Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers: HackerOne, Let's Encrypt, and Shadow Brokers

Filed under
Security
  • Security updates for Tuesday
  • HackerOne experience with Weblate

    Weblate has started to use HackerOne Community Edition some time ago and I think it's good to share my experience with that. Do you have open source project and want to get more attention of security community? This post will answer how it looks from perspective of pretty small project.

    I've applied with Weblate to HackerOne Community Edition by end of March and it was approved early in April. Based on their recommendations I've started in invite only mode, but that really didn't bring much attention (exactly none reports), so I've decided to go public.

  • Who Are the Shadow Brokers?

    In 2013, a mysterious group of hackers that calls itself the Shadow Brokers stole a few disks full of National Security Agency secrets. Since last summer, they’ve been dumping these secrets on the internet. They have publicly embarrassed the NSA and damaged its intelligence-gathering capabilities, while at the same time have put sophisticated cyberweapons in the hands of anyone who wants them. They have exposed major vulnerabilities in Cisco routers, Microsoft Windows, and Linux mail servers, forcing those companies and their customers to scramble. And they gave the authors of the WannaCry ransomware the exploit they needed to infect hundreds of thousands of computer worldwide this month.

    After the WannaCry outbreak, the Shadow Brokers threatened to release more NSA secrets every month, giving cybercriminals and other governments worldwide even more exploits and hacking tools.

  • Why Akamai Supports Let's Encrypt

    The Let's Encrypt project has re-shaped the market for SSL/TLS certificates, providing millions of free security certificate to organization around the world.

    Among the many backers of Let's Encrypt is content delivery network platform provider Akamai. In a video interview with eSecurityPlanet, Andy Ellis, Chief Security Officer at Akamai, explains why Let's Encrypt matters and his view on the effort's real value.

  • Security in Serverless: What Gets Better, What Gets Worse?
  • Open Source Security Podcast: Episode 48 - Machine Learning: Not actually magic

    Josh and Kurt have a guest! Mike Paquette from Elastic discusses the fundamentals and basics of Machine Learning. We also discuss how ML could have helped with WannaCry.

4 Great Linux Distros Designed for Privacy and Security

Filed under
GNU
Linux
Security

Conventional security measures like antivirus programs are behind the curve when it comes to modern hackers and malware. Unfortunately, antivirus software and firewalls give users a false sense of security. In reality, new threats are being developed and unleashed into the wild every single day, and even the best antivirus programs have to play catchup.

Recent ransomware attacks (aka. WannaCry) have targeted Windows-based PCs in over 150 countries – cyber security and privacy is incredibly important. Windows and macOS are easy to use and popular; however, they are much more susceptible to malicious code.

Linux is free and open source, which means there are hundreds of “flavors.” These individual distributions are tweaked to different specifications. Security-focused users will be pleased to know that there are a number of Linux distros designed with security and privacy in mind.

Read more

Security Leftovers: WannaCry, Windows in Linux, Windows 7, Windows 10 is Spyware

Filed under
Security

Security Leftovers: WCry/Ransomwar, WannaCry, Athena

Filed under
Security

Security Leftovers: All Versions of Windows Compromised, WannaCry Keeps Going

Filed under
Security
  • WikiLeaks Reveals 'Athena' CIA Spying Program Targeting All Versions of Windows [iophk: "thus the active smear campaign againse Assange within tech circles"]

    WikiLeaks has published a new batch of the ongoing Vault 7 leak, detailing a spyware framework – which "provides remote beacon and loader capabilities on target computers" – allegedly being used by the CIA that works against every version of Microsoft's Windows operating systems, from Windows XP to Windows 10.

  • How To Avoid Future WannaCry Style Ransomware Attacks

    Critical tasks are often trusted to Linux or similar operating systems (Unix, BSD, etc.) because of reliability and security. When efficiency is required, Linux is often tapped because it can be deployed in a very efficient manner. Linux acts internally like the prison, not the food court. The system itself is constantly monitored open source code, and most of what runs on it is openly monitored as well. Software is usually distributed via secure repositories. The system is free and easily updated, there is no such thing as a pirated copy of Linux. There is a regular schedule of updates, they come out every Sunday.

  • WannaCry is a Cry for VEP Reform

    This weekend, a vulnerability in some versions of the Windows operating system resulted in the biggest cybersecurity attack in years. The so-called “WannaCry” malware relied on at least one exploit included in the latest Shadow Brokers release. As we have repeated, attacks like this are a clarion call for reform to the government’s Vulnerabilities Equities Process (VEP).

  • Will Linux protect you from ransomware attacks?

    Ransomware attacks are all the rage these days among hackers, and many people are worried about becoming victims. Are Linux users secure against such attacks?

    This topic came up recently in a thread on the Linux subreddit, and the folks there had some interesting thoughts to share about Linux and ransomware attacks.

  • Linux Ransomware

    A few people have asked me over the past week whether or not Linux is susceptible to ransomware attacks. While the answer is fairly straight forward, let's go over a couple things here first.

  • Improving Internet Security through Vulnerability Disclosure

    We support the PATCH Act because it aims to codify and make the existing Vulnerabilities Equities Process more transparent. The Vulnerabilities Equities Process (VEP) is the U.S. government’s process for reviewing and coordinating the disclosure of new vulnerabilities learns about.

  • ​Gmail Docs phishing attack: Google targets devs with tighter web app ID checks

    Google is slowing down the process for publishing web applications to prevent a repeat of the phishing attack that abused users' trust in its sign-in system with a fake Google Docs app.

    Google has warned web app developers that new rules and an additional risk assessment may add "some friction" to the process of publishing apps.

Windows Security Cannot be Blamed on "XP"

Filed under
Microsoft
Security

GNU/Linux for Security

Filed under
GNU
Linux
Security
  • WannaCrypt makes an easy case for Linux

    Ransomware is on the rise. On a single day, WannaCrypt held hostage over 57,000 users worldwide, demanding anywhere between $300-$600 in Bitcoin. Don't pay up and you'll not be seeing your data again. Before I get into the thrust of this piece, if anything, let WannaCrypt be a siren call to everyone to backup your data. Period. End of story. With a solid data backup, should you fall prey to ransomware, you are just an OS reinstall and a data restore away from getting back to work.

  • Best way to avoid ransomware? Stop using Windows

    There are many Microsoft apologists, astro-turfers, and so-called journalists on the make who, at times like this, keep a low profile and furiously try to spread the message in Web forums that "computers users" are at risk.

    Alas, the harsh truth must at last be faced: if you do not use Windows, then the chances of a ransomware attack are close to zero.

  • No threat of WannaCry attack as GSTN operates on Linux: CEO

    GSTN, set up to provide IT infrastructure for GST rollout, will not be impacted by the WannaCry ransomware attack, as its systems do not run on Microsoft software, the network’s CEO Prakash Kumar said today.

    The Goods and Services Tax Network (GSTN) is gearing up to handle about 3 billion invoices every month under the new indirect tax regime and will complete the beta testing of its software tomorrow.

    “Our software is not based on Microsoft windows operating system and hence we are immune. We operate on Linux software which is not affected by the ransomware attack,” Kumar told PTI.

    More than 60 lakh excise, service tax and VAT assessees have enrolled on the GSTN portal between November 8, 2016 and April 30, 2017. Currently, there are 80 lakh such assessees.

  • Massive cryptocurrency botnet used leaked NSA exploits weeks before WCry

    On Monday, researchers said the same weapons-grade attack kit was used in a much-earlier and possibly larger-scale hack that made infected computers part of a botnet that mined cryptocurrency.

Windows Intruded by CIA

Filed under
Microsoft
Security
  • Athena

    Today, May 19th 2017, WikiLeaks publishes documents from the "Athena" project of the CIA. "Athena" - like the related "Hera" system - provides remote beacon and loader capabilities on target computers running the Microsoft Windows operating system (from Windows XP to Windows 10). Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system. It allows the operator to configure settings during runtime (while the implant is on target) to customize it to an operation.

    According to the documentation (see Athena Technology Overview), the malware was developed by the CIA in cooperation with Siege Technologies, a self-proclaimed cyber security company based in New Hampshire, US. On their website, Siege Technologies states that the company "... focuses on leveraging offensive cyberwar technologies and methodologies to develop predictive cyber security solutions for insurance, government and other targeted markets.". On November 15th, 2016 Nehemiah Security announced the acquisition of Siege Technologies.

  • WikiLeaks Reveals 'Athena' CIA Spying Program Targeting All Versions of Windows

    WikiLeaks has published a new batch of the ongoing Vault 7 leak, detailing a spyware framework – which "provides remote beacon and loader capabilities on target computers" – allegedly being used by the CIA that works against every version of Microsoft's Windows operating systems, from Windows XP to Windows 10.

    Dubbed Athena/Hera, the spyware has been designed to take full control over the infected Windows PCs remotely, allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server.

  • Microsoft held back free patch that could have slowed WannaCry

Security Leftovers

Filed under
Security
  • A Step Forward for Security [iophk: "end point compromise negates many theoretical advantages"]

    While we are all mesmerized by the presidential crises, a small, but quite significant change occurred in Congress: the Senate Sergeant at Arms approved the use of Signal by Senate staff. Signal, a product of Open Whisper Systems, provides end-to-end encryption for Apple and Android phones.

  • Why Europe’s dependency on Microsoft is a huge security risk

    On May 12, hackers hit more than a hundred countries, exploiting a stolen N.S.A. tool that targeted vulnerabilities of Microsoft software. The attacks infected only machines running on Windows operative system. Among the victims are public administrative bodies such as NHS hospitals in the UK. Investigate Europe spent months to investigate the dire dependency of European countries on Microsoft – and the security risks this entails

  • NSA told Microsoft about stolen exploits: officials

    Current and former NSA officials say the agency informed Microsoft about the theft of the exploit named EternalBlue after learning of it, making it possible for the Redmond software giant to issue a patch for it in March. The exploit was used in the WannaCry ransomware attacks over last weekend.

  • Shadow Brokers claims Microsoft hand-in-glove with NSA

    The group that released NSA exploits for Windows, which were used in massive ransomware attacks last weekend, has accused Microsoft of being hand-in-glove with The Equation Group, a group that is believed to be a front for the NSA.

  • NSA officials worried about the day its potent hacking tool would get loose. Then it did.

    But for more than five years, the NSA kept using it — through a time period that has seen several serious security breaches — and now the officials' worst fears have been realized. The malicious code at the heart of the WannaCry virus that hit computer systems globally late last week was apparently stolen from the NSA, repackaged by cybercriminals and unleashed on the world for a cyberattack that now ranks as among the most disruptive in history.

  • Shadow Brokers threaten to unleash more hacking tools

    The so-called Shadow Brokers, who claimed responsibility for releasing NSA tools that were used to spread the WannaCry ransomware through the NHS and across the world, said they have a new suite of tools and vulnerabilities in newer software. The possible targets include Microsoft's Windows 10, which was unaffected by the initial attack and is on at least 500m devices around the world.

NHS mulling Ubuntu switch after Windows XP fail?

Filed under
GNU
Linux
Microsoft
Security
Syndicate content

More in Tux Machines

ONAP Rolls Out Amsterdam Release

Less than nine months after AT&T and the Linux Foundation merged their open source projects to become the Open Network Automation Platform (ONAP), the group today rolled out its first code release, Amsterdam. The highly anticipated release, which integrates AT&T’s ECOMP and the Linux Foundation’s Open-O code bases into a common open source orchestration platform, aims to automate the virtualization of network services. Read more

Inspiring the Next Generation of Open Source

The Linux Foundation works through our projects, training and certification programs, events and more to bring people of all backgrounds into open source. We meet a lot of people, but find the drive and enthusiasm of some of our youngest community members to be especially infectious. In the past couple of months, we’ve invited 13-year-old algorithmist and cognitive developer Tanmay Bakshi, 11-year-old hacker and cybersecurity ambassador Reuben Paul, and 15-year-old programmer Keila Banks to speak at Linux Foundation conferences. In 2014 when he was 12, Zachary Dupont wrote a letter to his hero Linus Torvalds. We arranged for Zach to meet Linus–a visit that helped clinch his love for Linux. This year, Zach came to Open Source Summit in Los Angeles to catch up with Linus and let us know what he’s been up to. He’s kept busy with an internship at SAP and early acceptance to the Computer Networking and Digital Forensics program at the Delaware County Technical School. Read more

Debian and Ubuntu Leftovers

  • Debian package depicts 'Tux the penguin' with sheep in intimate ASCII
    A Debian software package containing an "ASCII representation of zoophilia" has been installed automatically on some users' machines. According to a bug report, Debian user Felicia Hummel installed a package called "cowsay", which turns text into ASCII art of cows (or other animals) with speech or thought balloons. But with default settings of "install suggests" enabled, a controversial second "recommends" package called "cowsay-off" was also installed.
  • Join us at the Ubuntu Enterprise Summit!
    Bloomberg, Walmart, eBay, Samsung, Dell. Ever wonder how some of the world’s largest enterprises run on Ubuntu? This December, we are hosting our first ever Ubuntu Enterprise Summit to tell you how and help guide your own organisation whether it be running the cloud in a large telco to deriving revenue from your next IoT initiative. The Ubuntu Enterprise Summit is a two day event of webinars on December 5th and 6th where you can join Canonical’s product managers, technical leads, partners and customers to get an inside look at why some of the world’s largest companies have chosen Ubuntu. Whether you are focused on the cloud or are living life at the edge, the webinars will also look at trends and the considerations for your organisation when implementing such technologies. To kick off the event on December 5th, Canonical CEO and founder Mark Shuttleworth will deliver a keynote talk on 21st Century Infrastructure. Following Mark’s opening, there will be a series of other events and you can register now for those that spark your interest by clicking on the links below
  • Ubuntu Server Development Summary – 21 Nov 2017
    The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team. If you would like to reach the server team, you can find us at the #ubuntu-server channel on Freenode. Alternatively, you can sign up and use the Ubuntu Server Team mailing list.
  • Late Post For Ubuntu Community Appreciation Day 2017
    I am also very thankful for LaTeX2e and Tex Live. It has been a great thing to have to prepare devotional materials for church. I am thankful for the MOTU folks maintaining Gummi which is the editor I use on Xubuntu. Xubuntu is what I run on my laptop that goes many places with me. Tex Live is run both on the laptop and on the Raspberry Pi 2 at home.

Tizen: India, Games, Update