Language Selection

English French German Italian Portuguese Spanish


Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Security News

  • Tuesday's security updates
  • We Got Phished
    She logged into her account but couldn’t find the document and, with other more urgent emails to deal with, she quickly moved on and put this brief event out of mind. This staff member will henceforth be known as PZ, or “patient zero.” The login page wasn’t really a login page. It was a decoy webpage, designed to look legitimate in order to trick unsuspecting recipients into typing in their private login credentials. Having fallen for the ruse, PZ had effectively handed over her email username and password to an unknown party outside the Exploratorium. This type of attack is known as “phishing.” Much like putting a lure into a lake and waiting to see what bites, a phishing attack puts out phony prompts, such as a fake login page, hoping that unwitting recipients can be manipulated into giving up personal information.
  • DDoS attacks against Dyn the work of 'script kiddies'
    Last week's distributed denial of service attack in the US against domain name services provider Dynamic Network Services are more likely to have been the work of "script kiddies", and not state actors. Security researchers at threat intelligence firm Flashpoint dismissed reports that linked the attack to WikiLeaks, the Russian government or the New World Hackers group. Instead, Flashpoint said, it was "moderately confident" that the Hackforums community was behind the attack which led to well-known sites like Twitter, Spotify, Netflix and Paypal being inaccessible on 21 October (US time).
  • How one rent-a-botnet army of cameras, DVRs caused Internet chaos
    Welcome to the Internet of Evil Things. The attack that disrupted much of the Internet on October 21 is still being teased apart by investigators, but evidence thus far points to multiple "botnets" of Internet-connected gadgets being responsible for blocking access to the Domain Name Service (DNS) infrastructure at DNS provider Dyn. Most of these botnets—coordinated armies of compromised devices that sent malicious network traffic to their targets—were controlled by Mirai, a self-spreading malware for Internet of Things (IoT) devices. in a blog post on the attack, Dyn reported "tens of millions" of devices were involved in the attack But other systems not matching the signature of Mirai were also involved in the coordinated attack on Dyn. "We believe that there might be one or more additional botnets involved in these attacks," Dale Drew, CSO of Level 3 Communications, told Ars. "This could mean that they are 'renting' several different botnets to launch an attack against a specific victim, in which multiple other sites have been impacted." The motive may have been blackmail, since the attacker sought a payout by Dyn to stop. But Drew warned that the huge disruption caused by the attack "could result in large copycat attacks, and [a] higher [number of] victim payouts [so] as to not be impacted in the same way. It could also be a signal that the bad guy is using multiple botnets in order to better avoid detection since they are not orchestrating the attack from a single botnet source."
  • ARM builds up security in the tiniest Internet of Things chips
    IoT is making devices smaller, smarter, and – we hope – safer. It’s not easy to make all those things happen at once, but chips that can help are starting to emerge. On Tuesday at ARM TechCon in Silicon Valley, ARM will introduce processors that are just a fraction of a millimeter across and incorporate the company’s TrustZone technology. TrustZone is hardware-based security built into SoC (system on chip) processors to establish a root of trust. It’s designed to prevent devices from being hacked and taken over by intruders, a danger that’s been in the news since the discovery of the Mirai botnet, which recently took over thousands of IP cameras to mount denial-of-service attacks.
  • Antique Kernel Flaw Opens Door to New Dirty Cow Exploit

Red Hat Open Tech to Run UKCloud’s Enterprise Platform; Radhesh Balakrishnan Comments

Red Hat and public cloud provider UKCloud have forged a partnership to develop an infrastructure-as-a-service cloud platform for the U.K. government’s work to deliver digital services to the public. UKCloud has standardized on Red Hat OpenStack Platform with Red Hat Ceph Storage to handle citizen web applications and government systems in behalf of public sector organizations across industries such as healthcare, defense and police and justice, Red Hat said Monday. Read more

Clonezilla Live 2.4.9-17 Disk Cloning Live CD Now Powered by Linux Kernel 4.7.8

On October 25, 2016, Clonezilla Live developer Steven Shiau proudly announced the release of Clonezilla Live 2.4.9-17, a new stable version of the popular, open-source disk imaging and cloning live system. Read more

darktable 2.0.7 Open-Source Image Editor Supports New Canon EOS 80D RAW Formats

The powerful, open-source, and cross-platform darktable RAW image editor has just been updated today, October 25, 2016, to version 2.0.7, a major release that adds numerous new features and improvements. Read more