Language Selection

English French German Italian Portuguese Spanish

Security: OSX.Dummy, WellMess, LastPass, Rapid7

Filed under
Security
  • Fresh Macos Malware OSX.Dummy Targets Crypto-Currency Investors

    Hackers by employing a MacOS malicious program target people investing in crypto-currencies who utilize both chat platforms namely Discord and Slack. Dubbed OSX.Dummy, the malicious program utilizes a rather crude infection technique, however, PC operators that get successfully compromised get their systems to execute random code via remote operation.

     

    One blog post dated June 29 by Digital Security's chief research officer Patrick Wardle indicates that with a successful connection with command-and-control server of the attacker, the latter would manage running commands arbitrarily onto the contaminated PC. Security researchers from UNIX were first to find clues about the malicious program some days back. According to Remco Verhoef, top researcher who made a blog post dated June 29 on SANS' InfoSec reporting his discoveries, the past week witnessed several assaults sequentially against MacOS.

  • This new dual-platform malware targets both Windows and Linux systems

    One of the oft-repeated reasons for using alternative operating systems is the suggestion that alternatives to Windows are more secure because malware is not produced for these minority systems—in effect, an argument in favor of security by minority. For a variety of reasons, this is a misguided notion. The proliferation of web-based attacks—which are inherently cross-platform, as they depend on browsers more than the underlying OS the browser runs on—makes this argument rather toothless.

    [...]

     While WellMess is far from the first malware to run on Linux systems, the perceived security of Linux distributions as not being a significant enough target for malware developers should no longer be considered the prevailing wisdom, as cross-compilation on Golang will ease malware development to an extent for attackers looking to target Linux desktop users. As with Windows and macOS, users of Linux on the desktop should install some type of antivirus software in order to protect against malware such as WellMess.

  • Is your LastPass data really safe in the encrypted online vault?

    Disclaimer: I created PfP: Pain-free Passwords as a hobby, it could be considered a LastPass competitor in the widest sense. I am genuinely interested in the security of password managers which is the reason both for my own password manager and for this blog post on LastPass shortcomings.

    TL;DR: LastPass fanboys often claim that a breach of the LastPass server isn’t a big deal because all data is encrypted. As I show below, that’s not actually the case and somebody able to compromise the LastPass server will likely gain access to the decrypted data as well.

  • Australia 11th in country rankings for Internet security threat exposure

     

    According to the latest threat 2018 National Exposure Index from analytics solutions provider Rapid7, the US scored the highest in nearly every exposure metric measured and along with China, Canada, South Korea, and the United Kingdom. Together they control more than  61 million servers listening on at least one of the surveyed ports.

More in Tux Machines

Software: Newsboat, FreeFileSync, Corebird, FileZilla, nomacs, RAV1E

  • Newsboat: A Snazzy Text-Based RSS Feed Reader
    Newsboat is a sleek, open source RSS/Atom feed reader for the text console. It’s a fork of Newsbeuter. RSS and Atom are a number of widely-used XML formats to transmit, publish and syndicate articles, typically news or blog articles. Newsboat is designed to be used on text terminals on Unix or Unix-like systems. It’s entirely controlled by the keyboard. The software has an internal commandline to modify configuration variables and to run commands.
  • FreeFileSync – Data Backup and File Synchronization App
    FreeFileSync is a free data backup and file synchronization app which is available in Linux systems enables you to seamlessly sync your backup data with the source data. When you take a backup of your HD, or any other disk drive, you should keep it in sync for the file changes you do from time to time. It is often difficult to remember which file/directories you have changed/deleted/updated since the last backup. FreeFileSync solves that problem and it can determine and sync only those changed/deleted/updated files in your backup.
  • Corebird Twitter Client – to Stop Working
    Corebird, the best native GTK+ Twitter client available for Linux desktops including Ubuntu will stop working on August 2018. This has been recently reported by the Corebird developer in patreon as well as in GitHub. This is mainly due to the policy change from Twitter which will remove UserStream API which is used by Corebird and other third party Twitter clients. In the patreon post, the developer stated that, the new API by Twitter named Accounts Activity API is too difficult to implement and he may not have much time available for development.
  • FileZilla – Best FTP Client for Linux, Ubuntu Releases version 3.34.0
    FileZilla is a free and open source FTP client available for Ubuntu, Mint and other Linux systems. FileZilla is the go-to software when you need a FTP client for your need. FileZilla is loaded with supports for FTP, SFTP, FTPS protocols and it is cross platform. It comes with nice user friendly and easy to use GUI.
  • nomacs 3.10.2
    nomacs is licensed under the GNU General Public License v3 and available for Windows, Linux, FreeBSD, Mac, and OS/2.
  • RAV1E: The "Fastest & Safest" AV1 Encoder
    Following the news about VP9 and AV1 having more room to improve particularly for alternative architectures like POWER and ARM, a Phoronix reader pointed out an effort that Mozilla is behind on developing the "rav1e" encoder. AV1 up to this point for encoding on CPUs has been - unfortunately - extremely slow. But it turns out Mozilla and others are working on RAV1E as what they are billing as the fastest and safest AV1 encoder. RAV1E has been in development for a while now but has seemingly flown under our radar.

today's howtos

Red Hat Looks Beyond Docker for Container Technology

While Docker Inc and its eponymous container engine helped to create the modern container approach, Red Hat has multiple efforts of its own that it is now actively developing. The core component for containers is the runtime engine, which for Docker is the Docker Engine which is now based on the Docker-led containerd project that is hosted at the Cloud Native Computing Foundation (CNCF). Red Hat has built its own container engine called CRI-O, which hit its 1.0 release back in October 2017. For building images, Red Hat has a project called Buildah, which reached its 1.0 milestone on June 6. Read more

Containers: The Update Framework (TUF), Nabla, and Kubernetes 1.11 Release

  • How The Update Framework Improves Software Distribution Security
    In recent years that there been multiple cyber-attacks that compromised a software developer's network to enable the delivery of malware inside of software updates. That's a situation that Justin Cappos, founder of The Update Framework (TUF) open-source project, has been working hard to help solve. Cappos, an assistant professor at New York University (NYU), started TUF nearly a decade ago. TUF is now implemented by multiple software projects, including the Docker Notary project for secure container application updates and has implementations that are being purpose-built to help secure automotive software as well.
  • IBM's new Nabla containers are designed for security first
    Companies love containers because they enable them to run more jobs on servers. But businesses also hate containers, because they fear they're less secure than virtual machines (VM)s. IBM thinks it has an answer to that: Nabla containers, which are more secure by design than rival container concepts. James Bottomley, an IBM Research distinguished engineer and top Linux kernel developer, first outlines that there are two kind of fundamental kinds of container and virtual machine (VM) security problems. These are described as Vertical Attack Profile (VAP) and Horizontal Attack Profile (HAP).
  • [Podcast] PodCTL #42 – Kubernetes 1.11 Released
    Like clockwork, the Kubernetes community continues to release quarterly updates to the rapidly expanding project. With the 1.11 release, we see a number of new capabilities being added across a number of different domains – infrastructure services, scheduling services, routing services, storage services, and broader CRD versioning capabilities that will improve the ability to not only deploy Operators for the platform and applications. Links for all these new features, as well as in-depth blog posts from Red Hat and the Kubernetes community are included in the show notes. As always, it’s important to remember that not every new feature being released is considered “General Availability”, so be sure to check the detailed release notes before considering the use of any feature in a production or high-availability environment.