Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • A Step Forward for Security [iophk: "end point compromise negates many theoretical advantages"]

    While we are all mesmerized by the presidential crises, a small, but quite significant change occurred in Congress: the Senate Sergeant at Arms approved the use of Signal by Senate staff. Signal, a product of Open Whisper Systems, provides end-to-end encryption for Apple and Android phones.

  • Why Europe’s dependency on Microsoft is a huge security risk

    On May 12, hackers hit more than a hundred countries, exploiting a stolen N.S.A. tool that targeted vulnerabilities of Microsoft software. The attacks infected only machines running on Windows operative system. Among the victims are public administrative bodies such as NHS hospitals in the UK. Investigate Europe spent months to investigate the dire dependency of European countries on Microsoft – and the security risks this entails

  • NSA told Microsoft about stolen exploits: officials

    Current and former NSA officials say the agency informed Microsoft about the theft of the exploit named EternalBlue after learning of it, making it possible for the Redmond software giant to issue a patch for it in March. The exploit was used in the WannaCry ransomware attacks over last weekend.

  • Shadow Brokers claims Microsoft hand-in-glove with NSA

    The group that released NSA exploits for Windows, which were used in massive ransomware attacks last weekend, has accused Microsoft of being hand-in-glove with The Equation Group, a group that is believed to be a front for the NSA.

  • NSA officials worried about the day its potent hacking tool would get loose. Then it did.

    But for more than five years, the NSA kept using it — through a time period that has seen several serious security breaches — and now the officials' worst fears have been realized. The malicious code at the heart of the WannaCry virus that hit computer systems globally late last week was apparently stolen from the NSA, repackaged by cybercriminals and unleashed on the world for a cyberattack that now ranks as among the most disruptive in history.

  • Shadow Brokers threaten to unleash more hacking tools

    The so-called Shadow Brokers, who claimed responsibility for releasing NSA tools that were used to spread the WannaCry ransomware through the NHS and across the world, said they have a new suite of tools and vulnerabilities in newer software. The possible targets include Microsoft's Windows 10, which was unaffected by the initial attack and is on at least 500m devices around the world.

More in Tux Machines

LibreELEC (Krypton) 8.2.3 MR

LibreELEC 8.2.3 is released to change our embedded pastebin provider from sprunge.us (RIP) to ix.io (working) so users can continue to submit logs to the forums through a URL without copy/pasting text or direct uploading log files. This is our preferred way to receive and read your log files so if you are not familiar with using the paste function please read this wiki article to find out how. The 8.2.3 release also solves an issue with continuity errors on USB DVB adaptors that has been troubling some 8.2 users for some time; kudos to user @jahutchi for tracking down the problem kernel commit. We also address a long-running crashing issue with Intel BayTrail hardware that needed some users to force max_cstate in kernel boot parameters, and for bonus credit users with an Intel NUC equipped with an LED can fiddle with the colours, as we backported the LED driver from our master branch. Read more

Linux 4.15 Expected To Be Released Today, But It Might Be 4.15-rc9

After going through release candidates the past eight weeks, the Linux 4.15 kernel is expected to be released later today by Linus Torvalds. Normally after RC7, the kernel is baked, but all the changes last week due to the fallout from Spectre/Meltdown led to RC8. But this past week, the pace of change has continued with many fixes still coming in. We'll likely see Linux 4.15.0 out today as Torvalds commented last week, but it wouldn't really be surprising if overtime is extended and instead we get 4.15-rc9 due to all of the changes this week and ongoing work still happening around Spectre and Meltdown mitigation. Read more

Leftovers: Audiocasts, Linux Graphics, and OnePlus Breach (JS)

FOSS in Cambodia, Open Source HIT Project

  • Open source casino tech biz TGG enters Cambodia
    The firm provides “all essential source codes with open API [application program interface] for game designers to create customisable premium content for casino operators, enabling the operators to focus on making the best possible gaming experience for their players worldwide without additional investment in information technology infrastructure,” added its release.
  • Global Open Source HIT Project Gets $1M Donation From Cryptocurrency Philanthropy
    OpenMRS, Inc., an open source medical records platform used in developing countries, has received a $1 million donation from the Pineapple Fund, an $86 million cryptocurrency philanthropy created by an anonymous donor known only as “Pine.”