Security Leftovers
-
DDoS defenses emerging from Homeland Security
Government, academic, and private-sector officials are collaborating on new ways to prevent and mitigate distributed denial-of-service (DDoS) attacks, based on research years in the making but kicked into high gear by the massive takedown this month of domain name system provider Dyn.
-
US DMCA rules updated to give security experts legal backing to research
The US government has updated and published a new list of exemptions to the Digital Millennium Copyright Act, a move perhaps long-overdue which will protect cybersecurity professionals from prosecution when reverse-engineering products for research purposes.
On October 28, the US Copyright Office and the Librarian of Congress published the updated rules on the federal register.
The DMCA regulations now include exceptions relating to security research and vehicle repair relevant to today's cybersecurity field. For the next two years, researchers can circumvent digital access controls, reverse engineer, access, copy, and manipulate digital content which is protected by copyright without fear of prosecution -- within reason.
-
Stop being the monkey's paw
This story got me thinking about security, how we ask questions and how we answer questions. What if we think about this in the context of application security specifically for this example. If someone was to ask the security the question “does this code have a buffer overflow in it?” The person I asked for help is going to look for buffer overflows and they may or may not notice that it has a SQL injection problem. Or maybe it has an integer overflow or some other problem. The point is that's not what they were looking for so we didn't ask the right question. You can even bring this little farther and occasionally someone might ask the question “is my system secure” the answer is definitively no. You don't even have to look at it to answer that question and so they don't even know what to ask in reality. They are asking the monkey paw to bring them their money, it's going to do it, but they're not going to like the consequences.
-
Tyfone looks to open-source to solve IoT security issues
It came as no surprise to Tyfone CEO Siva Narendra when tens of millions of Internet connected devices were able to bring down the Web during a coordinated distributed denial of service attack on Oct. 21.
Narendra's Portland-based company Tyfone has been working on digital security platforms to safeguard identity and transactions of people and things for years.
Narendra says mobile devices in conjunction with the cloud have brought new levels of productivity to our lives. Internet of Things devices (the common name given to these connected items) are poised to bring even greater levels of productivity and cost-savings to businesses, and safety and convenience to our everyday lives.
-
Google just disclosed a major Windows bug — and Microsoft isn’t happy
Today, Google’s Threat Analysis group disclosed a critical vulnerability in Windows in a public post on the company’s security blog. The bug itself is very specific — allowing attackers to escape from security sandboxes through a flaw in the win32k system — but it’s serious enough to be categorized as critical, and according to Google, it’s being actively exploited. As a result, Google went public just 10 days after reporting the bug to Microsoft, before a patch could be coded and deployed. The result is that, while Google has already deployed a fix to protect Chrome users, Windows itself is still vulnerable — and now, everybody knows it.
Google’s disclosure provides only a general description of the bug, giving users enough information to recognize a possible attack without making it too easy for criminals to replicate. Exploiting the bug also depends on a separate exploit in Adobe Flash, for which the company has also released a patch. Still, simply knowing that the bug exists will likely spur a lot of criminals to look for viable ways to exploit it against computers that have yet to update Flash.
-
AtomBombing: A Code Injection that Bypasses Current Security Solutions
Our research team has uncovered new way to leverage mechanisms of the underlying Windows operating system in order to inject malicious code. Threat actors can use this technique, which exists by design of the operating system, to bypass current security solutions that attempt to prevent infection. We named this technique AtomBombing based on the name of the underlying mechanism that this technique exploits.
AtomBombing affects all Windows version. In particular, we tested this against Windows 10.
-
Disclosing vulnerabilities to protect users
On Friday, October 21st, we reported 0-day vulnerabilities — previously publicly-unknown vulnerabilities — to Adobe and Microsoft. Adobe updated Flash on October 26th to address CVE-2016-7855; this update is available via Adobe's updater and Chrome auto-update.
After 7 days, per our published policy for actively exploited critical vulnerabilities, we are today disclosing the existence of a remaining critical vulnerability in Windows for which no advisory or fix has yet been released. This vulnerability is particularly serious because we know it is being actively exploited.
The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call
-
The next president will face a cybercrisis within 100 days, predicts report
The next president will face a cybercrisis in the first 100 days of their presidency, research firm Forrester predicts in a new report.
The crisis could come as a result of hostile actions from another country or internal conflict over privacy and security legislation, said Forrester analyst Amy DeMartine, lead author of the firm's top cybersecurity risks for 2017 report, due to be made public Tuesday.
History grades a president's first 100 days as the mark of how their four-year term will unfold, so those early days are particularly precarious, said DeMartine. The new commander in chief will face pressure from foreign entities looking to embarrass them early on, just as U.S. government agencies jockey for position within the new administration, she said.
-
Hackforums Shutters Booter Service Bazaar
Perhaps the most bustling marketplace on the Internet where people can compare and purchase so-called “booter” and “stresser” subscriptions — attack-for-hire services designed to knock Web sites offline — announced last week that it has permanently banned the sale and advertising of these services.
On Friday, Oct. 28, Jesse LaBrocca — the administrator of the popular English-language hacking forum Hackforums[dot]net — said he was shutting down the “server stress testing” (SST) section of the forum. The move comes amid heightened public scrutiny of the SST industry, which has been linked to several unusually powerful recent attacks and is responsible for the vast majority of denial-of-service (DOS) attacks on the Internet today.
- Login or register to post comments
- Printer-friendly version
- 1606 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago