Language Selection

English French German Italian Portuguese Spanish

Security

Security News

Filed under
Security
  • Pokémon-inspired rootkit attacks Linux systems [Ed: Media hyping up "Linux" threat which requires 1) the cracker has access to the device. 2) cracker installs malware.]

    Provides backdoor and traffic-hiding capabilities.

    A new persistent stealthy malware that can give attackers full control over Linux servers has been discovered by researchers.

    Researcher Fernando Mercês with security vendor Trend Micro said the malware - a rootkit family - is named after a character in the Pokémon fantasy game called Umbreon.

    Umbreon is a dark Pokémon that hides in the night, an "appropriate characteristic for a rootkit," Mercês wrote.

  • Pokémon-loving VXer targets Linux with 'Umbreon' rootkit [Ed: More hysteria, now in British media, over something that's not a real risk, thanks to self promotion]
  • ,

  • LuaBot Is the First Botnet Malware Coded in Lua Targeting Linux Platforms [Ed: so don’t install malware]

    Unlike Mirai, which is the fruit of a two-year-long coding frenzy, LuaBot is in its early stages of development, with the first detection being reported only a week ago and a zero detection rate on VirusTotal for current samples.

  • Nearly 800,000 Brazzers Porn Site Accounts Exposed in Forum Hack [Ed: Remember Canonical having Ubuntu Forums cracked, twice, due to proprietary vBulletin? Well, vBulletin -- again.]

    Nearly 800,000 accounts for popular porn site Brazzers have been exposed in a data breach. Although the data originated from the company's separate forum, Brazzers users who never signed up to the forum may also find their details included in the dump.

    Motherboard was provided the dataset by breach monitoring site Vigilante.pw for verification purposes. The data contains 790,724 unique email addresses, and also includes usernames and plaintext passwords. (The set has 928,072 entries in all, but many are duplicates.)

    Troy Hunt, a security researcher and creator of the website Have I Been Pwned? helped verify the dataset by contacting subscribers to his site, who confirmed a number of their details from the data.

Debian plugs Linux 'TCP snoop' bug

Filed under
Security
Debian

Debian's maintainers have moved to plug the TCP snooping flaw that emerged in August 2016.

The bug, CVE-2016-5696, was spotted by University of California Riverside's Zhiyun Qian and his collaborators and published in August.

It enabled an attack against Linux (and Android) implementations of RFC 5961, which used challenge ACK packets to try and harden Linux. The implementation bug, present in the kernel since 2012, meant targets could be fooled into rate-limiting their challenge ACKs, letting an attacker work out sequence numbering when it resumed.

Read more

Security News

Filed under
Security

Additional Information About Linux Foundation Breach

Filed under
Linux
Server
Security
  • Linux project mum after man indicted for 2011 breach

    The Linux Kernel Organisation, the non-profit that manages development of the kernel, is still reluctant to make any statement about a breach of its servers that took place more than five years ago, despite the fact that a man from South Florida has been charged with being responsible for the intrusion.

    The same man, named as Donald Ryan Austin by the US Attorney's Office in the Northern District of California, was also charged with gaining unauthorised access to the servers of the Linux Foundation, an organisation that employs Linux creator Linus Torvalds.

    Asked for a response to the development, senior kernel developer Greg Kroah-Hartman told iTWire: "The process is not complete yet, so sorry, I do not have any comment at this point in time."

  • Hacker behind Linux Kernel’s Mass Trojan Infection Arrested in Florida

    Cert-Bund, a German cyber security group estimated that a third of Linux computers in the U.S., and a tenth of those in the world that were checked, were in fact infected with the Trojan Austin had uploaded into the servers.

    After obtaining the credentials, he used them to make unauthorized changes to those servers by adding messages that automatically appeared when the servers rebooted. He also broke into a private email server of Linux Kernel Founder Peter Anvin, along with the Odin1, Zues1, and Pub3 servers.

Development Starts for Tails 2.6 Anonymous Live CD, Now Based on Tor 0.2.8.6

Filed under
Security
Debian

The development team behind the Tails amnesic incognito live system project known to many as the Linux-based Live CD used by ex-CIA employee Edward Snowden to stay hidden and anonymous online, announced the release of Tails 2.6 RC1.

Read more

Security Leftovers

Filed under
Security

Security News

Filed under
Security
  • Linux – Justice Grinds Slowly But Eventually Gets Its Hacker
  • Do electronic voting machines put 2016 election at risk? [Ed: Microsoft inside]

    Soon after the 2000 presidential elections went to a recount, Americans got acquainted with an exotic new vocabulary – hanging chads and butterfly ballots – and what lawmakers saw as a modern solution to the nightmare of punchcard voting systems: electronic voting machines.

    In 2002, Congress passed the Help America Vote Act, pouring nearly $3 billion into an effort to get states to adopt those machines.

  • FBI says foreign hackers penetrated state election systems [Ed: FBI also insists on back doors in everything!]

    The FBI has uncovered evidence that foreign hackers penetrated two state election databases in recent weeks, prompting the bureau to warn election officials across the country to take new steps to enhance the security of their computer systems, according to federal and state law enforcement officials.

  • Hack Brief: As FBI Warns Election Sites Got Hacked, All Eyes Are on Russia

    In any other year, hackers breaking into a couple of state government websites through common web vulnerabilities would hardly raise a blip on the cybersecurity community’s radar. But in this strange and digitally fraught election season, the breach of two state board of election websites not only merits an FBI warning—it might just rise to the level of an international incident.

  • Ransomware Targets UK Hospitals, But NHS Won't Pay Up

    Ransomware has caused massive headaches for hospitals. In February of this year, at least a dozen hospitals around the world had been seriously infected with malware demanding cash to retrieve their files. Some even resorted to pen-and-paper systems, and others gave the hackers over $10,000 worth of bitcoin to unlock their systems.

    But judging by responses to Freedom of Information requests, UK hospitals are not paying hackers when ransomware strikes.

    Motherboard asked National Health Service (NHS) trusts for details on attack figures and payments stretching back to January 2012. Many had been successfully hacked at some point (although on a limited scale, infecting only a small number of computers). Another piece of research carried out by cybersecurity company NCC Group found nearly half of 60 NHS Trusts suffered a ransomware attack in the last year.

  • Malware-ridden Word docs lead to Microsoft alert blurt

    MICROSOFT HAS taken the trouble to warn Windows users about an attack that takes what trust people have left in the software and throws it out of the window.

    The firm explained that the problem involves macros and the use of social engineering. People are tricked into downloading and then enabling malicious content that ultimately leads to trouble when they innocently use Word.

    "Attackers have been using social engineering to avoid the increasing costs of exploitation due to the significant hardening and exploit mitigation investments in Windows," said the firm in a Microsoft TechNet blog post suggesting that this is a cheap shot by hackers.

  • About 70 credit card skimmers found at Michigan gas stations in past year

    In the year since the first credit-card skimmer was found in a Michigan gas station, about 70 more have been discovered in the state according to a press release from the Michigan Department of Agriculture and Rural Development.

    "Approximately 70 credit card skimmers have been found and removed from gas pumps statewide since last year," said MDARD director Jamie Clover Adams. "Credit card skimmers will not be tolerated in Michigan. MDARD's Weights and Measures inspectors, gas station owners, and law enforcement remain on the hunt for skimmers to protect the state's consumers from fraud."

    According to the MDARD, which inspects gas station pumps, the skimmers can't be seen from outside the pump and can be installed in seconds

    The skimmers copy the consumer's card information for criminals to make fraudulent purchases.

  • Dropbox has been hacked for a reported 68 million personal records

    ANOTHER DAY, another hacked site. Dropbox is the latest company to have its users' data dangled in harm's way after what appears to be a major cyber attack involving 68 million personal records.

    The incident has been confirmed by venerable security researcher Troy Hunt, who claimed that he and his wife were affected.

  • Let's Encrypt client imported into -current

    Kristaps Dzonsons' Let's Encrypt client, letskencrypt, has been imported into OpenBSD-current as acme-client.

    letskencrypt, which has previously been available as a port, is a privilege-separated Let's Encrypt (ACME protocol) client written in C.

  • The story of how WoSign gave me an SSL certificate for GitHub.com
  • Attackers Infect Transmission Torrent Client With OS X Malware

    Researchers at ESET say that malware designed to steal the content of OS X’s keychain and maintain a permanent backdoor was found in a recent build of open source torrent client Transmission. Following an investigation, the Transmission team say they were subjected to an attack on their servers. Steps have been taken to ensure greater security in the future.

  • BitTorrent Client Transmission Again Victimized by OS X Malware

    Just five months after Transmission was infected with the first "ransomware" ever found on the Mac, the popular BitTorrent client is again at the center of newly uncovered OS X malware.

    Researchers at security website We Live Security have discovered the malware, called OSX/Keydnap, was spread through a recompiled version of Transmission temporarily distributed through the client's official website.

Security Leftovers

Filed under
Security

Security News

Filed under
Security
  • Thursday's security updates
  • Friday's security updates
  • Security advisories for Monday
  • Tox Is Your New Secure Chat Application

    In a previous article, I talked about the Ring communication app. The article proved quite popular and aside from drawing a bit of attention -- or maybe because of it -- that article also drew some criticism, including "What about Tox?" That’s a totally fair question, so here we are.

  • Florida Computer Programmer Arrested For Hacking

    A South Florida-based computer programmer made an appearance in the Southern District of Florida today after being arrested Sunday on charges of hacking into computers operated by the Linux Kernel Organization and the Linux Foundation, announced United States Attorney Brian J. Stretch and Federal Bureau of Investigation Special Agent in Charge John F. Bennett.

    The Linux Kernel Organization operates the www.kernel.org website from which it distributes the Linux kernel software. The Linux Foundation is a separate nonprofit foundation that supports the www.kernel.org website.

  • ​Florida Man Arrested for Allegedly Hacking Key Linux Servers

    A computer programmer from South Florida was arrested last week for allegedly hacking into servers related to the Linux operating system, the Department of Justice announced on Thursday. The case acts as a reminder that even the websites that host and distribute the operating systems our devices run on can be targeted by hackers.

Syndicate content

More in Tux Machines

Linux Graphics

  • The RADV Radeon Vulkan Linux Driver Continues Picking Up Features
  • OpenChrome Maintainer Making Some Progress On VIA DRM Driver
    Independent developer Kevin Brace took over maintaining the OpenChrome DDX driver earlier this year to improve the open-source VIA Linux graphics support while over the summer he's slowly been getting up to speed on development of the OpenChrome DRM driver. The OpenChrome DRM driver was making progress while James Simmons was developing it a few years back, but since he left the project, it's been left to bit rot. It will take a lot of work even to get this previously "good" code back to working on the latest Linux 4.x mainline kernels given how DRM core interfaces have evolved in recent times.
  • My talk about Mainline Explicit Fencing at XDC 2016!
    Last week I was at XDC in Helsinki where I presented about the Explicit Fencing work we’ve been doing on the Mainline Linux Kernel in the lastest few months. There was a livestream of all presentations during the conference and recorded sections are available. You can check the video of my presentation. Check out the slides too.

Linux Kernel News

  • Linux 4.8 gets rc8
    Chill, penguin-fanciers: Linux lord Linus Torvalds is sitting on the egg that is Linux 4.8 for another week. As Torvalds indicated last week, this version of the kernel still needs work and therefore earned itself an eighth release candidate.
  • Linux 4.8-rc8 Released: Linux 4.8 Next Weekend
  • Linux Kernel 4.7.5 Released with Numerous ARM and Networking Improvements
    The fifth maintenance update to the Linux 4.7 kernel series, which is currently the most advanced, secure and stable kernel branch you can get for your GNU/Linux operating system, has been announced by Greg Kroah-Hartman. Linux kernel 4.7.5 is here only ten days after the release of the previous maintenance version, namely Linux kernel 4.7.4, and it's a big update that changes a total of 213 files, with 1774 insertions and 971 deletions, which tells us that the kernel developers and hackers had a pretty busy week patching all sorts of bugs and security issues, as well as to add various, much-needed improvements.
  • Blockchain Summit Day Two: End-Of-Conference Highlights From Shanghai
    Financial services firms and startups looking to be the bridge to blockchain ledgers continued to dominate presentations on the second and final day of the Blockchain Summit, ending International Blockchain Week in Shanghai that also saw Devcon2 and a startup demo competition.
  • Testing Various HDDs & SSDs On Ubuntu With The Linux 4.8 Kernel
    Here are some fresh benchmarks of various solid-state drives (SATA 3.0 SSDs plus two NVMe M.2 SSDs) as well as two HDDs for getting a fresh look at how they are performing using the Linux 4.8 Git kernel. After publishing Friday's Intel 600P Series NVME SSD tests of this lower-cost NVM Express storage line-up, I continued testing a few other SSDs and HDDs. These additional reference points are available for your viewing pleasure today. The additional data is also going to be used for reference in a Linux 4.8-based BCache SSD+HDD comparison being published next week. Stay tuned for those fresh BCache numbers.

Behind the GNOME 3.22 Release Video

This is less than usual. The time saving mostly stems from spending less time recording for the release video. At first thought you might think recording would be a breeze but it can be one of the most frustrating aspects of making the videos. Each cycle the GNOME community lands improvement a wide set of GNOME’s applications. So before each release I have to find some way to run a dozen of applications from master. I do this either by: Read more

Games for GNU/Linux