Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security
  • Thursday's security updates
  • Capsule8 comes out of stealth to help protect Linux from attacks

    Capsule8 has emerged from stealth mode to unveil its plans for the industry’s first container-aware, real-time threat protection platform designed to protect legacy and next-generation Linux infrastructures from both known and unknown attacks. Founded by experienced hackers John Viega, Dino Dai Zovi and Brandon Edwards, Capsule8 is being built on the real-world experience of its founders in building and bringing to market defensive systems to protect against exploitation of previously unknown vulnerabilities. The company raised seed funding of $2.5 million from Bessemer Venture Partners, as well as individual investors Shardul Shah of Index Ventures and Jay Leek of ClearSky. The funding will help fuel the launch of the Capsule8 platform spring 2017.

  • Bruce Schneier Says Government Involvement in Coding Is Coming

    Security expert Bruce Schneier is painting a grim future for the tech community as the government will start to stick its nose into people’s codes.

    Schneier, present at the RSA Conference, said that until now everyone had this “special right” to code the world as they saw fit. “My guess is we’re going to lose that right because it’s too dangerous to give it to a bunch of techies,” he added, according to The Register.

  • How To Shrink Attack Surfaces with a Hypervisor

    A software environment’s attack surface is defined as the sum of points in which an unauthorized user or malicious adversary can enter or extract data. The smaller the attack surface, the better. We recently sat down with Doug Goldstein (https://github.com/cardoe or @doug_goldstein) to discuss how companies can use hypervisors to reduce attack surfaces and why the Xen Project hypervisor is a perfect choice for security-first environments. Doug is a principal software engineer at Star Lab, a company focused on providing software protection and integrity solutions for embedded systems.

  • Xen Project asks to limit security vulnerability advisories
  • Xen Project wants permission to reveal fewer vulnerabilities
  • Xen Project proposes issuing fewer advisories
  • Verified Boot: From ROM to Userspace

    Amid growing attacks on Linux devices, the 2016 Embedded Linux Conference demonstrated a renewed focus on security. One well-attended presentation at ELC Europe covered the topic of verified boot schemes. In this talk, Marc Kleine-Budde of Pengutronix revealed the architecture and strategies of a recently developed verified boot scheme for a single-core, Cortex-A9 NXP i.MX6 running on the RIoTboard SBC.

  • Yahoo's Security Incompetence Just Took $250 Million Off Verizon's Asking Price

    So last year we noted how Verizon proposed paying $4.8 billion to acquire Yahoo as part of its plan to magically transform from stodgy old telco to sexy new Millennial advertising juggernaut, which, for a variety of reasons, isn't going so well. One of those reasons is the fact that Yahoo failed to disclose the two, massive hacks (both by the same party) that exposed the credentials of millions of Yahoo customers during deal negotiations. The exposure included millions of names, email addresses, phone numbers, birthdates, hashed passwords (using MD5) and "encrypted or unencrypted" security questions and answers.

    As noted previously, Verizon had been using the scandal to drive down the $4.8 billion asking price, reports stating that Verizon was demanding not only a $1 billion reduction in the price, but another $1 billion to cover the inevitable lawsuits by Yahoo customers.

  • Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

    One of the most effective ways the Wordfence team keeps the WordPress community and customers secure is through something we call the ‘Threat Defense Feed’. This is a combination of people, software, business processes and data. It’s an incredibly effective way to keep hackers out and provide our customers with early detection.

  • The 7 security threats to technology that scare experts the most

    What happens if a bad actor turns off your heat in the middle of winter, then demands $1,000 to turn it back on? Or even holds a small city’s power for ransom? Those kinds of attacks to personal, corporate, and infrastructure technology were among the top concerns for security experts from the SANS Institute, who spoke Wednesday during the RSA conference in San Francisco.

    Some of these threats target consumers directly, but even the ones that target corporations could eventually “filter down” to consumers, though the effects might not be felt for some time.

Security News

Filed under
Security
  • Wednesday's security updates
  • 10 Week Progress Update for PGP Clean Room

    This Valentine’s Day I’m giving everyone the gift of GIFs! Because who wants to stare at a bunch of code? Or read words?! I’ll make this short and snappy since I’m sure you’re looking forward to a romantic night with your terminal.

  • And hackers didn't have much luck either with other flaws in the mobe OS

    Despite shrill wailings by computer security experts over vulnerabilities in Android, Google claims very, very few of people have ever suffered at the hands of its bugs.

    Speaking at the RSA security conference in San Francisco on Tuesday, Adrian Ludwig, director of Android security, said the Stagefright hole – which prompted the Chocolate Factory to start emitting low-level security patches on a monthly basis – did put 95 per cent of Android devices at risk of attack. However, there have been no “confirmed” cases of infections via the bug, Ludwig claimed.

  • This Android Trojan pretends to be Flash security update but downloads additional malware
  • Pwnd Android conference phone exposes risk of spies in the boardroom

    Security researchers have uncovered a flaw in conference phone systems from Mitel that create a means for hackers to listen in on board meetings.

    Boffins at Context Information Security managed to gain root access and take full control of a Mitel MiVoice Conference and Video Phone, potentially enabling them to listen to meetings without alerting the room's occupants. The flaws also created a way to plant a remote backdoor on to an enterprise network.

  • Why do hackers focus so much on Android? It’s simple, really

    It seems that, despite what many thought was a supply and demand issue, Android is by far the most appealing, accessible and, essentially, antiquated arena for cyber-criminals to flourish in.

  • Google Touts Progress in Android Security in 2016

    Google has a daunting task of scanning 750 million Android devices daily for threats and checking 6 billion apps for malware each day as part of its management of 1.6 billion active Android devices. The numbers are staggering for Adrian Ludwig, director of Android Security; six years ago, when he joined Google, he said being responsible for the security of what would eventually be billions of Android devices seemed overwhelming.

Security Leftovers

Filed under
Security
  • Re-thinking Web App Security

    The implications of storing your data locally are quite profound.

  • ASLR^CACHE Attack Defeats Address Space Layout Randomization

    Researchers from VUSec found a way to break ASLR via an MMU sidechannel attack that even works in JavaScript. Does this matter? Yes, it matters. A lot. The discovery of this security flaw along with the practical implementation is really important mainly because of two factors: what it means for ASLR to be broken and how the MMU sidechannel attack works inside the processor.

  • The Biggest Risk with Container Security is Not Containers

    Container security may be a hot topic today, but we’re failing to recognize lessons from the past. As an industry our focus is on the containerization technology itself and how best to secure it, with the underlying logic that if the technology is itself secure, then so too will be the applications hosted.

    Unfortunately, the reality is that few datacenter attacks are focused on compromising the container framework. Yes, such attacks do exist, but the priority for malicious actors is mounting an attack on applications and data; increasingly for monetary reasons. According to SAP, more than 80 percent of all cyberattacks are specifically targeting software applications rather than the network.

Security Leftovers

Filed under
Security

CloudLinux 7 Gets New Linux Kernel Update to Fix Memory Leak, XFS Issue, More

Filed under
Linux
Security

CloudLinux's Mykola Naugolnyi announced today the availability of a new kernel update for CloudLinux 7 operating system series, urging users to update their machines immediately.

CloudLinux 7's kernel packages have been updated to version 3.10.0-427.36.1.lve1.4.37, which has been marked as ready for production and is available from the stable repositories of the operating system.

Today's kernel replaces version 3.10.0-427.18.2.lve1.4.27 that most CloudLinux 7 users might have installed on their machines, and it fixes a memory leak related to LVE Lightweight Virtual Environment) deletion.

Read more

Also (direct): CloudLinux 7 kernel updated

Security Leftovers

Filed under
Security
  • Recent WordPress vulnerability used to deface 1.5 million pages

    Up to 20 attackers or groups of attackers are defacing WordPress websites that haven't yet applied a recent patch for a critical vulnerability.

    The vulnerability, located in the platform's REST API, allows unauthenticated attackers to modify the content of any post or page within a WordPress site. The flaw was fixed in WordPress 4.7.2, released on Jan. 26, but the WordPress team did not publicly disclose the vulnerability's existence until a week later, to allow enough time for a large number of users to deploy the update.

  • Simple Server Hardening

    These days, it's more important than ever to tighten up the security on your servers, yet if you were to look at several official hardening guides, they read as though they were written for Red Hat from 2005. That's because they were written for Red Hat in 2005 and updated here and there through the years. I came across one of these guides when I was referring to some official hardening benchmarks for a PCI audit and realized if others new to Linux server administration were to run across the same guide, they likely would be overwhelmed with all of the obscure steps. Worse though, they likely would spend hours performing obscure sysctl tweaks and end up with a computer that was no more protected against a modern attack. Instead, they could have spent a few minutes performing a few simple hardening steps and ended up with a more secure computer at the end. So in this article, I describe a few hardening steps that provide the most bang for the buck. These tips should take only a few minutes, yet for that effort, you should get a much more secure system at the end.

  • Sophos: IoT Malware Growing More Sophisticated
  • Linux IoT, Android and MacOS expected in 2017, SophosLabs
  • Hackers using Linux flaws to attack IoT devices
  • Linux Security Fundamentals: Estimating the Cost of a Cyber Attack

Security News

Filed under
Security

Security News

Filed under
Security
  • Opening Cyber Salvo in the French Elections

    On Feb 1st, 2017, Wikileaks began tweeting about the candidates in the French election coming up in a few months. This election (along with Germany’s later this year) is a very highly anticipated overt cyber conflict, one that many people in the intelligence, infosec and natsec communities are all paying attention to. We all saw what happened in the US and expect the Russians to meddle in both of these elections too. The outcomes are particularly important because France and Germany (“Old Europe”) are the strong core of the EU, and Putin’s strategic goal is a weak EU. He’s been dealt a weak hand and his geopolitical strategy is to weaken his opponents, pretty straight forward.

  • Kaspersky says businesses hit by fileless Windows malware

    Fileless Windows malware is infecting enterprise systems in 40 or more countries, with more than 140 institutions having been hit, according to the anti-virus company Kaspersky.

    The malware has not been given a name yet, but Kaspersky says it is similar to Duqu 2.0 that attacked its own network and stayed undetected for more than six months.

    It said an unnamed bank found the malware in late 2016 after it detected Meterpreter code in the physical memory of one of its Windows domain controllers. Meterpreter is an advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime.

  • Hack my car? Most believe it can happen

    Most Americans have some concerns that self-driving cars can be hacked to cause crashes, disable the vehicle in some way or even be used as weapons by terrorists, according to researchers at the University of Michigan.

    And large percentages of people are at least slightly concerned that these kinds of vehicles can be hacked to gain access to personal data.

    However, more than half have these same cybersecurity concerns about conventional vehicles, say Michael Sivak and Brandon Schoettle of the U-M Transportation Research Institute.

    Using an online survey of more than 500 Americans, the researchers asked respondents how concerned they are about hackers gaining access to personally owned self-driving (both with control over the gas pedal, brake and steering, and without) and conventional vehicles.

  • ‘Top 10 Spammer’ Indicted for Wire Fraud

    Michael A. Persaud, a California man profiled in a Nov. 2014 KrebsOnSecurity story about a junk email purveyor tagged as one of the World’s Top 10 Worst Spammers, was indicted this week on federal wire fraud charges tied to an alleged spamming operation.

  • Chap scripts remote Linux takeover for sysadmins

    Linux sysadmins with a sense of adventure: Tokyo-based developer Hector Martin has put together a set of scripts to replace an in-use Linux system over SSH.

    Over at GitHub, Martin's Takeover.sh is the kind of no-safety-net we imagine El Reg's readers will love.

Programming and Security News

Filed under
Development
Security
  • RSPIRV: Google's Rust Implementation Of SPIR-V

    Google developers have been working on a number of open-source projects in the Vulkan space and one of their latest is SPIR-V processing with Rust.

    RSPIRV is another project under the Google umbrella on GitHub. RSPIRV is a Rust implementation of SPIR-V module processing functionalities. SPIR-V, of course, being the intermediate representation/language used by Vulkan as well as OpenCL 2.1+ and can also be used in OpenGL.

  • Optimize PHP with finely tuned IT resources and settings

    More than 90% of PHP-based websites still use PHP version 5. Of those websites, less than one quarter run the latest supported version, PHP 5.6. Despite the release of PHP 7 in December 2015, which has been documented and benchmarked as up to two times faster than PHP 5.6, the adoption rate is only around 3% among websites that use the language. The first step -- before optimizing PHP using the following tips -- is to upgrade to version 7.

  • Node for Java Developers

    The biggest audience for my Node.js workshops, courses and books (especially when I’m teaching live) is Java developers. You see, it used to be that Java was the only language professional software developers/engineers had to know. Not anymore. Node.js as well as other languages like Go, Elixir, Python, Clojure, dictate a polyglot environment in which the best tool for the job is picked.

  • Morocco's First Open Source ERP Uses Java EE 7!
  • Hazelcast's Parallel Streaming Engine Targets Java/Big Data Programmers

    In-memory data grid (IMDG) specialist Hazelcast Inc. yesterday launched a new distributed processing engine for Big Data streams. The open-source, Apache 2-licenced Hazelcast Jet is designed to process data in parallel across nodes, enabling data-intensive applications to operate in near real-time.

  • On new zlib breaking perl
  • anytime 0.2.1
  • Security updates for Friday
  • Capsule8 Launches Linux-Based Container Security Platform

    Cybersecurity startup Capsule8 this week announced that it has raised US$2.5 million to launch the industry's first container-aware, real-time threat protection platform designed to protect legacy and next-generation Linux infrastructures from existing and potential attacks.

    CEO John Viega, CTO Dino Dai Zovi and Chief Scientist Brandon Edwards, all veteran hackers, cofounded the firm. They raised seed funding from Bessemer Venture Partners, as well as individual investors Shandul Shah of Index Ventures and ClearSky's Jay Leek.

Security Leftovers

Filed under
Security
  • Mirai Botnet Spreads With Help From Infected Windows Computers
  • Lovely. Now someone's ported IoT-menacing Mirai to Windows boxes

    The Mirai malware that hijacked hundreds of thousands of IoT gadgets, routers and other devices is now capable of infecting Windows systems.

  • Finding Ticketbleed

    Ticketbleed (CVE-2016-9244) is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, like in Heartbleed.

  • Cybersecurity firms pilloried by GCHQ technical director over “witchcraft”

    “we are allowing massively incentivised companies to define the public perception of the problem”.

  • Wire’s independent security review

    Ever since Wire launched end-to-end encryption and open sourced its apps one question has consistently popped up: “Is there an independent security review available?” Well, there is now!

    Kudelski Security and X41 D-Sec published a joint review of Wire’s encrypted messaging protocol implementation. They found it to have “high security, thanks to state-of-the-art cryptographic protocols and algorithms, and software engineering practices mitigating the risk of software bugs.”

  • Practical Steps for Protecting IoT Devices

    The security of IoT devices is a high priority these days, as attackers can use Distributed Denial of Service (DDoS) attacks to target them and wreak havoc on a system.

    “Due to the sheer volume of unconnected devices, it can take hours and often days to mitigate such an attack,” says Adam Englander, who is a Senior Engineer of the LaunchKey product at iovation.

  • IoT Cybersecurity Alliance Will Collaborate on Standards, Education

    A new IoT Cybersecurity Alliance formed by AT&T, IBM, Palo Alto Networks, Symantec, and Trustonic promises to help solve one of the most critical elements of the Internet of Things (IoT) — security. The group says its goal is to work on IoT security standards as well as raise awareness about the topic.

    There are numerous IoT-related associations working to promote different segments of IoT and streamline the fragmentation that exists in the industry. However, this is the first group to focus solely on security. AT&T, which was an early advocate for IoT, said it has seen a 3,198 percent increase in attackers scanning for vulnerabilities in IoT devices.

Syndicate content

More in Tux Machines

QNX 7 Can Be Fitted With A Qt5 Desktop

  • QNX 7 Can Be Fitted With A Qt5 Desktop
    While QNX remains targeted as an operating system for mobile/embedded solutions, a BlackBerry developer in his spare time has fitted QNX 7 with a Qt5 desktop. QNX 6 and prior had a desktop option, but was removed in QNX 7, which was released this past March. QNX 7.0 also brought support for 64-bit (and maintaining 32-bit) Intel x86 and ARM platforms along with C++14 support. For those wanting to experiment with QNX 7, a BlackBerry kernel developer has been working on making this operating system more desktop friendly.
  • Building a BlackBerry QNX 7 Desktop
    Having Qt allowed me to port one of my favourite applications, SpeedCrunch. It was a simple matter of running ‘qmake’ followed by ‘make’. Next, I ported the QTermWidget library so that I could have terminal windows.

Kernel Space/Linux

  • Kernel explained
  • [Older] [Video] Audio on Linux: The End of a Golden Age?
  • State of Sway April 2017
    Development on Sway continues. I thought we would have slowed down a lot more by now, but every release still comes with new features - Sway 0.12 added redshift support and binary space partitioning layouts. Sway 0.13.0 is coming soon and includes, among other things, nvidia proprietary driver support. We already have some interesting features slated for Sway 0.14.0, too! Today Sway has 21,446 lines of C (and 4,261 lines of header files) written by 81 authors across 2,263 commits. These were written through 653 pull requests and 529 issues. Sway packages are available today in the official repos of pretty much every distribution except for Debian derivatives, and a PPA is available for those guys.

Supporting Burning Platforms

  • Surface revenue does a U-boat, and dives

    Revenue generated by Microsoft's Surface hardware during the March quarter was down 26% from the same period the year before, the company said yesterday as it briefed Wall Street.

    For the quarter, Surface produced $831 million, some $285 million less than the March quarter of 2016, for the largest year-over-year dollar decline ever.

  • Acer said to me: "do not use our products with Linux. Find another manufacturer"
    Last year, I bought an Acer notebook and it came with Windows 10. As I didn't want spyware neither bloatware, I got Linux installed and asked for a refund of the OEM license. After a little of talking, they were wanting to charge me US$100 (to remove the license, which I already had wiped, as I got FDE Linux installed) to refund US$70 of the OEM license. This year, wondering to buy a new Acer notebook, I asked them again if they would refund me the OEM license without all the hassle (as they did pay me the US$70, without me having to pay the US$100).

today's howtos