Language Selection

English French German Italian Portuguese Spanish

Security

Security: Nextcloud, Microsoft/Windows, Canonical/Ubuntu

Filed under
Security

pfSense 2.3.5-RELEASE now available

Filed under
Security

As we have promised, will will continue to deliver security and stability fixes to the pfSense 2.3.x line even after we have released pfSense 2.4.0, since i386 and NanoBSD were deprecated in pfSense 2.4.0. These updates will continue for a minimum of one year after the pfSense 2.4.0 release date, which means they will continue through at least October 2018.

Read more

Security: Certificate Authorities, Coverity SPAM, and WordPress Patches

Filed under
Security
  • Mozilla devs discuss ditching Dutch CA, because cryptowars

    Concerns at the effect of The Netherlands' new security laws could result in the country's certificate authority being pulled from Mozilla's trust list.

    The nation's Information and Security Services Act will come into force in January 2018. The law includes metadata retention powers similar to those enacted in other countries, and also grants broad-based interception powers to Dutch security services.

  • Francisco Partners Acquires Comodo's Certificate Authority Business

    Private equity firm Francisco Partners announced on Oct. 31 that it has acquired the SSL/TLS Certificate Authority (CA) business from security firm Comodo Group. Financial terms of the deal are not being publicly disclosed.

    "This is a carve-out of the Comodo SSL business, which is now going to be a separate legal and operational entity," Bill Holtz, CEO of Comodo CA told eWEEK.

  • Open source developers make progress in adopting secure practices [Ed: Coverity marketing disguised as an article. Because journalism is dead. The business model is PR as 'reports']
  • WordPress 4.8.3 Security Release

Security: UEFI, Windows and NSA Back Doors

Filed under
Security
  • Replace Your Exploit-Ridden Firmware with Linux

    With the WikiLeaks release of the vault7 material, the security of the UEFI (Unified Extensible Firmware Interface) firmware used in most PCs and laptops is once again a concern. UEFI is a proprietary and closed-source operating system, with a codebase almost as large as the Linux kernel, that runs when the system is powered on and continues to run after it boots the OS (hence its designation as a “Ring -2 hypervisor"). It is a great place to hide exploits since it never stops running, and these exploits are undetectable by kernels and programs.

  • Your Windows Login Details Can Be Stolen By Hackers Without User Interaction

    From time to time, the security researchers continue to make us realize that Windows operating system is full of loopholes that can be exploited by hackers to steal our data. One such vulnerability was patched by Redmond in recent patch Tuesday.

  • NSA hacking tool EternalRomance found in BadRabbit

    Several research firms have named EternalRomance as the tool BadRabbit used to spread through an organisation once the ransomware was installed in a host computer. When the cyber-attack first sprang up on 24 October there were many reports claiming that EternalBlue, the tool made famous with the Petya/NotPetya attacks that took place earlier this year, was the culprit, but this was quickly disproven by researchers. However, EternalRomance does share at least one similarity with the other attack, each exploits the same Microsoft vulnerability.

Security: Joanna Rutkowska and Microsoft's NSA Back Doors

Filed under
Security

Security: Updates, Reaper, KRACK, Cryptographic kKeycards, Flexera's FUD, Google Play, Windows BadRabbit

Filed under
Security
  • Security updates for Friday
  • Assessing the threat the Reaper botnet poses to the Internet—what we know now
  • KRACK, ROCA, and device insecurity

    It is a fairly bleak picture from a number of different viewpoints. One almost amusing outcome of this mess is contained near the end of Vanhoef's KRACK web page. He notified OpenBSD of the flaw in mid-July with an embargo (at the time) until the end of August. OpenBSD leader Theo de Raadt complained about the length of the embargo, so Vanhoef allowed OpenBSD to silently patch the flaw. "In hindsight this was a bad decision, since others might rediscover the vulnerability by inspecting their silent patch. To avoid this problem in the future, OpenBSD will now receive vulnerability notifications closer to the end of an embargo." That might not quite be the outcome De Raadt was hoping for with his (quite reasonable) complaint, especially given that Vanhoef strongly hints that there are other WiFi vulnerabilities in the pipeline.

  • A comparison of cryptographic keycards

    An earlier LWN article showed that private key storage is an important problem to solve in any cryptographic system and established keycards as a good way to store private key material offline. But which keycard should we use? This article examines the form factor, openness, and performance of four keycards to try to help readers choose the one that will fit their needs.

    I have personally been using a YubiKey NEO, since a 2015 announcement on GitHub promoting two-factor authentication. I was also able to hook up my SSH authentication key into the YubiKey's 2048 bit RSA slot. It seemed natural to move the other subkeys onto the keycard, provided that performance was sufficient. The mail client that I use, (Notmuch), blocks when decrypting messages, which could be a serious problems on large email threads from encrypted mailing lists.

    So I built a test harness and got access to some more keycards: I bought a FST-01 from its creator, Yutaka Niibe, at the last DebConf and Nitrokey donated a Nitrokey Pro. I also bought a YubiKey 4 when I got the NEO. There are of course other keycards out there, but those are the ones I could get my hands on. You'll notice none of those keycards have a physical keypad to enter passwords, so they are all vulnerable to keyloggers that could extract the key's PIN. Keep in mind, however, that even with the PIN, an attacker could only ask the keycard to decrypt or sign material but not extract the key that is protected by the card's firmware.

  • Study Examines Open Source Risks in Enterprise Software [Ed: Microsoft network promotes anti FOSS 'study' (marketing by Flexera)]
  • Google Play Protect is 'dead last' at fingering malware on Android

    Last month, German software testing laboratory AV-Test threw malware at 20 Android antivirus systems – and now the results aren't particularly great for Google.

    Its Play Protect system, which is supposed block malicious apps from running on your handheld, was beaten by every other anti-malware vendor.

  • NSA hacking tool EternalRomance found in BadRabbit

Security: UEFI Risks and Bad Rabbit (Microsoft Windows Strikes Again)

Filed under
Security

Security: Reaper, Bad Rabbit, Kaspersky, CAPTCHA Weaknesses

Filed under
Security

Security: Updates, Microsoft Windows TCO (Bad Rabbit), Back Doors, Honeypot, Security by Obscurity

Filed under
Security
  • Security updates for Thursday
  • Security updates for Wednesday
  • New ransomware strain spreads in some European countries [iophk: "Microsoft Windows TCO"]

     

    A new strain of Windows ransomware, dubbed Bad Rabbit, is spreading in eastern Europe through drive-by attacks, the security firm Kaspersky Lab reported overnight.  

  • Bad Rabbit Ransomware Attack Is On The Rise — Here’s What You Need To Know
  • New wave of data-encrypting malware hits Russia and Ukraine

    Beaumont went on to say that Bad Rabbit relies on hard-coded credentials that are commonly used in enterprise networks for file sharing and takes aim at a particularly vulnerable portion of infected computers' hard drives known as the master boot record. A malicious file called infpub.dat appears to be able to use the credentials to allow the Bad Rabbit to spread to other Windows computers on the same local network, Kaspersky Labs' blog post added. In a second blog post, Eset said the malware also uses the Mimikatz network administrative tool to harvest credentials from the affected systems.

  • What is Bad Rabbit ransomware?
  • The DOJ's Bizarre Subpoena Over An Emoji Highlights Its Ridiculous Vendetta Against A Security Researcher

    Yesterday we broke the crazy story of how the DOJ issued a subpoena to Twitter attempting to identify five Twitter users, not because of anything they had done, but because someone else the DOJ disliked -- a security researcher named Justin Shafer -- had tweeted an emoji at them in response to a discussion about a different case. You can read all the details in that original post, in case you missed it yesterday. There was so much craziness in that story that I didn't even get to cover all of it. Some of those named in the subpoena have posted their thoughts -- including Ken "Popehat" White and Keith Lee. I suggest reading both, as the subpoena directed at each of them was particularly silly, given that both freely make their identities public. The DOJ didn't seem to do even the slightest research into the accounts it was demanding info on, or it would have known just how easy it was to "unmask" White and Lee.

  • Modern Cybersecurity Totally Futile in Quantum Computing Era

    Quantum computing uses the power of atoms to perform memory and processing tasks and remains a theoretical concept. However, it is widely believed that its creation is possible. Most experts now agree that the creation of a quantum computer is simply a matter of engineering, and that the theoretical application will happen. Optimistic estimates for commercialization by the private sector vary between 5 and 15 years, while more conservative estimates by academics put it at 15-25 years.

  • 4 extra-strength container security tools for Docker and Kubernetes

    Docker-style containers aren’t just a way to deploy software more quickly or flexibly. They can also be a way to make software more secure. Automatic analysis of the software components that go into containers, behavioral policies that span container clusters and multiple application versions, and innovative new developments in tracking and managing vulnerability data are just some of the ways containers are bolstering security for the entire application lifecycle.

    How much of this comes out of the box, though, is another story. Container products provide the basics, but not always more than that, leaving more advanced monitoring or management solely in the hands of the admin. Here are four recently revamped products and services that bring additional kinds of security to containers, both in the cloud and in your own datacenter.

  • Worker who snuck NSA malware home had his PC backdoored, Kaspersky says

    The NSA worker's computer ran a home version of Kaspersky AV that had enabled a voluntary service known as Kaspersky Security Network. When turned on, KSN automatically uploads new and previously unknown malware to company Kaspersky Lab servers. The setting eventually caused the previously undetected NSA malware to be uploaded to Kaspersky Lab servers, where it was then reviewed by a company analyst.

  • Open Source Security Podcast:  Episode 67 - Cyber won
  • Increase your network security: Deploy a honeypot
  • Security by Obscurity

    Today this blog post turned up on Hacker News, titled “Obscurity is a Valid Security Layer”. It makes some excellent points on the distinction between good and bad obscurity and it gives an example of good obscurity with SSH.

  • My password keeps me safe. (Not necessarily!)

Security: Security Standards, New Windows Malware, Flexera FUD, Microsoft’s Sonar

Filed under
Security
Syndicate content

More in Tux Machines

Games: Deep Sixed, Lazy Galaxy, Gladiabots, Railway Empire, Hypergate, Total War Saga: Thrones of Britannia

Sailfish OS 2.1.4 is now available to early access

After a few productive months of development, we are ready to release the next Sailfish OS update named Lapuanjoki to the early access group! Lapuanjoki is named after the town of Lapua, located in Southern Ostrobothnia region, flowing from lake Sampalampi to the Gulf of Bothnia. Read more Also: Jolla Pushes Out Sailfish OS 2.1.4 Into Early Access

Today in Techrights

Qt 5.11 Alpha Released

Qt 5.11 Alpha is released today. As usual the official Alpha is a source code delivery only, but later we will offer development snapshots of Qt 5.11 regularly via the online installer. Please check Qt 5.11 New Features wiki to see what new is coming with Qt 5.11 release. Please note that the feature list is still in progress and not to be considered final before the first Beta release. Read more Also: Qt 5.11 Alpha Released With Many Toolkit Additions