Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security

Fedora 24 Linux OS Gets New, Updated Lives ISOs with Latest Security Patches

Filed under
Red Hat
Security

Founder of The Fedora Unity Project and Fedora Ambassador, Ben Williams, is happy to report that updated Live ISO images of the Fedora 24 GNU/Linux operating system are now available for download.

Read more

Security News

Filed under
Security
  • Security advisories for Thursday
  • Please save GMane!
  • The End of Gmane?

    In 2002, I grew annoyed with not finding the obscure technical information I was looking for, so I started Gmane, the mailing list archive. All technical discussion took place on mailing lists those days, and archiving those were, at best, spotty and with horrible web interfaces.

    The past few weeks, the Gmane machines (and more importantly, the company I work for, who are graciously hosting the servers) have been the target of a number of distributed denial of service attacks. Our upstream have been good about helping us filter out the DDoS traffic, but it’s meant serious downtime where we’ve been completely off the Internet.

  • Pwnie Express makes IoT, Android security arsenal open source

    Pwnie Express has given the keys to software used to secure the Internet of Things (IoT) and Android software to the open-source community.

    The Internet of Things (IoT), the emergence of devices ranging from lighting to fridges and embedded systems which are connected to the web, has paved an avenue for cyberattackers to exploit.

  • The Software Supply Chain Is Bedeviled by Bad Open-Source Code [Ed: again, trace this back to FUD firms like Sonatype in this case]

    Open-source components play a key role in the software supply chain. By reducing the amount of code that development organizations need to write, open source enables companies to deliver software more efficiently — but not without significant risks, including defective and outdated components and security vulnerabilities.

  • Securing a Virtual World [Ed: paywall, undated (no year but reposted)]
  • Google tells Android's Linux kernel to toughen up and fight off those horrible hacker bullies

    In a blog post, Jeff Vander Stoep of the mobile operating system's security team said that in the next build of the OS, named Nougat, Google is going to be addressing two key areas of the Linux kernel that reside at the heart of most of the world's smartphones: memory protection and reducing areas available for attack by hackers.

Security Leftovers

Filed under
Security

Parrot Security OS – A Debian Based Distro for Penetration Testing, Hacking and Anonymity

Filed under
GNU
Linux
Security
Debian

Parrot Security operating system is a Debian-based Linux distribution built by Frozenbox Network for cloud oriented penetration testing. It is a comprehensive, portable security lab that you can use for cloud pentesting, computer forensics, reverse engineering, hacking, cryptography and privacy/anonymity.

Read more

OPNsense 16.7

Filed under
Security
BSD
  • OPNsense 16.7 released
  • pfSense/m0n0wall-Forked OPNsense 16.7 Released

    The latest major release is out of OPNsense, a BSD open-source firewall OS project derived from pfSense and m0n0wall.

    OPNsense 16.7 brings NetFlow-based reporting and export, trafic shaping support, two-factor authentication, HTTPS and ICAP support in the proxy server, and UEFI boot and installation modes.

Security News

Filed under
Security
  • Linux Security Automation at Scale in the Cloud

    Ten years ago it didn’t seem like Linux growth could increase any faster. Then, in 2006, Amazon launched Amazon Web Services (AWS). Linux growth went from linear to exponential. AWS competitors sprang up and were acquired by IBM, Microsoft, and other big players, accelerating Linux expansion even more.

    Linux became the platform of choice for the private cloud. But this movement wasn’t confined to the cloud. A rush to create Linux applications and services spilled over to traditional on premises. Linux had evolved from that obscure thing people ran web servers on to the backbone operating system of the majority of IT.

  • Don’t want to get hacked? Close your laptop.

    My friends often leave their computers open and unlocked. I tell them they should probably get in the habit of locking their computers, but they don’t listen to me. So I’ve created a simple project to hack my friends and show them the importance of computer security.

    All I need to do is wait for them to leave their computer unlocked for a few seconds, open up their terminal, and type a single, short command.

  • Citibank IT guy deliberately wiped routers, shut down 90% of firm’s networks across America

    It was just after 6pm on December 23, 2013, and Lennon Ray Brown, a computer engineer at the Citibank Regents Campus in Irving, Texas, was out for revenge.

    Earlier in the day, Brown – who was responsible for the bank’s IT systems – had attended a work performance review with his supervisor.

    It hadn’t gone well.

    Brown was now a ticking time bomb inside the organisation, waiting for his opportunity to strike. And with the insider privileges given to him by the company, he had more of an opportunity to wreak havoc than any external hacker.

  • Explo-Xen! Bunker buster bug breaks out guests from hypervisor

    A super-bug in the Xen hypervisor may allow privileged code running in guests to escape to the underlying host.

    This means, on vulnerable systems, malicious administrators within virtual machines can potentially break out of their confines and start interfering with the host server and other guests. This could be really bad news for shared environments.

    All versions of open-source Xen are affected (CVE-2016-6258, XSA-182) although it is only potentially exploitable on x86 hardware running paravirtualized (PV) guests. The bug was discovered by Jérémie Boutoille of Quarkslab, and publicly patched on Tuesday for Xen versions 4.3 to 4.7 and the latest bleeding-edge code.

  • Intel Puts Numbers on the Security Talent Shortage

    The cybersecurity shortfall in the workforce remains a critical vulnerability for companies and nations, according to an Intel Security report being issued today.

    Eighty-two percent of surveyed respondents reported a shortage of security skills, and respondents in every country said that cybersecurity education is deficient.

Antivirus Live CD 19.0-0.99.2 Released Based on 4MLinux 19.0 and ClamAV 0.99.2

Filed under
GNU
Linux
Security

Softpedia has been informed by GNU/Linux developer and creator of the 4MLinux project, Mr. Zbigniew Konojacki, about the immediate availability for download of the Antivirus Live CD 19.0-0.99.2 distrolette.

Read more

Security Leftovers

Filed under
Security
Syndicate content

More in Tux Machines

Fedora News

  • Elections 2016: Nominate community members to Fedora leadership
    With Fedora 25 out the door a couple of weeks ago, Fedora is once again moving ahead towards Fedora 26. As usual after a new release, the Fedora Elections are getting into gear. There are a fair number of seats up for election this release, across both the Fedora Engineering Steering Committee (FESCo) and the Fedora Council. The elections are one of the ways you can have an impact on the future of Fedora by nominating and voting. Nominate other community members (or self-nominate) to run for a seat in either of these leadership bodies to help lead Fedora. For this election cycle, nominations are due on December 12th, 2016, at 23:59:59 UTC. It is important to get nominations in quickly before the window closes. This article helps explain both leadership bodies and how to cast a nomination.
  • Endless Sky now available on Fedora
    Endless Sky is a 2D space trading and combat game similar to Escape Velocity. The game sets you as a beginning pilot, just having made a down payment on your very first starship. You’re given a choice between a shuttle, a freighter or a fighter. Depending on what ship you choose, you will need to figure out how to earn money to outfit and eventually upgrade your ship. You can transport passengers, run cargo, mine asteroids or even hunt pirates. It’s an open-ended game that blends the top-down action of a 2D space shooter with the depth and replayability of a 4X.
  • Analysis is confusing
    I’ve known of affinity mapping, and even tried to use sticky notes to figure out some of my data in the first UX project I did. Unfortunately, as I found out at the time, analysis of the data I get in UX research doesn’t really lend itself to being done alone. Much like statistics, I suspect. I’m not at all sure how UX consultants do their analyses, given this!

What lies ahead for open source technology in 2017?

Open source technology is a positive example of the way the internet can encourage global collaboration working towards a more secure and creative future. Here are four predictions for open source technologies in 2017: Read more

Android Leftovers

Remembering a friend: Matthew Williams

One of the things about working in open source software communities is that you are always moving forward. It’s hard not to get a sense of momentum and progress when it seems you are constantly striving to improve and build on the work you and others have done before. But sometimes you have to pause to reflect, because sometimes there is loss. Read more