Language Selection

English French German Italian Portuguese Spanish

Security

New CloudLinux 7 Kernel Released to Beta with Fix for "Kernel Panic" Issue, More

Filed under
Red Hat
Security

CloudLinux's Mykola Naugolnyi is announcing the availability of an updated kernel version in the Beta repositories of the Red Hat Enterprise Linux-based CloudLinux 7 operating system.

The kernel packages of CloudLinux 7 have been updated to version 3.10.0-427.36.1.lve1.4.37, and they are now available for installation directly from the updates-testing repository. Since kernel version 3.10.0-427.36.1.lve1.4.35, CloudLinux's team managed to backport a fix for a known "Kernel panic" issue.

The new updated CloudLinux 7 kernel build also attempts to implement the ability to ignore root-owned links when checking symlink ownership. Therefore, it is recommended that you update your systems to kernel version 3.10.0-427.36.1.lve1.4.37 as soon as possible.

Read more

Security News

Filed under
Security
  • This dump of Iphone-cracking tools shows how keeping software defects secret makes everyone less secure

    Last month, a hacker took 900GB of data from Cellebrite, an Israeli cyber-arms dealer that was revealed to be selling surveillance and hacking tools to Russia, the UAE, and Turkey.

    Yesterday, that hacker dumped Cellebrite's arsenal of mobile cracking tools, including a suite of tools to attack Apple's Ios devices (Iphones and Ipads).

    The dump reveals that Cellebrite seemingly repackages untested and unaudited jailbreaking tools as lawful interception products and sells them to repressive regimes. It also reveals that suppressing disclosure of security vulnerabilities in commonly used tools does not prevent those vulnerabilities from being independently discovered and weaponized -- it just means that users, white-hat hackers and customers are kept in the dark about lurking vulnerabilities, even as they are exploited in the wild, which only end up coming to light when they are revealed by extraordinary incidents like this week's dump.

  • Gentoo Developer: Is The Linux Desktop Less Secure Than Windows 10?

    Gentoo Linux developer Hanno Böck, who also writes for Golem and runs The Fuzzing Project as a software fuzzing initiative to find issues in software, presented today at FOSDEM 2017 over some Linux desktop security shortcomings and how Microsoft Windows 10 is arguably more secure out-of-the-box.

IPFire 2.19 to Bring Tor 0.2.9.9 and OpenSSL 1.0.2k with New Security Fixes

Filed under
GNU
Linux
Security

Michael Tremer announced the availability for public testing of the upcoming IPFire 2.19 Core Update 109 maintenance release of the open source Linux-based router and firewall distribution.

The most important change included in this update appears to be support for the unbound 1.6.0 recursive and caching DNS resolver in the built-in DNS proxy, which will re-activate QNAME hardening and minimisation below NX domains. The change should also make IPFire check if a router drops DNS responses that are longer than a specific threshold.

Read more

Security News

Filed under
Security
  • Vulnerability Note VU#867968

    Microsoft Windows contains a memory corruption bug in the handling of SMB traffic, which may allow a remote, unauthenticated attacker to cause a denial of service on a vulnerable system.

  • Op-ed: Windows 10 0day exploit goes wild, and so do Microsoft marketers

    There's a zero-day exploit in the wild that exploits a key file-sharing protocol in most supported versions of Windows, including Windows 10, the latest and most secure version of the Microsoft operating system. The exploit is probably not worth worrying about, but you'd never know that based on the statement Microsoft officials issued on Thursday when asked what kind of threat the exploit poses:

    "Windows is the only platform with a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible," an unnamed spokesperson replied in an e-mail. "We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection."

    An employee at Microsoft's outside PR firm, WE Communications, wouldn't explain why the statement advised customers to use Windows 10 and Edge when the exploit works on all versions of Windows and doesn't require that targets use a browser. Ars reminded the employee that an advisory issued hours earlier by the CERT Coordination Center at Carnegie Mellon University warned that the vulnerability might leave Windows users open to code-execution attacks.

  • Former GCHQ deputy: Cyber attack 'normal 21st century threat'

    A skills shortage and "chaotic" handling of personal data breaches are undermining confidence in the government's ability to protect the UK from cyber attacks.

  • Public Accounts Committee slams government on cybersecurity strategy

    The Public Accounts Committee has taken the government to task over a lack of action on addressing cyber security in the UK – and that poor reporting of breaches and low oversight in general reduces its confidence in the Cabinet Office to protect the country from cyber threats.

    The report cites cyber security as one of the biggest threats that faces the country today, but committee chair Meg Hillier said that the government’s approach to personal data breaches “has been chaotic and does not inspire confidence in its ability to take swift, coordinated and effective action in the face of higher threat attacks”.

  • Cybersecurity firms pilloried by GCHQ technical director over “witchcraft”

    “we are allowing massively incentivised companies to define the public perception of the problem”.

  • Microsoft is disabling older versions of Skype for Mac and Windows on March 1

    [Ed: Microsoft forces people to use the latest surveillance with the latest back doors for wiretaps & remote access]

Security Leftovers

Filed under
Security
  • Hosted S/MIME by Google provides enhanced security for Gmail in the enterprise [Ed: It’s not end-to-end but end-to-Google i.e. end-to-NSA PRISM]

    We are constantly working to meet the needs of our enterprise customers, including enhanced security for their communications. Our aim is to offer a secure method to transport sensitive information despite insecure channels with email today and without compromising Gmail extensive protections for spam, phishing and malware.

  • Razer Core on Linux with Razer Blade Stealth and BIOS Mod
  • How Did Cybersecurity Become So Political?

    Less than a month before he was elected president, Donald Trump promised to make cybersecurity “an immediate and top priority for my administration.” He had talked about technology often on the campaign trail—mostly to attack Hillary Clinton for using a private email server when she was Secretary of State. But less than two weeks into his presidency, it’s Trump and his team who have struggled to plug important security holes, some of which are reminiscent of Clinton’s troubles.

  • New zero-day exploit affects current Windows versions

    A new zero-day exploit that affects current versions of Windows has been released on Github, according to an announcement from the Internet Storm Centre.

    Johannes Ullrich of the ISC said the exploit implemented an SMBv3 server and clients connecting to it would be affected.

    He said he had tested it with a fully patched Windows 10 machine and experienced a blue screen of death.

    "An attacker would have to trick the client to connect to this server. It isn't clear if this is exploitable beyond a denial of service," he wrote.

Security News

Filed under
Security

Tails and 64-bit Processors

Filed under
Security
Debian
  • Next major Tails release will require a 64-bit processor

    The popular Linux distribution, Tails OS, carries the following slogan on its website “privacy for anyone anywhere”. It seems, though, following some of the latest news from the project, this slogan isn’t exactly true. Beginning with Tails 3.0, users will need a 64-bit processor powering their computer.

  • Privacy-focused Linux-based operating system Tails 3.0 will drop 32-bit processor support

    If you find yourself needing an operating system that respects your privacy, you cannot go wrong with Tails. The live Linux-distro can be run from a DVD which is read-only, meaning there is less of a chance of files being left behind. Heck, Edward Snowden famously used it to protect himself when shining a light on the overreaching US government.

    Unfortunately for some users, Tails will soon not work on their computers. The upcoming version 3.0 of the operating system is dropping 32-bit processor support. While a decline in compatibility is normally a bad thing, in this case, it is good. You see, because there are so few 32-bit Tails users, the team was wasting resources by supporting them. Not to mention, 64-bit processors are more secure too.

Security Leftovers

Filed under
Security
  • Click Here to Kill Everyone

    With the Internet of Things, we’re building a world-size robot. How are we going to control it?

  • New open source project Trireme aims to secure containers

    A team made of former Cisco and Nuage Networks veterans has developed an open source project it released this week named Trireme that takes an application-centric approach to securing code written in containers.

  • An Introduction to the Shorewall Firewall Tool

    Linux is well known for being a highly secure platform. One of the reasons for said security is the Netfilter system. For those that don’t know, Netfilter is a framework, provided by the Linux kernel, that allows for various networking operations, such as packet filtering, network address translations, port translation, and the ability to block packets from reaching specific locations. For most distributions, Netfilter is implemented through the user-space application, iptables. Although many would agree that iptables is the most powerful security tool you can work with, along with that power comes a level of complexity that stumps many an IT administrator.

    That’s where the likes of Shorewall comes into play. Shorewall is an open source firewalling tool that not only makes the task of network security easier, it also allows for much easier handling of zones. Shorewall uses zones to define different portions of a network. Say, for instance, you want to create a private internal network that can only be accessed by specific machines, a guest network that can be accessed by anyone, a network dedicated to production machines, and a network that can be accessed from machines outside your Local Area Network (LAN). With Shorewall, you can easily do this.

Security News

Filed under
Security
  • Thursday's security advisories
  • The design of Chacha20

    Chacha20 is a secure, fast, and amazingly simple encryption algorithm. It's author Daniel J. Bernstein explains it well in his Salsa20 and Chacha20 design papers (which I recommend), but did not dwell on details experts already know. Filling the gap took me a while.

    Quick summary: Chacha20 is ARX-based hash function, keyed, running in counter mode. It embodies the idea that one can use a hash function to encrypt data.

  • Ransomware completely shuts down Ohio town government [iophk: “Microsoft = lost productivity”]

    These sorts of attacks are becoming more commonplace and, as mentioned before, can be avoided with good backup practices. Sadly not every computer in every hospital, county office or police department is connected to a nicely journaled and spacious hard drive, so these things will happen more and more. Luckily it improves cryptocurrency popularity as these small office finally give up and buy bitcoin to pay their ransom.

  • Windows DRM Social Engineering Attacks & TorBrowser

    HackerHouse have been investigating social engineering attacks performed with Digital Rights Management (DRM) protected media content. Attackers have been performing these attacks in the wild to spread fake codec installers since Microsoft introduced DRM to it’s proprietary media formats. Despite their prevalence we could not find many tools to misuse these formats. We found only a small number of blog posts [2] on identifying the files being used to spread malware. We observed some interesting behaviours during our analysis which we have shared here. DRM is a licensing technology that attempts to prevent unauthorised distribution and restrictive use of a media file. It works by encrypting the video and audio streams with an encryption key and requesting a license (decryption key) from a network server when the file is accessed. As it requires network connectivity it can cause users to make network requests without consent when opening a media file such as a video file or audio file. WMV is using Microsoft Advanced Systems Format (ASF) to store audio and video as objects. This file format consists of objects that are labelled by GUID and packed together to make a media package. A number of tools such as ffmpeg & ASFView support opening, viewing and browsing these objects. There are three objects with the following GUID’s which are of interest for these attacks.

Linux Kernel 3.12.70 Is a Big Patch with Over 220 Improvements, Security Fixes

Filed under
Linux
Security

Jiri Slaby is announcing the release of the 70th maintenance update to the long-term supported Linux 3.12 kernel series, which will be supported for a few more months in 2017.

Read more

Syndicate content

More in Tux Machines

today's howtos

KDE/Qt

  • Device Tailored Compositors with Qt Wayland at CLAAS E-Systems
    Have you heard about software in cars that run on embedded devices? Do you think that creating such software might be challenging? Well, welcome to a complete new world of complexity, welcome to the world of agriculture machines! For many years, automatic steering (on fields), terminals to control the complex mechanical operations of a self-driving 16 ton combine harvester on a soft ground, and self-optimization systems to optimize any tiny bit of your harvester, are key demands from customers. I, myself, am working at CLAAS E-Systems, the electronics and software department within the CLAAS group. Our group is well known for being among the leading manufacturers for combine harvesters, tractors and forage harvesters.
  • Qt Wayland Is Next Appearing On Tractors & Farm Equipment
    With Qt 5.8's Qt Wayland Compositor Framework taking shape, more developers are beginning to tailor a Qt Wayland compositor to their use-cases. One of those is a company specializing in farm equipment like combine harvesters, tractors, and harvesters. As a guest post on the official Qt blog, developer Andreas Cord-Landwehr of CLAAS E-Systems talked up Qt Wayland for their purposes in the highly-regulated agriculture industry.
  • KDevelop 5.1 Open-Source IDE Launches with LLDB and OpenCL Support, Many Changes
    The development team behind the popular, open-source, cross-platform, free and powerful KDevelop IDE (Integrated Development Environment) were proud to announce the official release and general availability of KDevelop 5.1. KDevelop 5.1 is now the most advanced stable version of the application, which is written entirely in Qt and designed to be used on various GNU/Linux distributions that usually ship with the KDE Plasma desktop environment, but also on the latest releases of the Microsoft Windows operating system.

Leftovers: Gaming

GNOME News: GNOME 3.24 Everywhere

  • GNOME 3.24 released
    The GNOME Project is proud to announce the release of GNOME 3.24, "Portland".
  • GNOME 3.24 Released, This Is What’s New
    Hurrah! GNOME 3.24 is now available to download. The latest stable release of the open-source GNOME desktop, GNOME 3.24 brings a number of new features and improvements to the proverbial table, including one that might even help you sleep better!
  • GNOME 3.24 Linux desktop environment is here
    My absolute favorite desktop environment for Linux is GNOME. Quite frankly, if the DE went away tomorrow, I might have to rethink my use of Linux entirely. Yeah, I am that passionate about it. Environment aside, the GNOME experience also includes a collection of applications, creating a coherent user experience.
  • GNOME 3.24 Released
    GNOME 3.24, the latest version of GNOME 3, is now available. Introducing an updated platform and applications, the release includes a number of major new features and enhancements, as well as many smaller improvements and bug fixes. 3.24 represents another step forward for GNOME, and has much to offer both users and developers.