-NUMA configurations, comparing against several Xeon models and the performance delta is quite impressive, sometimes leaving even a system with dual Xeon Gold 6138's in the dust.  They also followed up with a look at how EPYC compares to Opteron, AMD's last server offerings.  The evolution is something to behold.
  • Opteron vs. EPYC Benchmarks & Performance-Per-Watt: How AMD Server Performance Evolved Over 10 Years
    By now you have likely seen our initial AMD EPYC 7601 Linux benchmarks. If you haven't, check them out, EPYC does really deliver on being competitive with current Intel hardware in the highly threaded space. If you have been curious to see some power numbers on EPYC, here they are from the Tyan Transport SX TN70A-B8026 2U server. Making things more interesting are some comparison benchmarks showing how the AMD EPYC performance compares to AMD Opteron processors from about ten years ago.