Language Selection

English French German Italian Portuguese Spanish

Security

Security: U.S. CMS Breach and New Security Woes for Popular 'IoT' Protocols

Filed under
Security
  • U.S. CMS says 75,000 individuals' files accessed in data breach
  • CMS Responding to Suspicious Activity in Agent and Broker Exchanges Portal

    At this time, we believe that approximately 75,000 individuals’ files were accessed. While this is a small fraction of consumer records present on the FFE, any breach of our system is unacceptable.

  • New Security Woes for Popular IoT Protocols

    Researchers at Black Hat Europe will detail denial-of-service and other flaws in MQTT, CoAP machine-to-machine communications protocols that imperil industrial and other IoT networks online.
    Security researcher Federico Maggi had been collecting data – some of it sensitive in nature – from hundreds of thousands of Message Queuing Telemetry Transport (MQTT) servers he found sitting wide open on the public Internet via Shodan. "I would probe them and listen for 10 seconds or so, and just collect data from them," he says.

    He found data on sensors and other devices sitting in manufacturing and automotive networks, for instance, as well as typical consumer Internet of Things (IoT) gadgets.

    The majority of data, Maggi says, came from consumer devices and sensors or was data he couldn’t identify. "There was a good amount of data from factories, and I was able to find data coming from pretty expensive industrial machines, including a robot," he says.

Security: ZDNet/CBS FUD, WiFi4EU, and Krack Wi-Fi

Filed under
Security
  • Open source web hosting software compromised with DDoS malware [Ed: CBS hired Catalin Cimpanu for him to have a broader platform with which to associate "Open Source" with security issues (does he say "proprietary" when it's proprietary, too?). Microsoft has long financed efforts to associate FOSS/copyleft with security issues and stigmatise it with licensing terror.]
  • Commission tried to hide details of 'WiFi4EU' glitch

    The European Commission has tried to hide information related to technical problems its free wifi fund portal suffered, by claiming that it was "out of scope".

    It released documents to EUobserver following an access to documents request - but heavily redacted some of the key papers.

    However, one of the documents has been leaked and published online. A comparison between the leaked version and the one released by the commission clearly shows that the commission went too far with its redactions.

  • The Flawed System Behind the Krack Wi-Fi Meltdown

    "If there is one thing to learn from this, it's that standards can't be closed off from security researchers," says Robert Graham, an analyst for the cybersecurity firm Erratasec. "The bug here is actually pretty easy to prevent, and pretty obvious. It's the fact that security researchers couldn't get their hands on the standards that meant that it was able to hide."

    The WPA2 protocol was developed by the Wi-Fi Alliance and the Institute of Electrical and Electronics Engineers (IEEE), which acts as a standards body for numerous technical industries, including wireless security. But unlike, say, Transport Layer Security, the popular cryptographic protocol used in web encryption, WPA2 doesn't make its specifications widely available. IEEE wireless security standards carry a retail cost of hundreds of dollars to access, and costs to review multiple interoperable standards can quickly add up to thousands of dollars.

Security Leftovers

Filed under
Security

Open-source hardware could defend against the next generation of hacking

Filed under
Hardware
OSS
Security

Imagine you had a secret document you had to store away from prying eyes. And you have a choice: You could buy a safe made by a company that kept the workings of its locks secret. Or you could buy a safe whose manufacturer openly published the designs, letting everyone – including thieves – see how they’re made. Which would you choose?

It might seem unexpected, but as an engineering professor, I’d pick the second option. The first one might be safe – but I simply don’t know. I’d have to take the company’s word for it. Maybe it’s a reputable company with a longstanding pedigree of quality, but I’d be betting my information’s security on the company upholding its traditions. By contrast, I can judge the security of the second safe for myself – or ask an expert to evaluate it. I’ll be better informed about how secure my safe is, and therefore more confident that my document is safe inside it. That’s the value of open-source technology.

Read more

Security: DMARC, ShieldX, Spectre V2, Equifax/TransUnion and More

Filed under
Security
  • DMARC Email Security Adoption Soars as US Government Deadline Hits
  • ShieldX Integrates Intention Engine Into Elastic Security Platform

    ShieldX announced its new Elastic Security Platform on Oct. 17 providing organizations with Docker container based data center security, that uses advanced machine learning to determine intent.

    At the core of the Elastic Security Platform is a technology that ShieldX calls the Adaptive Intention Engine that automatically determines the right policy and approach for security controls across multicloud environments. The intent-based security model can provide network microsegmentation, firewall and malware detection capabilities, among other features.

  • Spectre V2 "Lite" App-To-App Protection Mode Readying For The Linux Kernel

    We are approaching one year since the Spectre and Meltdown CPU vulnerabilities shocked the industry, and while no new CPU speculative execution vulnerabilities have been made public recently, the Linux kernel developers continue improving upon the Spectre/Meltdown software-based mitigation techniques for helping to offset incurred performance costs with current generation hardware.

  • Another Massive Credit Reporting Database Breached By Criminals

    Lots of companies like gathering lots of data. Many do this without explicit permission from the people they're collecting from. They sell this info to others. They collect and collect and collect and it's not until there's a problem that many people seem to feel the collection itself is a problem.

    The Equifax breach is a perfectly illustrative case. Lenders wanted a service that could rate borrowers quickly to determine their trustworthiness. This required a massive amount of data to be collected from numerous creditors, along with personally-identifiable information to authenticate the gathered data. The database built by Equifax was a prime target for exploitation. That this information would ultimately end up in the hands of criminals was pretty much inevitable.

    But Equifax isn't the only credit reporting service collecting massive amounts of data but failing to properly secure it. TransUnion not only collects a lot of the same information, but it sells access to cops, lenders, private investigators, landlords… whoever might want to do one-stop shopping for personal and financial data. This includes criminals, because of course it does.

  • Security updates for Wednesday
  • LibSSH Flaw Allows Hackers to Take Over Servers Without Password
  • This iPhone Passcode Bypass Allows Hackers To View And Share Your Images

    If you look at the video, the iOS vulnerability can be seen as part of running accessibility features on the device. He used the iPhone VoiceOver feature and the Siri assistant to access the Photo Library, open photos and send them to another device chosen by the attacker.

Security: Facebook, GNU Binutils and Epson/HP

Filed under
Security
  • What To Do If Your Account Was Caught in the Facebook Breach

    Keeping up with Facebook privacy scandals is basically a full-time job these days. Two weeks ago, it announced a massive breach with scant details. Then, this past Friday, Facebook released more information, revising earlier estimates about the number of affected users and outlining exactly what types of user data were accessed. Here are the key details you need to know, as well as recommendations about what to do if your account was affected.

    30 Million Accounts Affected

    The number of users whose access tokens were stolen is lower than Facebook originally estimated. When Facebook first announced this incident, it stated that attackers may have been able to steal access tokens—digital “keys” that control your login information and keep you logged in—from 50 to 90 million accounts. Since then, further investigation has revised that number down to 30 million accounts.

    The attackers were able to access an incredibly broad array of information from those accounts. The 30 million compromised accounts fall into three main categories. For 15 million users, attackers access names and phone numbers, emails, or both (depending on what people had listed).

  • GNU Binutils read_reloc Function Denial of Service Vulnerability [CVE-2018-18309]
  • Security Updates Are Even Breaking Your Printer (On Purpose)

    Printer manufacturers hate third-party ink cartridges. They want you buying the expensive, official ones. Epson and HP have issued sneaky “updates” that break these cheaper cartridges, forcing you to buy the expensive ones.

    HP pioneered this technique back in 2016, rolling out a “security update” to its OfficeJet and OfficeJet Pro printers that activated a helpful new feature—helpful for HP’s bottom line, at least. Now, before printing, the printer would verify you’re using new HP ink cartridges. If you’re using a competitor’s ink cartridge or a refilled HP ink cartridge, printing would stop. After some flaming in the press, HP sort-of apologized, but not really.

Security: Stamos, E-mail and RAT Arrest

Filed under
Security

Security: Patches, FUD and Voting Machines

Filed under
Security
  • libssh 0.8.4 and 0.7.6 security and bugfix release

    libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials.

  • A Cybersecurity Weak Link: Linux and IoT [Ed: Blaming "Linux" for companies that put default passwords on all their products? Windows has back doors.]
  • Undetectably bypass voting machines' anti-tamper mechanism with a bit of a soda-can

    But University of Michigan grad student Matt Bernhard has demonstrated that he can bypass the tamper-evident seals in seconds, using a shim made from a slice of a soda can. The bypass is undetectable and doesn't damage the seal, which can be resecured after an attacker gains access to the system.

  • Security Seals Used to Protect Voting Machines Can Be Easily Opened With Shim Crafted from a Soda Can

    Bernhard, who is an expert witness for election integrity activists in a lawsuit filed in Georgia to force officials to get rid of paperless voting machines used in that state, said the issue of security ties and seals came up in the lawsuit earlier this year when Fulton County Elections Director Richard Barron told the court that his Georgia county relies on tamper-evident metal and plastic ties to seal voting machines and prevent anyone with physical access to the machines from subverting them while they sit in polling places days before an election.

    [...]

    He noted that defeating ties and seals in non-tamper-evident ways isn’t the only method to wreak havoc on an election in Michigan. The state has a unique law that prohibits ballots from being used in a recount if the number of voters doesn't match the number of ballots cast at a precinct or if the seal on a ballot box is broken or has a different serial number than what it should have. Someone who wanted to wreak havoc on an election or alter an election outcome in Michigan could purposely tamper with ballot box seals in a way that is evident or simply replace them with a seal bearing a different serial number in order to get ballots excluded from a recount. The law came into sharp relief after the 2016 presidential election when Green Party candidate Jill Stein sought to get a statewide recount in Michigan and two other critical swing states and found that some precincts in Wayne County couldn't be recounted because the number of voters who signed the poll books—which get certified with a seal signed by officials—didn't match the number of ballots scanned on the voting machines.

Security: Reproducible Builds, MikroTik, TLS and Updates

Filed under
Security

Security: NHS and Police With Windows

Filed under
Security
  • Wannacry ransomware cost the British National Health Service £92m ($121m)

    Among the most prominent ransomware victims were NHS facilities, including hospitals, across the UK. All told, the epidemic cost the cash-starved health system £92m (£19 in lost output, £73m in IT expenses in the aftermath).

  • WannaCry attack cost cash-strapped NHS an estimated £92m

    Until now, the financial damage caused by the sweeping cyber attack - which it's now been revealed affected 8 per cent of GP clinics and forced the NHS to cancel 19,000 appointments - has been unclear, but the DHSC estimates in a new report that the total figure cost in at £92m.

    WannaCry cost approximately £19 in lost output, while a whopping £73m was racked up in IT costs in the aftermath of the attack, according to the report. Some £72m was spent on restoring systems and data in the weeks after the attack struck.

  • [Old] Ethical [crackers] show that Windows 10 isn’t immune to WannaCry

    And secondly, the exploit they crafted only works against older versions of Windows 10 (pre-Anniversary Update), but that isn’t really the point. It’s about showing the lines along which these sort of exploits can evolve, and reminding folks not to sit back smugly even when the OS they’re running appears to be bulletproof to a new threat.

  • Police body cameras 'could be hacked' [sic] to access confidential data
Syndicate content

More in Tux Machines

BSD: FreeBSD 12.0 Beta and Upgrading OpenBSD with Ansible

Graphics: XRGEARS and Arcan's Latest

  • XRGEARS: Infamous "Gears" Now On VR Headsets With OpenHMD, Vulkan
    Well, the virtual reality (VR) demo scene is now complete with having glxgears-inspired gears and Utah teapot rendering on VR head mounted displays with the new XRGEARS. Kidding aside about the gears and teapot, XRGEARS is a nifty new open-source project with real value by Collabora developer Lubosz Sarnecki. XRGEARS is a standalone VR demo application built using the OpenHMD initiative for tracking and Vulkan for rendering. XRGEARS supports both Wayland and X11 environments or even running off KMS itself. This code also makes use of VK_EXT_direct_mode_display with DRM leasing.
  • Arcan versus Xorg – Approaching Feature Parity
    This is the first article out of three in a series where I will go through what I consider to be the relevant Xorg feature set, and compare it, point by point, to how the corresponding solution or category works in Arcan. This article will solely focus on the Display Server set of features and how they relate to Xorg features, The second article will cover the features that are currently missing (e.g. network transparency) when they have been accounted for. The third article will cover the features that are already present in Arcan (and there are quite a few of those) but does not exist in Xorg.
  • Arcan Display Server Is Nearing Feature Parity With The X.Org Server
    The Arcan display server, which started off years ago sounding like a novelty with being a display server built off a game engine in part and other interesting features, is nearing feature parity with the X.Org Server. While most hobbyist display server projects have failed, Arcan has continued advancing and with an interesting feature set. Recently they have even been working on a virtual reality desktop and an interesting desktop in general. Arcan is getting close to being able to offering the same functionality as a traditional X.Org Server. If you are interested in a lengthy technical read about the differences between Arcan and X.Org, the Arcan developers themselves did some comparing and contrasting when it comes to the display support, windowing, input, font management, synchronization, and other areas.

CoC/Systemd Supremacy Over Linux Kernel

  • New Linux Code of Conduct Revisions: CoC Committee Added Plus Interpretation & Mediator
    The Linux Code of Conduct introduced last month that ended up being quite contentious will see some revisions just ahead of the Linux 4.19 stable kernel release. Greg Kroah-Hartman has outlined the planned changes as well as a new Code of Conduct Interpretation document. In the weeks since the Linux kernel CoC was merged, various patches were proposed but none merged yet. It turns out Greg KH was working in private with various kernel maintainers/developers on addressing their feedback and trying to come up with solutions to the contentious issues in private.
  • Some kernel code-of-conduct refinements
    Greg Kroah-Hartman has posted a series of patches making some changes around the newly adopted code of conduct. In particular, it adds a new document describing how the code is to be interpreted in the kernel community.
  • Systemd Adds Feature To Fallback Automatically To Older Kernels On Failure
    Systemd's latest feature is the concept of "boot counting" that will track kernel boot attempts and failures as part of an automatic boot assessment. Ultimately this is to provide automatic fallback to older kernels should a newer kernel be consistently failing. The feature was crafted over the past few months by Lennart Poettering himself to provide a way when making use of systemd-boot on UEFI systems it can automatically fallback to an older kernel if a newer kernel is consistently causing problems. This is treated as an add-on to the Boot Loader Specification. The systemd boot assessment is designed that it could also be used by non-UEFI systems and other boot platforms.

ODROID 'Hacker Board'

  • ODROID Rolling Out New Intel-Powered Single Board Computer After Trying With Ryzen
    While ODROID is most known for their various ARM single board computers (SBCs), some of which offer impressive specs, they have dabbled in x86 SBCs and on Friday announced the Intel-powered ODROID-H2. In the announcement they mentioned as well they were exploring an AMD Ryzen 5 2500U powered SBC computer, which offered fast performance but the price ended up being prohibitive. After the falling out with Ryzen over those cost concerns, they decided to go ahead with an Intel Geminilake SoC. Geminilake is slower than their proposed Ryzen board, but the price was reasonable and it ends up still being much faster than ODROID's earlier Apollolake SBC.
  • Odroid-H2 is world’s first Gemini Lake hacker board
    Hardkernel unveiled the Odroid-H2, the first hacker board with an Intel Gemini Lake SoC. The Ubuntu 18.10 driven SBC ships with 2x SATA 3.0, 2x GbE, HDMI and DP, 4x USB, and an M.2 slot for NVMe. When the Odroid-H2 goes on sale in November at a price that will be “higher than $100,” Hardkernel will join a small group of vendors that have launched a community backed x86-based SBC. This first open spec hacker board built around Intel’s new Gemini Lake SoC — and one of the first Gemini Lake SBCs of any kind — follows earlier Arm-based Odroid winners such as the Odroid-C2 Raspberry Pi pseudo clone and the octa-core Odroid-XU4.