Language Selection

English French German Italian Portuguese Spanish

Security News

Filed under
Security
  • Canonical Patches OpenSSL Regression in Ubuntu 16.04 LTS, 14.04 LTS & 12.04 LTS

    After announcing a few days ago that a new, important OpenSSL update is available for all supported Ubuntu Linux operating systems, Canonical's Marc Deslauriers now informs the community about another patch to address a regression.

    The new security advisory (USN-3087-2) talks about a regression that was accidentally introduced along with the previous OpenSSL update (as detailed on USN-3087-1), which addressed no less than eleven (11) security vulnerabilities discovered upstream by the OpenSSL team.

  • Patch AGAIN: OpenSSL security fixes now need their own security fixes
  • Bangladesh Bank exposed to hackers by cheap switches, no firewall: Police
  • This is the Israeli company that can hack any iPhone and Android smartphone

    If Cellebrite sounds familiar, that’s because the name of this Israeli company came up during Apple’s standoff with the FBI over breaking iPhone encryption. The agency managed to crack the San Bernardino iPhone with the help of an undisclosed company. Many people believe it was Cellebrite that came to the rescue. Meanwhile, the company revealed that it could hack just about any modern smartphone, but refused to say whether its expertise is used by the police forces of repressive regimes.

  • Reproducible Builds: week 74 in Stretch cycle
  • East-West Encryption: The Next Security Frontier?

    Microsegmentation, a method to create secure, virtual connections in software-defined data centers (SDDCs), has already emerged as one of the primary reasons to embrace network virtualization (NV). But some vendors believe that East-West encryption of traffic inside the data center could be the next stop in data-center security.

    For example, VMware says it is looking at encrypting East-West traffic inside the data center, adding another layer of security to the SDDC. Why is that important? Today, most firewalls operate on the perimeter of the data center – either guarding or encrypting data leaving the data center for the WAN. And some security products may encrypt data at rest inside the data center. But encrypting the traffic in motion between servers inside the data center – known in the business as the East-West traffic – is not something that’s typically done.

  • DHS Offers Its Unsolicited 'Help' In Securing The Internet Of Things [Ed: In the UK, GCHQ meddles in the Surveillance of Things in the name of 'security' while at the same time, with Tories' consent, cracking PCs]

    It's generally agreed that the state of security for the Internet of Things runs from "abysmal" to "compromised during unboxing." The government -- despite no one asking it to -- is offering to help out… somehow. DHS Assistant Secretary for Cyber Policy Robert Silvers spoke at the Internet of Things forum, offering up a pile of words that indicates Silvers is pretty cool with the "cyber" part of his title... but not all that strong on the "policy" part.

More in Tux Machines

Android Leftovers

pip 20.3 release

On behalf of the Python Packaging Authority, I am pleased to announce that we have just released pip 20.3, a new version of pip. You can install it by running `python -m pip install --upgrade pip`. This is an important and disruptive release -- we explained why in a blog post last year Read more

Western Digital WD_BLACK SN850 NVMe PCIe 4.0 SSD Linux Performance

This month Western Digital introduced the WD_BLACK SN850 as the latest PCI Express 4.0 solid-state drive hitting the market. The WD_BLACK SN850 is a surprisingly strong performer if looking to upgrade to PCIe 4.0 solid-state storage, competing with the fastest of the consumer drives currently available. The WD_BLACK SN850 makes use of Western Digital's G2 controller and 96L TLC NAND flash memory. The 1TB drive being tested today is rated for 7,000 MB/s sequential reads and 5,300 MB/s sequential writes and 1 million IOPS for random reads and 720k IOPS for random writes. Read more

GNU Octave 6.1 Released with Improvements / New Functions

GNU Octave 6.1 was released a few days ago with numerous improvements, bug-fixes, and a list of new functions. Changes in Octave 6.1 include... There’s no PPA repository contains the new release package at the moment of writing. Before the official Snap package and the community maintained Flatpak package publish the new package, you can download & build GNU Octave from the source tarball... Read more