Language Selection

English French German Italian Portuguese Spanish

Security

pfSense 2.2.5-RELEASE Now Available!

Filed under
Security
BSD

pfSense® software version 2.2.5 is now available. This release includes a number of bug fixes and some security updates.

Today is also the 11 year birthday of the project. While work started in late summer 2004, the domains were registered and the project made public on November 5, 2004. Thanks to everyone that has helped make the project a great success for 11 years. Things just keep getting better, and the best is yet to come.

Read more

Also: OpenBGPd and route filters

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security
  • The sorry state of certificate revocation
  • FreeIPA PKI: current plans and a future vision

    FreeIPA’s X.509 PKI features (based on Dogtag Certificate System) continue to be an area of interest for users and customers. In this post I summarise recently-added PKI features in FreeIPA, work in progress, and what we plan to do in future releases. Then I will outline my personal vision for what the future of PKI in FreeIPA should look like, noting how it will address pain points and limitations of the existing architecture.

  • CVE-2015-5602 and SELinux?

    That is one of the most common questions that we get when a new CVE (Common Vulnerabilities and Exposures) appears. We explain SELinux as a technology for process isolation to mitigate attacks via privilege escalation.

  • Risk report update: April to October 2015

    In April 2015 we took a look at a years worth of branded vulnerabilities, separating out those that mattered from those that didn’t. Six months have passed so let’s take this opportunity to update the report with the new vulnerabilities that mattered across all Red Hat products.

Security Leftovers

Filed under
Security
  • The Rise of Political Doxing

    Last week, CIA director John O. Brennan became the latest victim of what's become a popular way to embarrass and harass people on the Internet. A hacker allegedly broke into his AOL account and published e-mails and documents found inside, many of them personal and sensitive.

    It's called doxing­ -- sometimes doxxing­ -- from the word "documents." It emerged in the 1990s as a hacker revenge tactic, and has since been as a tool to harass and intimidate people on the Internet. Someone would threaten a woman with physical harm, or try to incite others to harm her, and publish her personal information as a way of saying "I know a lot about you­ -- like where you live and work." Victims of doxing talk about the fear that this tactic instills. It's very effective, by which I mean that it's horrible.

  • TalkTalk hack: Third suspect bailed as extent of the hack is outlined

    A THIRD SUSPECT in the TalkTalk hack has been released on police bail, as the telco provides more information about the scale of the attack, claiming that it was smaller than first thought.

    A 27-year-old man was arrested and released in Staffordshire under the Computer Misuse Act, as officers from several forces continue to close the net on the cyber criminals responsible.

  • Online Vigilantes: Hacking Sony for a Cause?

    And yeah, Heartbleed and Shellshock turned out to be much less of a threat than the tech world predicted. However, in various forums and other places where tech folks choose to hang out, Windows folks had a field day with all variants of “told-ya-so.” I pictured server admins running in circles with their hands flailing in the air, shouting that Armageddon was indeed here.

    [...]

    Fortunately, that rootkit was discovered fairly soon by Mark Russinovich, co-founder of Winternals. After the disclosure, Microsoft didn’t waste any time moving toward the acquisition of Russinovich’s company, although for complete disclosure, Russinovich had been offered a job by Microsoft years before. It is suggested in some circles that Microsoft purchased the company so quickly in order to quell the entire Microsoft/Sony duplicity rumors, as some believe that Microsoft would have to know about the rootkit, given how deeply it burrowed into Redmond’s proprietary code.

Tails 1.7 is out

Filed under
GNU
Linux
Security
Debian

This release fixes numerous security issues. All users must upgrade as soon as possible.

Read more

Security Leftovers

Filed under
Security

PSA: Do **NOT** upgrade FreeIPA servers to Fedora 23 yet

Filed under
Red Hat
Security

Hi, folks. Just wanted to get an important word out there: if you have a Fedora system running as a FreeIPA server, do NOT upgrade it to Fedora 23 yet! There are several bugs in the upgrade process and you will wind up with a broken server which requires some tricky manual fixing.

So for now, do not upgrade. Subscribe to this bug to follow progress on fixing the upgrade process.

Read more

Security Leftovers

Filed under
Security
  • 000webhost hacked, 13 million customers exposed

    Free website hosting service 000webhost has suffered a data breach which has placed the service's security practices under scrutiny.

    000webhost is a free web hosting service which supports both PHP and MySQL, catering for millions of users worldwide. On Wednesday, the firm told users in a Facebook message that the company had suffered a databreach on its main server.

  • Still fuming over HTTPS mishap, Google makes Symantec an offer it can’t refuse

    Google has given Symantec an offer it can't refuse: give a thorough accounting of its ailing certificate authority process or risk having the world's most popular browser—Chrome—issue scary warnings when end users visit HTTPS-protected websites that use Symantec credentials.

    The ultimatum, made in a blog post published Wednesday afternoon, came five weeks after Symantec fired an undisclosed number of employees caught issuing unauthorized transport layer security certificates. The mis-issued certificates made it possible for the holders to impersonate HTTPS-protected Google webpages.

  • Strengthening Diffie-Hellman in SSH and TLS

    Conjecture on cracked primes for the Diffie-Hellman asymmetric algorithm is in recent news, suggesting that several nations have broken primes in common use and can read all traffic...

  • TrustedSec Releases TAP – An Open Source Attack Platform

    While the software was designed to be run on an Intel NUC using Linux (or similar device), it could conceivably be run on other platforms and setups. The code is open, after all, and there for the taking. In any case, here are the specs described by the company:

Security Leftovers

Filed under
Security
  • Intel x86 considered harmful (new paper)

    Back in summer I have read a new book published by one of the core Intel architects about the Management Engine (ME). I didn't quite like what I read there. In fact I even found this a bit depressing, even though Intel ME wasn't particular news to me as we, at the ITL, have already studied this topic quite in-depth, so to say, back in 2008... But, as you can see in the linked article, I believed we could use VT-d to protect the host OS from the potentially malicious ME-based rootkits (which we demonstrated back then).

  • MySQL Windows servers come under malware attack

    Researchers at Symantec say they have discovered a form of malware that attacks MySQL on Windows servers, using them to launch distributed denial of service attacks.

  • Sustaining Digital Certificate Security

    Following our notification, Symantec published a report in response to our inquiries and disclosed that 23 test certificates had been issued without the domain owner’s knowledge covering five organizations, including Google and Opera.

    However, we were still able to find several more questionable certificates using only the Certificate Transparency logs and a few minutes of work. We shared these results with other root store operators on October 6th, to allow them to independently assess and verify our research.

    Symantec performed another audit and, on October 12th, announced that they had found an additional 164 certificates over 76 domains and 2,458 certificates issued for domains that were never registered.

  • British Gas leak sees 2,400 customer passwords posted online

    COOKING AND HEATING ENABLER British Gas has confessed to a data loss that has seen the details of many of its customers released online.

    British Gas has written to affected customers to tell them that, while it may not have been hacked, the effect is the same. It has somehow managed to leak information that has found its way onto the internet and in the direction of ne-er-do-wells.

    Reports have it that 2,399 email addresses and passwords have been leaked online. A package of emails and passwords is a pretty good haul for an online exploiter, particularly if the same details are used for access on other sites and services.

Syndicate content

More in Tux Machines

openSUSE Leap 42.2 Now Merged with SUSE Linux Enterprise 12 Service Pack 2

The development cycle of the openSUSE Leap 42.2 operating system continues, and today we would like to inform our readers about the availability of the third and last Alpha build in the series. Read more

Linux 4.7 and Linux 4.8

  • Linux Kernel 4.7 Officially Released, Introduces Support for Radeon RX480 GPUs
    Today, July 24, 2016, after a week of holiday fun, Linus Torvalds has had the great pleasure of announcing the release of Linux kernel 4.7 for all GNU/Linux operating systems. The Linux 4.7 kernel has been in development for the past two months, but that shouldn't surprise anyone who is either reading our website on a regular basis or keeping pace with the Linux kernel development cycle, which was very normal for this branch. A total of seven Release Candidate (RC) testing builds were released since May 29, 2016, which introduced numerous new features and improvements.
  • The Biggest Features Of The Linux 4.7 Kernel
    If all goes according to plan, the Linux 4.7 kernel will be released before the day is through.
  • The Size Of Different DRM Graphics Drivers In Linux 4.7
    Last October I looked at The Size Of The Different Open-Source Linux DRM/Mesa Graphics Drivers, but with it being nearly one year since then and Linux 4.7 due out today, I decided to run some fresh L.O.C. measurements on the popular DRM/KMS drivers to see their current sizes. This lines-of-code counting was mostly done out of a curiosity factor. In this article I'm just looking at the in-kernel DRM code and not the Mesa drivers, DDX drivers, LLVM back-ends, or anything else in user-space related to the open-source graphics drivers.
  • The Btrfs Windows Driver Updated With RAID Support & Other Features
  • Hardened Usercopy Appears Ready To Be Merged For Linux 4.8
    Yet another Linux kernel security feature coming to the mainline kernel that appears readied for the Linux 4.8 merge window is hardened usercopy. Hardened usercopy was originally based upon GrSecurity's PAX_USERCOPY feature but reworked into a whole new form, according to developer Kees Cook at Google. This hardened usercopy is to be exposed as the CONFIG_HARDENED_USERCOPY option within the kernel.

Ubuntu MATE 16.04.1 LTS Fixes the Raspberry Pi Partition Resizer, Adds MATE 1.14

As part of the Ubuntu 16.04.1 LTS (Xenial Xerus) announcement, Martin Wimpress informs us about the release of the Ubuntu MATE 16.04.1 LTS operating systems for users of Ubuntu MATE 16.04 LTS. Ubuntu MATE 16.04.1 LTS is not a major release, and if your Ubuntu MATE 16.04 LTS (Xenial Xerus) installation is up to date, you already have the latest software updates and security patches that have been injected in the new installation mediums generated mainly for those who want to reinstall or deploy the OS on new systems. Read more

elementary OS 0.4 "Loki" Gets New Beta with over 70 Bugfixes, RC1 Coming Next

The guys over elementary OS have released a second Beta version of the highly anticipated elementary OS 0.4 "Loki" operating system, fixing numerous of the issues reported by users since the first Beta. This time, the announcement was made by Daniel 'DanRabbit' Foré, who reports that more than 70 bugs reported by public beta testers since last month's Beta release have been squashed, and that many of the fixes are in fact configuration changes, which means that they won't be available to those running the first Beta build, so they'll have to make a fresh install. Read more