Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • A masterclass in responding to vulnerability disclosure: The Buddi app and tracker | Pen Test Partners

    The Buddi tracker https://www.buddi.co.uk/ is used for tracking elderly and vulnerable people. It’s a GPS/GSM-based clip-on device that reports wearer position to an app via a platform. It means that the wearer can easily be found by their carer or the emergency services, should they become lost and unable to make their own way home. The device also features a panic button that automatically calls their carer and allows the wearer to speak to them.

    The device is popular in the care market, allowing the wearer a greater degree of independence and the ability to live independently for longer. The business behind Buddi has recently listed successfully on the UK AIM stock market (AIM:BIG), reflecting significant growth in the tracking markets in both UK and US.

  • Security updates for Monday

    Security updates have been issued by Debian (bluez, icu, libntlm, libvorbis, libvpx, opensc, roundcube, and tar), Fedora (kernel, kernel-headers, kernel-tools, puppet, slurm, stargz-snapshotter, and suricata), openSUSE (netcdf), Oracle (bluez, kernel, kernel-container, krb5, mailman:2.1, openssh, python3, and rpm), Red Hat (samba), and SUSE (xen).

  • Cyber Security Today, Nov. 29, 2021 – Ikea under phishing attack, evasive JavaScript loader discovered and malware found hiding in Linux calendars [Ed: Linux is a kernel, it does not do "calendars"]

    Ikea under phishing attack, evasive JavaScript loader discovered and malware found hiding in Linux calendars.

  • Awesome Linux Tools: Lynis from CISOfy - Invidious

    In this episode of Awesome Linux Tools, the spotlight is on Lynis - a really awesome utility you can use to get a better understanding of the overall security hygiene of your server. In this video, Jay will show you how to install it, and also how to run an audit.

  • CronRat Magecart malware uses 31st February date to remain undetected | IT PRO

    Security researchers have discovered a Linux-based remote access trojan (RAT) that uses an unusual stealth technique to remain out of sight from security products.

    The malware, dubbed CronRat, hides in the calendar subsystem of Linux servers (“cron”) on a non-existent day, 31 February, according to a blog post by security researchers at Sansec.

Samsung Bricks Smart TVs

  • Samsung Bricks Smart TVs

    Earlier this Fall, a Samsung warehouse in South Africa was robbed and the thieves got away with a quantity of smart televisions. Samsung proceeded to implement a little-known feature called “TV Block” which is installed on all of their TV products. The serial numbers of the stolen TV sets are flagged in their servers, and if one of these sets tries to connect the internet in the future, it will recognize that it is stolen and proceed to brick itself, disabling all television functionality.

    So while this real-life scenario makes sense, it is a bit alarming to realize the implication of such a feature — the manufacturer can reach into your TV and disable it from afar. One can assume that Samsung won’t abuse this capability, because acting otherwise would harm their reputation. In a press release, Samsung announced that any consumers whose sets were incorrectly bricked can have their sets un-bricked after demonstrating proper ownership.

How cybercriminals exploit WordPress to distribute malware

  • The other victims of FluBot: How cybercriminals exploit WordPress to distribute malware

    Netcraft has to date identified nearly 10,000 websites used in the distribution of the FluBot family of Android malware. As detailed in our previous articles on FluBot, these sites are unwittingly hosting a PHP script that acts as a proxy to a further backend server, allowing otherwise legitimate sites to deliver Android malware to victims. When visited by the intended victim, a “lure” is displayed that implores them to download and install the FluBot malware.

    The most common lure themes are parcel delivery and voicemail messages, where the user is told to install the malicious app to track a parcel or listen to a voicemail message. One particularly interesting lure took advantage of FluBot’s infamy, by offering a fake “Android security update” that claimed to protect against the malware family. Users installing this “security update” would instead be infected with FluBot.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Security Leftovers

  • Security updates for Thursday [LWN.net]

    Security updates have been issued by Fedora (microcode_ctl, rubygem-nokogiri, and vim), Mageia (htmldoc, python-django, and python-oslo-utils), Red Hat (container-tools:2.0, kernel, kernel-rt, kpatch-patch, and pcs), SUSE (ardana-barbican, grafana, openstack-barbican, openstack-cinder, openstack-heat-gbp, openstack-horizon-plugin-gbp-ui, openstack-ironic, openstack-keystone, openstack-neutron-gbp, python-lxml, release-notes-suse-openstack-cloud, autotrace, curl, firefox, libslirp, php7, poppler, slurm_20_11, and ucode-intel), and Ubuntu (bind9, gnome-control-center, and libxrandr).

  • Apple Safari, Microsoft Windows 11 & Teams, Hacked During $800,000 0-Day Fest [Ed: Microsoft puts back doors in its things, so security is never the goal, nor is it accomplished]
  • Red Hat Kubernetes security report finds people are the problem

    Kubernetes, despite being widely regarded as an important technology by IT leaders, continues to pose problems for those deploying it. And the problem, apparently, is us. The open source container orchestration software, being used or evaluated by 96 per cent of organizations surveyed [PDF] last year by the Cloud Native Computing Foundation, has a reputation for complexity. Witness the sarcasm: "Kubernetes is so easy to use that a company devoted solely to troubleshooting issues with it has raised $67 million," quipped Corey Quinn, chief cloud economist at IT consultancy The Duckbill Group, in a Twitter post on Monday referencing investment in a startup called Komodor. And the consequences of the software's complication can be seen in the difficulties reported by those using it.

  • CISA Releases Analysis of FY21 Risk and Vulnerability Assessments | CISA

    CISA has released an analysis and infographic detailing the findings from the 112 Risk and Vulnerability Assessments (RVAs) conducted across multiple sectors in Fiscal Year 2021 (FY21).

  • ISC Releases Security Advisory for BIND

    The Internet Systems Consortium (ISC) has released a security advisory that addresses a vulnerability affecting version 9.18.0 of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

  • CVE-2022-1183: Destroying a TLS session early causes assertion failure

    An assertion failure can be triggered if a TLS connection to a configured http TLS listener with a defined endpoint is destroyed too early.

Videos/Shows: Red Hat Enterprise Linux 9, The Linux Link Tech Show, Bad Voltage, and BSD Now

today's howtos

  • GNU Linux (distro independent) – how to set fixed ip (brute force overwrite) – temporarily (also possible for DNS)

    this is a quick bash hack, to set an additional fixed ip to the user’s interface, this will (brute force) OVERWRITE all mess done by network managers of various origins: (there should be only one config file to config network settings and it is: /etc/network/interfaces, instead of 10x entities inventing it’s own standard, confusing the heck out of users, just keep the standard that is already there?)

  • How to Enable More Multi-Touch Gestures in Ubuntu 22.04 GNOME 42 | UbuntuHandbook

    This simple tutorial shows how to enable 3-finger & 4-finger multi-touch gestures in Ubuntu 22.04, Fedora 36 and other Linux with GNOME 40+, while the desktop by default supports only few gestures.

  • How to Install Open Source osTicket on Ubuntu 20.04

    A server can contain many important business applications. These applications can help us to deploy even a support ticket system to better manage the technical service of a company. Today, you will learn how to install osTicket on Ubuntu 20.04.

  • How to Install and Use Bitwarden on Linux

    A password manager is an application that lets you generate new passwords and store existing ones securely. It eliminates the need to create and remember strong and complex passwords yourself for all your accounts. Depending on the device and operating system you're using, you can find all kinds of password managers. Bitwarden is a free-to-use password manager that comes with all the essential password management features. Follow along to learn how to install and set up Bitwarden on Linux.

  • How to install Borgmatic for easy Linux server backups | TechRepublic

    Do you have a reliable backup solution running on your Linux servers? If not, what’s your plan for disaster recovery? The word “disaster” alone should be enough to help you realize backups are an absolutely crucial part of your organization. If you’re in the market for a new Linux backup solution, there’s a lesser-known solution that does an outstanding job, and it’s fairly easy to install and configure. That solution is Borgmatic. This simple, configuration-driven backup solution protects your files (and even databases) with client-side encryption and even offers third-party integration for things like monitoring. I want to walk you through the process of installing Borgmatic on Ubuntu Server 22.04. When complete, you should feel confident your important data is regularly being backed up.

  • How to install the Caddy web server on Ubuntu Server 22.04 | TechRepublic

    Caddy is a powerful open-source web server, written in Go, that can be used to host web applications in a production environment. Caddy features built-in automated TLS certificate renewals, OSCP stapling, static file serving, reverse proxy, Kubernetes ingress and much more. Caddy can be run as a stand-alone web server, an app server or even within containers. In this tutorial, I’m going to walk you through the steps of installing Caddy on Ubuntu Server 22.04 and then how to create a simple, static site.

Jive Search is your private self-hosted search engine

Ever wanted your own search engine that you can host, control and make sure your searches are not leaked or recorded?. Then it is time to check Jive Search. Jive Search is a free, open-source search self-hosted search engine that you can run on your machine or server. The app is written using the Go programming language for better performance. Read more Also: MinIO is an open-source multi-cloud object storage for Amazon S3 for enterprise