Language Selection

English French German Italian Portuguese Spanish


FreeNAS 9.10 Open-Source Storage Operating System Adds USB 3.0 & Skylake Support

Filed under

Jordan Hubbard from the FreeNAS project, an open-source initiative to create a powerful, free, secure, and reliable NAS (Network-attached storage) operating system based on BSD technologies, announced the release of FreeNAS 9.10.

FreeNAS 9.10 is the tenth maintenance release in the current stable 9.x series of the project, thus bringing the latest security patches from upstream, support for new devices, as well as several under-the-hood updates. As expected, FreeNAS 9.10 has been rebased on the latest FreeBSD 10.3 RC3 (Release Candidate) release.

Read more

Security Leftovers

Filed under
  • Security advisories for Monday
  • Cryptostalker, a Tool to Detect Crypto-Ransomware on Linux

    A while back, we stumbled upon an interesting GitHub repo dubbed randumb, which included an example called Cryptostalker, advertised as a tool to detect crypto-ransomware on Linux.

    Cryptostalker and the original project randumb are the work of Sean Williams, a developer from San Francisco. Mr. Williams wanted to create a tool that monitored the filesystem for newly written files, and if the files contained random data, the sign of encrypted content, and they were written at high speed, it would alert the system's owner.

  • Google slings critical patch at exploited Linux kernel root hole

    Google has shipped an out-of-band patch for Android shuttering a bug that is under active exploitation to root devices.

    The vulnerability (CVE-2015-1805) affects all Android devices running Linux kernel versions below 3.18.

  • Everything is fine, nothing to see here!

    Today everyone who is REALLY, I mean REALLY REALLY good at security got there through blood sweat and tears. Nobody taught them what they know, they learned it on their own. Many of us didn't have training when we were learning these things. Regardless of this though, if training is fantastic, why does it seem there is a constant march toward things getting worse instead of better? That tells me we're not teaching the right skills to the right people. The skills of yesterday don't help you today, and especially don't help tomorrow. By its very definition, training can only cover the topics of yesterday.

  • Inside the Starburst-sized box that could save the Internet

    Cybercrime is costing us millions. Hacks drain the average American firm of $15.4 million per year, and, in the resulting panic, companies often spend more than $1.9 million to resolve a single attack. It’s time to face facts: Our defenses aren’t strong enough to keep the hackers out.

  • Utah’s Online Caucus Gives Security Experts Heart Attacks

    On Tuesday, registered Republicans in Utah who want to participate in their state’s caucus will have the option to either head to a polling station and cast a vote in person or log onto a new website and choose their candidate online. To make this happen, the Utah GOP paid more than $80,000 to the London-based company Smartmatic, which manages electronic voting systems and internet voting systems in 25 countries and will run the Utah GOP caucus system.

Security Leftovers

Filed under

Snowden: “I Used Free And Open Source Software Like Debian And TOR. I Didn’t Trust Microsoft”

Filed under

At the Free Software Foundation’s LibrePlanet2016 conference on Saturday, NSA whistleblower Edward Snowden participated in a discussion regarding free software and security. He joined the talk via video conferencing from Russia.

Edward Snowden told that he was able to disclose the secrets of American government and its projects of mass surveillance using free software. The event was being held in an MIT lecture hall and this statement drew a wide round of applause.

Praising the likes of Debian, Tails, and TOR, he said — “What happened in 2013 couldn’t have happened without free software.”

Read more

Also: OS X and Linux rise in developer market to threaten Windows

Antivirus Live CD 17.0-0.99.1 Uses ClamAV 0.99.1 to Clean Your PCs of Viruses

Filed under

4MLinux developer Zbigniew Konojacki today informs Softpedia about the immediate availability for download of a new build of his Antivirus Live CD tool based on the latest 4MLinux and ClamAV projects.

Read more

Security Leftovers

Filed under
  • Leopard Flower firewall – Protect your bytes

    Several months ago, I decided to explore a somewhat obscure topic of outbound per-application firewall control in Linux. A concept that Windows users are well familiar with, it’s been around for ages, providing Windows folks with a heightened sense of – if not practical factual – protection against rogues residing in their system and trying to phone home.

    In Linux, things are a little different, but with the growing flux of Windows converts arriving at the sandy shores of open-source, the notion of need for outbound control of applications has also risen, giving birth to software designed to allay fears if not resolve problems. My first attempt to play with Leopard Flower and Douane was somewhat frustrating. Now, I’m going to revisit the test, focusing only on the former.


    Leopard Flower firewall is an interesting concept. Misplaced, though, for most parts. It caters to a Windows need that does not exist on Linux, and to be frank, has no place in the Microsoft world either. Then, it also tries to resolve a problem of control and knowledge by requiring the user to exercise the necessary control and knowledge. But if they had those to begin with, they wouldn’t need to dabble in per-application firewalls. Furthermore, the software is still fairly immature. There are at least half a dozen little things and changes that can be implemented to make lpfw more elegant, starting with installation and followed by service and GUI model, prompts, robustness, and a few others.

  • Critical bug in libotr could open users of ChatSecure, Adium, Pidgin to compromise
  • Clair 1.0 Brings Advances in Container Security

    CoreOS pushes the open-source container security project to the 1.0 milestone and production stability.
    As container use grows, there is an increasing need to understand from a security perspective what is actually running in a container. That's the goal of CoreOS' Clair container security project, which officially hits the 1.0 milestone today, in an effort to help organizations validate container application security.

Security Leftovers

Filed under
  • Friday's security updates
  • At pwn2Own, Chrome, Flash and Other Key Tools Proved Vulnerable
  • Motor Vehicles Increasingly Vulnerable to Remote Exploits

    As previously reported by the media in and after July 2015, security researchers evaluating automotive cybersecurity were able to demonstrate remote exploits of motor vehicles. The analysis demonstrated the researchers could gain significant control over vehicle functions remotely by exploiting wireless communications vulnerabilities. While the identified vulnerabilities have been addressed, it is important that consumers and manufacturers are aware of the possible threats and how an attacker may seek to remotely exploit vulnerabilities in the future. Third party aftermarket devices with Internet or cellular access plugged into diagnostics ports could also introduce wireless vulnerabilities.

  • Malvertising hits BBC, Newsweek, NYT and MSN

    Links to malware inside online advertising bypassed the security systems of the advertising serving companies and distributed ransomware to unsuspecting ‘link clickers’.

    Earlier this week major websites including BBC, Newsweek, New York Times and MSN ‘hosted’ malvertising on their sites that has been credited as the largest of attack of its type for two years. Previously Google’s DoubleClick and Zedo ad servers were ‘infected’ and YouTube, Amazon and Yahoo websites used advertisements served from them.

    Although ad serving networks try to filter out malicious ones, occasionally altered ones’ slip in. On a high-traffic site, this means a large pool of potential victims. Websites that serve the ads are usually unaware of the problem.

    AppNexus, one of the ad servers said it has an anti-malware detection system called Sherlock it uses to screen ads and also uses a filtering product from a third-party vendor. "We devote considerable financial resources to safeguarding our customers. Unfortunately, bad actors also invest considerably in developing new forms of malware,” said Josh Zeitz, vice president of communications.

  • Security Researcher Goes Missing After Investigating Bangladesh Bank Cyber-Heist

    Tanvir Hassan Zoha, 34, security researcher, has gone missing just days after accusing Bangladesh's central bank officials of negligence, which facilitated the theft of over $81 million from the country's oversea accounts.

Linux Kernel 3.12.57 LTS Out Now with ALSA, EFI, and Xen Improvements, Bugfixes

Filed under

On March 18, 2016, kernel developer Jiri Slaby announced the release of the fifty-seventh maintenance build of the long-term supported Linux 3.12 kernel series.

Read more

Security Leftovers

Filed under
  • Security updates for Thursday
  • Locky Ransomware Spreading in Massive Spam Attack

    Trustwave said over the last seven days, malware-laced spam has represented 18 percent of total spam collected in its honeypots. Trustwave said malware-infected spam typically represent less than 2 percent of total spam. The recent increase to 18 percent is almost entirely traced to ransomware JavaScript downloaders. Campaigns aren’t continuous, Trustwave reported, but are delivered in hour-long bursts.

  • Considering Docker? Consider Security First

    Containers started making a big splash in IT and dev operations starting in 2014. The benefits of flexibility and go-live times, among many others, are almost undeniable. But large enterprises considering using a container platform for development or IT operations should pause and consider security first.

Security Leftovers

Filed under
  • Big-name sites hit by rash of malicious ads spreading crypto ransomware [Updated]

    Mainstream websites, including those published by The New York Times, the BBC, MSN, and AOL, are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned.

    The tainted ads may have exposed tens of thousands of people over the past 24 hours alone, according to a blog post published Monday by Trend Micro. The new campaign started last week when "Angler," a toolkit that sells exploits for Adobe Flash, Microsoft Silverlight, and other widely used Internet software, started pushing laced banner ads through a compromised ad network.

    According to a separate blog post from Trustwave's SpiderLabs group, one JSON-based file being served in the ads has more than 12,000 lines of heavily obfuscated code. When researchers deciphered the code, they discovered it enumerated a long list of security products and tools it avoided in an attempt to remain undetected.

  • VMware fixes XSS flaws in vRealize for Linux

    VMware patched two cross-site scripting issues in several editions of its vRealize cloud software. These flaws could be exploited in stored XSS attacks and could result in the user's workstation being compromised.

  • VMware patches severe XSS flaws in vRealize software

    VMware has patched two serious vulnerabilities in the firm's vRealize software which could lead to remote code execution and the compromise of business workstations.

    In a security advisory posted on Tuesday, the Palo Alto, California-based firm said the "important" vulnerabilities are found within the VMware vRealize Automation and VMware vRealize Business Advanced and Enterprise software platforms.

  • Get ready to patch Git servers, clients – nasty-looking bugs surface

    A chap who found two serious security bugs in Git servers and clients has urged people to patch their software.

    The flaws are present in Git including the 2.x, 1.9 and 1.7 branches, meaning the vulnerabilities have been lurking in the open-source version control tool for years.

    It is possible these two programming blunders can be potentially exploited to corrupt memory or execute malicious code on remote servers and clients. To do so, an attacker would have to craft a Git repository with a tree of files that have extremely long filenames, and then push the repo to a vulnerable server or let a vulnerable client clone it from the internet.

Syndicate content

More in Tux Machines

Linux 4.8.4

I'm announcing the release of the 4.8.4 kernel. And yeah, sorry about the quicker releases, I'll be away tomorrow and as they seem to have passed all of the normal testing, I figured it would be better to get them out earlier instead of later. And I like releasing stuff on this date every year... All users of the 4.8 kernel series must upgrade. The updated 4.8.y git tree can be found at: git:// linux-4.8.y and can be browsed at the normal git web browser: Read more Also: Linux 4.7.10 Linux 4.4.27

New Releases: Budgie, Solus, SalentOS, and Slackel

  • Open-Source Budgie Desktop Sees New Release
    The pet parakeet of the Linux world, Budgie has a new release available for download. in this post we lookout what's new and tell you how you can get it.
  • Solus Linux Making Performance Gains With Its BLAS Configuration
    - Those making use of the promising Solus Linux distribution will soon find their BLAS-based workloads are faster. Solus developer Peter O'Connor tweeted this week that he's found some issues with the BLAS linking on the distribution and he's made fixes for Solus. He also mentioned that he uncovered these BLAS issues by using our Phoronix Test Suite benchmarking software.
  • SalentOS “Luppìu” 1.0 released!
    With great pleasure the team announces the release of SalentOS “Luppìu” 1.0.
  • Slackel "Live kde" 4.14.21
    This release is available in both 32-bit and 64-bit architectures, while the 64-bit iso supports booting on UEFI systems. The 64-bit iso images support booting on UEFI systems. The 32-bit iso images support both i686 PAE SMP and i486, non-PAE capable systems. Iso images are isohybrid.

Security News

  • Free tool protects PCs from master boot record attacks [Ed: UEFI has repeatedly been found to be both a detriment to security and enabler of Microsoft lock-in]
    Cisco's Talos team has developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks. The tool, called MBRFilter, functions as a signed system driver and puts the disk's sector 0 into a read-only state. It is available for both 32-bit and 64-bit Windows versions and its source code has been published on GitHub. The master boot record (MBR) consists of executable code that's stored in the first sector (sector 0) of a hard disk drive and launches the operating system's boot loader. The MBR also contains information about the disk's partitions and their file systems. Since the MBR code is executed before the OS itself, it can be abused by malware programs to increase their persistence and gain a head start before antivirus programs. Malware programs that infect the MBR to hide from antivirus programs have historically been known as bootkits -- boot-level rootkits. Microsoft attempted to solve the bootkit problem by implementing cryptographic verification of the bootloader in Windows 8 and later. This feature is known as Secure Boot and is based on the Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.
  • DDOS Attack On Internet Infrastructure
    I hope somebody's paying attention. There's been another big DDOS attack, this time against the infrastructure of the Internet. It began at 7:10 a.m. EDT today against Dyn, a major DNS host, and was brought under control at 9:36 a.m. According to Gizmodo, which was the first to report the story, at least 40 sites were made unreachable to users on the US East Coast. Many of the sites affected are among the most trafficed on the web, and included CNN, Twitter, PayPal, Pinterest and Reddit to name a few. The developer community was also touched, as GitHub was also made unreachable. This event comes on the heels of a record breaking 620 Gbps DDOS attack about a month ago that brought down security expert Brian Krebs' website, KrebsonSecurity. In that attack, Krebs determined the attack had been launched by botnets that primarily utilized compromised IoT devices, and was seen by some as ushering in a new era of Internet security woes.
  • This Is Why Half the Internet Shut Down Today [Update: It’s Getting Worse]
    Twitter, Spotify and Reddit, and a huge swath of other websites were down or screwed up this morning. This was happening as hackers unleashed a large distributed denial of service (DDoS) attack on the servers of Dyn, a major DNS host. It’s probably safe to assume that the two situations are related.
  • Major DNS provider Dyn hit with DDoS attack
    Attacks against DNS provider Dyn continued into Friday afternoon. Shortly before noon, the company said it began "monitoring and mitigating a DDoS attack" against its Dyn Managed DNS infrastructure. The attack may also have impacted Managed DNS advanced service "with possible delays in monitoring."
  • What We Know About Friday’s Massive East Coast Internet Outage
    Friday morning is prime time for some casual news reading, tweeting, and general Internet browsing, but you may have had some trouble accessing your usual sites and services this morning and throughout the day, from Spotify and Reddit to the New York Times and even good ol’ For that, you can thank a distributed denial of service attack (DDoS) that took down a big chunk of the Internet for most of the Eastern seaboard. This morning’s attack started around 7 am ET and was aimed at Dyn, an Internet infrastructure company headquartered in New Hampshire. That first bout was resolved after about two hours; a second attack began just before noon. Dyn reported a third wave of attacks a little after 4 pm ET. In all cases, traffic to Dyn’s Internet directory servers throughout the US—primarily on the East Coast but later on the opposite end of the country as well—was stopped by a flood of malicious requests from tens of millions of IP addresses disrupting the system. Late in the day, Dyn described the events as a “very sophisticated and complex attack.” Still ongoing, the situation is a definite reminder of the fragility of the web, and the power of the forces that aim to disrupt it.
  • Either IoT will be secure or the internet will be crippled forever
    First things first a disclaimer. I neither like nor trust the National Security Agency (NSA). I believe them to be mainly engaged in economic spying for the corporate American empire. Glenn Greenwald has clearly proven that in his book No Place to Hide. At the NSA, profit and power come first and I have no fucking clue as to how high they prioritize national security. Having said that, the NSA should hack the Internet of (insecure) Things (IoT) to death. I know Homeland Security and the FBI are investigating where the DDoS of doomsday proportions is coming from and the commentariat is already screaming RUSSIA! But it is really no secret what is enabling this clusterfuck. It’s the Mirai botnet. If you buy a “smart camera” from the Chinese company Hangzhou XiongMai Technologies and do not change the default password, it will be part of a botnet five minutes after you connect it to the internet. We were promised a future where we would have flying cars but we’re living in a future where camera’s, light-bulbs, doorbells and fridges can get you in serious trouble because your home appliances are breaking the law.
  • IoT at the Network Edge
    Fog computing, also known as fog networking, is a decentralized computing infrastructure. Computing resources and application services are distributed in logical, efficient places at any points along the connection from the data source (endpoint) to the cloud. The concept is to process data locally and then use the network for communicating with other resources for further processing and analysis. Data could be sent to a data center or a cloud service. A worthwhile reference published by Cisco is the white paper, "Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are."
  • Canonical now offers live kernel patching for Ubuntu 16.04 LTS users
    Canonical has announced its ‘Livepatch Service’ which any user can enable on their current installations to eliminate the need for rebooting their machine after installing an update for the Linux kernel. With the release of Linux 4.0, users have been able to update their kernel packages without rebooting, however, Ubuntu will be the first distribution to offer this feature for free.
  • ​The Dirty Cow Linux bug: A silly name for a serious problem
    Dirty Cow is a silly name, but it's a serious Linux kernel problem. According to the Red Hat bug report, "a race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."
  • Ancient Privilege Escalation Bug Haunts Linux
  • October 21, 2016 Is Dirty COW a serious concern for Linux?
  • There is a Dirty Cow in Linux
  • Red Hat Discovers Dirty COW Archaic Linux Kernel Flaw Exploited In The Wild
  • Linux kernel bug being exploited in the wild
  • Update Linux now: Critical privilege escalation security flaw gives hackers full root access
  • Linux kernel bug: DirtyCOW “easyroot” hole and what you need to know
  • 'Most serious' Linux privilege-escalation bug ever discovered
  • New 'Dirty Cow' vulnerability threatens Linux systems
  • Serious Dirty Cow Linux Vulnerability Under Attack
  • Easy-to-exploit rooting flaw puts Linux PCs at risk
  • Linux just patched a vulnerability it's had for 9 years
  • Dirty COW Linux vulnerability has existed for nine years
  • 'Dirty Cow' Linux Vulnerability Found
  • 'Dirty Cow' Linux Vulnerability Found After Nine Years
  • FakeFile Trojan Opens Backdoors on Linux Computers, Except openSUSE
    Malware authors are taking aim at Linux computers, more precisely desktops and not servers, with a new trojan named FakeFile, currently distributed in live attacks. Russian antivirus vendor Dr.Web discovered this new trojan in October. The company's malware analysts say the trojan is spread in the form of an archived PDF, Microsoft Office, or OpenOffice file.

today's howtos