Language Selection

English French German Italian Portuguese Spanish

Security

Security: MalwareTech, Passwords Leak, Security Updates and Reproducible Builds

Filed under
Security
  • MalwareTech’s legal defense fund bombarded with fraudulent donations

    Marcus Hutchins, the popular British security researcher, has a new legal headache beyond the criminal charges against him.

    Hutchins, AKA "MalwareTech," pleaded not guilty two weeks ago to criminal charges in Wisconsin that accuse him of creating and distributing the Kronos malware that steals banking credentials. Now comes word that his legal defense fund was riddled with illicit donations.

  • Leak of >1,700 valid passwords could make the IoT mess much worse

    Security researchers have unearthed a sprawling list of login credentials that allows anyone on the Internet to take over home routers and more than 1,700 "Internet of things" devices and make them part of a destructive botnet.

    The list of telnet-accessible devices, currently posted at this Pastebin address, was first posted in June, but it has been updated several times since then. It contains user names and passwords for 8,233 unique IP addresses, 2,174 of which were still running open telnet servers as of Friday morning, said Victor Gevers, chairman of the GDI Foundation, a Netherlands-based nonprofit that works to improve Internet security. Of those active telnet services, 1,774 remain accessible using the leaked credentials, Gevers said. In a testament to the poor state of IoT security, the 8,233 hosts use just 144 unique username-password pairs.

  • Security updates for Friday
  • Reproducible Builds: Weekly

Blaming GNU/Linux for Facebook Issues

Filed under
GNU
Linux
Security

Security: Updates, Phones, Kaspersky, Monero Pool, Microsoft-Connected SourceClear, Ransomware, and Android

Filed under
Security

Security: Xen Hypervisor Patched, Crunchy Data, Finding Malware, MalwareTech Latest

Filed under
Security
  • Xen Hypervisor Patched for Privilege Escalation and Information Leak Flaws

    The Xen Project has fixed five new vulnerabilities in the widely used Xen virtualization hypervisor. The flaws could allow attackers to break out of virtual machines and access sensitive information from host systems.

    According to an analysis by the security team of Qubes OS, an operating system that relies on Xen for its security model, most of the vulnerabilities stem from the mechanism that’s used to share memory between domains. Under Xen, the host system and the virtual machines (guests) run in separate security domains.

  • Crunchy Data Unveils Open Source Security Compliance Automation Platform

    The Defense Information Systems Agency released a STIG for Crunchy Data’s PostgreSQL open source database in March to provide guidance on how to deploy the database in government networks in compliance with DoD security requirements.

    “Crunchy Data’s mission is to enable enterprises to adopt open source PostgreSQL as a means to reduce [information technology] infrastructure costs and avoid unwanted vendor lock-in,” said Paul Laurence, chief operating officer of Crunchy Data.

  • How to scan and clean malware from a Linux server

    At first blush, you might be wondering why anyone would need to scan a Linux server for malware. Even though the Linux platform isn't nearly as vulnerable to malware as other systems, that doesn't mean your email or file server can't host malicious files that could take down a connected (and vulnerable) machine. Say, for instance, your Linux server uses Samba to allow users to store files. Or maybe it's a cloud server that allows users to sync and share their files to various devices. How do you know a user hasn't inadvertently uploaded a malicious file to the server? You don't, unless you take action.

  • GCHQ Knew FBI Wanted To Arrest MalwareTech, Let Him Fly To The US To Be Arrested There

    It looks like the UK found an easy way to avoid another lengthy extradition battle. Its intelligence agency, GCHQ, knew something security research Marcus Hutchins didn't -- and certainly didn't feel obliged to tell him. Not only that, but it let a criminal suspect fly out of the country with zero pre-flight vetting. (Caution: registration wall ahead.)

Security: NHS Windows Nightmare Resumes, Deep-Insert Skimmers and More

Filed under
Security
  • NHS ransomware: 'WannaCry' ransomware hits LG self-service kiosks

     

    [...] Microsoft [...]

  • Dumping Data from Deep-Insert Skimmers
  • How I Accidentally Framed Myself for a Hacking {sic} Frenzy

     

    It’s well known that some websites are vulnerable to IP address spoofing because they trust a user-supplied HTTP header like X-Forwarded-For to accurately specify the visitor’s IP address. However, until recently there was no widely known reliable way of identifying this vulnerability. During my recent Cracking the Lens research, I noticed that it was possible to identify this vulnerability by spoofing a domain name instead of a raw IP address, and observing whether the server attempts to resolve this domain to an IP address.

  • Hackers {sic} turn family robots into weapons and spying tools

     

    "The worry is that people continue to think of these devices as gimmicks and toys, not potentially dangerous devices that may be used to spy on their loved ones or even hurt them," said Lucas Apa, prinicpal security consultant at IOActive.

  • Spend until you're secure

    This is a huge problem in many organizations. If you don't know what would happen if you lowered or increased your security spending you're basically doing voodoo security. You can imagine many projects and processes as having a series of inputs that can be adjusted. Things like money, time, people, computers, the list could go on. You can control these variables and have direct outcomes on the project. More people could mean you can spend less money on contractors, more computers could mean less time spent on rendering or compiling. Ideally you have a way to find the optimal levels for each of these variables resulting in not only a high return on investment, but also happier workers as they can see the results of their efforts.

Security: Updates, Spyware, Sapienz, fail2ban, DeepSPADE

Filed under
Security

Security: Brian Krebs, Marcus Hutchins, and Windows Cryptocurrency Miner

Filed under
Security

Security: Windows/WannaCry, Lack of Security Skills, Incredible Claims About Jinan

Filed under
Security

Security: FOSS Updates, More on Marcus Hutchins

Filed under
Security

Security: Marcus Hutchins Upate, Deep Flaw in Cars, Raspberry Pi OS Update

Filed under
Security
Syndicate content

More in Tux Machines

Introducing the potential new Ubuntu Studio Council

Back in 2016, Set Hallström was elected as the new Team Lead for Ubuntu Studio, just in time for the 16.04 Xenial Long Term Support (LTS) release. It was intended that Ubuntu Studio would be able to utilise Set’s leadership skills at least up until the next LTS release in April 2018. Unfortunately, as happens occasionally in the world of volunteer work, Set’s personal circumstances changed and he is no longer able to devote as much time to Ubuntu Studio as he would like. Therefore, an IRC meeting was held between interested Ubuntu Studio contributors on 21st May 2017 to agree on how to fill the void. We decided to follow the lead of Xubuntu and create a Council to take care of Ubuntu Studio, rather than continuing to place the burden of leadership on the shoulder of one particular person. Unfortunately, although the result was an agreement to form the first Ubuntu Studio Council from the meeting participants, we all got busy and the council was never set up. Read more

today's leftovers

  • My Experience with MailSpring on Linux
    On the Linux Desktop, there are quite a few choices for email applications. Each of these has their own pros and cons which should be weighed depending on one’s needs. Some clients will have MS Exchange support. Others do not. In general, because email is reasonably close to free (and yes, we can thank Hotmail for that) it has been a difficult place to make money. Without a cash flow to encourage developers, development has trickled at best.
  • Useful FFMPEG Commands for Managing Audio and Video Files
  • Set Up A Python Django Development Environment on Debian 9 Stretch Linux
  • How To Run A Command For A Specific Time In Linux
  • Kubuntu 17.10 Guide for Newbie Part 7
  •  
  • Why Oppo and Vivo are losing steam in Chinese smartphone market
    China’s smartphone market has seen intense competition over the past few years with four local brands capturing more than 60 percent of sales in 2017. Huawei Technologies, Oppo, Vivo and Xiaomi Technology recorded strong shipment growth on a year-on-year basis. But some market experts warned that Oppo and Vivo may see the growth of their shipments slow this year as users become more discriminating.
  • iPhones Blamed for More than 1,600 Accidental 911 Calls Since October
    The new Emergency SOS feature released by Apple for the iPhone is the one to blame for no less than 1,600 false calls to 911 since October, according to dispatchers. And surprisingly, emergency teams in Elk Grove and Sacramento County in California say they receive at least 20 such 911 calls every day from what appears to be an Apple service center. While it’s not exactly clear why the iPhones that are probably brought in for repairs end up dialing 911, dispatchers told CBS that the false calls were first noticed in the fall of the last year. Apple launched new iPhones in September 2017 and they went on sale later the same month and in November, but it’s not clear if these new devices are in any way related to the increasing number of accidental calls to 911.
  • Game Studio Found To Install Malware DRM On Customers' Machines, Defends Itself, Then Apologizes
    The thin line that exists between entertainment industry DRM software and plain malware has been pointed out both recently and in the past. There are many layers to this onion, ranging from Sony's rootkit fiasco, to performance hits on machines thanks to DRM installed by video games, up to and including the insane idea that copyright holders ought to be able to use malware payloads to "hack back" against accused infringers. What is different in more recent times is the public awareness regarding DRM, computer security, and an overall fear of malware. This is a natural kind of progression, as the public becomes more connected and reliant on computer systems and the internet, they likewise become more concerned about those systems. That may likely explain the swift public backlash to a small game-modding studio seemingly installing something akin to malware in every installation of its software, whether from a legitimate purchase or piracy.

Server: Benchmarks, IBM and Red Hat

  • 36-Way Comparison Of Amazon EC2 / Google Compute Engine / Microsoft Azure Cloud Instances vs. Intel/AMD CPUs
    Earlier this week I delivered a number of benchmarks comparing Amazon EC2 instances to bare metal Intel/AMD systems. Due to interest from that, here is a larger selection of cloud instance types from the leading public clouds of Amazon Elastic Compute Cloud, Microsoft Azure, and Google Compute Engine.
  • IBM's Phil Estes on the Turbulent Waters of Container History
    Phil Estes painted a different picture of container history at Open Source 101 in Raleigh last weekend, speaking from the perspective of someone who had a front row seat. To hear him tell it, this rise and success is a story filled with intrigue, and enough drama to keep a daytime soap opera going for a season or two.
  • Red Hat CSA Mike Bursell on 'managed degradation' and open data
    As part of Red Hat's CTO office chief security architect Mike Bursell has to be informed of security threats past, present and yet to come – as many as 10 years into the future. The open source company has access to a wealth of customers in verticals including health, finance, defence, the public sector and more. So how do these insights inform the company's understanding of the future threat landscape?
  • Red Hat Offers New Decision Management Tech Platform
    Red Hat (NYSE: RHT) has released a platform that will work to support information technology applications and streamline the deployment of rules-based tools in efforts to automate processes for business decision management, ExecutiveBiz reported Thursday.

Vulkan Anniversary and Generic FBDEV Emulation Continues To Be Worked On For DRM Drivers

  • Vulkan Turns Two Years Old, What Do You Hope For Next?
    This last week marked two years since the debut of Vulkan 1.0, you can see our our original launch article. My overworked memory missed realizing it by a few days, but it's been a pretty miraculous two years for this high-performance graphics and compute API.
  • Generic FBDEV Emulation Continues To Be Worked On For DRM Drivers
    Noralf Trønnes has spent the past few months working on generic FBDEV emulation for Direct Rendering Manager (DRM) drivers and this week he volleyed his third revision of these patches, which now includes a new in-kernel API along with some clients like a bootsplash system, VT console, and fbdev implementation.