Security Leftovers
-
BadTunnel Bug Hijacks Network Traffic, Affects All Windows Versions
The research of Yang Yu, founder of Tencent's Xuanwu Lab, has helped Microsoft patch a severe security issue in its implementation of the NetBIOS protocol that affected all Windows versions ever released.
-
'BadTunnel' Bugs Left Every Microsoft Windows PC Vulnerable For 20 Years [Ed: no paywall/malware in this link]
Microsoft is today closing off a vulnerability that one Chinese researcher claims has "probably the widest impact in the history of Windows." Every version of the Microsoft operating system going back to Windows 95 is affected, leaving anyone still running unsupported operating systems, such as XP, in danger of being surreptitiously surveilled.
According to Yang Yu, founder of Tencent's Xuanwu Lab, the bug can be exploited silently with a "near-perfect success rate", as the problems lie in the design of Windows. The ultimate impact? An attacker can hijack all a target's web use, granting the hacker "Big Brother power", as soon as the victim opens a link or plugs in a USB stick, claimed Yu. He received $50,000 from Microsoft's bug bounty program for uncovering the weakness, which the researcher has dubbed BadTunnel. Microsoft issued a fix today in its Patch Tuesday list of updates.
"Even security software equipped with active defense mechanisms are not able to detect the attack," Yu told FORBES. "Of course it is capable of execute malicious code on the target system if required."
-
Getting Things Wrong From The Beginning…
GNU/Linux and never had any problems with software the rest of the school year. I’ve been using GNU/Linux ever since and have had no regrets. It’s been the right way to do IT. My wife saw the light a few years ago. She was tired of years of TOOS failing every now and then and needing re-installation. Once her business started using a web application, she had no more need of TOOS, none.
-
Intel x86s hide another CPU that can take over your machine (you can't audit it)
Recent Intel x86 processors implement a secret, powerful control mechanism that runs on a separate chip that no one is allowed to audit or examine. When these are eventually compromised, they'll expose all affected systems to nearly unkillable, undetectable rootkit attacks. I've made it my mission to open up this system and make free, open replacements, before it's too late.
-
Hackers Show How To Hack Anyone’s Facebook Account Just By Knowing Phone Number
By exploiting the SS7 flaw, a hacker can hack someone’s Facebook account just by knowing the associated phone number. This flaw allows a hacker to divert the OTP code to his/her own phone and use it to access the victim’s Facebook account. The security researchers, who have explained the hack in a video, advise the users to avoid adding their phone numbers to the public services.
- Login or register to post comments
- Printer-friendly version
- 2419 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago