Language Selection

English French German Italian Portuguese Spanish

Security

Equifax Failed to Patch, Now Fails as a Company

Filed under
Security

​Check Point's bogus Windows Subsystem for Linux attack

Filed under
Security

Security companies, desperate for attention and headlines, love to come up with flashy, dangerous-sounding security hole names. The latest is Check Point's Bashware. This one, Check Point claims, can render 400 million Windows 10 PCs open to malware using Windows Subsystem for Linux (WSL) to launch Windows malware from a WSL Linux instance, thus bypassing most Windows security products in the process.

Read more

Security: Devices, Open Source Secure, Cybrary, and Kaspersky Lab

Filed under
Security

Security: Kaspersky, Equifax and Internet of Things (IoT) at the Open Source Summit

Filed under
Security
  • Kaspersky Banned: Federal Agencies Ditch Russian Cybersecurity Firm Over Spying Concerns

     

    Acting Department of Homeland Security secretary Elaine Duke announced the ban of Kaspersky Lab software from federal government networks. The agencies have an unspecified timeline to rid their machines of the software, which DHS declared may pose a security risk.

  • US homeland security dept bans Kaspersky use by govt

     

    The US Department of Homeland Security has ordered all government agencies to stop using products from Kaspersky Labs, with a deadline of 90 days to implement plans to discontinue the use and to remove software from information systems.  

  • U.S. moves to ban Kaspersky software in federal agencies amid concerns of Russian espionage

     

    In a binding directive, acting homeland security secretary Elaine Duke ordered that federal civilian agencies identify Kaspersky Lab software on their networks. After 90 days, unless otherwise directed, they must remove the software, on the grounds that the company has connections to the Russian government and its software poses a security risk.

  • Ayuda! (Help!) Equifax Has My Data!

    Equifax last week disclosed a historic breach involving Social Security numbers and other sensitive data on as many as 143 million Americans. The company said the breach also impacted an undisclosed number of people in Canada and the United Kingdom. But the official list of victim countries may not yet be complete: According to information obtained by KrebsOnSecurity, Equifax can safely add Argentina — if not also other Latin American nations where it does business — to the list as well.

    [...]

     

    It took almost no time for them to discover that an online portal designed to let Equifax employees in Argentina manage credit report disputes from consumers in that country was wide open, protected by perhaps the most easy-to-guess password combination ever: “admin/admin.”

  • Equifax hack: 44 million Britons' personal details feared stolen in major US data breach
  • On the Equifax Data Breach

    Last Thursday, Equifax reported a data breach that affects 143 million US customers, about 44% of the population. It's an extremely serious breach; hackers got access to full names, Social Security numbers, birth dates, addresses, driver's license numbers -- exactly the sort of information criminals can use to impersonate victims to banks, credit card companies, insurance companies, and other businesses vulnerable to fraud.

    Many sites posted guides to protecting yourself now that it's happened. But if you want to prevent this kind of thing from happening again, your only solution is government regulation (as unlikely as that may be at the moment).

    The market can't fix this. Markets work because buyers choose between sellers, and sellers compete for buyers. In case you didn't notice, you're not Equifax's customer. You're its product.

  • Open Source Summit: Securing IoT is About Avoiding Anti-Patterns

    The security perils inherent in Internet of Things (IoT) devices are painfully obvious at this point in 2017, but why are there so many security issues? At a session during the Open Source Summit here Marti Bolivar, senior software engineer at Linaro detailed what he described as "anti-patterns" that ultimately lead to negative security outcomes.

    Bolivar started his session by defining what security in IoT is really all about, by pulling a quote from security engineer Ross Anderson.

Security: Dlink, Equifax, Bluetooth

Filed under
Security
  • Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol

    The Dlink 850L is a router overall badly designed with a lot of vulnerabilities.

    Basically, everything was pwned, from the LAN to the WAN. Even the custom MyDlink cloud protocol was abused.

  • House Dems demand answers from Equifax CEO

    All 24 minority members of the committee signed a letter to the Equifax executive, Richard Smith, calling on him to come forward with more information about his handling of the crisis.

  • Chatbot lets you sue Equifax for up to $25,000 without a lawyer

    Even if you want to be part of the class action lawsuit against Equifax, you can still sue Equifax for negligence in small claims court using the DoNotPay bot and demand maximum damages. Maximum damages range between $2,500 in states like Rhode Island and Kentucky to $25,000 in Tennessee.

  • Bluetooth flaws leave billions of devices open to attacks

    Researchers at IoT security firm Armis say they have found eight flaws in the Bluetooth protocol that can be used to attack devices running Android, iOS, Linux and Windows.

  • Bluetooth Vulnerability BlueBorne Impacts Android, iOS, Windows, and Linux Devices

    The BlueBorne attack doesn’t even require the victim to tap or click on any malicious links. If your device has Bluetooth and is on then it is possible for an attacker to take complete control of it from 32 feet away. This even works without the attacker pairing anything to the victim’s device and the target device doesn’t need to be set to discoverable mode either. The team at Armis Labs have identified eight zero-day vulnerabilities so far and believes many more are waiting to be discovered.

Security: Updates, Equifax, Snowden, BlueBorne, NSA Windows Hacking and Virginia Electronic Voting Devices

Filed under
Security

Apache Mounts Strong Defense, Equifax Retreats

Filed under
Security

One of the largest financial data breaches in U.S. history, it exposed names, addresses, Social Security Numbers, birth dates, driver's license numbers and other sensitive information belonging to 143 million U.S. consumers, as well as data belonging to an undisclosed number of UK and Canadian consumers.

The attackers also accessed credit card data for about 209,000 consumers and credit dispute information for about 182,000 consumers, Equifax said.

[...]

However, with respect to the possibility that it resulted from an exploitation of a vulnerability in the Apache Struts Web Framework, it was not clear which vulnerability could have been utilized, Gielen said.

One assumption connected the breach to CVE-2017-2805, one of several patches Apache announced on Sept. 4.

"However, the security breach was already detected in July, which means that the attackers either used an earlier announced vulnerabiity on an unpatched Equifax server or exploited a vulnerability not known at this point in time -- a so called Zero Day Exploit," Gielen noted.

The committee members have put enormous effort into "securing and hardening the software we produce," he added, and they fix problems that come to their attention.

There's a distinction between the existence of an unknown flaw in the wild for nine years and failing to address a known flaw for nine years, said Gielen, emphasizing that the committee just learned about this flaw.

The has not had any contact with anyone using the @equifax domain on any Apache list in more than two years, said Apache spokesperson Sally Khudairi.

"To be clear, whilst we haven't had contact with anyone using the @equifax domain -- official or otherwise -- that is not to say there isn't a chance that someone from their team may have done so using an alternate channel," she told LinuxInsider.

Read more

Bluetooth Mess: Almost Everything Affected

Filed under
Security
  • ​Linux gets blasted by BlueBorne too

    he security company Armis has revealed eight separate Bluetooth wireless protocol flaws known collectively as BlueBorne. This new nasty set of vulnerabilities have the potential to wreak havoc on iPhones, Android devices, Windows PC, and, oh yes, Linux desktops and server, as well.

    While BlueBorne requires a Bluetooth connection to spread, once the security holes are exploited, a single infected device could infect numerous devices and computers in seconds. Attacks made with BlueBorne are silent, avoid activating most security measures, and require nothing from new victims except that their devices have Bluetooth on.

  • Linux Impacted By Information Leak & Remote Code Execution Via Bluetooth

    Armis Labs has gone public today with "Bluebourne", an IoT-focused attack vector via Bluetooth. This Bluetooth attack does not require the targeted device to even be paired with the attacker or on discoverable mode, making it more frightening.

  • The IoT Attack Vector “BlueBorne” Exposes Almost Every Connected Device

    Armis Labs revealed a new attack vector endangering major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them.

Parrot 3.8 Release Notes

Filed under
GNU
Linux
Security

What i personally love about this project is its little but awesome developers community, and this summer was more productive than ever.

I am proud to announce the official release of Parrot 3.8, that introduces many new features and updates.

A quick look at our changelog will immediately spot the most important changes.

First of all, the new parrot 3.8 is now based on Debian 10 buster (current Debian testing release) with Linux 4.12, ZFS support, better wireless drivers support and the introduction of the new MATE 1.18, GCC 6.4 and 7.2, java 9 and so on, and all the parrot flavors now include electrum, a lightweight bitcoin client.

Read more

Security: 'Bashware' and Other FUD

Filed under
Security
Syndicate content

More in Tux Machines

Security: Equifax, Kodi, Infrared, and Windows XP in 2017

  • Safer but not immune: Cloud lessons from the Equifax breach
  • Warning: If you are using this Kodi repository, you could be in danger
    Kodi is quite possibly the best media center software of all time. If you are looking to watch videos or listen to music, the open source solution provides an excellent overall experience. Thanks to its support for "addons," it has the potential to become better all the time. You see, developers can easily add new functionality by writing an addon for the platform. And yes, some addons can be used for piracy, but not all of them are. These addons, such as Exodus and Covenant, are normally added using a repository, which hosts them. [...] We do not know 100 percent if the person that re-registered the metalkettle name on GitHub is planning anything evil, but it is better to be safe than sorry.
  • Infrared signals in surveillance cameras let malware jump network air gaps
    The malware prototype could be a crucial ingredient for attacks that target some of the world's most sensitive networks. Militaries, energy producers, and other critical infrastructure providers frequently disconnect such networks from the Internet as a precaution. In the event malware is installed, there is no way for it to make contact with attacker-controlled servers that receive stolen data or issue new commands. Such airgaps are one of the most basic measures for securing highly sensitive information and networks. The proof-of-concept malware uses connected surveillance cameras to bridge such airgaps. Instead of trying to use the Internet to reach attacker-controlled servers, the malware weaves passwords, cryptographic keys, and other types of data into infrared signals and uses a camera's built-in infrared lights to transmit them. A nearby attacker then records the signals with a video camera and later decodes embedded secrets. The same nearby attackers can embed data into infrared signals and beam them to an infected camera, where they're intercepted and decoded by the network malware. The covert channel works best when attackers have a direct line of sight to the video camera, but non-line-of-sight communication is also possible in some cases.
  • Manchester police still relies on Windows XP
    England's second biggest police force has revealed that more than one in five of its computers were still running Windows XP as of July. Greater Manchester Police told the BBC that 1,518 of its PCs ran the ageing operating system, representing 20.3% of all the office computers it used. Microsoft ended nearly all support for the operating system in 2014. Experts say its use could pose a hacking risk. The figure was disclosed as part of a wider Freedom of Information request. "Even if security vulnerabilities are identified in XP, Microsoft won't distribute patches in the same way it does for later releases of Windows," said Dr Steven Murdoch, a cyber-security expert at University College London.

Flock 2017, Fedora 27, and New Fedora 26 (F26) ISO

  • Flock 2017: How to make your application into a Flatpak?
  • Flock to Fedora 2017
  • Flock 2017 – A Marketing talk about a new era to come.
    I had two session at Flock this year, one done by me and another in support of Robert Mayr in the Mindshare one, if there were been any need for discussing. Here I’m talking about my session: Marketing – tasks and visions (I will push the report about the second one after Robert’s one, for completion). In order to fit the real target of a Flock conference (that is a contributor conference, not a show where people must demonstrate how much cool they are; we know it!) is to bring and show something new, whether ideas, software, changes and so on, and discuss with other contributors if they’re really innovative, useful and achievable.
  • F26-20170918 Updated Live isos released
  • GSoC2017 Final — Migrate Plinth to Fedora Server
  • Building Modules for Fedora 27
    Let me start with a wrong presumption that you have everything set up – you are a packager who knows what they want to achieve, you have a dist-git repository created, you have all the tooling installed. And of course, you know what Modularity is, and how and why do we use modulemd to define modular content. You know what Host, Platform, and Bootstrap modules are and how to use them.

Red Hat Financial Results Expectations High

Will Microsoft love Linux to death? Shuttleworth and Stallman on whether Windows 10 is free software's friend

Richard Stallman is a free-software activist and creator of the GNU OS that forms part of the basis of modern GNU/Linux distros. He believes that Microsoft's decision to build a Windows Subsystem for Linux (WSL) amounts to an attempt to extinguish software that users are free to run, copy, distribute, study, change and improve. "It certainly looks that way. But it won't be so easy to extinguish us, because our reasons for using and advancing free software are not limited to practical convenience," he said. "We want freedom. As a way to use computers in freedom, Windows is a non-starter." Read more