Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • A Step Forward for Security [iophk: "end point compromise negates many theoretical advantages"]

    While we are all mesmerized by the presidential crises, a small, but quite significant change occurred in Congress: the Senate Sergeant at Arms approved the use of Signal by Senate staff. Signal, a product of Open Whisper Systems, provides end-to-end encryption for Apple and Android phones.

  • Why Europe’s dependency on Microsoft is a huge security risk

    On May 12, hackers hit more than a hundred countries, exploiting a stolen N.S.A. tool that targeted vulnerabilities of Microsoft software. The attacks infected only machines running on Windows operative system. Among the victims are public administrative bodies such as NHS hospitals in the UK. Investigate Europe spent months to investigate the dire dependency of European countries on Microsoft – and the security risks this entails

  • NSA told Microsoft about stolen exploits: officials

    Current and former NSA officials say the agency informed Microsoft about the theft of the exploit named EternalBlue after learning of it, making it possible for the Redmond software giant to issue a patch for it in March. The exploit was used in the WannaCry ransomware attacks over last weekend.

  • Shadow Brokers claims Microsoft hand-in-glove with NSA

    The group that released NSA exploits for Windows, which were used in massive ransomware attacks last weekend, has accused Microsoft of being hand-in-glove with The Equation Group, a group that is believed to be a front for the NSA.

  • NSA officials worried about the day its potent hacking tool would get loose. Then it did.

    But for more than five years, the NSA kept using it — through a time period that has seen several serious security breaches — and now the officials' worst fears have been realized. The malicious code at the heart of the WannaCry virus that hit computer systems globally late last week was apparently stolen from the NSA, repackaged by cybercriminals and unleashed on the world for a cyberattack that now ranks as among the most disruptive in history.

  • Shadow Brokers threaten to unleash more hacking tools

    The so-called Shadow Brokers, who claimed responsibility for releasing NSA tools that were used to spread the WannaCry ransomware through the NHS and across the world, said they have a new suite of tools and vulnerabilities in newer software. The possible targets include Microsoft's Windows 10, which was unaffected by the initial attack and is on at least 500m devices around the world.

More in Tux Machines

Android Leftovers

Canonical Releases AMD Microcode Updates for All Ubuntu Users to Fix Spectre V2

The Spectre microprocessor side-channel vulnerabilities were publicly disclosed earlier this year and discovered to affect billions of devices made in the past two decades. Unearthed by Jann Horn of Google Project Zero, the second variant (CVE-2017-5715) of the Spectre vulnerability is described as a branch target injection attack. The security vulnerability affects all microprocessors that use branch prediction and speculative execution function, and it can allow unauthorized memory reads via side-channel attacks if the system isn't patched. For example, a local attacker could use it to expose sensitive information, including kernel memory. Read more

PulseAudio 12 Open-Source Sound System Released with AirPlay, A2DP Improvements

Highlights of PulseAudio 12.0 include better latency reporting with the A2DP Bluetooth profile, which also improves A/V sync, more accurate latency reporting on AirPlay devices, the ability to prioritize HDMI output over S/PDIF output, HSP support for more Bluetooth headsets, and the ability to disable input and output on macOS. PulseAudio 12.0 also adds support for Steelseries Arctis 7 USB headset stereo output and Dell's Thunderbolt Dock TB16 speaker jack, a new "dereverb" option that can be used for the Speex echo canceller, a new module-always-source module, better detection of Native Instruments Traktor Audio 6, and improved digital input support for various USB sound cards. Read more

Automatically Change Wallpapers in Linux with Little Simple Wallpaper Changer

Here is a tiny script that automatically changes wallpaper at regular intervals in your Linux desktop. Read more