Language Selection

English French German Italian Portuguese Spanish

Security: Telegram, Bounties and More

Filed under
Security
  • Telegram zero-day let hackers spread backdoor and cryptocurrency-mining malware

    A zero-day vulnerability in Telegram Messenger allowed attackers to spread a new form of malware with abilities ranging from creating a backdoor trojan to mining cryptocurrency.

    The attacks take advantage of a previously unknown vulnerability in the Telegram Desktop app for Windows and were spotted being used in the wild by Kaspersky Lab.

    Researchers believe the Russian cybercriminal group exploiting the zero-day were the only ones aware of the vulnerability and have been using it to distribute malware since March 2017 -- although it's unknown how long the vulnerability had existed before that date.

  • More Than 4,000 Government Websites Infected With Covert Cryptocurrency Miner

    The rise of cryptocurrency mining software like Coinhive has been a decidedly double-edged sword. While many websites have begun exploring cryptocurrency mining as a way to generate some additional revenue, several have run into problems if they fail to warn visitors that their CPU cycles are being co-opted in such a fashion. That has resulted in numerous websites like The Pirate Bay being forced to back away from the software after poor implementation (and zero transparency) resulted in frustrated users who say the software gobbled upwards of 85% of their available CPU processing power without their knowledge or consent.

    But websites that don't inform users this mining is happening are just one part of an emerging problem. Hackers have also taken to using malware to embed the mining software into websites whose owners aren't aware that their sites have been hijacked to make somebody else an extra buck. Politifact was one of several websites that recently had to admit its website was compromised with cryptocurrency-mining malware without their knowledge. Showtime was also forced to acknowledge (barely) that websites on two different Showtime domains had been compromised and infected with Coinhive-embedded malware.

  • Why Bug Bounties Matter

    Bugs exist in software. That's a fact, not a controversial statement. The challenge (and controversy) lies in how different organizations find the bugs in their software.

    One way for organizations to find bugs is with a bug bounty program. Bug bounties are not a panacea or cure-all for finding and eliminating software flaws, but they can play an important role.

  • Shell Scripting and Security

    The internet ain't what it used to be back in the old days. I remember being online back when it was known as ARPAnet actually—back when it was just universities and a handful of corporations interconnected. Bad guys sneaking onto your computer? We were living in blissful ignorance then.

    Today the online world is quite a bit different, and a quick glimpse at the news demonstrates that it's not just global, but that bad actors, as they say in security circles, are online and have access to your system too. The idea that any device that's online is vulnerable is more true now than at any previous time in computing history.

  • Security updates for Tuesday
  • Open Source Security Podcast: Episode 82 - RSA, TLS, Chrome HTTP, and PCI

More in Tux Machines

today's howtos

Games: GameHub, Eastshade, Unsung Warriors, Littlewood, Unity, DYSMANTLE, ECON - Elemental Connection, Godly Corp, Emerald Shores and Heroes Ravage

  • GameHub – An Unified Library To Put All Games Under One Roof
    GameHub is an unified gaming library that allows you to view, install, run and remove games on GNU/Linux operating system. It supports both native and non-native games from various sources including Steam, GOG, Humble Bundle, and Humble Trove etc. The non-native games are supported by Wine, Proton, DOSBox, ScummVM and RetroArch. It also allows you to add custom emulators and download bonus content and DLCs for GOG games. Simply put, Gamehub is a frontend for Steam/GoG/Humblebundle/Retroarch. It can use steam technologies like Proton to run windows gog games. GameHub is free, open source gaming platform written in Vala using GTK+3. If you’re looking for a way to manage all games under one roof, GameHub might be a good choice.
  • Eastshade Release Date for Linux and Windows Announced Along With a New Trailer
    First-person exploration games haven't really been done to a major degree - even though things like Perfect have aimed to give you a bit of that. In cases like that, you have a game that relies on virtual reality to relax the user and allow you to explore a very small world. However, what the world lacks in size, it makes up for in terms of interactivity - but it is still very small-scale. Eastshade sets out to do something similar, but in a purely first-person viewpoint without relying on VR and greatly expanding on the size of the game's world.
  • 2D action adventure 'Unsung Warriors' has an expanded Prologue along with a Kickstarter
    I took a look at the Prologue of Unsung Warriors back in October last year and it was pretty good! They've now expanded it, put it on Steam and they have a Kickstarter going for the full game.
  • Littlewood, an RPG with a difference needs funding on Kickstarter
    Most RPGs focus on defeating some sort of evildoer, however Littlewood takes place after a Dark Wizard has already been defeated and it's your job to put everything back together. Inspired by the likes of Animal Crossing, Dark Cloud and Runescape it seems to be heavily focusing on the more peaceful side of gaming. It will have mining, crafting, fishing, bug catching, farming, cooking and so on. However, one feature sounds especially interesting! After the Dark Wizard was defeated, their monsters were sealed away into Tarott Cards you can collect and battle people with which I love the sound of. Even more interesting, is that it's being made by developer Sean Young of SmashGames who made Kindergarten, Roguelands and Magicite which all support Linux. They're very clear about supporting Linux once again, so that's fantastic to see them continue.
  • Unity have updated their Terms of Service and they seem a lot more fair
  • An update on the situation with NVIDIA graphical distortions in some Unity games on Linux
    Recently, I highlighted an issue in multiple Unity games where the graphics were distorted on Linux with using an NVIDIA GPU and I offered some workarounds. I now have an update on the issue to share from both Unity and NVIDIA. Firstly, on the Unity side at least some of it was a confirmed bug in Unity's handling of OpenGL. The bug report that was opened as a result of my chats with Unity, has noted that it's now solved in Unity 2019 and the fix should also be landing in Unity 2018.3.2f1.
  • DYSMANTLE from 10tons is an open world action RPG where you can ruin everything
    10tons Ltd the team behind Crimsonland, Neon Chrome, Time Recoil, JYDGE, Tesla vs Lovecraft and more have revealed their next title, DYSMANTLE.
  • ECON - Elemental Connection, a pretty sweet puzzle game about making a mosaic
    ECON - Elemental Connection was quite a surprise, a puzzle game that can be played both offline and online that has you take it in turns to build a mosaic. Note: Key provided by the developer. For those who prefer their more relaxing experiences to other action-packaged options, ECON is a little gem. Honestly, it's nothing to look at and you could easily pass it up since even on Steam it doesn't have a single user review. However, it's actually a pretty good tile-matching puzzler.
  • Godly Corp is a really weird game that has you manage an office as something like Cthulhu
    I will give the developer TR8 Torus Studios points for being weird and unique here, with Godly Corp having you manage an office with a long tentacle.
  • Emerald Shores, a SNES-inspired platformer with minigames and more has Linux support
    For those after their next retro platformer, the SNES-inspired Emerald Shores is out on Steam with Linux support.
  • Heroes Ravage, a rather unique online action game will support Linux
    Yet another interesting crowdfunded game to take a look at today, we have Heroes Ravage an online action game that has you play as both heroes and villagers. Heroes Ravage is an all-out battle for loot, only this time there are no NPCs as everyone is a player. Everyone is trying to hold onto their collected valuables, with players acting as the villagers able to hide them and set up traps. It's a 4on4 battle, with four heroes facing off against four villagers and I will admit it does sound very unique.

Top 15 Best Git Clients for Linux

As a Linux user, you need to update software source code frequently. You may use a command line to do the task. But, when you need to handle a large project, then it becomes lengthy and difficult also. On the other hand, it is also quite impossible to point out the entire branch structure using the command line. Nowadays, all the mastermind Linux users are frequently using Git tools for the software controlling management and development. The tasks are very simple and quite easier with git client Linux. That is why we take the step to introduce you to some of the best git clients for Linux. Read more

Best Audio Editors For Linux

You’ve got a lot of choices when it comes to audio editors for Linux. No matter whether you are a professional music producer or just learning to create awesome music, the audio editors will always come in handy. Well, for professional-grade usage, a DAW (Digital Audio Workstation) is always recommended. However, not everyone needs all the functionalities, so you should know about some of the most simple audio editors as well. In this article, we will talk about a couple of DAWs and basic audio editors which are available as free and open source solutions for Linux and (probably) for other operating systems. Read more