Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Keylogger Discovered in HP Audio Driver
  • [EN] Keylogger in Hewlett-Packard Audio Driver

    Security reviews of modern Windows Active Domain infrastructures are – from our point of view – quite sobering. Therefore, we often look left and right, when, for example, examining the hardening of protection mechanisms of a workstation. Here, we often find all sorts of dangerous and ill-conceived stuff. We want to present one of these casually identified cases now, as it's quite an interesting one: We have discovered a keylogger in an audio driver package by Hewlett-Packard.

    A keylogger is a piece of software for which the case of dual-use can rarely be claimed. This means there are very few situations where you would describe a keylogger that records all keystrokes as 'well-intended'. A keylogger records when a key is pressed, when it is released, and whether any shift or special keys have been pressed. It is also recorded if, for example, a password is entered even if it is not displayed on the screen.

  • Microsoft rushes emergency fix for critical antivirus bug

    The critical security vulnerability in the Microsoft Malware Protection Engine affects a number of Microsoft products, including Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Forefront Security for SharePoint, Microsoft Endpoint Protection, and Microsoft Forefront Endpoint Protection. These tools are enabled by default in Windows 8, 8.1, 10, and Windows Server 2012.

  • Google Offers $20000 Rewards to Drive OSS-Fuzz Initiative
  • Call the fuzz, says Google, get the reward
  • How Google’s OSS-Fuzz is securing open-source software

    Google released OSS-Fuzz five months ago with a mission to make open-source projects stable, secure and reliable. Since then, the continuous fuzzing solution has found more than 1,000 bugs with 264 of them flagged as potential security bugs.

  • Google Fuzzing Service for OS Finds 1K Bugs in Five Months

    A Google-led initiative to find security vulnerabilities in popular open source projects has unearthed more than 1,000 bugs in various open source software in the five months since the effort was launched.

  • The IoT's Scramble to Combat Botnets

    With shadowy botnet armies lurking around the globe and vigilante gray-hat actors inoculating susceptible devices, the appetite for Internet of Things security is stronger than ever.

  • Exploiting the Linux kernel via packet sockets

    Lately I’ve been spending some time fuzzing network-related Linux kernel interfaces with syzkaller. Besides the recently discovered vulnerability in DCCP sockets, I also found another one, this time in packet sockets. This post describes how the bug was discovered and how we can exploit it to escalate privileges.

More in Tux Machines

CentOS Linux 7 and 6 Users Receive New Microcode Updates for Intel and AMD CPUs

CentOS Linux is an open-source, free, enterprise-class, and community-supported operating system based on and compatible with Red Hat Enterprise Linux. As such, it regularly receives new important security updates as soon as they are released upstream by Red Hat. About two weeks ago, CentOS Linux 7 and 6 users received kernel and microcode updates that mitigated the Meltdown and Spectre security vulnerabilities unearthed earlier this month. However, after some thorough testing, Red Hat discovered that these updated microcode firmware developed by Intel and AMD caused hardware issues. Read more

Google moves to Debian for in-house Linux desktop

Google has officially confirmed the company is shifting its in-house Linux desktop from the Ubuntu-based Goobuntu to a new Linux distro, the DebianTesting-based gLinux. Margarita Manterola, a Google Engineer, quietly announced Google would move from Ubuntu to Debian-testing for its desktop Linux at DebConf17 in a lightning talk. Manterola explained that Google was moving to gLinux, a rolling release based on Debian Testing. Read more

Android Support Removed from Intel Graphics Driver Debugging Tool for Linux

For those unfamiliar with intel-gpu-tools, it's a collection of tools for GNU/Linux distribution that allows the debugging the official Intel graphics driver for Intel GPUs. Tools include a GPU hang dumping program, performance microbenchmarks for regression testing the DRM, as well as a performance monitor. The latest release, intel-gpu-tools 1.21, adds quite a bunch of changes, including automatic loading of DRM modules when opening a DRM device, much-improved GPU quiescing code to more thoroughly flush pending work and old data, as well as production support for the Meson build system while automake is still kept around. Read more

Educational-Oriented Escuelas Linux 5.6 Distro Released with LibreOffice 6.0

Based on the latest release of the Ubuntu-based and Enlightenment-focused Bodhi Linux operating system, Escuelas Linux 5.6 is powered by the Linux 4.14.13 kernel, which includes patches against the Meltdown and Spectre security vulnerabilities, and comes with a bunch of up-to-date educational apps. These include the OnlyOffice 4.8.6 office suite (only for the 64-bit edition), Vivaldi 1.13, Chromium 63, Google Chrome 63, and Mozilla Firefox 57 "Quantum" web browsers, Geogebra 5.0.414 geometry, algebra, statistics, and calculus app, latest Adobe Flash Player 28 plugin, and the upcoming LibreOffice 6.0 open-source office suite. Read more