Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • EFF's Badge Hack Pageant Returns to DEF CON

    We are proud to announce the return of EFF's Badge Hack Pageant at the 24th annual DEF CON hacking conference in Las Vegas. EFF invites all DEF CON attendees to stretch their creative skills by reinventing past conference badges as practical, artful, and over-the-top objects of their choosing. The numerous 2015 pageant entries included a crocheted badge cozy, a quadcopter, counterfeit badges, a human baby, a breathalyzer, a dazzling array of LED shows, and more than one hand-made record player that would make MacGyver weep. We encourage you to join us and contribute something whether you are a crafter, a beginner, or a hardware hacking wizard. It's a great summer project so get started now and enjoy a great show!

  • @Deray’s Twitter Hack Reminds Us Even Two-Factor Isn’t Enough

    This has been the week of Twitter hacks, from Mark Zuckerberg to a trove of millions of passwords dumped online to, most recently, Black Lives Matter activist DeRay McKesson.

  • System calls for memory protection keys

    "Memory protection keys" are an Intel processor feature that is making its first appearance in Skylake server CPUs. They are a user-controllable, coarse-grained protection mechanism, allowing a program to deny certain types of access to ranges of memory. LWN last looked at kernel support for memory protection keys (or "pkeys") at the end of 2015. The system-call interface is now deemed to be in its final form, and there is a push to stage it for merging during the 4.8 development cycle. So the time seems right for a look at how this feature will be used on Linux systems.

YubiKey NEO: Ubuntu 16.04 usefulness (+ review)

Filed under
Reviews
Security
Ubuntu

I got a hold of a YubiKey NEO, so I was wondering how useful it is and what can I do with it. Here’s my “tutorial” on setting it up using Ubuntu 16.04 and actually using it.

Read more

Tails 2.4 Launched With TOR 6.0 — Best Linux Distro For Anonymity And Privacy

Filed under
GNU
Linux
Security
Debian

Tails is a popular privacy-focused Linux distribution–here are some other Linux distros for different purposes–with an aim to provide anonymous computing experience. This distro was most famously used by NSA whistleblower Edward Snowden.

If you are acquainted with Tails, you might be knowing that Tails forces all the network activity to go through the TOR network, making your all activities anonymous. Being a Live Linux distro, it can be booted from an SD card, DVD, or USB drive.

Read more

Security Leftovers

Filed under
Security
  • Massive DDoS attacks reach record levels as botnets make them cheaper to launch

    There were 19 distributed denial-of-service (DDoS) attacks that exceeded 100 Gbps during the first three months of the year, almost four times more than in the previous quarter.

    Even more concerning is that these mega attacks, which few companies can withstand on their own, were launched using so-called booter or stresser botnets that are common and cheap to rent. This means that more criminals can now afford to launch such crippling attacks.

  • Twitter locks user accounts that need 'extra protection'

    Better safe than sorry, or so goes Twitter's latest thinking.

    The social network on Friday maintained it was not the victim of a hack or data breach, as previously reported. But Michael Coates, Twitter's head of information security, wrote in a blog post that the company has identified some accounts that need "extra protection." Those accounts have been locked, requiring users to reset their passwords in order to access them.

Security Leftovers

Filed under
Security
  • Tuesday's security updates
  • Security advisories for Wednesday
  • Thursday's security updates
  • Security advisories for Friday
  • Slicing Into a Point-of-Sale Botnet

    Point-of-sale based malware has driven most of the credit card breaches over the past two years, including intrusions at Target and Home Depot, as well as breaches at a slew of point-of-sale vendors. The malware usually is installed via hacked remote administration tools. Once the attackers have their malware loaded onto the point-of-sale devices, they can remotely capture data from each card swiped at that cash register.

  • Microsoft's BITS file transfer tool fooled into malware distribution

    Researchers at Dell SecureWorks have spotted a new and dangerous way to misuse of Microsoft's Background Intelligent Transfer Service (BITS).

    While working on a customer clean-up project, SecureWorks staff found that attackers had created self-contained BITS tasks that didn't appear in the registries of affected machines, and their footprints were limited to entries on the BITS database.

    The attack was spotted on a Windows 7 machine in an academic administration environment.

iTWire shows Linux Australia the right way to host a server

Filed under
GNU
Linux
Server
Security

An iTWire article appears to have resulted in Linux Australia seeing the folly of not having proper arrangements in place for hosting its website.

Further, a member of Linux Australia has suggested the office-bearers should resign en masse for not anticipating a breakdown in hosting the organisation's website recently.

Linux Australia secretary, Sae Ra Germaine, posted to the Linux-aus mailing list in April to explain why the organisation experienced server downtime, ultimately because the team charged with managing this task, while recognising a risk of disruption, did not engage with the University hosting the server instead choosing only to liaise with ex-employees, and discontinued searching for a new host between December 2015 and March 2016.

Read more

Also: Preventing break-ins on your Linux system

Imagination’s new router chips could save open source firmware from FCC rules

Filed under
OSS
Security

A company that designs MIPS processors for networking hardware says it is developing technology that would allow installation of open source firmware on wireless routers while still complying with the US Federal Communications Commission's latest anti-interference rules.

The FCC now requires router makers to prevent third-party firmware from changing radio frequency parameters in ways that could cause interference with other devices, such as FAA Doppler weather radar systems.

Read more

Also: Small footprint open source hypervisor makes highly efficient use of hardware virtualization technology in Imagination’s MIPS CPUs

Mozilla contributes to FOSS security

Filed under
Moz/FF
Security

Security Leftovers

Filed under
Security
  • University gives in to $20,000 ransomware demand

    Calgary officials agreed to pay the ransom but it will take some time for the encryption keys to be used on all of the university's infected machines, of which there are over 100. The process is time-consuming and it is not yet known if the keys will even work.

  • University of Calgary pays hackers $20,000 after ransomware attack

    A chain of hospitals in Washington, D.C., was hit in March, while a Los Angeles medical centre shelled out $17,000 earlier this year to hackers following a ransomware attack.

  • Unintended Consequences Of Slavery In IT

    Obviously many use That Other OS for valid purposes but few would do so if this incident was on their radar. There are hundreds of such malwares. How many times will the university pay up for permission to use the hardware they own? They’ve already likely paid Intel double the value for their chips, M$, even more for permission to use Intel’s chips and now a steady stream of cyber-criminals.

  • Mikko Hypponen: Real Hackers Don't Wear Hoodies (Cybercrime is Big Business)

    I'll be discussing these topics, and how they apply to open source systems and to service providers further in my keynote ("Complexity: The enemy of Security") at the OPNFV Summit in Berlin on June 22-23. See you in Berlin!

  • Password Re-user? Get Ready to Get Busy

    In the wake of megabreaches at some of the Internet’s most-recognized destinations, don’t be surprised if you receive password reset requests from numerous companies that didn’t experience a breach: Some big name companies — including Facebook and Netflix — are in the habit of combing through huge data leak troves for credentials that match those of their customers and then forcing a password reset for those users.

  • Your mobile phone account could be hijacked by an identity thief

    A few weeks ago an unknown person walked into a mobile phone store, claimed to be me, asked to upgrade my mobile phones, and walked out with two brand new iPhones assigned to my telephone numbers. My phones immediately stopped receiving calls, and I was left with a large bill and the anxiety and fear of financial injury that spring from identity theft. This post describes my experiences as a victim of ID theft, explains the growing problem of phone account hijacking, and suggests ways consumers and mobile phone carriers can help combat these scams.

  • Belgium tops list of nations most vulnerable to hacking

    A new “heat map of the internet” has revealed the countries most vulnerable to hacking attacks, by scanning the entire internet for servers with their front doors wide open.

  • Australia fourth most vulnerable nation to hacking: study

    Australia ranks fourth among the countries most vulnerable to hacking attacks, according to a study by penetration testing and information security form Rapid7.

    Belgium tops the list, followed by Tajikistan and Samoa.

    The company compiled what it calls a "heat map" of the Internet, looking for servers that had exposed ports that could be compromised.

  • University pays almost $16,000 to recover crucial data held hostage

    Canada's University of Calgary paid almost $16,000 ($20,000 Canadian, ~£10,800) to recover crucial data that has been held hostage for more than a week by crypto ransomware attackers.

    The ransom was disclosed on Wednesday morning in a statement issued by University of Calgary officials. It said university IT personnel had made progress in isolating the unnamed ransomware infection and restoring affected parts of the university network. It went on to warn that there's no guarantee paying the controversial ransom will lead to the lost data being recovered.

Security Leftovers

Filed under
Security
  • WordPress plugin with 10,000+ installations being exploited in the wild

    The attacks have been under way since last Friday and are mainly being used to install porn-related spamming scripts, according to a blog post published Thursday. The underlying vulnerability in WP Mobile Detector came to light on Tuesday in this post. The plugin has since been removed from the official WordPress plugin directory. As of Wednesday, the plugin reportedly had more than 10,000 active installations, and it appears many remained active at the time this post was being prepared.

  • Bad Intel And Zero Verification Leads To LifeLock Naming Wrong Company In Suspected Security Breach

    LifeLock has never been the brightest star in the identity fraud protection constellation. Its own CEO -- with his mouth writing checks others would soon be cashing with his credentials -- expressed his trust in LifeLock's service by publishing his Social Security number, leading directly to 13 separate cases of (successful) identity theft.

    Beyond that, LifeLock was barely a lock. It didn't encrypt stored credentials and had a bad habit of ambulance-chasing reported security breaches in hopes of pressuring corporate victims into picking up a year's worth of coverage for affected customers. This culminated in the FTC ordering it to pay a $12 million fine for its deceptive advertising, scare tactics, and inability to keep its customers' ID info safe.

  • Samba 4.4.4 Fixes a Memory Leak in Share Mode Locking, Adds systemd 230 Support

    Samba 4.4 major branch was launched on March 22, 2016, and it brought support for asynchronous flush requests, several Active Directory (AD) enhancements, a GnuTLS-based backupkey implementation, multiple CTDB (Cluster Trivial Database) improvements, a WINS nsswitch module, as well as experimental SMB3 Multi-Channel support.

  • Printer security: Is your company's data really safe?

    On March 24th of this year, 59 printers at Northeastern University in Boston suddenly output white supremacist hate literature, part of a wave of spammed printer incidents reported at Northeastern and on at least a half dozen other campuses.

    This should be no surprise to anyone who understands today's printer technology. Enterprise-class printers have evolved into powerful, networked devices with the same vulnerabilities as anything else on the network. But since, unlike with personal computers, no one sits in front of them all day, the risks they introduce are too often overlooked.

    "Many printers still have default passwords, or no passwords at all, or ten are using the same password," says Michael Howard, HP's chief security advisor, speaking of what he's seen in the field. "A printer without password protection is a goldmine for a hacker. One of the breaches we often see is a man-in-the-middle attack, where they take over a printer and divert [incoming documents] to a laptop before they are printed. They can see everything the CEO is printing. So you must encrypt."

  • We Asked An Etiquette Expert About Home Security Cameras

    Roughly the size of a soda can, sitting on a bookshelf, and whirring away some 24-hours a day, a relatively innocuous gadget may be turning friends and family away from your home. The elephant in your living room is your Internet-connected security camera, a device people are increasingly using for peace of mind in their homes. But few stop to think about the effect these devices may have on house guests. Should you tell your friends, for instance, that they’re being recorded while you all watch the big game together?

Syndicate content