Language Selection

English French German Italian Portuguese Spanish

Security

Security: Intel Scandals, Microsoft Patches Cause Data Loss/Corruption

Filed under
Security

Parrot 3.11 release notes

Filed under
GNU
Linux
Security

Parrot 3.11 is now available for download.

This new release introduces many improvements and security fixes compared to the previous versions. It includes by default all the spectre/meltdown security patches currently available and an updated version of the Linux 4.14 kernel.

A new car hacking menu now contains a collection of useful open source tools in the automotive industry to test real world cars or simulate CANBus networks.

Metasploit and postgresql are now patched to work flawlessly out of the box in live mode.

Other important updates include Firefox 58, increased installer stability, many updated security tools and some important graphic improvements.

Parrot Studio was reintroduced with many improvements, this special derivative of Parrot is designed for multimedia production as an improved version of Parrot Home for workstations, with many useful productivity tools pre-installed.

This release will probably be the last version of the 3.x series (except for eventual security updates), and we wanted to include some of the changes that we planned for parrot 4.x as a gift for our community.

Read more

Security: PLC, Blacksmith, Windows at NHS

Filed under
Security

  • Vulnerable industrial controls directly connected to Internet? Why not?

    As Beaumont said, "It's an open own goal." And this particular advisory doesn't stop with the PLCs. Some PLC manufacturers haven't even responded to inquiries from the DHS' National Cybersecurity and Communications Integration Center (NCCIC) about recently-discovered vulnerabilities, such as one in the Nari PCS-9611 Feeder Relay, a control system used to manage some electrical grids. The vulnerability, reported by two Kaspersky Labs researchers, "could allow a remote attacker arbitrary read/write abilities on the system."

  • Free Linux Tool Monitors Systems for Meltdown Attacks

    SentinelOne this week released Blacksmith, a free Linux tool that can detect Meltdown vulnerability exploitation attempts, so system administrators can stop attacks before they take root.

    The company has been working on a similar tool to detect Spectre vulnerability attacks.

  • Welsh NHS systems back up after computer 'chaos'

    The National Cyber Security Centre said the problems were caused by technical issues and were not the result of a cyber attack.

Security: Updates, US Senate, Malware on Social Control Media, Ubuntu 16.04.4 LTS Delay

Filed under
Security
  • Security updates for Friday
  • Senate IT Tells Staffers They're On Their Own When It Comes To Personal Devices And State-Sponsored Hackers

    Notification of state-sponsored hacking attempts has revealed another weak spot in the US government's defenses. The security of the government's systems is an ongoing concern, but the Senate has revealed it's not doing much to ensure sensitive documents and communications don't end up in the hands of foreign hackers.

    The news of the hacking attempt was greeted with assurances that nothing of value was taken.

  • Beware! Undetectable CrossRAT malware targets Windows, MacOS, and Linux systems

    According to researchers, Dark Caracal hackers do not rely on any "zero-day exploits" to distribute its malware; instead, it uses basic social engineering via posts on Facebook groups and WhatsApp messages, encouraging users to visit hackers-controlled fake websites and download malicious applications.

  • Ubuntu 16.04.4 LTS Delayed Due To Spectre & Meltdown

    Ubuntu 16.04.4 LTS had been scheduled to ship mid-February as the latest point release for this Long Term Support release, but unfortunately that is not going to happen as planned due to the Canonical kernel developers being overloaded by Spectre and Meltdown mitigation work.

    Ubuntu 16.04.4 is now being delayed by an unknown length of time, but they believe it shouldn't be more than "a few weeks" past the original 15 February ship date. They are waiting for the Spectre/Meltdown mitigation work to settle, for ensuring they are shipping qualified patches in this point release. Additionally, they have been busy with that mitigation work that they have neglected other kernel patches that may need to make it into this point release too.

Security: 'DevOps', Linux-based SkySecure, VirusTotal, DJI

Filed under
Security
  • DevOps and Security: How to Overcome Cultural Challenges and Transform to True DevSecOps

    Similar to the proliferation of mobile devices in the enterprise several years ago where organizations were feeling the pressure to have a mobile strategy but didn’t know where to start, we’re seeing the same situation with development methodologies. To accelerate development velocity, teams are feeling the pressure to “do DevOps,” and when integrating security, to “do DevSecOps.” But much like during the initial mobile wave, many companies say they’re implementing these methodologies, and might even think they are, but in reality, they’re not. Yet.

  • What does DevOps do in 2018?

    In 2018, we’re expecting DevOps to become the new norm for larger enterprise teams. This is because we’re likely to see developers on older, higher value systems implementing a more DevOps centric approach, having seen it work on projects that have traditionally been highly visible, but low value.

  • Cisco Acquires Skyport as Cyber-Security Investments Continue

    January 2018 has emerged to become a banner month for cyber-security acquisitions, with at least 10 acquisitions announced so far, four of which were announced between Jan. 22 and 25. Cisco continued the trend on Jan. 24 by announcing its intention to acquire privately-held server security startup Skyport.

    Financial terms of Cisco's Skyport acquisition are not being publicly disclosed. A Cisco spokesperson told eWEEK that the deal is expected to close in Cisco's 2018 fiscal third quarter. However,  a Cisco spokesperson said the company doesn't plan to continue marketing the existing Skyport System server security products.

    [...]

    It's the Linux-based SkySecure Server platform tied into the SkySecure Center service that further validates the integrity of firmware, BIOS, software and cryptography.

  • S for Security is Google owner Alphabet's new favorite letter

    The business will be the new home of VirusTotal, which Google acquired in 2012. Chronicle’s other story will be “a new cybersecurity intelligence and analytics platform that we hope can help enterprises better manage and understand their own security-related data.”

  • Github shrugs off drone maker DJI's crypto key DMCA takedown effort

    Github rejected a DMCA takedown request from Chinese drone-maker DJI after someone forked source code left in the open by a naughty DJI developer, The Register can reveal.

    This included AES keys permitting decryption of flight control firmware, which could allow drone fliers with technical skills to remove geofencing from the flight control software: this software prevents DJI drones from flying in certain areas such as the approach paths for airports, or near government buildings deemed to be sensitive.

    Though the released key is not for the latest firmware version, The Register has seen evidence (detailed below) that drone hackers are already incorporating it in modified firmware available for anyone to download and flash to their drones.

    DJI declined to comment for this article. Github ignored The Register's invitation to comment.

    [...]

    The code was forked by drone researcher Kevin Finisterre, who submitted a successful rebuttal to the takedown request on the grounds that Github's terms and conditions explicitly permit forking of public repos.

    "DJI mistakenly marked code repositories as public subsequently granting license for anyone to fork said repos. This accident can be evidenced by their press release," wrote Finisterre, linking to a DJI statement.

Security: Updates, Attacking Network Protocols, Hide 'N Seek, FBI, Intel, WhatsApp

Filed under
Security
  • Security updates for Thursday
  • Attacking Network Protocols

    Most of us in the Free and Open Source software world know about Wireshark and using it to capture network traffic information. This book mentions that tool, but focuses on using a different tool that was written by the author, called CANAPE.Core. Along the way, the author calls out multiple other resources for further study. I like and appreciate that very much! This is a complex topic and even a detailed and technically complex book like this one cannot possibly cover every aspect of the topic in 300 pages. What is covered is clearly expressed, technically deep, and valuable.

  • What is Hide 'N Seek? New IoT botnet uses peer-to-peer communication to infect over 20,000 devices

    "The HNS botnet communicates in a complex and decentralized manner and uses multiple anti-tampering techniques to prevent a third party from hijacking/poisoning it," Bitdefender researchers wrote in a blog post published on Wednesday (24 January). "The bot can perform web exploitation against a series of devices via the same exploit as Reaper (CVE-2016-10401 and other vulnerabilities against networking equipment)."

  • Senator Demands FBI Director Explain His Encryption Backdoor Bullshit

    "I would like to learn more about how you arrived at and justify this ill-informed policy proposal. Please provide me with a list of the cryptographers with whom you’ve personally discussed this topic since our July 2017 meeting and specifically identify those experts who advised you that companies can feasibly design government access features into their products without weakening cybersecurity. Please provide this information by February 23, 2018."

  • Intel's plan to fix Meltdown in silicon raises more questions than answers

    Why this matters: Intel has been busy working with PC makers and OS vendors like Microsoft to release microcode that includes so-called mitigations, microcode updates that patch the vulnerabilities. But even that hasn’t gone so well: Intel advised end users to stop applying patches after systems unexpectedly rebooted. Now, Intel has revealed it’s working on a more permanent fix, but the impact on users remains unknown.

  • WhatsApp Vulnerability

Subgraph: This Security-Focused Distro Is Malware’s Worst Nightmare

Filed under
Linux
Security

By design, Linux is a very secure operating system. In fact, after 20 years of usage, I have personally experienced only one instance where a Linux machine was compromised. That instance was a server hit with a rootkit. On the desktop side, I’ve yet to experience an attack of any kind.
That doesn’t mean exploits and attacks on the Linux platform don’t exist. They do. One only need consider Heartbleed and Wannacry, to remember that Linux is not invincible.

Read more

Best Linux security tools

Filed under
Linux
Security

Linux has become a popular open source alternative to the popular Windows and iOS operating systems, and a key factor behind its rise is security.

The operating system is much less likely to be a target of malware than its better-known competitors as it has far fewer users, more knowledgeable server administrators and a comprehensive permissions system that enhances its defences.

That doesn't, however, make Linux invulnerable. Here are some Linux security tools to add an extra layer of protection to the operating system.

Read more

Security: Pastejacking, Hotmail in 2018, New Incidents, Lebal Targets Microsoft Windows, and Microsoft Declines to 7% on the Web (a Lot of Unpatched Windows)

Filed under
Security
  • Pastejacking

    This demo uses JavaScript to hook into the copy event, which will fire via ctrl+c or right-click copy. Right now this demo does works in Chrome, Firefox, and Safari but not with Internet Explorer, however there is a demo below which is IE compatible.

  • ‘A sign that you’re not keeping up’ – the trouble with Hotmail in 2018

    With the passage of time and the absence of a brand overhaul, the word “hotmail” near your name started to be quite ageing; like “ntlworld” or “blueyonder”, it was a sign that you weren’t keeping up. It was a deduction that wouldn’t stand up in a court of law, but online it is inference, not certainty, that drags you down. When you could have an ageless Yahoo address, there is just no call to leave this kind of footprint, unless “incredibly old” is your calling card.

  • Shocking data breach exposes more than 220,000 organ donor records

    Lowyat.net, which previously exposed a leak of 46m citizen records belonging to Malaysian communications firms – reported Tuesday (23 January) that the details appeared to be from a central database linked to state hospitals and national transplant resource centres.

    Complete entries of personal information included ID numbers, names, email addresses, home addresses and phone numbers of 220,000 citizens recorded between January 2009 and August 2016.

  • Researchers warn new Lebal malware is seeking high-profile targets

    The vector for the attacks, which are described as being specifically targeted versus random attempts, was not through usual email attacks but camouflaged through several layers. The first attempt involves a phishing email disguised as a message from Federal Express, while the second attempt involves a malicious link pretending to be a link to Google Drive.

  • What is Lebal? New sophisticated malware found targeting several universities, government agencies

    It requests users to click on a link to download and print out an "attached label" that needs to be submitted in order to receive the parcel. The malicious link itself is disguised as a Google Drive link. Once a user clicks on it, the hackers' website pops up with the malicious "Lebal copy.exe" file ready to download.

  • Cyber crime hit 978m in 2017, caused US$172b loss

    It said that as as a result, victims globally lost US$172 billion – an average of US$142 per victim. The figure for Australia was US$1.9 billion in total. Each of these people also spent about 24 hours — or almost three full workdays — dealing with the aftermath.

  • January 2018 Web Server Survey

    While 1.5 million web-facing computers currently run Microsoft web server software, a slightly larger number – 1.8 million – run Windows operating systems. The bulk of the difference is made up of Windows computers that either run Apache or reverse-proxy traffic from backend Apache servers. The most commonly used Windows version is Windows Server 2008, followed by 2012 and then the aging, unsupported Windows Server 2003. Windows Server 2016 accounts for only 3.7% of all Windows web-facing computers at the moment, but it is steadily growing – this month, the number of Windows Server 2016 computers grew by 14% to 66,800.

Security: Updates, CPU Defects, Patches, Entropy and More

Filed under
Security
  • Security updates for Wednesday
  • ​Linux and Intel slowly hack their way to a Spectre patch

    Spectre and Meltdown are major design flaws in modern CPUs. While they're present in almost all recent processors, because Intel chips are so widely used, Intel is taking most of the heat for these bugs. Nowhere has the criticism been hotter than on the Linux Kernel Mailing List (LKML). That's because unlike Apple and Microsoft operating system developers and OEMS like Dell and HP, Linux programmers do their work in the open. But, when Linux and Intel developers aren't arguing, they are making progress.

  • Meltdown and Spectre - Performance and stability

    There's no perceivable slowness of any kind. So that further helps our experiment, as we have a completely different set of operating systems and kernels to confirm the Windows findings.

  • Randomness in virtual machines

    I always felt that entropy available to the operating system must be affected by running said operating system in a virtual environment – after all, unpredictable phenomena used to feed the entropy pool are commonly based on hardware and in a VM most hardware either is simulated or has the hypervisor mediate access to it. While looking for something tangentially related to the subject, I have recently stumbled upon a paper commissioned by the German Federal Office for Information Security which covers this subject, with particular emphasis on entropy sources used by the standard Linux random-number generator (i.e. what feeds /dev/random and /dev/urandom), in extreme detail:

  • Linus Rants, Cryptojacking Protection, openSUSE and Games

    Linus Torvalds slams Intel's Spectre and Meltdown patches, calling them "COMPLETE and UTTER GARBAGE". See LKML for more.

Syndicate content

More in Tux Machines

Open Source Skills Soar In Demand According to 2018 Jobs Report

Linux expertise is again in the top spot as the most sought after open source skill, says the latest Open Source Jobs Reportfrom Dice and The Linux Foundation. The seventh annual report shows rapidly growing demand for open source skills, particularly in areas of cloud technology. Read more

Graphics: Wayland, RadeonSI, NVIDIA and More

  • Session suspension and restoration protocol
  • A Session Suspension & Restoration Protocol Proposed For Wayland
    KDE Wayland developer Roman Gilg who started contributing to Wayland via last year's Google Summer of Code is proposing a new Wayland protocol for dealing with desktop session suspension and restoration. This protocol extension would allow for more efficient support for client session suspension and restoration such as when you are logging out of your desktop session and want the windows restored at next log-in or if you are suspending your system. While Roman Gilg is working on this protocol with his KDE hat on, he has been talking with Sway and GNOME developers too for ensuring this protocol could work out for their needs.
  • RadeonSI Lands OpenGL 3.3 Compatibility Profile Support
    Thanks to work done over the past few months by AMD's Marek Olšák on improving Mesa's OpenGL compatibility profile support and then today carried over the final mile by Valve's Timothy Arceri, Mesa 18.2 now exposes OpenGL 3.3 under the compatibility context. Hitting Git tonight is the enabling of the OpenGL 3.3 compatibility profile for RadeonSI.
  • NVIDIA Releases DALI Library & nvJPEG GPU-Accelerated Library For JPEG Decode
    For coinciding with the start of the Computer Vision and Patern Recognition conference starting this week in Utah, NVIDIA has a slew of new software announcements. First up NVIDIA has announced the open-source DALI library for GPU-accelerated data augmentation and image loading that is optimized for data pipelines of deep learning frameworks like ResNET-50, TensorFlow, and PyTorch.
  • NVIDIA & Valve Line Up Among The Sponsors For X.Org's XDC 2018
    - The initial list of sponsors have been announced for the annual X.Org Developers' Conference (XDC2018) where Wayland, Mesa, and the X.Org Server tend to dominate the discussions for improving the open-source/Linux desktop. This year's XDC conference is being hosted in A Coruña, Spain and taking place in September. The call for presentations is currently open for X.Org/mesa developers wishing to participate.
  • Intel Broxton To Support GVT-g With Linux 4.19
    Intel developers working on the GVT-g graphics virtualization technology have published their latest batch of Linux kernel driver changes.

Fedora and Red Hat: Fedora Atomic, Fedora 29, *GPL and Openwashing ('Open Organization')

  • Fedora Atomic Workstation To Be Renamed Fedora Silverblue
    - Back in early May was the announcement of the Silverblue project as an evolution of Fedora Atomic Workstation and trying to get this atomic OS into shape by Fedora 30. Beginning with Fedora 29, the plan is to officially rename Fedora Atomic Workstation to Fedora Silverblue. Silverblue isn't just a placeholder name, but they are moving ahead with the re-branding initiative around it. The latest Fedora 29 change proposal is to officially change the name of "Fedora Atomic Workstation" to "Fedora Silverblue".
  • Fedora 29 Will Cater i686 Package Builds For x86_64, Hide GRUB On Boot
    The Fedora Engineering and Steering Committee (FESCo) approved on Friday more of the proposed features for this fall's release of Fedora 29, including two of the more controversial proposals.
  • Total War: WARHAMMER II Coming to Linux, Red Hat Announces GPL Cooperation Commitment, Linspire 8.0 Alpha 1 Released and More
    Starting today, Red Hat announced that "all new Red Hat-initiated open source projects that opt to use GPLv2 or LGPLv2.1 will be expected to supplement the license with the cure commitment language of GPLv3". The announcement notes that this development is the latest in "an ongoing initiative within the open source community to promote predictability and stability in enforcement of GPL-family licenses".
  • Red Hat Launches Process Automation Manager 7, Brackets Editor Releases Version 1.13, Qt Announces New Patch Release and More
    Red Hat today launched Red Hat Process Automation Manager 7, which is "a comprehensive, cloud-native platform for developing business automation services and process-centric applications across hybrid cloud environments". This new release expands some key capabilities including cloud native application development, dynamic case management and low-code user experience. You can learn more and get started here.
  • A summer reading list for open organization enthusiasts
    The books on this year's open organization reading list crystallize so much of what makes "open" work: Honesty, authenticity, trust, and the courage to question those status quo arrangements that prevent us from achieving our potential by working powerfully together.

Server Domination by GNU/Linux

  • Security and Performance Help Mainframes Stand the Test of Time
    As of last year, the Linux operating system was running 90 percent of public cloud workloads; has 62 percent of the embedded market share and runs all of the supercomputers in the TOP500 list, according to The Linux Foundation Open Mainframe Project’s 2018 State of the Open Mainframe Survey report. Despite a perceived bias that mainframes are behemoths that are costly to run and unreliable, the findings also revealed that more than nine in 10 respondents have an overall positive attitude about mainframe computing. The project conducted the survey to better understand use of mainframes in general. “If you have this amazing technology, with literally the fastest commercial CPUs on the planet, what are some of the barriers?” said John Mertic, director of program management for the foundation and Open Mainframe Project. “The driver was, there wasn’t any hard data around trends on the mainframe.”
  • HPE announces world's largest ARM-based supercomputer
    The race to exascale speed is getting a little more interesting with the introduction of HPE's Astra -- what will be the world's largest ARM-based supercomputer. HPE is building Astra for Sandia National Laboratories and the US Department of Energy's National Nuclear Security Administration (NNSA). The NNSA will use the supercomputer to run advanced modeling and simulation workloads for things like national security, energy, science and health care.