Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers: Updates, 'Clouds', Cars, Erebus

Filed under
Security
  • Security updates for Friday
  • The 2 cloud security myths that must die
  • Open source security challenges in cars

    A revolution is underway in the automotive industry. The car is no longer simply a means of getting from here to there. Today’s car reaches out for music streamed from the cloud, allows hands-free phone calls, and provides real-time traffic information and personalised roadside assistance.

    Almost every modern automobile feature — speed monitoring, fuel efficiency tracking, anti-lock braking, traction and skid-control — is now digitised to provide drivers with easier, safer operation and better information.

  • Erebus Ransomware Targets Linux Servers

    The IT security researchers at Trend Micro recently discovered malware that has the potential to infect Linux-based servers. The malware, called Erebus, has been responsible for hijacking 153 Linux-based networks of a South Korean web-hosting company called NAYANA.

    [...]

    Once the user clicked on those ads, the ransomware would activate in the usual way.

Enhancing the security of the OS with cryptography changes in Red Hat Enterprise Linux 7.4

Filed under
Linux
Red Hat
Security

Today we see more and more attacks on operating systems taking advantage of various technologies, including obsolete cryptographic algorithms and protocols. As such, it is important for an operating system not only to carefully evaluate the new technologies that get introduced, but to also provide a process for phasing out technologies that are no longer relevant. Technologies with no practical use today increase the attack surface of the operating system and more specifically, in the cryptography field, introduce risks such as untrustworthy communication channels, when algorithms and protocols are being used after their useful lifetime.

Read more

Security Leftovers: CherryBlossom, Security Tps, Travel With Keys, Windows Malware in Electricity Systems, PGP Lapse

Filed under
Security
  • The CIA has lots of ways to hack your router

    According to new documents published by WikiLeaks, the CIA has been building and maintaining a host of tools to do just that. This morning, the group published new documents describing a program called Cherry Blossom, which uses a modified version of a given router’s firmware to turn it into a surveillance tool. Once in place, Cherry Blossom lets a remote agent monitor the target’s internet traffic, scan for useful information like passwords, and even redirect the target to a desired website.

  • Advanced CIA firmware has been infecting Wi-Fi routers for years

    Home routers from 10 manufacturers, including Linksys, DLink, and Belkin, can be turned into covert listening posts that allow the Central Intelligence Agency to monitor and manipulate incoming and outgoing traffic and infect connected devices. That's according to secret documents posted Thursday by WikiLeaks.

    CherryBlossom, as the implant is code-named, can be especially effective against targets using some D-Link-made DIR-130 and Linksys-manufactured WRT300N models because they can be remotely infected even when they use a strong administrative password. An exploit code-named Tomato can extract their passwords as long as a default feature known as universal plug and play remains on. Routers that are protected by a default or easily-guessed administrative password are, of course, trivial to infect. In all, documents say CherryBlossom runs on 25 router models, although it's likely modifications would allow the implant to run on at least 100 more.

  • 3 security tips for software developers

    Every developer knows the importance of following best security practices. But too often we cut corners, maybe because we have to work hard until those security practices sink in. Unfortunately, that usually takes something like seeing a security malpractice that's so bad it gets marked in indelible ink in our brains.

    I've seen a lot of instances of poor security practices during my career as a sysadmin, but the three I'm going to describe here are basic things that every software developer should avoid. It's important to note that I've seen every single one of these errors committed by large companies and experienced developers, so you can't chalk these mistakes up to novice junior engineers.

  • Travel (Linux) laptop setup

    I understand that this is way too paranoid for most people (and not nearly paranoid enough for some others -- as I like to say, IT security is just like driving on the highway in the sense that anyone going slower than you is an idiot, and anyone going faster is clearly a maniac). Whether this guide is of any use to you is entirely your call, but I hope I gave you some good ideas to help secure your digital life next time you are away from the comfort of your home or office.

  • Potent malware targets electricity systems

    "In that way, it can be immediately re-purposed in Europe and portions of the Middle East and Asia."

    In addition, it said, the malware could be adapted "with a small amount of tailoring" to render it potent against the North American power grid.

    It said that the malware can be applied to work at several electricity substations at the same time, giving it the power to create a widespread power shutdown that could last for hours and potentially days.

  • KMail’s ‘Send Later’ caused PGP encrypted private emails to be sent in plain-text

    I recently discovered the security vulnerability CVE-2017-9604 in the KDE Project’s KMail email client. This vulnerability led KMail to not encrypt email messages scheduled to be sent with a delay, even when KMail gave every indication that the email contents would be encrypted using OpenPGP.

IPFire 2.19 Linux Firewall Gets WPA Enterprise Authentication in Client Mode

Filed under
GNU
Linux
Security

Michael Tremer from the IPFire Project announced the availability of a new stable update for the IPFire 2.19 series of the open-source Linux-based firewall distribution.

IPFire 2.19 Core Update 111 is now live and it appears to be a major update adding quite a large number of new features to the firewall, along with dozens of up-to-date components. The biggest change, however, seems to be the ability for IPFire to authenticate itself with an EAP (Extensible Authentication Protocol)-enabled wireless network, supporting both TTLS and PEAP methods.

Read more

Security Leftovers: CyberSecurity, Cryptocoin, and SMB

Filed under
Security

Security Leftovers: Microsoft PowerShell Threat, DevSecOps, Botnets, USB, and Death of Microsoft's Docs.com

Filed under
Security
  • Fileless malware attack against US restaurants went undetected by most AV [Ed: Microsoft PowerShell leaves restaurants open to attacks]
  • DevSecOps is Not a Security Panacea

    Many development teams view security as an impediment to agility and innovation, but efforts over the past few years have tried to integrate security controls and testing directly into DevOps workflows without sacrificing development speed and deployment flexibility.

    Known as DevSecOps, this marriage between security and agile development aims to implement core security tasks like event monitoring, patch management, privilege control and vulnerability assessment directly into DevOps processes. This includes dynamic and static vulnerability testing at all levels of the development cycle, so that major flaws can be discovered early on, before the code makes it into production.

  • Commerce Seeks Input on Fighting Botnets

    The Commerce Department is asking for public input on what the government should do to combat cyberattacks launched by armies of infected computers.

  • ​How to use Linux's built-in USB attack protection

    There are USB sticks that will destroy your computer, USB sticks loaded with spyware, and even official enterprise USB sticks infected with malware. Last, but never least, when it comes to stealing data from a computer, you can't beat a USB stick. There are devices like the USG USB stick firewall, which can protect you, or if you're a Linux user, you can always stop attackers armed with USB sticks with USBGuard.

  • [Older] Patches Available for Linux Sudo Vulnerability
  • Lack of Experience May Plague IoT Security Startups [Ed: An even worse culprit is intelligence agencies intentionally weakening software/libraries for back door access (remote domination)]
  • Microsoft kills off Docs.com in favour of LinkedIn SlideShare

    Docs.com, which originally began as a collaboration between Microsoft and Facebook to provide a service similar to Google Docs, is being closed in favour of SlideShare, a service that Microsoft acquired along with its purchase of LinkedIn.

GNU/Linux Prevents Back Doors, Microsoft Patches Some

Filed under
GNU
Linux
Microsoft
Security

Tails 3.0 Anonymous Operating System Officially Released, Based on Debian 9

Filed under
Security
Debian

The developers of the Tails amnesic incognito live system, also known as the anonymous operating system, were proud to announce today the release and immediate availability of Tails 3.0.

Tails 3.0 is a major update that's based entirely on the repositories of the soon-to-be-released Debian GNU/Linux 9 "Stretch" operating system. It's also the first version of the operating system to be launched approximately at the same time as a new major release of Debian GNU/Linux.

Read more

Securing Your Linux System Bit by Bit

Filed under
Linux
Security

As daunting as securing your Linux system might seem, one thing to remember is that every extra step makes a difference. It's almost always better to make a modest stride than let uncertainty keep you from starting.

Fortunately, there are a few basic techniques that greatly benefit users at all levels, and knowing how to securely wipe your hard drive in Linux is one of them. Because I adopted Linux primarily with security in mind, this is one of the first things I learned. Once you have absorbed this lesson, you will be able to part with your hard drives safely.

Read more

Syndicate content

More in Tux Machines

5 Kubernetes must-reads: Tips and trends

Kubernetes is having a moment – but don’t look for its popularity to wane anytime soon. As enterprises move beyond experimenting and start working in earnest with containers, the number of containers multiply: So do the manual chores. Orchestration tools like Kubernetes add automated help. “Running a few standalone containers for development purposes won’t rob your IT team of time or patience: A standards-based container runtime by itself will do the job,” Red Hat technology evangelist Gordon Haff recently noted. “But once you scale to a production environment and multiple applications spanning many containers, it’s clear that you need a way to coordinate those containers to deliver the individual services. As containers accumulate, complexity grows. Eventually, you need to take a step back and group containers along with the coordinated services they need, such as networking, security, and telemetry.” (See Haff’s full article, How enterprise IT uses Kubernetes to tame container complexity.) Read more

Australian Securities Exchange completes Red Hat migration

The Australian Securities Exchange (ASX) has completed the migration of "mission-critical" legacy applications to the Red Hat JBoss Enterprise Application Platform (JBoss EAP). ASX first deployed JBoss EAP in 2011 to modernise its legacy technologies and to facilitate the introduction of new web applications after it realised its legacy application server platform was becoming increasingly inconsistent, unstable, and expensive. After the initial ASX Online Company migration was complete in 2012, ASX used JBoss EAP to build the ASX.com API, as well as its Sharemarket Game, which gives players the opportunity to learn how the share market works. Read more

Programming/Development: GAPID 1.0 and Atom 1.23

  • Diagnose and understand your app's GPU behavior with GAPID
  • GAPID 1.0 Released As Google's Cross-Platform Vulkan Debugger
    Back in March we wrote about GAPID as a new Google-developed Vulkan debugger in its early stages. Fast forward to today, GAPID 1.0 has been released for debugging Vulkan apps/games on Linux/Windows/Android as well as OpenGL ES on Android. GAPID is short for the Graphics API Debugger and allows for analyzing rendering and performance issues with ease using its GUI interface. GAPID also allows for easily experimenting with code changes to see their rendering impact and allows for offline debugging. GAPID has its own format and capturetrace utility for capturing traces of Vulkan (or GLES on Android too) programs for replaying later on with GAPID.
  • Hackable Text Editor Atom 1.23 Adds Better Compatibility for External Git Tools
    GitHub released Atom 1.23, the monthly update of the open-source and cross-platform hackable text editor application loved by numerous developers all over the world. Including a month's worth of enhancements, Atom 1.23 comes with the ability for packages to register URI handler functions, which can be invoked whenever the user visits a URI that starts with "atom://package-name/," and a new option to hide certain commands in the command palette when registering them via "atom.commands.add." Atom 1.23 also improves the compatibility with external Git tools, as well as the performance of the editor by modifying the behavior of several APIs to no longer make callbacks more than once in a text buffer transaction. Along with Atom 1.23, GitHub also released Teletype 0.4.0, a tool that allows developers to collaborate simultaneously on multiple files.

Red Hat GNU/Linux and More