Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security
  • SELinux, Seccomp, Falco, and You: A Technical Discussion

    One of the questions we often get when we talk about Sysdig Falco is “How does it compare to other tools like SELinux, AppArmor, Auditd, etc. that also have security policies?” To help answer some of those questions, we thought we’d present a summary of other related security products and how they compare to Sysdig Falco.

  • PGP Never Gonna Give You Up

    Seeing that I was planning on carrying my long-term private keys around on my telephone (BlackBerry PRIV, FDE encryption active FWIW), I had to double-check the security of the secret key encryption.

    It turns out that PGP encrypts each of your secret keys with a hash of the passphrase you supply. My passphrase is significantly longer than the average, and consists of random characters (uppercase, lowercase, numbers, symbols). Passphrase length and complexity is by far the most important factor determining the safety of your encrypted secret key.

  • McAfee Virus Scan for Linux

    A system running Intel's McAfee VirusScan Enterprise for Linux can be compromised by remote attackers due to a number of security vulnerabilities. Some of these vulnerabilities can be chained together to allow remote code execution as root.

  • The Coolest Hacks Of 2016

    No 400-pound hacker here: Lightbulb and 'do-gooder' worms, machines replacing humans to hack other machines, and high-speed car hacking were among the most innovative white-hat hacks this year.

    In a year when ransomware became the new malware and cyber espionage became a powerful political propaganda tool for Russia, it's easy to forget that not all hacking in 2016 was so ugly and destructive.

    Sure, cybercrime and cyber espionage this past year turned the corner into more manipulative and painful territory for victims. But 2016 also had its share of game-changing "good" hacks by security researchers, with some creative yet unsettling ways to break the already thin-to-no defenses of Internet of Things things, as well as crack locked-down computers and hijack computer mice. Hackers even took a back seat to machines in the first-ever machine-on-machine hacking contest this summer at DEF CON.

Security Leftovers

Filed under
Security

More Security News

Filed under
Security
  • Game Music Emulator Security Vulnerability Patched in Debian and Ubuntu Linux [Ed: The same news without the FUD of Dan Goodin]

    Security researcher Chris Evans has reported recently on yet another vulnerability in the Game Music Emulator (game-music-emu) package that's installed or found in the repositories of various popular GNU/Linux distributions.

    For those not aware, Game Music Emulator is a collection of video game music file emulators designed to playback a large number of formats and systems, including SPC (Super Nintendo/Super Famicom), where the problem was discovered by Chris Evans, which could allow an attacker to execute arbitrary code via a maliciously crafted file.

  • 0-day alert: Your favorite Linux distro may not be as secure as you think [Ed: Sensationalism from Dan Goodin is infectious. Beta News now parrots his dramatic ‘journalism’]
  • Ubuntu App Crash Reporter Bug Allows Remote Code Execution

    A security researcher has discovered a vulnerability in Ubuntu’s crash reporter that would allow remote code execution, making it possible for an attacker to compromise a system using just a malicious file.

  • Most Ubuntu Linux Installations Are Affected By A Dangerous Remote Code Execution Bug

    All recent Ubuntu Linux releases ship with Apport crash handling software. A security researcher has discovered a flaw in this utility that allows an attacker to remotely execute code using a malicious booby-trapped file. Ubuntu has released the fix for the same, which can be grabbed via simple Ubuntu update.

Security Leftovers

Filed under
Security
  • Security advisories for Thursday
  • Why My Heart Bleeds for Open Source [Ed: Name-dropping bugs with brands, logos, and Web sites to make FOSS look bad]
  • 0-days hitting Fedora and Ubuntu open desktops to a world of hurt

    If you run a mainstream distribution of Linux on a desktop computer, there's a good chance security researcher Chris Evans can hijack it when you do nothing more than open or even browse a specially crafted music file. And in the event you're running Chrome on the just-released Fedora 25, his code-execution attack works as a classic drive-by.

  • Reliably compromising Ubuntu desktops by attacking the crash reporter

    In this post I’ll describe how I found a remote code execution bug in Ubuntu Desktop which affects all default installations >= 12.10 (Quantal). The bug allows for reliable code injection when a user simply opens a malicious file. The following video demonstrates the exploit opening the Gnome calculator. The executed payload also replaces the exploit file with a decoy zip file to cover its tracks.

  • Dear hackers, Ubuntu's app crash reporter will happily execute your evil code on a victim's box

    Users and administrators of Ubuntu Linux desktops are being advised to patch their systems following the disclosure of serious security flaws.

    Researcher Donncha O'Cearbhaill, who discovered and privately reported the vulnerabilities to Ubuntu, said that a successful exploit of the bugs could allow an attacker to remotely execute code by way of a maliciously booby-trapped file.

  • LibreSSL documentation status report
  • Reproducible Builds: week 85 in Stretch cycle
  • Should we be pushing OpenPGP?

    Bjarni Rúnar, the author of Mailpile released a blog about recent blogs disparaging OpenPGP. It's a good read.

    There's one reason to support OpenPGP missing from the blog: OpenPGP protects you if your mail server is hacked. I'm sure that Debbie Wasserman Schultz wishes she had been using OpenPGP.

  • Security experts: 'No one should have faith in Yahoo at this point'

    Experts have attacked Yahoo’s weak security after the revelation it suffered a hack in 2013, which exposed the personal data of 1 billion users, just months after revealing a 500-million-user data breach from 2014.

    The hack saw the potential theft of login details, personal details and any confidential or sensitive information contained within email correspondences. Yahoo provided the email services for BT and Sky customers, as well as other services.

  • Yahoo admits it’s been hacked again, and 1 billion accounts were exposed

    On December 14, Yahoo announced that after an investigation into data provided by law enforcement officials in November, the company and outside forensics experts have determined that there was in fact a previously undetected breach of data from more than 1 billion user accounts. The breach took place in August 2013 and is apparently distinct from the previous mega-breach revealed this fall—one Yahoo claims was conducted by a "state-sponsored actor."

    The information accessed from potentially exposed accounts "may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers," Yahoo's chief information security officer, Bob Lord, reported in the statement issued by the company. "The investigation indicates that the stolen information did not include passwords in clear text, payment card data, or bank account information. Payment card data and bank account information are not stored in the system the company believes was affected."

  • Hacked Yahoo Data Is for Sale on Dark Web

    Some time around August 2013, hackers penetrated the email system of Yahoo, one of the world’s largest and oldest providers of free email services. The attackers quietly scooped up the records of more than 1 billion users, including names, birth dates, phone numbers and passwords that were encrypted with an easily broken form of security.

    The intruders also obtained the security questions and backup email addresses used to reset lost passwords — valuable information for someone trying to break into other accounts owned by the same user, and particularly useful to a hacker seeking to break into government computers around the world: Several million of the backup addresses belonged to military and civilian government employees from dozens of nations, including more than 150,000 Americans.

Security News

Filed under
Security
  • Security advisories for Wednesday
  • Things That Make You Go “Hmmm” From Adobe
  • Flaws Found in Security Software, Unlicensed Code

    A flurry of industry surveys have flagged open source and unlicensed software as growing security threats. Moreover, a review released by Flexera Software also found that the very security products designed to protect IT infrastructure are themselves riddled with vulnerabilities embedded in open source software.

    While agreeing that malware is a growing threat, other observers counter that the culprit is the growing use of unlicensed software.

    The Flexera security software survey conducted between August and October found that 11 security software products from vendors such as IBM (NYSE: IBM), McAfee and Splunk showed up on its list of 20 products with the most security vulnerabilities. Hence, the survey emphasizes that software developers need greater visibility into open source components so they can identify vulnerabilities and quickly issue security patches. Those patches are generally available as soon as vulnerabilities are announced.

  • Another Yahoo Security Breach Affects a Billion Accounts

    If you’re a Yahoo user, you should strongly consider closing your account. If you decide to keep your account open, you might as well post your username and password to Facebook and send them out in a tweet, for all the good Yahoo’s security precautions will do for you.

  • ‘Refer a Friend’ Ransomware Program

    If you need any proof that malware is a business much like any other — with the big exception that it’s illegal — all you have to do is look at the latest ploy being used by the currently-in-development ransomware called Popcorn Time that was discovered December 7 by MalwareHunterTeam. The folks behind the malware are incorporating a scheme to drum up business that’s directly from a Marketing 101 textbook.

    If Popcorn Time grabs a computer and encrypts it’s files, the hapless victim is offered two choices to get the data returned to its pristine state. One is the traditional method — the authors of the malware call it “the fast and easy way” — of paying a ransom of a Bitcoin, which is about $773 at the current rate. If the price is too steep for the victim’s pocketbook, there’s another option that the malware authors call “the nasty way,” which is a new twist on the tried and true “refer a friend” promotions that have been used by legitimate businesses forever.

Proprietary Software Security News

Filed under
Security
  • Microsoft quietly emits patch to undo its earlier patch that broke Windows 10 networking

    Microsoft has sneaked out a patch to get Windows 10 PCs back online after an earlier update broke networking for people's computers around the globe.

    Since the end of last week or so, systems in the UK, US, Europe and beyond automatically installed software from Microsoft via Windows Update that broke DHCP. That meant some computers couldn't obtain their LAN-side IP addresses from their broadband routers, effectively randomly kicking them off the internet and their own local network. That confused the hell out of a lot of netizens.

  • Dec. 2016 Patch Tuesday: Microsoft releases 12 security bulletins, 6 rated critical

    Congrats for making it through another year of patching Windows! There are 12 this month, 6 rated critical and some which had been publicly disclosed.

  • Researchers Find Vulnerability That Enables Accounting Fraud, PwC Decides The Best Response Is A Legal Threat

    For years now, we've noted that some companies apparently think it's a good idea to punish security researchers that expose vulnerabilities in their products, even when the researchers use the proper channels to report their findings. This kind of absurdity runs hand-in-hand with international attempts to criminalize security research -- or the tools researchers use -- to do their jobs. Obviously, this kind of behavior has one tangible end result: it makes all of us less secure.

    The latest chapter in this saga of myopic bumbling comes courtesy of PwC, which for whatever reason decided that the best response to a major security flaw found in one of the company's products was to to fire off a cease and desist letter aimed at the researchers. More specifically, Munich-based ESNC published a security advisory earlier this month documenting how a remotely exploitable bug in a PwC security tool could allow an attacker to gain unauthorized access to an impacted SAP system.

Latest Black Duck Attack on Free/Open Source Software

Filed under
OSS
Security
Legal
  • M&A deals imperilled by failure to manage open source software risk, says expert [Ed: As is so common these days, today it's Microsoft's proxy Black Duck attacking FOSS and trying to scare people]
  • Open Source: Know It Before You Embrace It [Ed: By Josh Software, not Black Duck FUD about security and licences]

    Open source has already taken the world by storm. Businesses from across industries are embracing it. Earlier open source was just a tiny revolutionary idea that was not given any hope, but it has now become not just mainstream but possibly the only stream. The world has realized its importance and benefits over other closed source languages and tools. More importantly, start-ups have started embracing open source whole heartedly to gain an edge over their competitors. But the question is, how are they utilizing it to their advantage and how is it benefiting them?

Broken Connections

Filed under
Microsoft
Security
  • A Ton of Popular Netgear Routers Are Exposed—With No Easy Fix

    A vulnerability in some popular Netgear routers has gone unpatched for months. Left unchecked, it leaves thousands of home networking devices exposed to full control by hackers, who can then ensnare them in havoc-wreaking botnets. While Netgear has finally released a tentative fix for some models, the delays and challenges in patching all of them help illustrate just how at risk the Internet of Things is—and how hard it is to patch up when things go wrong.

    Andrew Rollins, a security researcher who also goes by Acew0rm, notified Netgear about the flaw on August 25, but says that the company never responded to him. After waiting more than three months, he went public with the vulnerability, and the Department of Homeland Security’s CERT group released an advisory about it on Friday. Its advice? Pull the plug.

  • Windows 10 is dropping WiFi connections, with no fix from Microsoft yet

    WINDOWS 10 is back to its old tricks again, with a recurrence of problems with WiFi connections dropping, something we’ve not seen since the early days.

    Although Microsoft has released a new version of Windows 10 in the last few days (1607) it doesn’t seem to be that, because most of the complaints predate the code drop by two days.

    KB3201845 was released on 9 December, but the problems started on 7 December and appear to be affecting some Windows 7 and 8.1 machines as well. There’s no pattern in terms of ISPs, routers, and WiFi cards - at the moment, at least, it’s all random.

Security News

Filed under
Security

More Security Leftovers

Filed under
Security
  • Security advisories for Monday
  • security things in Linux v4.9
  • Black Hats Leveraging PowerShell

    Those with long memories might remember that in 1996, Microsoft added support in the Internet Explorer browser for ActiveX controls. While this greatly expanded the functionality of the Internet, it also made the web a much less safe place, especially for the average user. The trouble was, ActiveX made it simple to download and install software with little or no input from users. Even those not old enough to remember have probably already figured out that this didn't work out well.

  • A security lifetime every five years

    A long time ago, it wouldn’t be uncommon to have the same job at the same company for ten or twenty years. People loved their seniority, they loved their company, they loved everything staying the same. Stability was the name of the game. Why learn something new when you can retire in a few years?

    Well, a long time ago, was a long time ago. Things are quite a bit different now. If you’ve been doing the same thing at the same company for more than five years, there’s probably something wrong. Of course there are always exceptions to every rule, but I bet more than 80% of the people in their jobs for more than five years aren’t exceptions. It’s easy to get too comfortable, it’s also dangerous.

  • Hack of Saudi Arabia Exposes Middle East Cybersecurity Flaw

    More than a year after a drowned Syrian toddler washed up on a beach in Turkey, the tiny refugee’s body, captured in a photograph that shocked the world, reappeared on computer screens across Saudi Arabia -- this time as a prelude to a cyberattack.

    The strike last month disabled thousands of computers across multiple government ministries in Saudi Arabia, a rare use of offensive cyberweapons aimed at destroying computers and erasing data. The attackers, who haven’t claimed responsibility, used the same malware that was employed in a 2012 assault against Saudi Arabian Oil Co., known as Saudi Aramco, and which destroyed 35,000 computers within hours.

  • London councils are reliant on unsupported Microsoft server software [Ed: Well, even if supported, still back doors in it. Abandon.]

    ALMOST 70 PER CENT of London councils are running unsupported server software, leaving them vulnerable to exploits for which there are no patches available.

    That's according to backup firm Databarracks, which through a Freedom of Information (FoI) request revealed that 69 per cent of London councils are running out-of-date server software.

    The firm contacted all 32 London boroughs as well as the City of London and received responses from all.

    The data revealed that 63 per cent of London councils are still running Windows Server 2003, 51 per cent run SQL Server 2005 and 10 per cent still use Windows Server 2000 - none of which are still supported by Microsoft.

  • PwC sends 'cease and desist' letters to researchers who found critical flaw

    A security research firm has released details of a "critical" flaw in a security tool, despite being threatened with legal threats.

    Munich-based ESNC published a security advisory last week detailing how a remotely exploitable bug in a security tool, developed by auditing and tax giant PwC, could allow an attacker to gain unauthorized access to an affected SAP system.

Syndicate content

More in Tux Machines

RaspEX Linux Brings Ubuntu 16.10 with LXDE Desktop to Raspberry Pi 3 and 2 SBCs

GNU/Linux developer Arne Exton is back with a new release, and this time he managed to publish a new build of his RaspEX Linux project for Raspberry Pi 2 and Raspberry Pi 3 single-board computers. Read more

Black Lab Linux 9 to Launch in June as Version 10 Is Planned for November 2017

Softpedia was informed by Black Lab Software that the managed to publish an initial roadmap for the next point releases and major versions of the Ubuntu-based Black Lab Linux operating system in 2017. Read more

What a Linux Desktop Does Better

After I resolved to adopt Linux, my confidence grew slowly but surely. Security-oriented considerations were compelling enough to convince me to switch, but I soon discovered many more advantages to the Linux desktop. For those still unsure about making the transition, or those who have done so but may not know everything their system can do, I'll showcase here some of the Linux desktop's advantages. Read more

Slackware-Based Zenwalk Linux Gets New ISO Snapshot with GTK3 Build of Firefox

The development team behind the Slackware-based Zenwalk GNU/Linux distribution have announced the release and general availability of a new ISO snapshot image with all the latest software versions and some exciting new features. Read more