Language Selection

English French German Italian Portuguese Spanish

Windows Chaos

Filed under
Microsoft
Security
  • ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks

    WikiLeaks has released the latest instalment in the #Vault7 series, detailing two apparent CIA malware frameworks dubbed ‘AfterMidnight’ and ‘Assassin’ which it says target the Microsoft Windows platform.

  • WannaCry ransomware used in widespread attacks all over the world

    Earlier today, our products detected and successfully blocked a large number of ransomware attacks around the world. In these attacks, data is encrypted with the extension “.WCRY” added to the filenames.

    Our analysis indicates the attack, dubbed “WannaCry”, is initiated through an SMBv2 remote code execution in Microsoft Windows. This exploit (codenamed “EternalBlue”) has been made available on the internet through the Shadowbrokers dump on April 14th, 2017 and patched by Microsoft on March 14.

  • NHS left reeling by cyber-attack: ‘We are literally unable to do any x-rays’

    Thousands of patients across England and Scotland have been in limbo after an international cyber-attack hit the NHS, with many having operations cancelled at the last minute.

    Senior medics sought to reassure patients that they could be seen in the normal way in emergencies, but others were asked to stay away if possible.

    According to one junior doctor who works in a London hospital, the attack left hospitals struggling to care for people. “However much they pretend patient safety is unaffected, it’s not true. At my hospital we are literally unable to do any x-rays, which are an essential component of emergency medicine,” the doctor told the Guardian.

  • "Worst-Ever Recorded" Ransomware Attack Strikes Over 57,000 Users Worldwide, Using NSA-Leaked Tools

    Update 4: According to experts tracking and analyzing the worm and its spread, this could be one of the worst-ever recorded attacks of its kind. The security researcher who tweets and blogs as MalwareTech told The Intercept “I’ve never seen anything like this with ransomware," and "the last worm of this degree I can remember is Conficker.” Conficker was a notorious Windows worm first spotted in 2008; it went on to infect over nine million computers in nearly 200 countries.

More in Tux Machines

today's leftovers

  • Why Linus is right (as usual)
    Last year, some security “hardening” code was added to the kernel to prevent a class of buffer-overflow/out-of-bounds issues. This code didn’t address any particular 0day vulnerability, but was designed to prevent a class of future potential exploits from being exploited. This is reasonable. This code had bugs, but that’s no sin. All code has bugs. The sin, from Linus’s point of view, is that when an overflow/out-of-bounds access was detected, the code would kill the user-mode process or kernel. Linus thinks it should have only generated warnings, and let the offending code continue to run.
  • Kube-Node: Let Your Kubernetes Cluster Auto-Manage Its Nodes
    As Michelle Noorali put it in her keynote address at KubeCon Europe in March of this year: the Kubernetes open source container orchestration engine is still hard for developers. In theory, developers are crazy about Kubernetes and container technologies, because they let them write their application once and then run it anywhere without having to worry about the underlying infrastructure. In reality, however, they still rely on operations in many aspects, which (understandably) dampens their enthusiasm about the disruptive potential of these technologies. One major downside for developers is that Kubernetes is not able to auto-manage and auto-scale its own machines. As a consequence, operations must get involved every time a worker node is deployed or deleted. Obviously, there are many node deployment solutions, including Terraform, Chef or Puppet, that make ops live much easier. However, all of them require domain-specific knowledge; a generic approach across various platforms that would not require ops intervention does not exist.
  • Red Hat, Inc. (RHT) Shares Bought by Aperio Group LLC
  • Cloudera, Inc. (CLDR) vs. Red Hat, Inc. (RHT): Breaking Down the Data

Software: VidCutter, Super Productivity, MKVToolNix

  • VidCutter 5.0 Released With Improved UI, Frame Accurate Cutting
    A new version of VidCutter, a free video trimmer app, is available for download. VidCutter 5.0 makes it easier to cut videos to specific frames, improves the export of video clips with audio and subtitle tracks, and refreshes the default application icon. Why Vidcutter? If you want split video, trim video, or join video clips into a single montage then Vidcutter is ideal. The app lets you perform these tasks, as well as many more, quickly and easily. VidCutter is a Qt5 application that uses the open-source FFMpeg media engine.
  • Linux Release Roundup: Fedora 27, Shotwell, Corebird + More
    It’s been another busy week in the world of Linux, but we’re here to bring you up to speed with a round-up of the most notable new releases. The past 7 days have given us a new version of free software’s most popular photo management app, a new release of a leading Linux distribution, and updated one of my favourite app finds of the year.
  • Super Productivity is a Super Useful To-Do App for Linux, Mac & Windows
    Super Productivity is an open-source to-do list and time tracking app for Windows, macOS and Linux. It’s built using Electron but doesn’t require an internet connection (which is pretty neat). And it has (optional) integration with Atlassian’s Jira software.
  • MKVToolNix 18.0.0 Open-Source MKV Manipulation App Adds Performance Improvements
    A new stable release of the MKVToolNix open-source and cross-platform MKV (Matroska) manipulation software arrived this past weekend with various performance improvements and bug fixes. MKVToolNix 18.0.0 continues the monthly series of stability and reliability updates by adding performance improvements to both the AVC and HEVC ES parsers thanks to the implementation of support for copying much less memory, and enabling stack protection when building the program with Clang 3.5.0 or a new version.

OSS Leftovers

  • Reveal.js presentation hacks
    Ryan Jarvinen, a Red Hat open source advocate focusing on improving developer experience in the container community, has been using the Reveal.js presentation framework for more than five years. In his Lightning Talk at All Things Open 2017, he shares what he's learned about Reveal.js and some ways to make better use of it. Reveal.js is an open source framework for creating presentations in HTML based on HTML5 and CSS. Ryan describes Gist-reveal.it, his project that makes it easier for users to create, fork, present, and share Reveal.js slides by using GitHub's Gist service as a datastore.
  • Font licensing and use: What you need to know
    Most of us have dozens of fonts installed on our computers, and countless others are available for download, but I suspect that most people, like me, use fonts unconsciously. I just open up LibreOffice or Scribus and use the defaults. Sometimes, however, we need a font for a specific purpose, and we need to decide which one is right for our project. Graphic designers are experts in choosing fonts, but in this article I'll explore typefaces for everyone who isn't a professional designer.
  • Broader role essential for OpenStack Foundation, says Mirantis’ Renski
  • URSA Announces Name Change to Open Source Integrators to Reflect Their Full Spectrum of Open ERP Expertise
  • 2018 is Year for Open Source Software for Pentagon
    The US Pentagon is set to make a major investment in open source software, if section 886 of the National Defense Authorization Act for Fiscal Year 2018 is passed. The section acknowledges the use of open source software, the release of source code into public repositories, and a competition to inspire work with open source that supports the mission of the Department of Defense.
  • How startups save buckets of money on early software development
     

    Moving along, we have to segue with a short modularity lesson. More specifically, how modularity applies to software.

    Essentially, all products and services become cheaper and more plentiful when all the processes involved in production become modularised.

today's howtos