Language Selection

English French German Italian Portuguese Spanish

Security: Slingshot, Symantec Certification Authorities, and DDoS Defense

Filed under
Security
  • Potent malware that hid for six years spread through routers

    Slingshot—which gets its name from text found inside some of the recovered malware samples—is among the most advanced attack platforms ever discovered, which means it was likely developed on behalf of a well-resourced country, researchers with Moscow-based Kaspersky Lab reported Friday. The sophistication of the malware rivals that of Regin—the advanced backdoor that infected Belgian telecom Belgacom and other high-profile targets for years—and Project Sauron, a separate piece of malware suspected of being developed by a nation-state that also remained hidden for years.

  • Distrust of Symantec TLS Certificates

    A Certification Authority (CA) is an organization that browser vendors (like Mozilla) trust to issue certificates to websites. Last year, Mozilla published and discussed a set of issues with one of the oldest and largest CAs run by Symantec. The discussion resulted in the adoption of a consensus proposal to gradually remove trust in all Symantec TLS/SSL certificates from Firefox. The proposal includes a number of phases designed to minimize the impact of the change to Firefox users:

  • How Creative DDOS Attacks Still Slip Past Defenses

    Distributed denial of service attacks, in which hackers use a targeted hose of junk traffic to overwhelm a service or take a server offline, have been a digital menace for decades. But in just the last 18 months, the public picture of DDoS defense has evolved rapidly. In fall 2016, a rash of then-unprecedented attacks caused internet outages and other service disruptions at a series of internet infrastructure and telecom companies around the world. Those attacks walloped their victims with floods of malicious data measured up to 1.2 Tbps. And they gave the impression that massive, "volumetric" DDOS attacks can be nearly impossible to defend against.

More in Tux Machines

Linux 4.18 RC2 Released From China

  • Linux 4.18-rc2
    Another week, another -rc. I'm still traveling - now in China - but at least I'm doing this rc Sunday _evening_ local time rather than _morning_. And next rc I'll be back home and over rmy jetlag (knock wood) so everything should be back to the traditional schedule. Anyway, it's early in the rc series yet, but things look fairly normal. About a third of the patch is drivers (drm and s390 stand out, but here's networking and block updates too, and misc noise all over). We also had some of the core dma files move from drivers/base/dma-* (and lib/dma-*) to kernel/dma/*. We sometimes do code movement (and other "renaming" things) after the merge window simply because it tends to be less disruptive that way. Another 20% is under "tools" - mainly due to some selftest updates for rseq, but there's some turbostat and perf tooling work too. We also had some noticeable filesystem updates, particularly to cifs. I'm going to point those out, because some of them probably shouldn't have been in rc2. They were "fixes" not in the "regressions" sense, but in the "missing features" sense. So please, people, the "fixes" during the rc series really should be things that are _regressions_. If it used to work, and it no longer does, then fixing that is a good and proper fix. Or if something oopses or has a security implication, then the fix for that is a real fix. But if it's something that has never worked, even if it "fixes" some behavior, then it's new development, and that should come in during the merge window. Just because you think it's a "fix" doesn't mean that it really is one, at least in the "during the rc series" sense. Anyway, with that small rant out of the way, the rest is mostly arch updates (x86, powerpc, arm64, mips), and core networking. Go forth and test. Things look fairly sane, it's not really all that scary. Shortlog appended for people who want to scan through what changed. Linus
  • Linux 4.18-rc2 Released With A Normal Week's Worth Of Changes
    Due to traveling in China, Linus Torvalds has released the Linux 4.18-rc2 kernel a half-day ahead of schedule, but overall things are looking good for Linux 4.18.

A GTK+ 3 update

  • A GTK+ 3 update
    When we started development towards GTK+ 4, we laid out a plan that said GTK+ 3.22 would be the final, stable branch of GTK+ 3. And we’ve stuck to this for a while. I has served us reasonably well — GTK+ 3 stopped changing in drastic ways, which was well-received, and we are finally seeing applications moving from GTK+ 2.
  • GTK+ 3.24 To Deliver Some New Features While Waiting For GTK4
    While the GNOME tool-kit developers have been hard at work on GTK4 roughly the past two years and have kept GTK3 frozen at GTK+ 3.22, a GTK+ 3.24 release is now being worked on to deliver some new features until GTK+ 4.0 is ready to be released. While GTK+ 4.0 is shaping up well and GTK+ 3.22 was planned to be the last GTK3 stable release, the developers have had second thoughts due to GTK+ 4 taking time to mature. Some limited new features are being offered up in the GTK+ 3.24 release to debut this September.

Finally: First stable release of KBibTeX for KDE Frameworks 5

After almost exactly two years of being work-in-progress, the first stable release of KBibTeX for KDE Frameworks 5 has been published! You can grab the sources at your local KDE mirror. Some distributions like ArchLinux already ship binary packages. After one beta and one release candidate, now comes the final release. You may wonder why this release gets version number 0.8.1 but not 0.8 as expected. This is simply due to the fact that I noticed a bug in CMakeLists.txt when computing version numbers which did not work if the version number just had two fields, i. e. no ‘patch’ version. As the code and the tag of 0.8 was already pushed, I had no alternative than to fix the problem and increase the version number. Otherwise, the ChangeLog (alternative view) is virtually unchanged compared to the last pre-release. Read more

Today in Techrights