Language Selection

English French German Italian Portuguese Spanish

Security

Blaming GNU/Linux for Facebook Issues

Filed under
GNU
Linux
Security

Security: Updates, Phones, Kaspersky, Monero Pool, Microsoft-Connected SourceClear, Ransomware, and Android

Filed under
Security

Security: Xen Hypervisor Patched, Crunchy Data, Finding Malware, MalwareTech Latest

Filed under
Security
  • Xen Hypervisor Patched for Privilege Escalation and Information Leak Flaws

    The Xen Project has fixed five new vulnerabilities in the widely used Xen virtualization hypervisor. The flaws could allow attackers to break out of virtual machines and access sensitive information from host systems.

    According to an analysis by the security team of Qubes OS, an operating system that relies on Xen for its security model, most of the vulnerabilities stem from the mechanism that’s used to share memory between domains. Under Xen, the host system and the virtual machines (guests) run in separate security domains.

  • Crunchy Data Unveils Open Source Security Compliance Automation Platform

    The Defense Information Systems Agency released a STIG for Crunchy Data’s PostgreSQL open source database in March to provide guidance on how to deploy the database in government networks in compliance with DoD security requirements.

    “Crunchy Data’s mission is to enable enterprises to adopt open source PostgreSQL as a means to reduce [information technology] infrastructure costs and avoid unwanted vendor lock-in,” said Paul Laurence, chief operating officer of Crunchy Data.

  • How to scan and clean malware from a Linux server

    At first blush, you might be wondering why anyone would need to scan a Linux server for malware. Even though the Linux platform isn't nearly as vulnerable to malware as other systems, that doesn't mean your email or file server can't host malicious files that could take down a connected (and vulnerable) machine. Say, for instance, your Linux server uses Samba to allow users to store files. Or maybe it's a cloud server that allows users to sync and share their files to various devices. How do you know a user hasn't inadvertently uploaded a malicious file to the server? You don't, unless you take action.

  • GCHQ Knew FBI Wanted To Arrest MalwareTech, Let Him Fly To The US To Be Arrested There

    It looks like the UK found an easy way to avoid another lengthy extradition battle. Its intelligence agency, GCHQ, knew something security research Marcus Hutchins didn't -- and certainly didn't feel obliged to tell him. Not only that, but it let a criminal suspect fly out of the country with zero pre-flight vetting. (Caution: registration wall ahead.)

Security: NHS Windows Nightmare Resumes, Deep-Insert Skimmers and More

Filed under
Security
  • NHS ransomware: 'WannaCry' ransomware hits LG self-service kiosks

     

    [...] Microsoft [...]

  • Dumping Data from Deep-Insert Skimmers
  • How I Accidentally Framed Myself for a Hacking {sic} Frenzy

     

    It’s well known that some websites are vulnerable to IP address spoofing because they trust a user-supplied HTTP header like X-Forwarded-For to accurately specify the visitor’s IP address. However, until recently there was no widely known reliable way of identifying this vulnerability. During my recent Cracking the Lens research, I noticed that it was possible to identify this vulnerability by spoofing a domain name instead of a raw IP address, and observing whether the server attempts to resolve this domain to an IP address.

  • Hackers {sic} turn family robots into weapons and spying tools

     

    "The worry is that people continue to think of these devices as gimmicks and toys, not potentially dangerous devices that may be used to spy on their loved ones or even hurt them," said Lucas Apa, prinicpal security consultant at IOActive.

  • Spend until you're secure

    This is a huge problem in many organizations. If you don't know what would happen if you lowered or increased your security spending you're basically doing voodoo security. You can imagine many projects and processes as having a series of inputs that can be adjusted. Things like money, time, people, computers, the list could go on. You can control these variables and have direct outcomes on the project. More people could mean you can spend less money on contractors, more computers could mean less time spent on rendering or compiling. Ideally you have a way to find the optimal levels for each of these variables resulting in not only a high return on investment, but also happier workers as they can see the results of their efforts.

Security: Updates, Spyware, Sapienz, fail2ban, DeepSPADE

Filed under
Security

Security: Brian Krebs, Marcus Hutchins, and Windows Cryptocurrency Miner

Filed under
Security

Security: Windows/WannaCry, Lack of Security Skills, Incredible Claims About Jinan

Filed under
Security

Security: FOSS Updates, More on Marcus Hutchins

Filed under
Security

Security: Marcus Hutchins Upate, Deep Flaw in Cars, Raspberry Pi OS Update

Filed under
Security

Security: Wi-Fi, U.S. State Department Outage, Kronos, and Myths

Filed under
Security
  • One mistake people make using public Wi-Fi

     

    But if you’re sharing files on public Wi-Fi, your folders may be accessible to anyone connected to the same public network. In other words, file sharing automatically exposes your computer and everything you intend to share. Your vacation photos may end up in the wrong hands, and so could your contracts, spreadsheets, and tax information.

  • Officials: State Department suffers worldwide email outage

     

    The U.S. State Department's email system underwent a worldwide outage Friday, affecting all its unclassified communications within and outside of the department.  

  • Marcus Hutchins' code written long after Kronos: researcher

     

    The security researcher, who claimed recently to have found code written by Briton Marcus Hutchins that was used in the Kronos banking trojan by a third party, now says this code predates both Hutchins and the unknown third party that used it in Kronos.  

  • Linux security myths
Syndicate content

More in Tux Machines

Chromium and Firefox: New Features

  • Chromebook Owners Will Soon Be Able to Monitor CPU and RAM Usage in Real-Time
    Chromium evangelist François Beaufort announced today that Google's Chrome OS engineers have managed to implement a new feature that will let Chromebook owners monitor the CPU usage, RAM, and zRam statistics in real-time. The feature was implemented in the Chrome Canary experimental channel and can be easily enabled by opening the Google Chrome web browser and accessing the chrome://flags/#sys-internals flag. There you'll be able to monitor your Chromebook's hardware and see what's eating your memory or CPU during heavy workloads, all in real-time. "Chrome OS users can monitor in real-time their CPU usage, memory and zRam statistics thanks to the new internal page chrome://sys-internals in the latest Canary," said François Beaufort in a Google+ post. "For that, enable the experimental chrome://flags/#sys-internals flag, restart Chrome, and enjoy watching real-time resource consumption."
  • Tracking Protection for Firefox for iOS Plus Multi-Tasking in Focus for Android New Today
    Across the industry, September is always an exciting month in mobile, and the same is true here at Mozilla. Today, we’re launching the newest Firefox for iOS alongside an update for the popular Firefox Focus for Android, which we launched in June.

Ubuntu 17.10 (Artful Aardvark) Is Now Powered by Linux Kernel 4.13, GCC 7.2

Greg Kroah-Hartman published on Wednesday new maintenance updates for various of the supported Linux kernel branches that he maintains, including the Linux 4.12 series, which appears to have reached end of life. Read more

The ISS just got its own Linux supercomputer

A year-long project to determine how high-performance computers can perform in space has just cleared a major hurdle -- successfully booting up on the International Space Station (ISS). This experiment conducted by Hewlett Packard Enterprise (HPE) and NASA aims to run a commercial off-the-shelf high-performance computer in the harsh conditions of space for one year -- roughly the amount of time it will take to travel to Mars. Read more

Qt 5.6.3 Released

I am pleased to inform that Qt 5.6.3 has been released today. As always with a patch release Qt 5.6.3 does not bring any new features, just error corrections. For details of the bug fixes in Qt 5.6.3, please check the change logs for each module. Read more