Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security
  • A 'mystery device' is letting thieves break into cars and drive off with them, insurance group says

    Insurance crime investigators are raising alarms over a device that not only lets thieves break into cars that use keyless entry systems but also helps start and steal them.

    Investigators from the National Insurance Crime Bureau, a not-for-profit organization, said in an interview they obtained what they called the “mystery device” from a third-party security expert at an overseas company.

    So far, the threat here may be mostly theoretical. The crime bureau said it heard of the device being used in Europe and had reports that it had entered the U.S., but said there are no law enforcement reports of a car being stolen using it in the United States.

  • Turkish hacking group offers tiered points rewards program for DoS attacks

    A TURKISH HACKING GANG is taking an unusual approach to funding denial of service attacks, and is soliciting for, and offering hackers rewards for taking down chosen pages.

    This is unusual, as far as we know, and it has led to the creation of comment from the security industry. Often these things do.

  • German judges explain why Adblock Plus is legal

    Last month, Adblock Plus maker Eyeo GmbH won its sixth legal victory in German courts, with a panel of district court judges deciding that ad-blocking software is legal despite German newsmagazine Der Spiegel's arguments to the contrary. Now, the reasoning of the Hamburg-based panel of judges has been made public.

    According to an unofficial English-translated copy (PDF) of the judgment, Spiegel Online argued it was making a "unified offer" to online consumers. Essentially, that offer is: read the news content for free and view some ads. While Internet users have the freedom "not to access this unified offer," neither they nor Adblock Plus have the right to "dismantle" it. Eyeo's behavior thus amounted to unfair competition, and it could even wipe the offer out, Spiegel claimed.

    "The Claimant [Spiegel] argues that the Defendant’s [Eyeo's] business model endangers the Claimant’s existence," reads the judgment, which isn't final because it can be appealed by Spiegel. Because users aren't willing to pay for editorial content on the Web, "it is not economically viable for the Claimant to switch to this business model."

    Spiegel asked for an accounting of all the blocked views on its website and a fine to be paid—or even for managers Wladimir Palant and Till Faida to be placed in "coercive detention" of up to two years.

  • Op-ed: I’m throwing in the towel on PGP, and I work in security [Ed: Onlya tool would drop PGP for Facebook-controlled Whatsapp. The company back-doors everything under gag orders.]

    In the coming weeks I'll import all signatures I received, make all the signatures I promised, and then publish revocations to the keyservers. I'll rotate my Keybase key. Eventually, I'll destroy the private keys.

  • 90 per cent of NHS Trusts are still running Windows XP machines

    90 PER CENT of the NHS continues to run Windows XP machines, two and a half years after Microsoft ditched support for the ageing OS.

    It's Citrix who is ringing the alarm bells, having learnt that 90 per cent of NHS Trusts are still running Windows XP PCs. The firm sent Freedom of Information (FoI) requests to 63 NHS Trusts, 42 of which responded.

    The data also revealed that 24 Trusts are still not sure when they'll migrate from Windows XP to a newer version of Microsoft's OS. 14 per cent said they would be transitioning to a new operating system by the end of this year, while 29 per cent pledged to make the move sometime next year.

  • Ransomware blamed for attack that caused Lincolnshire NHS Trust shutdown

    RANSOMWARE is to blame for an attack which saw an NHS Trust in Lincolnshire that forced to cancel operations for four days in October.

    In a statement, Northern Lincolnshire and Goole NHS Foundation Trust said that a ransomware variant called Globe2 was to blame for the incident.

  • Researchers Find Fresh Fodder for IoT Attack Cannons

    New research published this week could provide plenty of fresh fodder for Mirai, a malware strain that enslaves poorly-secured Internet of Things (IoT) devices for use in powerful online attacks. Researchers in Austria have unearthed a pair of backdoor accounts in more than 80 different IP camera models made by Sony Corp. Separately, Israeli security experts have discovered trivially exploitable weaknesses in nearly a half-million white-labeled IP camera models that are not currently sought out by Mirai.

  • Your data is not safe. Here's how to lock it down

    But some people worry that government surveillance will expand under a Donald Trump presidency, especially because he tapped Mike Pompeo, who supports mass surveillance, for CIA chief.

  • Tor at the Heart: Library Freedom Project

    Library Freedom Project is an initiative that aims to make real the promise of intellectual freedom in libraries by teaching librarians and their local communities about surveillance threats, privacy rights and responsibilities, and privacy-enhancing technologies to help safeguard digital freedoms.

  • PowerShell security threats greater than ever, researchers warn

    Administrators should upgrade to the latest version of Microsoft PowerShell and enable extended logging and monitoring capabilities in the light of a surge in related security threats, warn researchers [...] Now more than 95% of PowerShell scripts analysed by Symantec researchers have been found to be malicious, with 111 threat families using PowerShell.

  • Five-Year-Old Bait-and-Switch Linux Security Flaw Patched

    Maintainers of the Linux Kernel project have fixed three security flaws this week, among which there was a serious bug that lingered in the kernel for the past five years and allowed attackers to bypass some OS security systems and open a root shell.

  • The Internet of Dangerous Auction Sites

    Ok, I know this is kind of old news now, but Bruce Schneier gave testimony to the House of Representatives’ Energy & Commerce Committee about computer security after the Dyn attack. I’m including this quote because I feel it sets the scene nicely for what follows here.

    Last week, I was browsing the popular online auction site eBay and I noticed that there was no TLS. For a moment, I considered that maybe my traffic was being intercepted deliberately, there’s no way that eBay as a global company would be deliberately risking users in this way. I was wrong. There is not and has never been TLS for large swathes of the eBay site. In fact, the only point at which I’ve found TLS is in their help pages and when it comes to entering card details (although it’ll give you back the last 4 digits of your card over a plaintext channel).

Security Leftovers

Filed under
Security

Security News

Filed under
Security
  • Security advisories for Friday
  • Oh, the security!

    This security concern has only raised because of using 3rd party parsers (well, in the case of the GStreamer vulnerability in question, decoders, why a parsing facility like GstDiscoverer triggers decoding is another question worth asking), and this parsing of content happens in exactly one place in your common setup: tracker-extract.

  • Patch for CVE-2016-8655 Issue Now Available for CloudLinux OS 7 KernelCare Users

    Just the other day we reported on the general availability of a kernel update for the shared hosting-oriented CloudLinux OS 7 operating system, and today a new patch is available for those running KernelCare.

    If you're not familiar with KernelCare, it's a commercial kernel live patching technology developed and provided by CloudLinux of its CloudLinux OS users. We've discussed CloudLinux's KernelCare in a previous report if you're curious to test drive it.

Three serious Linux kernel security holes patched

Filed under
Linux
Security

The good news is developers are looking very closely at Linux's core code for possible security holes. The bad news is they're finding them.

At least the best news is that they're fixing them as soon as they're uncovered.

The latest three kernel vulnerabilities are designated CVE-2016-8655, CVE-2016-6480, and CVE-2016-6828. Of these, CVE-2016-8655 is the worst of the bunch. It enables local users, which can include remote users with virtual and cloud-based Linux instances, to crash the system or run arbitrary code as root.

Read more

Antivirus Live CD 21.0-0.99.2 Helps You Protect Your Computer Against Viruses

Filed under
Security

4MLinux developer Zbigniew Konojacki proudly informs Softpedia today about the general availability of the Antivirus Live CD 21.0-0.99.2 bootable ISO image for scanning computers for viruses and other malware.

Read more

Security News

Filed under
Security

Canonical Outs Live Patch Kernel Update for Ubuntu 16.04 to Patch Security Flaws

Filed under
Security
Ubuntu

Just one day after announcing the availability of new kernel versions for all of its supported Ubuntu Linux operating systems, Canonical published a new kernel live patch security notice for Ubuntu 16.04 LTS (Xenial Xerus).

Read more

Security News

Filed under
Security
  • News in brief: DirtyCOW patched for Android; naked lack of security; South Korea hacked
  • Millions exposed to malvertising that hid attack code in banner pixels

    Researchers from antivirus provider Eset said "Stegano," as they've dubbed the campaign, dates back to 2014. Beginning in early October, its unusually stealthy operators scored a major coup by getting the ads displayed on a variety of unnamed reputable news sites, each with millions of daily visitors. Borrowing from the word steganography—the practice of concealing secret messages inside a larger document that dates back to at least 440 BC—Stegano hides parts of its malicious code in parameters controlling the transparency of pixels used to display banner ads. While the attack code alters the tone or color of the images, the changes are almost invisible to the untrained eye.

  • Backdoor accounts found in 80 Sony IP security camera models

    Many network security cameras made by Sony could be taken over by hackers and infected with botnet malware if their firmware is not updated to the latest version.

    Researchers from SEC Consult have found two backdoor accounts that exist in 80 models of professional Sony security cameras, mainly used by companies and government agencies given their high price.

    One set of hard-coded credentials is in the Web interface and allows a remote attacker to send requests that would enable the Telnet service on the camera, the SEC Consult researchers said in an advisory Tuesday.

  • I'm giving up on PGP

    After years of wrestling GnuPG with varying levels of enthusiasm, I came to the conclusion that it's just not worth it, and I'm giving up. At least on the concept of long term PGP keys.

    This is not about the gpg tool itself, or about tools at all. Many already wrote about that. It's about the long term PGP key model—be it secured by Web of Trust, fingerprints or Trust on First Use—and how it failed me.

Ubuntu Core has the keys to IoT security

Filed under
Security
Ubuntu

In October, a DDoS attack on Dyn's infrastructure took down a big chunk of the internet, making sites like Amazon and Twitter inaccessible. It was the first major attack involving IoT (internet of things) devices. Fortunately, it was also a benign attack: no one got hurt, no one died.

However, the next attack could be catastrophic. No one knows when it will happen. No one knows the magnitude.

Read more

Security Leftovers

Filed under
Security
  • Security advisories for Wednesday
  • There’s a new DDoS army, and it could soon rival record-setting Mirai

    For almost three months, Internet-of-things botnets built by software called Mirai have been a driving force behind a new breed of attacks so powerful they threaten the Internet as we know it. Now, a new botnet is emerging that could soon magnify or even rival that threat.

    The as-yet unnamed botnet was first detected on November 23, the day before the US Thanksgiving holiday. For exactly 8.5 hours, it delivered a non-stop stream of junk traffic to undisclosed targets, according to this post published Friday by content delivery network CloudFlare. Every day for the next six days at roughly the same time, the same network pumped out an almost identical barrage, which is aimed at a small number of targets mostly on the US West Coast. More recently, the attacks have run for 24 hours at a time.

  • Open source Roundcube webmail can be attacked ... by sending it an e-mail

    The developers of open source webmail package Roundcube want sysadmins to push in a patch, because a bug in versions prior to 1.2.3 let an attacker crash it remotely – by sending what looks like valid e-mail data.

    The authors overlooked sanitising the fifth argument (the _from parameter) in mail() – and that meant someone only needed to compose an e-mail with malicious info in that argument to attack Roundcube.

    [...]

    Roundcube posted a patch to GitHub at the end of November, and issued a version 1.2.3 here.

  • Latest Android security update fixes Dirty COW, GPS vulnerabilities
  • Open Source Flaws Found in Security Software

    Yet another industry survey has flagged open source software that according to one estimate accounts for half of the global code base as a growing security threat. Moreover, a review released by Flexera Software also found that the very security products designed to protect IT infrastructure are themselves riddled with vulnerabilities embedded in open source software.

Syndicate content

More in Tux Machines

KDE Leftovers

  • Qt Creator 4.2.1 released
    We are happy to announce the release of Qt Creator 4.2.1. This is a pure bugfix release, and takes care of various important bugs.
  • KTextEditor depends on KSyntaxHighlighting
    Recently, the KSyntaxHighlighting framework was added to the KDE Frameworks 5.29 release. And starting with KDE Frameworks 5.29, KTextEditor depends on KSyntaxHighlighting. This also means that KTextEditor now queries KSyntaxHighlighting for available xml highlighting files.
  • [Krita] Interview with Adam
    Good day. My name is Adam and I am a 26-year-old person who is trying to learn how to draw…
  • [Krita] We’re doing a User Survey!
    While we’re still working on Vector, Text and Python Scripting, we’ve already decided: This year, we want to spend on stabilizing and polishing Krita!

More of today's howtos

Linux and Graphics

ASUS "Tinker Board"

  • Asus takes on Raspberry Pi with 4K-capable Tinker Board
    Tech giant Asus is taking on the Raspberry Pi with its own DIY-friendly single-board computer that's said to offer 4K video playback and 24-bit audio support in exchange for a hefty £55 price tag.
  • ASUS "Tinker Board" Powered By Rockchip ARM SoC, Supports Debian
    Making its rounds this morning as a "Raspberry Pi competitor" is the Tinker Board from ASUS. The Tinker Board is ASUS' take on an ARM SBC similar to what's already offered by a plethora of vendors. The Tinker Board features a quad-core 1.8GHz ARM Cortex-A17 processor with ARM Mali T764 graphics and there is 2GB of DDR3 memory.