Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security

Security News

Filed under
Security
  • Thursday's security updates
  • Friday's security updates
  • Security advisories for Monday
  • Tox Is Your New Secure Chat Application

    In a previous article, I talked about the Ring communication app. The article proved quite popular and aside from drawing a bit of attention -- or maybe because of it -- that article also drew some criticism, including "What about Tox?" That’s a totally fair question, so here we are.

  • Florida Computer Programmer Arrested For Hacking

    A South Florida-based computer programmer made an appearance in the Southern District of Florida today after being arrested Sunday on charges of hacking into computers operated by the Linux Kernel Organization and the Linux Foundation, announced United States Attorney Brian J. Stretch and Federal Bureau of Investigation Special Agent in Charge John F. Bennett.

    The Linux Kernel Organization operates the www.kernel.org website from which it distributes the Linux kernel software. The Linux Foundation is a separate nonprofit foundation that supports the www.kernel.org website.

  • ​Florida Man Arrested for Allegedly Hacking Key Linux Servers

    A computer programmer from South Florida was arrested last week for allegedly hacking into servers related to the Linux operating system, the Department of Justice announced on Thursday. The case acts as a reminder that even the websites that host and distribute the operating systems our devices run on can be targeted by hackers.

Security Leftovers

Filed under
Security
  • School Creates Own Security Hole; Tries To Have Concerned Parent Arrested For Hacking

    We've seen it so often over the years, it's probably now time to accept the fact that this will never change: when entities are presented evidence of security holes and breaches, far too often the initial reaction is to shoot the messenger.

    A school whose online student portal exposed a lot of sensitive data decided the best way to handle a concerned parent's repeated questions about how it was handling the problem was to file a criminal complaint against the parent. (via the Office of Inadequate Security)

    The details of the breach (since closed) were reported by independent journalist Sherrie Peif.

  • [Tor] A New Bridge Authority

    After ten years of volunteer maintenance of Tonga, Tor's bridge Authority—a piece of critical infrastructure within the Tor network—our colleague and friend, Lucky Green, a long time cypherpunk, and free speech and privacy advocate, has decided to step down from this role. Tonga's cryptographic keys will be destroyed this week. We are incredibly thankful to Lucky for all his support and selfless labour in maintaining a key component of our censorship circumvention efforts, grateful for the years we have spent working with him, and very sorry to see him go.

  • More Than 40% Of Attacks Abuse SSL Encryption

    There’s an important caveat about encrypted traffic from new research released this week: Encryption works so well that hackers are using it as cover.

    A new study from A10 and the Ponemon Institute found that 80% of respondents say their organizations have been the victim of a cyberattack or malicious insiders in the past year -- and 41% of the attacks have used encryption to evade detection. In addition, 75% say malware hidden within encrypted traffic is a risk to their organizations.

    At issue: The report found that SSL encryption not only hides data from would-be hackers but also from common security tools.

    “Hackers are using SSL encryption to slide by standard perimeter defenses,” says Chase Cunningham, director of cyber operations at A10 Networks.

  • The Cloud Security Alliance publishes its best practices for Big Data security

    Big Data is a boon for businesses worldwide, but the benefits come at a cost. The more data companies store, the more vulnerable they are to potential security breaches. And data breaches can be enormously expensive when they occur. IBM’s 2016 Cost of Data Breach report found that the average consolidated total cost of a data breach grew from $3.8 million to $4 million in the last year, which makes securing their data an important goal for any company that’s invested in it.

Redis Misconfiguration and Ransom

Filed under
Linux
Security

Leftovers: Security

Filed under
Security
  • Tor 0.2.8.7 Addresses Important Bug Related to ReachableAddresses Option

    The Tor Project, through Nick Mathewson, is pleased to inform the Tor community about the release and general availability of yet another maintenance update to the Tor 0.2.8 stable series.

  • Emergency Service Window for Kolab Now

    We’re going to need to free up a hypervisor and put its load on other hypervisors, in order to pull out the one hypervisor and have some of its faulty hardware replaced — but there’s two problems;

    The hypervisor to free up has asserted required CPU capabilities most of the eligible targets do not have — this prevents a migration that does not involve a shut down, reconfiguration, and restart of the guest.

TheSSS 19.0 Linux Server Out with Kernel 4.4.14, Apache 2.4.23 & MariaDB 10.1.16

Filed under
GNU
Linux
Security

TheSSS (The Smallest Server Suite) is one of the lightest Linux kernel-based operating systems designed to be used as an all-around server for home users, as well as small- and medium-sized businesses looking for a quick and painless way of distributing files across networks or to simply test some web-based software.

Read more

Leftovers: Security

Filed under
Security
Syndicate content

More in Tux Machines

Kernel Space/Linux

Red Hat News

openSUSE Tumbleweed: A Linux distribution on the leading edge

So, to summarize: openSUSE Tumbleweed is a good, solid, stable Linux distribution with a wide range of desktops available. It is not anything particularly exotic or unstable, and it does not require an unusual amount of Linux expertise to install and use on an everyday system. To make a very simple comparison, in my experience installing and using Tumbleweed is much less difficult and much less risky than using the Debian "testing" distribution, and it is kept much (much much) more up to date than openSUSE Leap, Debian "stable", Linux Mint or Ubuntu. I don't say that to demean any of those other distributions. As I said at the end of my recent post about point-release vs. rolling-release distributions, if your hardware is fully supported by one of those point-release distributions, and you are satisfied with the applications included in them, then they are certainly a good choice. But if you like staying on the leading edge, or if you have very new hardware which requires the latest Linux kernel and drivers, or you just want/need the latest version of some application (in my case this would be digiKam), then openSuSE could be just what you want. Read more Also: Google Summer of Code 2017

Graphics in Linux

  • 17 Fresh AMDGPU DC Patches Posted Today
    Seventeen more "DC" display code patches were published today for the AMDGPU DRM driver, but it's still not clear if it will be ready -- or accepted -- for Linux 4.12. AMD developers posted 17 new DC (formerly known as DAL) patches today to provide small fixes for Vega10/GFX9 hardware, various internal code changes, CP2520 DisplayPort compliance, and various small fixes.
  • libinput 1.7.0
  • Libinput 1.7 Released With Support For Lid Switches, Scroll Wheel Improvements
    Peter Hutterer has announced the new release of libinput 1.7.0 as the input handling library most commonly associated with Wayland systems but also with Ubuntu's Mir as well as the X.Org Server via the xf86-input-libinput driver.
  • Nouveau TGSI Shader Cache Enabled In Mesa 17.1 Git
    Building off the work laid by Timothy Arceri and others for enabling a TGSI (and hardware) shader cache in the RadeonSI Gallium3D driver as well as R600g TGSI shader cache due ot the common infrastructure work, the Nouveau driver is now leveraging it to enable the TGSI shader cache for Nouveau Gallium3D drivers.