Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Cisco kills leaked CIA 0-day that let attackers commandeer 318 switch models

    As previously reported, the zero-day exploit allowed attackers to issue commands that remotely execute malicious code on 318 models of Cisco switches. The attack code was published in early March by WikiLeaks as part of its Vault7 series of leaks, which the site is billing as the largest publication of intelligence documents ever.

    The bug resides in the Cisco Cluster Management Protocol (CMP), which uses the telnet protocol to deliver signals and commands on internal networks. It stems from a failure to restrict telnet options to local communications and the incorrect processing of malformed CMP-only telnet options.

  • Open source password strength meter could help boost account security

    It's no secret that most people are rubbish at choosing passwords -- it's something that's proved time and time again when the annual list of common passwords is released. To help overcome the problem, and hopefully increase the security of people's accounts, a team of researchers from the Carnegie Mellon University and the University of Chicago have created an open source password meter that provides advice about how to strengthen a password.

  • Apache OpenOffice: Not dead yet, you'll just have to wait until mid-May for mystery security fixes
  • NIST to security admins: You've made passwords too hard

    Despite the fact that cybercriminals stole more than 3 billion user credentials in 2016, users don't seem to be getting savvier about their password usage. The good news is that how we think about password security is changing as other authentication methods become more popular.

  • Google Docs Phishing Scam a Game Changer

More in Tux Machines

today's howtos

6-Way Enterprise Focused Linux Distribution Comparison With An Intel Core i9, Dual Xeon Gold Systems

Here's our latest Linux distribution comparison with this time looking at the out-of-the-box performance of six Linux distributions while running a range of enterprise/workstation-focused benchmarks while using two systems. One system is a high-end Core i9 7980XE desktop system and the other a Tyan 1U Xeon Scalable server with dual Xeon Gold 6138 processors. Read more

Security: FOSS Versus Windows

Linux/Android hacker SBC with hexa-core Rockchip SoC debuts at $75

The Vamrs “RK3399 Sapphire” SBC is on sale for $75, or $349 for a full kit. Vamrs is also prepping an RK3399-based “Rock960” 96Boards SBC. Rockchip’s RK3399 is one of the most powerful ARM-based system-on-chips available on hacker boards, featuring two server-class Cortex-A72 cores clocked to up to 2.0GHz, as well as four Cortex-A53 at up to 1.42GHz and a quad-core Mali-T864 GPU. The hexa-core SoC has appeared on T-Firefly’s Firefly-RK3399 SBC and RK3399 Coreboard computer-on-module, as well as Videostrong’s VS-RD-RK3399 SBC and Theobroma’s RK3399-Q7 Qseven module. Now we have a new contender: Shenzhen based Vamrs, which built the limited edition Rockchip RK3399 Sapphire SBC as the official RK3399 dev board for Rockchip, is now re-launching the board, which features a 40-pin Raspberry Pi compatible connector, with “many in stock” for a discounted price of $75. Read more