Security Leftovers
-
Security updates for Monday
-
NetBSD 8.1 RC1 Released With MDS Mitigations, Option To Turn Off SMT/HT, Driver Updates
The first and only anticipated release candidate for NetBSD 8.1 is now available for testing.
The NetBSD 8.1 release candidate adds the necessary mitigations for the Microarchitectural Data Sampling / Zombieload vulnerabilities. With Hyper Threading looking increasingly insecure with these new CPU vulnerabilities, NetBSD has joined other operating systems in offering a new setting to disable HT/SMT support: the smtoff rc.conf option.
-
Outbound Traffic Filtering | Roadmap to Securing Your Infrastructure
This week, we’re discussing outbound traffic filtering. This is filtering provided at the network edge by a firewall with rules (ACLs) restricting what internal users are allowed to access. Some firewalls have the ability to filter by an application (layer 7 firewalls), but we’re going to concentrate on standard packet-filtering firewalls and their capabilities. There are several reasons for wanting to restrict outbound communications, such as defeating malware, making data exfiltration harder, and the detection of infected hosts.
-
Bluetooth's Complexity Has Become a Security Risk
Fundamentally, both Bluetooth and BLE open up a channel for two devices to communicate—an extremely useful arrangement, but one that also opens the door for dangerous interactions. Without strong cryptographic authentication checks, malicious third parties can use Bluetooth and BLE to connect to a device they shouldn't have access to, or trick targets into thinking their rogue device is a trusted one.
-
Huawei promises continued security updates and service to existing users post Google ban
Google has shocked the world by banning Huawei from future OS versions and security updates, but existing Huawei handsets will continue getting Google Play app updates, while Huawei promises it will issue security updates instead.
-
Security Advisory: Kernel and Firmware Updates for Intel MDS Vulnerability
-
ICE Tops Its Old Record, Spends Another $820,000 On Cellphone-Cracking Tools
As consecutive heads of the FBI have whined about the general public's increasing ability to keep their devices and personal data secure with encryption, a number of companies have offered tools that make this a moot point. Grayshift -- the manufacturer of phone-cracking tool GrayKey -- has been selling hundreds of thousands of dollars-worth of devices to other federal agencies not so insistent the only solution is backdoored encryption.
ICE is one of these agencies. It led all federal agencies in phone-cracking expenditures in 2018. It spent $384,000 on these tools last year. It wasn't just ICE. Other agencies like the DEA and [checks notes] the Food and Drug Administration have also purchased these devices. But ICE led the pack, most likely because ICE -- along with DHS counterpart CBP -- are engaging in more suspicionless, warrantless device searches than ever.
- Login or register to post comments
- Printer-friendly version
- 1751 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago