Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • How to protect your Google and Facebook accounts with a security key

    Google supports a format called FIDO Universal 2nd Factor (U2F), which it helped develop. Keys are available that work over USB, Bluetooth, and NFC, so they can be used with a smartphone or tablet in addition to a PC.

  • Cisco Patches WikiLeaks Security Vulnerability Affecting Hundreds Of Devices

    Cisco has patched a critical flaw in its IOS software that affected more than 300 models of routers and switches that was discovered after WikiLeaks exposed CIA documents.

    "We've spoken to a few customers about it, a few enterprise clients, and thankfully it didn't any disrupt business for us," said one top executive from a solution provider and Cisco Gold partner who did not wished to be named. "I'm glad to know they fixed the issue. … Their devices will always be a big target for attackers because Cisco is everywhere."

  • Microsoft makes emergency security fix

    Microsoft has released an urgent update to stop hackers taking control of computers with a single email.

    The unusual bug, in Microsoft anti-malware software such as Windows Defender, could be exploited without the recipient even opening the message.

    Researchers working for Google's Project Zero cyber-security outfit discovered the flaw at the weekend.

    The fix has been specially pushed out hours before the software giant's monthly Tuesday security update.

  • Google’s OSS-Fuzz Finds 1,000 Open Source Bugs

    The numbers are in, and judging by them, OSS-Fuzz, the program Google unveiled last December to continuously fuzz open source software, has been a success.

    In five months the effort has unearthed more than 1,000 bugs, a quarter of them potential security vulnerabilities, Google says.

  • Open source vulnerabilities hit VMware [Ed: Ridiculous! WMware is secret software with back doors (RSA/EMC), so why focus only on holes in a FOSS component?]

    Apache Struts 2 is an open source web application framework for developing Java applications that has been in use since 2007. The recent Apache Struts 2 vulnerability affected vCenter Server 6.0 and 6.5, vRealize Operations Manager 6.x, vRealize Hyperic Server 5.x, and versions 6.x and 7.x of the Horizon Desktop-as-a-Service Platform.

  • Samsung partners with McAfee, brings security software to the Galaxy S8, Smart TVs, and PCs [Ed: But Samsung should know adding proprietary software to Tizen and/or Android won't necessarily make these more secure]

Security Leftovers

Filed under
Security
  • Cisco kills leaked CIA 0-day that let attackers commandeer 318 switch models

    As previously reported, the zero-day exploit allowed attackers to issue commands that remotely execute malicious code on 318 models of Cisco switches. The attack code was published in early March by WikiLeaks as part of its Vault7 series of leaks, which the site is billing as the largest publication of intelligence documents ever.

    The bug resides in the Cisco Cluster Management Protocol (CMP), which uses the telnet protocol to deliver signals and commands on internal networks. It stems from a failure to restrict telnet options to local communications and the incorrect processing of malformed CMP-only telnet options.

  • Open source password strength meter could help boost account security

    It's no secret that most people are rubbish at choosing passwords -- it's something that's proved time and time again when the annual list of common passwords is released. To help overcome the problem, and hopefully increase the security of people's accounts, a team of researchers from the Carnegie Mellon University and the University of Chicago have created an open source password meter that provides advice about how to strengthen a password.

  • Apache OpenOffice: Not dead yet, you'll just have to wait until mid-May for mystery security fixes
  • NIST to security admins: You've made passwords too hard

    Despite the fact that cybercriminals stole more than 3 billion user credentials in 2016, users don't seem to be getting savvier about their password usage. The good news is that how we think about password security is changing as other authentication methods become more popular.

  • Google Docs Phishing Scam a Game Changer

Security Leftovers

Filed under
Security
  • 4 Best Practices for Web Browser Security on Your Linux Workstation

    There is no question that the web browser will be the piece of software with the largest and the most exposed attack surface on your Linux workstation. It is a tool written specifically to download and execute untrusted, frequently hostile code.

    It attempts to shield you from this danger by employing multiple mechanisms such as sandboxes and code sanitization, but they have all been previously defeated on multiple occasions. System administrators should learn to approach browsing websites as the most insecure activity you’ll engage in on any given day.

  • 'Crazy bad' bug in Microsoft's Windows malware scanner can be used to install malware

    Miscreants can turn the tables on Microsoft and use its own antivirus engine against Windows users – by abusing it to install malware on vulnerable machines.

    A particularly nasty security flaw exists in Redmond's anti-malware software, which is packaged and marketed in various forms: Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Forefront Security for SharePoint, Microsoft Endpoint Protection, and Microsoft Forefront Endpoint Protection. All are, at this moment, at risk. It is switched on by default in Windows 8, 8.1, 10, and Windows Server 2012.

    It is possible for hackers to craft files that are booby-trapped with malicious code, and this nasty payload is executed inadvertently and automatically by the scanner while inspecting the data. The injected code runs with administrative privileges, allowing it to gain full control of the system, install spyware, steal files, and so on.

    In other words, while Microsoft's scanner is searching a downloaded file for malware, it can be tricked into running and installing the very sort of software nasty it's supposed to catch and kill.

  • [Microsoft Employee:] Why your security appliance will be hacked

    I’m no world-class hacker/penetration tester, but I’ve been able to break into any organization I’ve been (legally) hired to do so in an hour or less, except for one place that took me three hours. That was on my second engagement with the customer after it had implemented many of the protections I had recommended during my first visit.

  • How the Macron campaign slowed cyberattackers

4 Best Practices for Web Browser Security on Your Linux Workstation

Filed under
Linux
Security
Web

There is no question that the web browser will be the piece of software with the largest and the most exposed attack surface on your Linux workstation. It is a tool written specifically to download and execute untrusted, frequently hostile code.

It attempts to shield you from this danger by employing multiple mechanisms such as sandboxes and code sanitization, but they have all been previously defeated on multiple occasions. System administrators should learn to approach browsing websites as the most insecure activity you’ll engage in on any given day.

Read more

Security Leftovers

Filed under
Security
  • [Old] Intel ME: The Way of Static Analysis
  • CloudLinux 7 and CloudLinux 6 Users Get New Kernel That Patches CVE-2017-7895

    CloudLinux's Mykola Naugolnyi announced today the availability of new stable kernels for the CloudLinux 7, CloudLinux 6, and CloudLinux 6 Hybrid operating systems.

    The updated kernel is available for download right now from the production repository of the CloudLinux 7, CloudLinux 6 Hybrid, and CloudLinux 6 operating systems, versioned 3.10.0-427.36.1.lve1.4.47. It replaces kernel 3.10.0-427.36.1.lve1.4.44 on CloudLinux 7 and Hybrid, as well as kernel 2.6.32-673.26.1.lve1.4.25 on CloudLinux 6.

  • Mac users installing popular DVD ripper get nasty backdoor instead

    Hackers compromised a download server for a popular DVD-ripping software named HandBrake and used it to push stealthy malware that stole victims' password keychains, password vaults, and possibly the master credentials that decrypted them, security researchers said Monday.

  • Google's Fuzz bot exposes over 1,000 open-source bugs

    Google's OSS-Fuzz bug-hunting robot has been hard at work, and in recent months, over 1,000 bugs have been exposed.

    According to Chrome Security engineers Oliver Chang and Abhishek Arya, software engineer Kostya Serebryany and Google Security program manager Josh Armour, the OSS-Fuzz bot has been scouring the web over the past five months in the pursuit of security vulnerabilities which can be exploited.

More Security Leftovers

Filed under
Security
  • Types of DDoS Attacks

    Distributed Denial of Service attacks (DDoS) are a favorite attack method of hackers and hacktivists, in large part due to their simplicity. We list the different types of DDoS attacks and offer resources to stop DDoS attacks.

  • Using Emoji for fingerprint verification

    The messaging app Telegram recently introduced end-to-end encrypted voice calls. As most of you probably know, encryption without verification is pretty useless since there is the risk of man-in-the-middle attacks. I don’t want to get too much into details about this. The point I want to make is, that you should verify your partners fingerprint (hash of the used key) in order to be secure.

    The interesting part of Telegrams new feature is the way they verify fingerprints. Traditionally you are presented with a String of (typically hexadecimal – 0-9,A-F) characters. In the case of Conversations the fingerprint are 64 hexadecimal characters. Telegram on the other hand introduced the way of displaying 4 out of a set of 333 emojis (1). Note that this is only used to verify that the current voice call is secure. The next call would have a different fingerprint, so keep in mind, that we are talking about two different use cases here.

    Still, how do those two methods compare? Could we use emoji in conversations to verify the fingerprint of identity keys?

  • HandBrake For Mac Mirror Server Was Compromised And Infected With PROTON Malware

    HandBrake is an open-source and free transcoder for digital video files. It makes ripping a film from a DVD to a data storage device such as NAS boxes easier. HandBrake works Linux, macOS, and Windows. A Recent version of Handbrake for Mac and possibly other downloads at the same site infected with malware. If you have downloaded HandBrake on Mac between 2/May/2017 and 06/May/2017, you need to delete the file ASAP. HandBrake infected with a new variant of OSX.PROTON malware.

Security Leftovers

Filed under
Security
  • The Intel remote vulnerability is much, much worse than you thought

    Let’s take that again: a blank password to an always-open port sidesteps every single bit of authentication and security that is otherwise present.

  • The hijacking flaw that lurked in Intel chips is worse than anyone thought

    A remote hijacking flaw that lurked in Intel chips for seven years was more severe than many people imagined, because it allowed hackers to remotely gain administrative control over huge fleets of computers without entering a password. This is according to technical analyses published Friday.

  • The enduring myth of the hacker boy-band

    If it had seemed to infosec that the magazine might've had to go out of its way to find such an un-diverse group of hackers ... turns out, it did. Thompson's social media post revealed that during the course of reporting the story, there was "a meeting with the woman who runs the college's official hacking group."

  • SS7 flaw exploited by hackers to drain customers' bank accounts

    The weakness within the protocol has been known about since 2014, and in January, criminals exploited it to bypass the two-factor authentication method that banks use to protect unauthorised withdrawals from online accounts, German newspaper Suddeutsche Zeitung has reported.

  • Google phishing attack was foretold by researchers—and it may have used their code

    The "Google Docs" phishing attack that wormed its way through thousands of e-mail inboxes earlier this week exploited a threat that had been flagged earlier by at least three security researchers—one raised issues about the threat as early as October of 2011. In fact, the person or persons behind the attack may have copied the technique from a proof of concept posted by one security researcher to GitHub in February.

  • WPSeku – A Vulnerability Scanner to Find Security Issues in WordPress

    WordPress is a free and open-source, highly customizable content management system (CMS) that is being used by millions around the world to run blogs and fully functional websites. Because it is the most used CMS out there, there are so many potential WordPress security issues/vulnerabilities to be concerned about.

GNU/Linux Security: A look at QubesOS

Filed under
OS
Reviews
Security

Using GNU/Linux is by default more secure than using Microsoft Windows, this is common knowledge; however just because you use GNU/Linux, does not mean that your system is secure, and that is why some distributions have been created in order to maximize security; such as QubesOS.

QubesOS is very different from your typical run of the mill distro, such as Ubuntu or even the more hardcore like Arch Linux and Gentoo. QubesOS runs multiple virtual machines linked together under a single user-interface, to form a container based / compartmentalized operating system.

Read more

Security Leftovers

Filed under
Security
  • SELinux and --no-new-privs and the setpriv command.
  • Qualcomm study says sure, you can control a drone over LTE

    Internet-connected drones will be necessary if you're going to see fliers that can communicate when they're delivering packages, livestreaming video or otherwise coordinating with the outside world. But how well can you control them over an LTE data connection when they're soaring hundreds of feet above the ground? Quite well, if you ask Qualcomm. The chip maker has published the results of a trial run using LTE-linked drones, and it believes that they're ready for prime time... mostly.

    The dry run (which included over 1,000 flights) showed that existing cellular networks are up to the job. Drones will still get a strong LTE signal at altitudes as high as 400 feet, and they get "comparable" coverage. In fact, they have an advantage over the phone in your pocket -- they don't have to hand over connections as often as ground-based devices.

  • Fake Google Docs phishing deluge hits Gmail
  • 7 Steps to Fight Ransomware

    Perpetrators are shifting to more specific targets. This means companies must strengthen their defenses, and these strategies can help.

    Ransomware can be a highly lucrative system for extracting money from a customer. Victims are faced with an unpleasant choice: either pay the ransom or lose access to the encrypted files forever. Until now, ransomware has appeared to be opportunistic and driven through random phishing campaigns. These campaigns often, but not always, rely on large numbers of emails that are harvested without a singular focus on a company or individual.

  • Open Source Security Audit 'Should Be a Wake-Up Call' [Ed: Microsoft-connected media uses Microsoft-connected Black Duck to smear FOSS]
Syndicate content

More in Tux Machines

Debian Leftovers: Installer, CI, Stretch, and Devuan Jessie

Fedora Leftovers: Memorial Weekend ISO, LGBTQA Awareness Day and More

Linux 4.12 RC3, Linux Foundation Project Updates

  • Linux 4.12-rc3
    Hey, things continue to look good, and rc3 isn't even very big. I'm hoping there's not another shoe about to drop, but so far this really feels like a nice calm release cycle, despite the size of the merge window. Knock wood. Anyway, rc3 has a little bit of everything. The biggest single change is actually just a documentation update (the intel pstate docs were converted to rst format), so the diffstat actually looks a bit odd with a wuarter just being documentation. There's also some tooling updates (perf and some bpf selftest). But if you ignore those two pieces, it looks pretty normal: two thirds of it being drivers (gpu, nvme, scsi, tty, block), with the remainder being about half networking and haf "misc" (core kernel, header files, XFS, arch updates). Go forth and test, Linus
  • Linux 4.12-rc3 Kernel Released
    Linus Torvalds has announced the third weekly test candidate for the upcoming Linux 4.12 kernel debut. Linus commented of Linux 4.12-rc3 that it isn't a very big release over the prior RCs and so far it's a "nice calm release cycle." The biggest change this past week was actually documentation updates.
  • Linus Torvalds Announced the Third Release Candidate of the Linux 4.12 Kernel
    Even if it's Memorial weekend, Linus Torvalds is on the job announcing the release and immediate availability of the third RC (Release Candidate) milestone of the upcoming Linux 4.12 kernel series.
  • Hyperledger Sawtooth Graduates to Active Status
    We’re happy to share that Hyperledger’s Technical Steering Committee (TSC) has granted the Hyperledger Sawtooth maintainer’s request to advance the project’s status from Incubation to Active. Hyperledger Iroha also graduated today.
  • Stronger Together: How Cloud Foundry Supports Other Communities
    The open source Cloud Foundry application development platform was publicly announced over six years ago, and along the way, we have connected with other projects, adopting technologies from other open source communities as they matured. For example, before Docker was a company or even a project, the Cloud Foundry platform was using Linux containers to isolate deployed applications from one another. Our container implementation wasn’t built in a general purpose way like Docker’s; it wasn’t designed to solve all of the potential use cases for a container runtime. It was designed specifically to support the stateless web applications that Cloud Foundry was initially intended to support, and to do that in a secure, multitenant fashion.

Reasons to use the GNOME 3 desktop environment, cool KDE tweaks, and GNOME integration for Qt based application

  • 11 reasons to use the GNOME 3 desktop environment for Linux
    Late last year, an upgrade to Fedora 25 caused issues with the new version of KDE Plasma that made it difficult for me to get any work done. So I decided to try other Linux desktop environments for two reasons. First, I needed to get my work done. Second, having been using KDE exclusively for many years, I thought it might be time to try some different desktops.
  • Which Linux desktop environment do you prefer?
  • 7 cool KDE tweaks that will change your life
  • Gnome integration for Qt based applications in Flatpak
    Following blog post from Patrick Griffis about new themes support in Flatpak, we started working on supporting this new feature too. Currently wherever you start a Qt application, it would always look like a KDE application or something would be missing, like icons so you would end up with bad experience and mixed feelings. This is going to change now as we now support Gnome in form of icons, widget style and Qt platform theme and with this, when you run a Qt application in Gnome, it will look definitely better and more natively than before. We packaged regular adwaita icons which are used by default in Gnome as extension of freedesktop runtime. For widget style we use adwaita-qt style, which is a Qt style attempting to look like Gtk’s adwaita and the most important part putting this all together is QGnomePlatform, a Qt platform theme which reads your Gnome configuration and applies it to running Qt applications. QGnomePlatform also enforces Qt apps to use adwaita icons and adwaita-qt style by default so that’s another reason why it is important. Both adwaita-qt and QGnomePlatform projects are by the way authored by Martin Bříza, a collegue of mine from Red Hat so if you meet him in person somewhere buy him a beer for that he cares about Qt integration in Gnome :). Now coming to a question how to install this and make it work. Basically all you need to do is install following extensions and you shold be done: