Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security
  • Microsoft Got Hacked And Didn't Tell Anyone

    Microsoft knew that Chinese spies hacked people using Hotmail accounts for years — and didn’t tell any of the people who were hacked.

  • Are You Ready For Linux Ransomware? [Ed: Are you ready for Linux FUD? Here you go… ]
  • Secure Boot — Fedora, RHEL, and Shim Upstream Maintenance: Government Involvement or Lack Thereof

    Note that there are parts of this chain I’m not a part of, and obviously linux distributions I’m not involved in that support Secure Boot. I encourage other maintainers to offer similar statements for their respective involvement.

  • Security advisories for Monday
  • I am Using Let’s Encrypt on my server now

    I just moved my web server’s SSL/TLS certificates to Let’s Encrypt and I am positively surprised how relatively easy it was.

    In all honesty, it started as a simple “Hullo! What’s this all about?” and after toying with it a bit, I decided to simply use it to replace all my CAcert.org and StartSSL certificates.

  • Dutch govt says no to backdoors, slides $540k into OpenSSL without breaking eye contact

    The Dutch government has formally opposed the introduction of backdoors in encryption products.

    A government position paper, published by the Ministry of Security and Justice on Monday and signed by the security and business ministers, concludes that "the government believes that it is currently not appropriate to adopt restrictive legal measures against the development, availability and use of encryption within the Netherlands."

    The conclusion comes at the end of a five-page run-through of the arguments for greater encryption and the counter-arguments for allowing the authorities access to the information.

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security
  • New Year's Eve security updates
  • The current state of boot security

    I gave a presentation at 32C3 this week. One of the things I said was "If any of you are doing seriously confidential work on Apple laptops, stop. For the love of god, please stop." I didn't really have time to go into the details of that at the time, but right now I'm sitting on a plane with a ridiculous sinus headache and the pseudoephedrine hasn't kicked in yet so here we go.

  • Researcher criticises 'weak' crypto in Internet of Things alarm system

    Security shortcomings in an internet-connected burglar alarm system from UK firm Texecom leave it open to hack attacks, an engineer turned security researcher warns.

    Luca Lo Castro said he had come across shortcomings in the encryption of communication after buying Texecom’s Premier Elite Control Panel and ComIP module and assembling it.

    To be able to remote control the alarm system remotely, you open a firewall port in the router and do a port forwarding to the internet. But this allows the mobile app to directly connect to the ComIP module over an unencrypted connection, Lo Castro discovered.

    Using WireShark, he said he had discovered that data traffic between the mobile app and the control panel is done in clear text or encoded to BASE64. That means potentially confidential information like the alarm control panel (UDL) password, device name and location are exposed, as a blog post by Lo Castro explains.

Don't believe the hype: That GRUB backspace bug wasn't a big deal

Filed under
Linux
Security

You can hack any Linux system just by pressing the backspace key 28 times! That's what some sites would have you believe after an unfortunate GRUB bug was recently made public. But this won't actually allow you to easily own any Linux system.

Read more

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security
  • Chaos Computer Club: Europe's biggest hackers' congress underway in Hamburg

    Some 12,000 hackers are challenging the power of Google, Facebook and Youtube to filter information and shape users' view of the world. One of them demonstrated how to hack into VW's cheating software.

  • Password-less database 'open-sources' 191m US voter records on the web

    Austin-based Chris Vickery – who earlier this month found records on 3.3 million Hello Kitty users splashed online – says the wide-open system contains the full names, dates of birth, home addresses, and phone numbers of voters, as well as their likely political affiliation and which elections they have voted in since 2000.

  • The next wave of cybercrime will come through your smart TV

    Smart TVs are opening a new window of attack for cybercriminals, as their security defenses often lag far behind those of smartphones and desktop computers.

    Smart TVs are opening a new window of attack for cybercriminals, as the security defenses of the devices often lag far behind those of smartphones and desktop computers.

    Running mobile operating systems such as Android, smart TVs present a soft target due to how to manufacturers are emphasizing convenience for users over security, a trade-off that could have severe consequences.

  • Nemesis Bootkit Malware the new stealthy Payment Card.

    After I read many articles I got this infos about Nemesis Bootkit Malware:
    - suspected to originate from Russia;
    - infect PCs by loading before Windows starts
    - has ability to modify the legitimate volume boot record;
    - seam to be like another Windows rootkit named Alureon;
    - intercepts several system interrupts to pass boot process;
    - can steal payment data from anyone's not just targeting financial institutions and retailers;
    - this malware hides between partitions and is also almost impossible to remove;

  • Thanks to Apple, WebKitGTK+ Devs Patch More Than 100 Security Vulnerabilities

    The developers of the WebKitGTK+ open source WebKit rendering engine used in the popular GNOME desktop environment reported that the software has been hit hard by over 130 security vulnerabilities, urging all users to update as soon as possible.

See why Keeper is a world-class Android password manager

Filed under
Android
Security

I highly recommend using a password manager on your mobile device. You have to do as much as you can to keep sensitive data from prying eyes. If you must carry passwords with you, an app like Keeper is a must have.

Read more

Syndicate content

More in Tux Machines

GeckoLinux 421.160627.0 "Static" Editions Released Based on openSUSE Leap 42.1

Users of the GeckoLinux distribution are in for yet another treat after the announcement of updated GeckoLinux 421.160623.0 "Rolling" Editions based on the latest openSUSE Tumbleweed snapshots. Read more

Parsix GNU/Linux 8.5 and 8.10 Receive New Security Patches, Latest LTS Kernels

Today, June 28, 2016, the developers behind the Debian-based Parsix GNU/Linux computer operating system have announced that new security patches and kernel versions are available for both Parsix GNU/Linux 8.5 and 8.10. Read more

Five reasons to switch from Windows to Linux

Linux has been in the ascendancy ever since the open source operating system was released, and has been improved and refined over time so that a typical distribution is now a polished and complete package comprising virtually everything the user needs, whether for a server or personal system. Much of the web runs on Linux, and a great many smartphones, and numerous other systems, from the Raspberry Pi to the most powerful supercomputers. So is it time to switch from Windows to Linux? Here are five reasons why. Read more

today's leftovers