Language Selection

English French German Italian Portuguese Spanish

Security

Security: New Release of HardenedBSD, Windows Leaks Details of Windows Back Doors

Filed under
Security
  • Stable release: HardenedBSD-stable 11-STABLE v1100054
  • Kaspersky blames NSA hack on infected Microsoft software

    Embattled computer security firm Kaspersky Lab said Thursday that malware-infected Microsoft Office software and not its own was to blame for the hacking theft of top-secret US intelligence materials.

    Adding tantalizing new details to the cyber-espionage mystery that has rocked the US intelligence community, Kaspersky also said there was a China link to the hack.

  • Investigation Report for the September 2014 Equation malware detection incident in the US

    In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system. Given that Kaspersky Lab has been at the forefront of fighting cyberespionage and cybercriminal activities on the Internet for over 20 years now, these allegations were treated very seriously. To assist any independent investigators and all the people who have been asking us questions whether those allegations were true, we decided to conduct an internal investigation to attempt to answer a few questions we had related to the article and some others that followed it:

  • Kaspersky: Clumsy NSA leak snoop's PC was packed with malware

    Kaspersky Lab, the US government's least favorite computer security outfit, has published its full technical report into claims Russian intelligence used its antivirus tools to steal NSA secrets.

    Last month, anonymous sources alleged that in 2015, an NSA engineer took home a big bunch of the agency's cyber-weapons to work on them on his home Windows PC, which was running the Russian biz's antimalware software – kind of a compliment when you think about it. The classified exploit code and associated documents on the personal system were then slurped by Kremlin spies via his copy of Kaspersky antivirus, it was claimed.

Security: Google, Vulnerabilities Equities Process (VEP), Quad9 and More

Filed under
Security
  • Google investigators find hackers swipe nearly 250,000 passwords a week

    Hackers are constantly trying to break into Google accounts, so Google researchers spent a year tracing how hackers steal passwords and expose them on the internet's black market.

    To gather hard evidence about the tools hackers use to swipe passwords, Google collaborated with University of California Berkeley cybersecurity experts to track activity on some of these markets. On Thursday, they published their results.

  • Time Will Tell if the New Vulnerabilities Equities Process Is a Step Forward for Transparency

    The White House has released a new and apparently improved Vulnerabilities Equities Process (VEP), showing signs that there will be more transparency into the government’s knowledge and use of zero day vulnerabilities. In recent years, the U.S. intelligence community has faced questions about whether it “stockpiles” vulnerabilities rather than disclosing them to affected companies or organizations, and this scrutiny has only ramped up after groups like the Shadow Brokers have leaked powerful government exploits. According to White House Cybersecurity Coordinator Rob Joyce, the form of yesterday’s release and the revised policy itself are intended to highlight the government’s commitment to transparency because it’s “the right thing to do.”

  • Security updates for Friday
  • Quad9 Secure DNS Service Embeds IBM Security Intelligence
  • New “Quad9” DNS service blocks malicious domains for everyone

    The Global Cyber Alliance (GCA)—an organization founded by law enforcement and research organizations to help reduce cyber-crime—has partnered with IBM and Packet Clearing House to launch a free public Domain Name Service system. That system is intended to block domains associated with botnets, phishing attacks, and other malicious Internet hosts—primarily targeted at organizations that don't run their own DNS blacklisting and whitelisting services. Called Quad9 (after the 9.9.9.9 Internet Protocol address the service has obtained), the service works like any other public DNS server (such as Google's), except that it won't return name resolutions for sites that are identified via threat feeds the service aggregates daily.

  • The Internet of Shit is so manifestly insecure that people are staying away from it in droves
  • Security updates for Thursday
  • [Ubuntu] Security Team Weekly Summary: November 16, 2017
  • Hacking Blockchain with Smart Contracts to Control a Botnet

    Blockchain has been hailed by some in the technology industry as a potential method to help improve cyber security. However, security researcher Majid Malaika warns that Blockchain can potentially be abused to enable a new form of botnet that would be very difficult to take down.

    Malaika detailed his Blockchain-powered botnet in a session at the SecTor security conference on Nov. 15. The overall attack method has been dubbed "Botract" by Malaika, as it abuses inherent functionality in the smart contracts that help to enable Blockchain.

  • What Can The Philosophy of Unix Teach Us About Security?

Security: Boeing 757, Security Education Companion, Kaspersky 'Damage Control' and FUD

Filed under
Security

Security: Jobs, Linux 4.14, Bruce Schneier, Spyhunter

Filed under
Security
  • Security updates for Wednesday
  • Security Jobs Are Hot: Get Trained and Get Noticed

    The demand for security professionals is real. On Dice.com, 15 percent of the more than 75K jobs are security positions. “Every year in the U.S., 40,000 jobs for information security analysts go unfilled, and employers are struggling to fill 200,000 other cyber-security related roles, according to cyber security data tool CyberSeek” (Forbes). We know that there is a fast-increasing need for security specialists, but that the interest level is low.

  • security things in Linux v4.14
  • Schneier: It's Time to Regulate IoT to Improve Cyber-Security

    The time has come for the U.S. government and other governments around the world, to start regulating Internet of Things (IoT) security, according to Bruce Schneier, CTO of IBM's Resilient Systems.

    Schneier delivered his message during a keynote address at the SecTor security conference here. He noted that today everything is basically a computer, whether it's a car, a watch, a phone or a television. IoT today has several parts including sensors that collect data, computing power to figure out what to do with the collected data and then actuators that affect the real world.

  • Shady Anti-Spyware Developer Loses Lawsuit Against Competitor Who Flagged Its Software As Malicious

    Enigma Software makes Spyhunter, a malware-fighting program with a very questionable reputation. But the company isn't known so much for containing threats as it's known for issuing threats. It sued a review site for having the audacity to suggest its pay-to-clean anti-spyware software wasn't a good fit for most users… or really any users at all.

    Bleeping Computer found itself served with a defamation lawsuit for making fact-based claims (with links to supporting evidence) about Enigma's dubious product, dubious customer service tactics (like the always-popular "auto-renew"), and dubious lawsuits. Somehow, this dubious lawsuit managed to survive a motion to dismiss. Fortunately, Bleeping Computer was propped up by Malwarebytes' developers, who tossed $5,000 into Bleeping Computer's legal defense fund.

Security Leftovers

Filed under
Security
  • Survey of bug bounty hunters shows who pans for pwns

    Asking the crowd for help in fixing security problems is going mainstream. Microsoft, Facebook, and other tech giants have offered "bug bounties"—cash rewards or other prizes and recognition—to individuals discovering vulnerabilities in their products for years. (Ars even made it onto Google's security wall of fame in 2014 for reporting a Google search bug, though we didn't get a cash payout.)

  • Mother-Son Duo Fools iPhone X Face ID Like It’s No Big Deal

    Uploaded by Attaullah Malik on YouTube, the 41-second clip shows his 10-year-old son unlocking Face ID on an iPhone X which was configured to accept the mother’s face.

  • Watch a 10-Year-Old's Face Unlock His Mom's iPhone X

     

    Malik offered to let Ammar look at his phone instead, but the boy picked up his mother's, not knowing which was which. And a split second after he looked at it, the phone unlocked.

  • This 10-year-old was able to unlock his mom’s iPhone using Face ID

     

    Although Apple says Face ID is more secure than Touch ID, this raises questions about the possibility of false positives not only happening with twins and siblings around the same age, but with people of different sexes and significantly different ages. It is possible that the son’s age played a role as Apple has said that the “undeveloped facial features” in those under the age of 13 could cause issues with Face ID.

  • Safety alert: see how easy it is for almost anyone to hack [sic] your child’s connected toys

    Watch our video below to see just how easy it is for anyone to take over the voice control of a popular connected toy, and speak directly to your child through it. And we’re not talking professional hackers [sic]. It’s easy enough for almost anyone to do.

  • Trump administation to release rules on disclosure of cybersecurity flaws: NSA

    The Trump administration is expected to publicly release on 15 November its rules for deciding whether to disclose cybersecurity flaws or keep them secret, a national security official told Reuters.

Tails 3.3 is out

Filed under
Security
Debian

This release fixes many security issues and users should upgrade as soon as possible.

Read more

Security: USB Bugs, OnePlus 'Back Door', and ME 'Back Door'

Filed under
Security

Security: Kaspersky in the UK and Apple's Face ID

Filed under
Security

Security: Kaspersky, Shadow Brokers, Core Infrastructure Initiative, Face ID

Filed under
Security
  • The Daily Mail whisks up Kaspersky fears - but where's the meat?

    Make a note. Whenever you see the Daily Mail publish a headline which asks a question, the correct answer is invariably "no". If they had any reason to believe it was "yes", then they wouldn't have posed it as a question.

    The truth is that newspapers post these "Is the Loch Ness Monster on Tinder?"-style headlines because they know they'll get more clicks than if they use a headline which reflects the actual conclusion of the article.

  • NSA Cyber Weapons Turned Against Them in Hack

    A hack on the National Security Agency, claimed by a group called the “Shadow Brokers,” has caused a chilling effect on agency staffers, as they wonder whether it was a foreign hacker or someone on the inside.

  • Why the cybersecurity industry should care about Open Source maintenance

    In June of this year, Thales eSecurity joined the Core Infrastructure Initiative (CII), a project both founded and managed by The Linux Foundation, with the aim of collaboratively enhancing and strengthening the security and resilience of critical Open Source projects. Many of the world’s largest technology companies already belong to the CII, with Thales being officially recognised as the first global security firm to join the initiative.

  • You Can Easily Beat iPhone X Face ID Using This 3D-Printed Mask

    When it launched the iPhone X, Apple said that the company has worked with professional mask makers and Hollywood makeup artists. It was to make sure their facial recognition tech doesn’t fail when someone attempts to beat it.

Security: Proprietary Software and Microsoft's Back Doors

Filed under
Microsoft
Security
  • Hackers Can Use Your Antivirus Software To Spread Malware [Ed: Crackers can use just about any proprietary software to spread other (even more malicious) proprietary software]
  • NYT: NSA Spy Units Forced to 'Start Over' After Leaks, Hacks
  • Media: homeland security USA “shocked” by the data theft [Ed: "shocked" by impact of its own collusion with Microsoft]
  • Report: NSA Hunts for Moles Amid Crippling Information Leaks

    The National Security Agency has spent more than a year investigating a series of catastrophic breaches and has yet to determine whether it’s fighting foreign hackers or a mole inside the agency, The New York Times reports. At the center of the saga is a mysterious group called the Shadow Brokers, which has been taunting the agency with periodic dumps of secret code online—leaks that employees say are much more damaging to national security than the information leaked by former NSA contractor Edward Snowden. Some of the stolen code has been used in global malware attacks such as the WannaCry cyberattack, which crippled hospitals and government institutions across the world. Current and former employees have described a mole hunt inside the agency, with some employees reportedly asked to hand over their passports and undergo questioning. Yet investigators still don’t know who the culprits are, be it an insider who stole an entire thumb drive of sensitive code, or a group of Russian hackers—for some, the prime suspects—who managed to breach NSA defenses. “How much longer are the releases going to come?” one former employee was cited as saying. “The agency doesn’t know how to stop it—or even what ‘it’ is.”

Syndicate content

More in Tux Machines

Graphics: AMD, RADV, RadeonSI, Mesa 18.0.1

  • AMDGPU DRM Gets "GFXOFF" Patches To Turn Off Graphics Engine
    AMD's Huang Rui has posted a set of 20 patches providing "GFXOFF" support for the AMDGPU Direct Rendering Manager Linux kernel driver. GFXOFF is a new graphics processor feature that allows for powering off the graphics engine when it would otherwise be idle with no graphics workload. Obviously, this would equate to a potentially significant power savings with that engine being able to be shut-off.
  • RADV Driver Lands Support For Vulkan's New Descriptor Indexing Extension
    Earlier this month with the Vulkan 1.1.72 specification update was the new VK_EXT_descriptor_indexing extension that is quickly being well received by developers. The VK_EXT_descriptor_indexing extension allows for creating large descriptor sets made up of all their combined resources and selecting those resources via dynamic indexes in a shader.
  • RadeonSI Now Appears To Support "RX Vega M" With Intel Core CPUs
    One of the most common Linux hardware questions I've received dozens of times in the past few weeks alone has been over the support for "RX Vega M" Vega-based graphics processors found on select newer Intel Kabylake CPUs. It appears RadeonSI at least should now support these Radeon graphics on Intel CPUs.
  • mesa 18.0.1
  • Mesa 18.0.1 Released With A Number Of Fixes
    In addition to Mesa 17.3.9 being released today, Mesa 18.0.1 also rolled out the door as the first point release to last quarter's Mesa 18.0 series. Mesa 18.0.1 features improvements to its Meson build system support, several RADV Vulkan driver fixes, various fixes to the Gallium3D Nine (D3D9) state tracker, various Intel driver fixes, several core Mesa improvements, and then the other random smothering of fixes collected over the past few weeks.

Programming: nGraph Compiler, JavaScript Trademark, PyPI and Pip

  • Intel Opens Up nGraph Source Code For DNN Model Compiler
    Intel tonight announced they are open-sourcing their nGraph compiler code, which serves as a framework-neutral deep neural network model compiler. Intel claims with nGraph and Xeon Scalable hardware that researchers can obtain up to 10x performance improvements over previous TensorFlow integrations, as one example. Besides TensorFlow, nGraph also supports PyTorch, MXNet, Neon, Caffe2, and CNTK while also planning to support other frameworks moving forward.
  • Why it's finally time to give up on the name JavaScript
    An iOS developer has apparently received a cease and desist notice from Oracle over the use of the word "JavaScript" in the title of their app. The developer, Tyanya Software, shared the notice on perennial internet soapbox Reddit to seek advice on how to fight the order. [...] If user reviews are any indication, the app is not even particularly good, with reviewers stating things such as "Not ready for production," "Does not work as advertised," and "Waste of money, don't buy this." The last update to the app was in 2014, which the changelog notes was only an upgrade to add support for iOS 8. The app developer is at least honest about the intent behind the unwieldy name for the app, saying in a Reddit comment that "we game the App Store ranking by adding all the keywords to the app name." While Oracle has a duty to protect their trademarks, this type of legal bludgeoning underscores a historical problem that has been left unaddressed for too long: JavaScript is a terrible name for the thing being described. It has nothing to do with Java, an actual product developed by Sun (now owned by Oracle). JavaScript was developed at Mozilla, and the name was changed during beta releases of Netscape Navigator 2.0 from "LiveScript" to "JavaScript." It has, for some time, caused confusion among casual web users about the difference between Java and JavaScript. Given that ECMAScript is also a trademarked term, it seems best to revert to calling the language "LiveScript" to undercut trademark-related legal posturing. [...] Oracle declined to comment on this story.
  • New PyPI launched
    The new PyPI has been launched. Browser traffic and API calls (including "pip install") have been redirected from the old pypi.python.org to the new site. The old PyPI will shut down on April 30. LWN covered the new PyPI last week.
  • Pip 10.0 has been released
    The release of pip 10.0 has been announced. Some highlights of this release include the removal of Python 2.6 support, limited PEP 518 support (with more to come), a new "pip config" command, and other improvements.

Meltdown/PTI Mitigation Impact On BSDs vs. Linux

Besides the fresh BSD/Linux disk performance tests, some other tests I ran on various BSDs and Linux distributions this week was looking at the performance impact of Intel Meltdown CPU vulnerability mitigation on each of them, namely the performance impact of using kernel page-table isolation. On DragonFlyBSD 5.2, TrueOS 18.03, Ubuntu 16.04, Ubuntu 18.04, and Clear Linux I ran tests when the mitigation was enabled and then again when it was off for seeing the performance impact. Read more

Red Hat and Fedora Leftovers

  • Enterprise Node.js on OpenShift, April 19th, 12 p.m. EDT
    The next online DevNation Live Tech Talk is Thursday, April 19th at 12pm EDT. The topic is “Enterprise Node.js on Red Hat OpenShift” presented by Lance Ball, and hosted by Burr Sutter. The popularity of JavaScript on the front end and the JSON format for data has led to a “JavaScript Everywhere” movement with Node.js at the center. Node.js offers developers an event-driven, non-blocking I/O model that is perfect for high concurrency, low-latency applications that run across distributed devices. Its reactive architecture makes it an ideal technology for containerized microservices architectures you’ve been hearing so much about.
  • President to President with Luc Villeneuve, Red Hat Canada
    ITWC President Fawn Annan gets to the point with Red Hat’s general manager for Canada. Villeneuve speaks about building the open source technology firm in the country, the unique differences when dealing with the Quebec market, and how he fosters a positive culture in the workplace. Plus, he dishes on how his experience in journey hockey taught him how to build a successful sales team.
  • Be mindful of jumping into an open source project too soon: RedHat CTO
    Open source software has long been seen as a movement towards collaborative development. In a conversation with BusinessLine, Chris Wright, Vice-President & CTO at RedHat, talks about some of the challenges the open source community is facing and why it is important to set expectations right when it comes to promoting open source software. Edited excerpts:
  • DevOps Tool Market Global Manufacturers: Chef, Atlassian, Saltstac, Red Hat and Docker Inc.
  • Two sizzlers stock’s are not to be missed: Red Hat, Inc. (RHT), Navient Corporation (NAVI)
  • Fedora Community Blog: Fedora meetup at Pune – March 2018
    Long time we did not had any meetup at Pune, Maharashtra, India, so we decided to get started again. Details about this meetup are available at Fedora Wiki page. Planning for meetup started 1 month before. Initially Ompragash proposed to have meetup.com account for Fedora Pune to get more awareness. Later dropped this plan, since this is not only Fedora Pune level topic but applicable for all Fedora events.
  • Fedora 28 Beta – dnf system-upgrade
    Used DNF to remove duplicate rpms, reinstalled the new kernel and libwbclient, and corrected GNOME’s right-click behaviour, and all is well.