Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security
  • Bug that hit Firefox and Tor browsers was hard to spot—now we know why

    As a result, the cross-platform, malicious code-execution risk most recently visited users of browsers based on the Firefox Extended Release on September 3 and lasted until Tuesday, or a total of 17 days. The same Firefox version was vulnerable for an even longer window last year, starting on July 4 and lasting until August 11. The bug was scheduled to reappear for a few days in November and for five weeks in December and January. Both the Tor Browser and the production version of Firefox were vulnerable during similarly irregular windows of time.

  • Florida Man Charged With Hacking Linux Servers

    Donald Ryan Austin of South Florida has been arrested on charges of hacking into the networks of Linux Kernel Organization and Linux Foundation and installing malicious software. A US Department of Justice (DoJ) release said Austin, who is a computer programmer, is now out on bail and could face a maximum sentence of 10 years if convicted.

    According to the indictment, Austin stole the credentials of an employee to break into the Linux networks and installed rootkit and Trojan software apart from altering the servers. He has been charged with four counts of deliberate damage to a protected computer.

  • Why do hackers prefer Linux?

    Linux has much to offer any computer user, but it has proven to be particularly popular with hackers. A writer at The Merkle recently considered the reasons why hackers have so much love for Linux.

  • How To Get “Hollywood Hacker Feel” In Your Linux Command Line?

    A developer has created a command line utility which can give you the feel of Hollywood movie hacker. His tool replicates the decrypting text seen from the 1992 hacker movie Sneakers. The code is freely available on his GitHub page.

Security News

Filed under
Security
  • Security updates for Tuesday
  • Aid Security Incident Statistics: 18-month trends based on open source reported events affectng aid infrastructure (December 2014 to May 2016)
  • Easy Secure Web Serving with OpenBSD’s acme-client and Let’s Encrypt

    s recently as just a few years ago, I hosted my personal website, VPN, and personal email on a computer running OpenBSD in my basement. I respected OpenBSD for providing a well-engineered, no-nonsense, and secure operating system. But when I finally packed up that basement computer, I moved my website to an inexpensive cloud server running Linux instead.

    Linux was serviceable, but I really missed having an OpenBSD server. Then I received an email last week announcing that the StartSSL certificate I had been using was about to expire and realized I was facing a tedious manual certificate replacement process. I decided that I would finally move back to OpenBSD, running in the cloud on Vultr, and try the recently-imported acme-client (formerly “letskencrypt”) to get my HTTPS certificate from the free, automated certificate authority Let’s Encrypt.

  • iPhone passcode bypassed with NAND mirroring attack

    Passcodes on iPhones can be hacked using store-bought electronic components worth less than $100 (£77), according to one Cambridge computer scientist.

    Sergei Skorobogatov has demonstrated that NAND mirroring—the technique dismissed by James Comey, the director of the FBI, as unworkable—is actually a viable means of bypassing passcode entry limits on an Apple iPhone 5C. What's more, the technique, which involves soldering off the phone's flash memory chip, can be used on any model of iPhone up to the iPhone 6 Plus, which use the same type of LGA60 NAND chip. Later models, however, will require "more sophisticated equipment and FPGA test boards."

    In a paper he wrote on the subject, Skorobogatov, a Russian senior research associate at the Cambridge Computer Laboratory's security group, confirmed that "any attacker with sufficient technical skills could repeat the experiment," and while the technique he used is quite fiddly, it should not present too much of an obstacle for a well-resourced branch of law enforcement.

    The attack works by cloning the iPhone's flash memory chip. iPhones generally allow users six attempts to guess a passcode before locking them out for incrementally longer periods of time; by the complex process of taking the phone apart, removing its memory chip, and then cloning it, an attacker is able to have as many clusters of six tries as they have the patience to make fresh clones. Skorobogatov estimates that each run of six attempts would take about 45 seconds, meaning that it would take around 20 hours to do a full cycle of all 10,000 passcode permutations. For a six-digit passcode, this would grow to about three months—which he says might still be acceptable for national security.

  • Seagate NAS hack should scare us all

    No fewer than 70 percent of internet-connected Seagate NAS hard drives have been compromised by a single malware program. That’s a pretty startling figure. Security vendor Sophos says the bitcoin-mining malware Miner-C is the culprit.

Tails 2.6 Anonymous Linux Live CD Is Out, Brings Tor 0.2.8.7 & Tor Browser 6.0.5

Filed under
GNU
Linux
Security
Debian

Just a few moment ago, the Tails development team proudly announced the official and general availability of the Tails 2.6 anonymous Live CD Linux operating system based on the latest Debian technologies.

Earlier this month, we reported on the availability of the first development version of Tails 2.6, the RC1 build, which also appeared to be the only one, and now, nearly three weeks later, we can get our hands on the final release, which brings many updated components and several new features.

According to the release notes, the biggest new features in Tails 2.6 are the enablement of the kASLR (kernel address space layout randomization) in the Linux kernel packages that ship with the popular amnesic incognito live system, protecting users from buffer overflow attacks.

Read more

IPFire 2.19 - Core Update 104 released

Filed under
GNU
Linux
Security

This is the official release announcement for IPFire 2.19 – Core Update 104.
This update brings you a new kernel under the hood and a from scratch rewritten Guardian.

Read more

Security Leftovers

Filed under
Security

Security News

Filed under
Security
  • Security advisories for Monday
  • Why do we do security?

    I had a discussion last week that ended with this question. "Why do we do security". There wasn't a great answer to this question. I guess I sort of knew this already, but it seems like something too obvious to not have an answer. Even as I think about it I can't come up with a simple answer. It's probably part of the problems you see in infosec.

    The purpose of security isn't just to be "secure", it's to manage risk in some meaningful way. In the real world this is usually pretty easy for us to understand. You have physical things, you want to keep them from getting broken, stolen, lost, pick something. It usually makes some sort of sense.

  • New release: usbguard-0.6.2
  • DNSync

    While setting up my new network at my house, I figured I’d do things right and set up an IPSec VPN (and a few other fancy bits). One thing that became annoying when I wasn’t on my LAN was I’d have to fiddle with the DNS Resolver to resolve names of machines on the LAN.

Security News

Filed under
Security
  • Why real hackers prefer Linux over Windows and Mac

    We have published many tutorials for hackers and security researchers. You may have noticed that most tutorials are based on Linux operating systems. Even the hacking tools out there are based on Linux barring a few which are written for Windows and Mac. The moot question here is that why do hackers prefer Linux over Mac or Windows?

    Today we look at the reason why hackers always prefer Linux over Mac, Windows, and other operating systems. You may have your own reasons for choosing Linux but what do hackers really look forward to while working with Linux.

  • HDDCryptor Ransomware Overwrites Your MBR Using Open Source Tools [Ed: Windows ransom but the headline only says “Open Source”]

    Most of the research on this infection has been done by Marinho, who says that his company was called in to investigate and fix a massive infection at a multi-national company that affected computers in its Brazil, India, and US subsidiaries.

  • The power of protocol analyzers

    In the complicated world of networking, problems happen. But determining the exact cause of a novel issue in the heat of the moment gets dicey. In these cases, even otherwise competent engineers may be forced to rely on trial and error once Google-fu gives out.

    Luckily, there’s a secret weapon waiting for willing engineers to deploy—the protocol analyzer. This tool allows you to definitively determine the source of nearly any error, provided you educate yourself on the underlying protocol. The only catch for now? Many engineers avoid it entirely due to (totally unwarranted) dread.

  • Bitcoin: A Sequence of Proofs

    A potential solution to the growing pains of Bitcoin is the use of proof-of-stake rather than proof-of-work. An attacker which has a stake in the history already on the blockchain is unlikely to jeopardize it. In proof-of-stake, the cryptocurrency is paid by the miners into the bets of the next block to win. If an attacker bets on multiple chains, then they're guaranteed to lose money. This, combined with the fact that buying a lot of currency is more expensive than a lot of computer power, makes proof-of-stake practical. We will cover Peercoin later, which does proof of stake and has other mitigations for certain attacks.

    An interesting idea is vote tattling. When an attacker votes on one block with a predecessor, and then votes on another with the same predecessor, peers can observe this. They can report double voting by using the votes as cryptographically-verified evidence, and taking the attacker's vote-money.

Security Leftovers

Filed under
Security
  • 20 Questions Security Leaders Need To Ask About Analytics

    It would be an understatement to say that the security world tends to be full of hype and noise. At times, it seems like vendors virtually xerox each other’s marketing materials. Everyone uses the same words, phrases, jargon, and buzzwords. This is a complicated phenomenon and there are many reasons why this is the case.

    The more important issue is why security leaders find ourselves in this state. How can we make sense of all the noise, cut through all the hype, and make the informed decisions that will improve the security of our respective organizations? One answer is by making precise, targeted, and incisive inquiries at the outset. Let’s start with a game of 20 questions. Our first technology focus: analytics.

  • Trend Micro shows that Linux systems not so bulletproof against trojans [Ed: very low risk (must fool the user or gain physical access)]
  • Sixth Linux DDoS Trojan Discovered in the Last 30 Days [Ed: drama over something that must fool users]

    Linux users have yet another trojan to worry about, and as always, crooks are deploying it mostly to hijack devices running Linux-based operating systems and use them to launch DDoS attacks at their behest.

  • Yet Another Linux Trojan Uncovered
  • Secure Docker on Linux or Windows platforms

    With Docker appearing in businesses of all shapes and sizes, security is a concern for many IT admins. Here's how to secure Docker on the container or the host machine.

  • New release: usbguard-0.6.1
  • Ransomware Getting More Targeted, Expensive

    I shared a meal not long ago with a source who works at a financial services company. The subject of ransomware came up and he told me that a server in his company had recently been infected with a particularly nasty strain that spread to several systems before the outbreak was quarantined. He said the folks in finance didn’t bat an eyelash when asked to authorize several payments of $600 to satisfy the Bitcoin ransom demanded by the intruders: After all, my source confessed, the data on one of the infected systems was worth millions — possibly tens of millions — of dollars, but for whatever reason the company didn’t have backups of it.

  • Web security CEO warns about control of internet falling into few hands

    The internet was designed to be a massive, decentralized system that nobody controlled, but it is increasingly controlled by a select few tech companies, including Google, Facebook, Apple and Amazon, and they are continuing to consolidate power, said the CEO of a cybersecurity company.

    "More and more of the internet is sitting behind fewer and fewer players, and there are benefits of that, but there are also real risks," said Matthew Prince, chief executive officer of web security company CloudFlare, in an interview with CNBC. His comments came at CloudFlare's Internet Summit — a conference featuring tech executives and government security experts — on Tuesday in San Francisco.

    Facebook has faced a lot of criticism for perceived abuse of its editorial sway among the 1.7 billion monthly active users who visit the site to consume news alongside family photos and ads. For example, a Norwegian newspaper editor recently slammed Mark Zuckerberg for Facebook's removal of a post featuring an iconic image known as the Napalm Girl that included a naked girl running from napalm bombs.

Security News

Filed under
Security
Syndicate content