Language Selection

English French German Italian Portuguese Spanish

Security: Telegram, Bounties and More

Filed under
Security
  • Telegram zero-day let hackers spread backdoor and cryptocurrency-mining malware

    A zero-day vulnerability in Telegram Messenger allowed attackers to spread a new form of malware with abilities ranging from creating a backdoor trojan to mining cryptocurrency.

    The attacks take advantage of a previously unknown vulnerability in the Telegram Desktop app for Windows and were spotted being used in the wild by Kaspersky Lab.

    Researchers believe the Russian cybercriminal group exploiting the zero-day were the only ones aware of the vulnerability and have been using it to distribute malware since March 2017 -- although it's unknown how long the vulnerability had existed before that date.

  • More Than 4,000 Government Websites Infected With Covert Cryptocurrency Miner

    The rise of cryptocurrency mining software like Coinhive has been a decidedly double-edged sword. While many websites have begun exploring cryptocurrency mining as a way to generate some additional revenue, several have run into problems if they fail to warn visitors that their CPU cycles are being co-opted in such a fashion. That has resulted in numerous websites like The Pirate Bay being forced to back away from the software after poor implementation (and zero transparency) resulted in frustrated users who say the software gobbled upwards of 85% of their available CPU processing power without their knowledge or consent.

    But websites that don't inform users this mining is happening are just one part of an emerging problem. Hackers have also taken to using malware to embed the mining software into websites whose owners aren't aware that their sites have been hijacked to make somebody else an extra buck. Politifact was one of several websites that recently had to admit its website was compromised with cryptocurrency-mining malware without their knowledge. Showtime was also forced to acknowledge (barely) that websites on two different Showtime domains had been compromised and infected with Coinhive-embedded malware.

  • Why Bug Bounties Matter

    Bugs exist in software. That's a fact, not a controversial statement. The challenge (and controversy) lies in how different organizations find the bugs in their software.

    One way for organizations to find bugs is with a bug bounty program. Bug bounties are not a panacea or cure-all for finding and eliminating software flaws, but they can play an important role.

  • Shell Scripting and Security

    The internet ain't what it used to be back in the old days. I remember being online back when it was known as ARPAnet actually—back when it was just universities and a handful of corporations interconnected. Bad guys sneaking onto your computer? We were living in blissful ignorance then.

    Today the online world is quite a bit different, and a quick glimpse at the news demonstrates that it's not just global, but that bad actors, as they say in security circles, are online and have access to your system too. The idea that any device that's online is vulnerable is more true now than at any previous time in computing history.

  • Security updates for Tuesday
  • Open Source Security Podcast: Episode 82 - RSA, TLS, Chrome HTTP, and PCI

More in Tux Machines

DragonFlyBSD 5.2.1 Released

While DragonFlyBSD 5.3/5.4 is exciting on the performance front for those making use of the stable DragonFly operating system releases, DragonFlyBSD 5.2.1 is available this week. This is the first and perhaps only point release over DragonFly 5.2.0 that premiered back in April. DragonFlyBSD 5.2 brought stabilization work for HAMMER2 to make it ready for more users, Spectre and Meltdown kernel work, and months worth of other important updates. Read more

Do European Governments Publish Open Source Software?

From time to time I come across news articles about Governmental bodies in Europe adopting the use of Open Source Software. This seems to be a slowly increasing trend. But if European Governments make software for themselves, or are having it made for them, do they publish that software as Open Source? This was a question that came up in a meeting at one of my clients. To find an answer, I asked my friends at the FSFE NL-team and did a Quick Scan. Here are the results. The short answer: Yes, they do! The longer answer: read on. Read more

Openwashing and FOSS FUD

  • Release: The Winemakers Co-Op to Debut Collaborative Wine: Open-Source Chardonnay June 3
  • Facebook open sources Katran networking tool, outlines automation system called Vending Machine [Ed: When surveillance giants are engaging in openwashing campaigns (all the core code is secret and abuses people)...]
  • Facebook Open Sources Katran Load Balancer; Details Network Provisioning Tool
  • Security and Open Source: Open Source Components Save Time but Need to be Closely Monitored [Ed: After Black Duck, Snyk and White Source another anti-FOSS firm spreads its FUD to sell services; ads disguised as 'articles'. Many of them this month, flooding FOSS news.]
    Chris Wysopal, CTO of Veracode, said that “the universal use of components in application development means that when a single vulnerability in a single component is disclosed, that vulnerability now has the potential to impact thousands of applications – making many of them breachable with a single exploit.”.
  • Linux Redis Automated Mining For Worm Analysis and Safety Advice [Ed: Rather old an issue]
    Since Redis has not authorized the disclosure of the attack method of root authority of Linux system, because of its ease-of-use, the hacking behaviors of mining and scanning of Linux services by using this issue have been endless. Among the many cases that handle this problem to invade the server for black production, there is a class of mining that USES this problem and can automatically scan the infected machine with pnscan. The attack has always been there, but it has shown a recent trend of increasing numbers, which has been captured many times, and we've been able to do a specific analysis of it.
  • Turla cyberespionage group switched to open-source malware [Ed: Crackers share code, so let's badmouth FOSS?]
    The Turla cyberespionage group has implemented some new tactics over the last few months incorporating some open-source exploitation tools instead of relying solely on their own creations to run campaigns. ESET researchers found that starting in March the Turla has been leveraging the open-source framework Metasploit to drop the group's proprietary Mosquito backdoor. The group has periodically used open-source hacking tools for other tasks, but ESET believes the group has never before used Metasploit as a first stage backdoor.
  • A Complete Beginner’s Guide to Not Getting Hacked
    Crackers are so to speak the evil hackers. Although these very often also do not offer the possibilities in order to do justice to the descriptions of the media. Then there are the would-be hackers, also called ScriptKiddies who use themTrojan2 and pre-programmed programs to get into computers and do damage. The “Kiddie” leads is a departure from the English “kid” (child), since young people are often behind such attacks. Due to their young age and lack of experience, ScriptKiddies often do not even know what they are doing. Let me give you an example. I have seen ScriptKiddies that use methods to intrude into Windows NT Calculator tried to break into a Linux machine. ScriptKiddies are often bored teenagers who try to have fun with the first tool. These tools are usually so simply knitted that actually, each normal, somewhat educated user can serve them. [...] According to Blendrit, co-founder at Tactica “One thing is clear: this language culture is constantly evolving, and many words find their way into the media, where they have a completely different meaning. Just as our most famous word, “hacker”, has fared.”

Kata Containers 1.0

  • Kata Containers 1.0
    The 1.0 release of Kata Containers is here! Thank you to the more than 40 individuals who have contributed to the first release of Kata Containers and to developing the Kata community.
  • VM-container chimera Kata Containers emerges from lab
    The open source Kata Containers project, an effort to combine the security advantages of virtual machines with the deployment and management advantages of software-based containers, hit its 1.0 milestone on Tuesday. Forged from a merger of Intel’s Clear Containers and Hyper’s runV announced last December, Kata Containers delivers an Open Container Initiative (OCI)-compatible runtime that addresses the downside of traditional container architecture, a shared kernel.
  • Kata Containers Project Releases 1.0 to Build Secure Container Infrastructure
  • Kata Containers 1.0
  • OpenStack Makes its Open Source CI/CD Platform Available to the Wider World
    The OpenStack Foundation made Zuul, an open source continuous integration/continuous development (CI/CD) platform, into an independent project. Zuul also released version 3 of its software. Zuul was originally developed for OpenStack CI testing and has since attracted contributors and users across many different organizations, including BMW, GoDaddy, OpenLab, and Wikimedia. It’s the third project to be managed by the OpenStack Foundation, joining OpenStack and Kata Containers.