Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • Symantec: iOS and OS X users face a surge of fresh security threats

    SECURITY FIRM Symantec has warned that the hacker threat to Apple users has reached unprecedented levels.

    The firm reckons that Apple is a victim of its success, becoming a bigger target as its user base grows. To be fair to Apple most of the problem relates to jailbroken devices, which is not a thing that the firm recommends. We have seen incidents recently that make the most of this. The threat applies to mobile software and the desktop.

  • DoS attack brings UK universities to a virtual standstill

    According to the Telegraph newspaper, universities across the country have been hit by DoS attacks. This means in some cases no internet access, and that means students will have to study like it's 1980 something.

  • U.K. Cops Are Trying to Scare Teen Hackers With House Calls

    It was a summer morning, officer Paul Hastings recalls, when he arrived at a suspected hacker’s house in the northern English city of Hull. There, police had tracked one of the people who’d signed up online for a hacking service called Lizard Stresser that was used to attack companies including Microsoft, Amazon.com, and Sony at the end of 2014. This particularly fearsome cybervigilante was asleep when Hastings knocked, so his dad answered the door.

    The visit was one of about 50 U.K. police made this year to people they say used the Lizard Stresser site, many of them children. The Hull suspect, a teenager, couldn’t have done anything wrong, his dad told Hastings. He spent all his time upstairs, on his computer.

    [...]

    Teen hackers have been pop culture figures since Matthew Broderick starred in WarGames, and the U.K. has a long history with juvenile black hats. In 1994, when U.S. Air Force researchers found an unauthorized user on their systems downloading data, they tracked the hacker to a North London suburb. Working with London police, they found their culprit: a 16-year-old boy in an attic bedroom, as journalist Gordon Corera recounts in Intercept: The Secret History of Computers and Spies.

Open source encryption? Now Netherlands votes to help fund security projects

Filed under
OSS
Security

In what some might see as swimming against the political mainstream, the Netherlands parliament has just decided to back open-source web security with hard cash.

Read more

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

Security More Leftovers

Filed under
Security

Security Leftovers

Filed under
Security
  • Elasticsearch Servers Targeted by Linux-Based Botnet Operators

    A honeypot experiment ran by AlientVault has shown that the recent security vulnerabilities discovered in Elasticsearch servers over the summer are now actively being used by botnet operators.

  • Researchers Found Another Malware Targeting Linux Users

    Many analysts believe Rebooke is a harmless Trojan which is true, but its simple design allows the attacker to maneuver the type of attacks which can allow them to deliver powerful payloads on the systems.

  • Let’s Encrypt May Improve Security for Regular People More Than Any Other Initiative This Decade

    Secure websites have always been standard for ecommerce companies like Amazon or Shopify, and in recent years companies that handle private communications like Google and Facebook have invested millions of dollars in enabling encryption for all users. But what about everyone else?

  • Public Beta: December 3, 2015

    Let’s Encrypt will enter Public Beta on December 3, 2015. Once we’ve entered Public Beta our systems will be open to anyone who would like to request a certificate. There will no longer be a requirement to sign up and wait for an invitation.

    Our Limited Beta started on September 12, 2015. We’ve issued over 11,000 certificates since then, and this operational experience has given us confidence that our systems are ready for an open Public Beta.

    It’s time for the Web to take a big step forward in terms of security and privacy. We want to see HTTPS become the default. Let’s Encrypt was built to enable that by making it as easy as possible to get and manage certificates.

  • Let’s encrypt automation on Debian
  • DHS to Silicon Valley: Tell us how to secure this “Internet of Things”

    The US Department of Homeland Security has announced that its Silicon Valley Office (SVO)—the agency's liaison point with the technology industry—will hold an event on December 10 to kick off a recruiting drive for startups and "non-traditional small businesses" interested in latching onto government funding. The Industry Day, being held at the Menlo Park, California, offices of SRI International, will be focused on the current leading source of worry for DHS officials: the "Internet of Things" (IoT).

  • Millions of smart TVs, phones and routers at risk from old vulnerability

    There's growing concern over how manufacturers of devices such as routers and smart TVs deal with security vulnerabilities that emerge in their products. Their patching regimes are not nearly as rigorous as those from major software manufacturers, which could expose consumers to attacks as the products age.

LibreOffice 5.1 Up to Beta State, the Hunting Session Squashes Nearly 400 Bugs

Filed under
LibO
Security

The first Beta build of the upcoming LibreOffice 5.1 open-source and cross-platform office suite was silently released at the end of November 2015 for all supported operating systems, including GNU/Linux, Mac OS X, and Microsoft Windows.

Read more

Linux Users Targeted by New Rekoobe Trojan

Filed under
Linux
Security

Linux users are about to get a nasty surprise for Christmas in the form of a new trojan targeting the Linux operating system, discovered by Dr.Web, a Russian-based antivirus maker, and named Rekoobe (or its more technical name: Linux.Rekoobe.1).

Read more

Entropy drought hits Raspberry Pi harvests, weakens SSH security

Filed under
Security

The November 2015 release of Raspbian does not use a hardware random number generator by default, according to a bug report posted to the Pi forums. Ideally, this generator should pour unpredictable numbers into a so-called entropy pool from which cryptographically secure numbers can be obtained – but this doesn't happen, and so the operating system's algorithms end up producing rather predictable "random" numbers.

Read more

Syndicate content

More in Tux Machines

Leftovers: Software

  • Wireshark 2.0.5 Released — World’s Most Popular Network Traffic Analyzer
    Wireshark is widely used as the primary network protocol analyzer by security researchers all across the world. Wireshark 2.0.5, the latest maintenance update, is now available for download with various security fixes and updated network protocols.
  • ownCloud 9.1 Community Edition Cloud Server Adds Innovative Security Features
    ownCloud announced the availability of the first major release for the 9.x series of the open-source self-hosting cloud server software for GNU/Linux operating systems recently. ownCloud 9.1 Community Edition is now the latest stable and most advanced release of the ownCloud Server, which promises dozens of attractive new features, among which we can mention a bunch of innovative security enhancements, such as support for token-based authentication sessions and pluggable authentication support. Additionally, ownCloud 9.1 introduces the ability to list all the devices that are connected to your personal user page, from where you'll be able to invalidate certain session. Device specific tokens are supported as well in the ownCloud 9.1 release, giving users new ways to control the access to their personal and private cloud servers.
  • Deluge 1.3.13 Free BitTorrent Client Adds an Extremely Large Set of Bugfixes
    It's been a while since we last heard something from the Deluge project, an open-source and cross-platform BitTorrent client that's available for GNU/Linux, Mac OS X, and Microsoft Windows operating systems. Deluge is quite a popular software for downloading torrent files over the Internet, and it comes with pretty much everything you would expect from a BitTorrent client, including protocol encryption, Universal Plug and Play (UPnP), Distributed Hash Table (DHT), uTorrent Peer Exchange, wet-PMP, and, of course, the ability to manage the program remotely via a web browser.
  • Krita 3.0.1 Coming September 5, First Development Builds Are Out Now for Testing
    Now that the final release of the Krita 3.0 digital painting software has been released for our personal computers, the time has come for the project's development team to concentrate their efforts on the first point release.
  • Docker Built-in Orchestration Ready for Production: Docker 1.12 Goes GA
  • Docker 1.12 App Container Engine Officially Released with Built-in Orchestration
    Docker, the award-winning and widely-used open-source application container engine, has just released a major milestone that introduces approximately 100 changes since the previous stable update. That's right, Docker 1.12.0 is finally here after being in development for the past two months, during which it received a total of five Release Candidate (RC) builds that have been seeded to public testers and those who wanted an early taste of what's coming to the final Docker 1.12 release. "We wanted to thank everyone in the community for helping us achieve this great milestone of making Docker 1.12 generally available for production environments. Docker 1.12 adds the largest and most sophisticated set of features into a single release since the beginning of the Docker project," reads the release announcement.
  • The State of GIMP & Its Future

Games for GNU/Linux

  • Latest Vendetta Online Update Brings VR Improvements, Oculus Rift 1.6 Support
    Guild Software announced earlier today, July 30, 2016, the availability of the latest updates for its cross-platform, commercial, and popular Vendetta Online massively multiplayer online role-playing game (MMORPG). A total of three small updates have been released for Vendetta Online since our last report three weeks ago, when Vendetta Online 1.8.380 was released for PCs (Linux, Mac, and Windows) with lots of goodies and multiple improvements.
  • ‘Stardew Valley’ Now Available On Mac And Linux
    Back in June, it was confirmed that the game will be making its way to the Wii U, Xbox One and PlayStation 4.
  • New Steam Beta Client Adds Numerous Steam Controller Improvements, More
    Today July 30, 2016, Valve has pushed yet another update for its Steam Client to the Beta channel on all supported platforms, including GNU/Linux, Mac OS X, and Microsoft Windows. Steam Client Beta Update July 29 was announced today, despite its name, and it only introduces support for the upcoming Windows Anniversary Update that will be made available on August 2, 2016, as well as numerous improvements and a handful of new features for the Steam Controller device.
  • The TORCS Racing Car Simulator Should Now Be Slightly Faster With Gallium3D
    For those playing TORCS, The Open Racing Simulator, its performance for this driving game simulator should be slightly faster if using one of Mesa's Gallium3D drivers. AMD developer Marek Olšák has landed a complete rewrite of state atoms inside the Gallium3D Mesa state tracker. Long story short, Marek concluded his commit message by mentioned, "torcs is 2% faster between the previous patch and the end of this series." Every little bit counts in making the open-source driver stack more competitive. With this being in the vendor-neutral Mesa state tracker code, it should presumably also help the Nouveau driver too, in addition to RadeonSI/R600g.

Red Hat Financial News

Voyager 16.04.1 LTS Adds Intel Skylake Support, Based on Xubuntu 16.04.1 LTS

The guys over Voyager, a Xubuntu-based GNU/Linux distribution built around the lightweight Xfce desktop environment, have announced the release of Voyager 16.04.1 LTS. Read more