Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • Majority of Android VPNs can’t be trusted to make users more secure
  • Microsoft won't fix the most frustrating thing about Windows

    Maybe you're delivering a presentation to a huge audience. Maybe you're taking an online test. Maybe you just need to get some work done on a tight deadline.

    Windows doesn't care.

    Windows will take control of your computer, force-feed it updates, and flip the reset switch automatically -- and there's not a damn thing you can do about it, once it gets started.

    If you haven't saved your work, it's gone. Your browser tabs are toast. And don't expect to use your computer again soon; depending on the speed of your drive and the size of the update, it could be anywhere from 10 minutes to well over an hour before your PC is ready for work.

  • Thoughts on the Systemd Root Exploit

    Sebastian Krahmer of the SUSE Security Team has discovered a local root exploit in systemd v228. A local user on a system running systemd v228 can escalate to root privileges. That's bad.

  • [Slackware] Openjdk (Java8) updated with January fixes

    The icedtea project have released version 3.3.0 of their IcedTea build framework. This release updates the OpenJDK 8 support with the October 2016 bug fixes from OpenJDK 8 u112 and the January 2017 security fixes from OpenJDK 8 u121. Another point of notice is that improved font rendering is being worked on. The ‘infinality patches’ to freetype will be used for this. While I did not enable it in my package, IcedTea no longer requires a patched freetype. Infinality support should be enabled by default from IcedTea 3.4.0 onwards.

Windows Ransom

Filed under
Microsoft
Security
  • Police dept loses evidence in Windows ransomware strike

    In an incident that again underlines the danger posed by Windows ransomware, the police department of a city in Texas has lost video evidence dating back to 2009 and a host of documents following an attack by what appears to be a new strain of the Locky ransomware.

    The affected station is Cockrell Hill, a city in Dallas County. The story was first published by the TV station WFAA.

    In a media release, the police department said: "This virus affected all Microsoft Office Suite documents, such as Word documents and Excel files.

    "In addition, all body camera video, some in-car video, some in-house surveillance video, and some photographs that were stored on the server were corrupted and were lost."

  • Backup?

    Of course, complexity grew too and intruders and malware attacked over the network. About 2003/4 the situation got so bad that the Wintel empire was threatened. Resources were poured into the problem. Code got better. Users became more aware of danger. The problem remains that the number of users and the number of attackers has grown to the point that no one anywhere at any time can be 100% secure. Of course, there is the backup, a copy of everything that can be rolled out to put things back the way they were. That’s what this police-department needed but it didn’t have a good backup, just a copy of the corrupted data where the backup should have been. Someone had the right idea but lacked the imagination to put in more depth.

  • Hotel ransomed by hackers as guests locked in rooms

    Hotel management said that they have now been hit three times by cybercriminals who this time managed to take down the entire key system. The guests could no longer get in or out of the hotel rooms and new key cards could not be programmed.

    The attack, which coincided with the opening weekend of the winter season, was allegedly so massive that it even shut down all hotel computers, including the reservation system and the cash desk system.

    The hackers promised to restore the system quickly if just 1,500 EUR (1,272 GBP) in Bitcoin was paid to them.

Security News

Filed under
Security
  • WordPress 4.7.2 Security Release

    WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

  • Alleged LinkedIn hacker is stuck between a Trump and a hard face

    PITY ALLEGED LINKEDIN HACKER Yevgeniy Nikulin. He is currently facing extradition requests from both the USA and Russia, suggesting that he is doomed for Putin or Trump style punishment.

    Nikulin is suspected of hacking LinkedIn, which is a glue-like social network for businesses and business people. If you are not on it, someone has probably still tried to connect you to it. If you are on it, you were probably hacked when it was. A lot of people were.

  • Security is now 'number one priority' in app development

    VESTED INTEREST AND APP TESTING COMPANY F5 Networks has advised that security is now a more important consideration than availability when it comes to application deployment.

    What a trade off to make. Security or availability? Surely there is equal room for both? We don't make the rules and we don't do the surveys. F5 does the latter, studying how the companies that buy and use apps decide where to spend their money.

    It produces this regular report called ‘The State of Application Delivery'. 2017's is just out, and it finds that the whims of companies has changed because of the cloud and insecurity.

  • Securing MySQL DBMS

    MySQL, owned by Oracle since 2009, is the number one open source database for successful startups and Web-based applications, loved by such iconic social networks as Facebook, Twitter, YouTube and many others. The database comes in two different editions: the open source MySQL Community Server and the proprietary Enterprise Server. Today, we will discuss the MySQL Community Server, and more specifically the basic security aspects of setting up this DBMS.

Security Leftovers

Filed under
Security
  • Friday's security updates
  • Guest View: The perils of open-source software security [Ed: Citing Microsoft-connected Black Duck to badmouth FOSS again. Does FOSS rely on third-party libraries (that may have flaws)? Yes. Do blobs rely on proprietary libraries (that may have flaws)? Yes.]
  • Federal lawmakers introduce bipartisan bill to study cyber security in connected cars

    Connected cars are the future for the automotive industry, with more than 90 percent of vehicles expected to have built-in connectivity by 2020. But, as more vehicles link up to the internet, lawmakers are worried about their security.

    On Wednesday, lawmakers introduced a bipartisan bill in the U.S. House of Representatives that would direct the National Highway Traffic Safety Administration (NHTSA) to study cyber security in vehicles. Rep. Joe Wilson, R-SC, and Rep. Ted Lieu, D-Calif., co-sponsored The Security and Privacy in Your Car Study Act, which hopes to create a standard for safety in connected cars.

Security Leftovers

Filed under
Security
  • Thursday's security advisories
  • Security advisories for Wednesday
  • Malware Authors Switch Focus from Windows to Linux, Thousands of PCs Infected

    Linux has always been considered a more secure operating system, but malware writers are now trying to take advantage of this premise with new forms of infections spreading across the web as we speak.

    Security firm Dr. Web warns that it has already discovered thousands of Linux computers infected with a malware called Linux.Proxy.10, which is used by cybercriminals to remain anonymous online.

  • Linux.Proxy.10 Trojan Infects a Few Thousand Linux Machines and Turns Them Into Proxy Servers

    When the backdoor is active, the hacker logs onto the machine that has been infected using an SSH protocol and then uses the Linux malware to install the SOCKS5 proxy server.

  • Tor Browser 7.0a1-hardened is released

    A new hardened Tor Browser release is available. It can be found in the 7.0a1-hardened distribution directory and on the download page for hardened builds.

    This release features important security updates to Firefox.

    Tor Browser 7.0a1-hardened is the first hardened alpha in the 7.0 series. Apart from the usual Firefox update (to 45.7.0 ESR) it contains the first alpha in the tor 0.3.0 series (0.3.0.1-alpha) and an updated HTTPS-Everywhere (5.2.9) + NoScript (2.9.5.3).

  • Disable Your Antivirus Software (Except Microsoft's)

    Furthermore, as Justin Schuh pointed out in that Twitter thread, AV products poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security. For example, back when we first made sure ASLR was working for Firefox on Windows, many AV vendors broke it by injecting their own ASLR-disabled DLLs into our processes. Several times AV software blocked Firefox updates, making it impossible for users to receive important security fixes. Major amounts of developer time are soaked up dealing with AV-induced breakage, time that could be spent making actual improvements in security (recent-ish example).

  • Security Risks of the President's Android Phone

    I'm not concerned about the data. Anything he reads on that screen is coming from the insecure network that we all use, and any e-mails, texts, Tweets, and whatever are going out to that same network. But this is a consumer device, and it's going to have security vulnerabilities. He's at risk from everybody, ranging from lone hackers to the better-funded intelligence agencies of the world. And while the risk of a forged e-mail is real -- it could easily move the stock market -- the bigger risk is eavesdropping. That Android has a microphone, which means that it can be turned into a room bug without anyone's knowledge. That's my real fear.

Security Leftovers

Filed under
Security
  • Linux nasty kicks weak, hacked gadgets when they're already down

    Several thousand Linux devices have been infected with a new Linux-based trojan, Russian security software firm Doctor Web warns.

    The Linux-Proxy-10 Trojan infects network devices running Linux, turning them into a platform for cybercrime that allows crooks to remain anonymous online. Black hats run freeware code called the Satanic Socks Server on infected devices.

    Miscreants hack into devices that are running with default passwords or are already infected with Linux malware in order to plant the malware.

  • A note about security after a possible security issue was discovered

    In future I would appreciate being told in private about any possible security issues. It's standard procedure to notify people in private to give them time to fix it. Putting it out in public right away, to be blunt, is a completely irresponsible thing to do. Luckily, we aren't a bank or anything that stores any sensitive information.

  • Tips and Tricks for Making VM Migration More Secure

    A challenge for any cloud installation is the constant tradeoff of availability versus security. In general, the more fluid your cloud system (i.e., making virtualized resources available on demand more quickly and easily), the more your system becomes open to certain cyberattacks. This tradeoff is perhaps most acute during active virtual machine (VM) migration, when a VM is moved from one physical host to another transparently, without disruption of the VM’s operations. Live virtual machine migration is a crucial operation in the day-to-day management of modern cloud environment.

  • Apollo Lake thin Mini-ITX board focuses on security

    Kontron’s “mITX-APL” thin Mini-ITX board offers Intel Apollo Lake SoCs with triple displays, dual GbE, dual SATA 3.0, mini-PCIe, and Kontron Secure Solution.

  • 7 ways we harden our KVM hypervisor at Google Cloud: Security in plaintext

    Google Cloud uses the open-source KVM hypervisor that has been validated by scores of researchers as the foundation of Google Compute Engine and Google Container Engine, and invests in additional security hardening and protection based on our research and testing experience. Then we contribute back our changes to the KVM project, benefiting the overall open-source community.

  • Look before you paste from a website to terminal

    Malicious code's color is set to that of the background, it's font size is set to 0, it is moved away from rest of the code and it is made un-selectable (that blue color thing doesn't reveal it); to make sure that it works in all possible OSes, browsers and screen sizes.

    This can be worse. If the code snippet had a command with sudo for instance, the malicious code will have sudo access too. Or, it can silently install a keylogger on your machine; possibilities are endless. So, the lesson here is, make sure that you paste code snippets from untrusted sources onto a text editor before executing it.

10 best Linux distros for privacy fiends and security buffs in 2017

Filed under
Linux
Security

The awesome operating system Linux is free and open source. As such, there are thousands of different ‘flavours’ available – and some types of Linux such as Ubuntu are generic and meant for many different uses.

But security-conscious users will be pleased to know that there are also a number of Linux distributions (distros) specifically designed for privacy. They can help to keep your data safe through encryption and operating in a ‘live’ mode where no data is written to your hard drive in use.

Read more

Security Leftovers

Filed under
Security
  • Security updates for Tuesday
  • Wireshark 2.2.4 Open-Source Network Protocol Analyzer Released with Bug Fixes

    Wireshark, the world's most popular network protocol analyzer software, has been updated today to version 2.2.4, the fourth bugfix and security update to the stable 2.2 series.

    Wireshark 2.2.4 comes approximately five weeks after maintenance update 2.2.3 and provides patches for two recently discovered vulnerabilities, namely wnpa-sec-2017-01 and wnpa-sec-2017-01. While the first one could make the ASTERIX dissector go into an infinite loop, the second could make the DHCPv6 dissector go into a large loop.

  • Penguins force-fed root: Cruel security flaw found in systemd v228

    Some Linux distros will need to be updated following the discovery of an easily exploitable flaw in a core system management component.

    The CVE-2016-10156 security hole in systemd v228 opens the door to privilege escalation attacks, creating a means for hackers to root systems locally if not across the internet. The vulnerability is fixed in systemd v229.

  • Linux Systemd Flaw Gives Attackers Root Access

    Security researcher Sebastian Krahmer has recently discovered that a previously known security flaw in the systemd project can be used for more than crashing a Linux distro but also to grant local attackers root access to the device.

  • Trojan Transforms Linux Devices into Proxies for Malicious Traffic
  • Bad bots account for 30 per cent of all web traffic

    OH LORD, THE INTERNET HAS A BAD TIME OF IT. According to a report from Imperva, it spends around a third of its time trafficking bot crap that no one wants.

    The Imperva Incapsula Bot Traffic Report is a regular thing from the firm, and it bases its study on more than 16.7 billion visits to some 100,000 randomly-selected domains on its Incapsula network. It has found, for an almost consistent five years, that bots account for more traffic than actual bloody people, though only by a slight margin and not in 2015.

    "In 2015 we documented a downward shift in bot activity on our network, resulting in a drop below the 50 per cent line for the first time in years. In 2016 we witnessed a correction of that trend, with bot traffic scaling back to 51.8 per cent—only slightly higher than what it was in 2012," explains the firm.

New Tor Security Updates Patch DoS Bug That Let Attackers Crash Relays, Clients

Filed under
Security

Two new Tor security updates have been published recently, stable version 2.9.9.9 and development release 0.3.0.2 Alpha, patching a few important vulnerabilities discovered lately.

Read more

Security Leftovers

Filed under
Security
Syndicate content

More in Tux Machines

Today in Techrights

Leftovers: OSS

  • Are Low-Code Platforms a Good Fit for Feds?
    Open-source code platforms — in part, because they’re often free — have long been a popular choice for digital service creation and maintenance. In recent years, however, some agencies have turned to low-code solutions for intuitive visual features such as drag-and-drop design functionality. As Forrester Research notes, low-code platforms are "application platforms that accelerate app delivery by dramatically reducing the amount of hand-coding required."
  • Crunchy Data Brings Enterprise Open Source POSTGRESQL To U.S. Government With New DISA Security Technical Implementation Guide
    Crunchy Data — a leading provider of trusted open source PostgreSQL and enterprise PostgreSQL technology, support and training — is pleased to announce the publication of a PostgreSQL Security Technical Implementation Guide (STIG) by the U.S. Department of Defense (DoD), making PostgreSQL the first open source database with a STIG. Crunchy Data collaborated with the Defense Information Systems Agency (DISA) to evaluate open source PostgreSQL against the DoD's security requirements and developed the guide to define how open source PostgreSQL can be deployed and configured to meet security requirements for government systems.
  • Democratizing IoT design with open source development boards and communities
    The Internet of Things (IoT) is at the heart of what the World Economic Forum has identified as the Fourth Industrial Revolution, an economic, technical, and cultural transformation that combines the physical, digital, and biological worlds. It is driven by such technologies as ubiquitous connectivity, big data, analytics and the cloud.

Software and today's howtos

Security and Bugs

  • Security updates for Thursday
  • Devops embraces security measures to build safer software
    Devops isn’t simply transforming how developers and operations work together to deliver better software faster, it is also changing how developers view application security. A recent survey from software automation and security company Sonatype found that devops teams are increasingly adopting security automation to create better and safer software.
  • This Xfce Bug Is Wrecking Users’ Monitors
    The Xfce desktop environment for Linux may be fast and flexible — but it’s currently affected by a very serious flaw. Users of this lightweight alternative to GNOME and KDE have reported that the choice of default wallpaper in Xfce is causing damaging to laptop displays and LCD monitors. And there’s damning photographic evidence to back the claims up.