Language Selection

English French German Italian Portuguese Spanish

Security

Security: Debian LTS, Linux Potential Local Privilege Escalation Bug, Australia Wants to Mandate Back Doors, Equifax Breach the Fault of Equifax

Filed under
Security

Linux and Open Source FAQs: Common Myths and Misconceptions Addressed

Filed under
OSS
Security

LinuxSecurity debunks some common myths and misconceptions regarding open source and Linux by answering a few Linux-related frequently asked questions.

Open source and Linux are becoming increasingly well-known and well-respected because of the myriad benefits they offer. Seventy-eight percent of businesses of all sizes across all industries are now choosing open source software over alternative proprietary solutions according to ZDNet (https://zd.net/2GCrTrk). Facebook, Twitter and Google are are among the many companies currently using, sponsoring and contributing to open source projects. Although Linux and open source are widely recognized for the advantages they provide, there are still many myths and misconceptions that surround these terms. Here are some answers to frequently asked questions about Linux and open source:

Question: What are the advantages of the open source development model? How can using and contributing to open source software benefit my business?

Answer: Open source offers an array of inherent advantages which include increased security, superior product quality, lower costs and greater freedom and flexibility compared to other models. It also is accompanied by strong community values and high standards, which encourage the highest levels of creativity and innovation in engineering.

Read more

Security: More Xbash Scare (Relies on Already-Compromised Systems), CCTV Weakness, and Red Hat's 'DevSecOps' Buzzwording

Filed under
Security
  • Windows, Linux Servers Beware: New Malware Encrypts Files Even After Ransom Is Paid

    Ransomware skyrocketed from obscurity to infamy in no time flat. Headline-grabbing campaigns like WannaCry, Petya and NotPetya preceded a substantial increase in the number of small attacks using similar techniques to extort unwary internet users. Now, researchers at Palo Alto Networks have revealed new malware that carries on NotPetya's legacy while combining various types of threats into a single package.

    The researchers, dubbed Unit 42, named this new malware Xbash. It's said to combines a bot net, ransomware and cryptocurrency mining software in a single worm and targets servers running Linux or Windows. The researchers blame an entity called the Iron Group for Xbash's creation, which has been linked to other ransomware attacks. The malware is thought to have first seen use in May 2018.

  • Xbash Malware Deletes Databases on Linux, Mines for Coins on Windows
  • CCTV Cameras Are Susceptible To Hacks; Hackers Can Modify Video Footage

    A vulnerability has been discovered in video surveillance camera software that could allow hackers to view, delete or modify video footage.

    A research paper published by Tenable, a security firm, has revealed a vulnerability named Peekaboo in the video surveillance systems of NUUO. By exploiting the software flaw, hackers can acquire the admin privileges and can monitor, tamper and disable the footage.

  • Tenable Research Discovers “Peekaboo” Zero-Day Vulnerability in Global Video Surveillance Software

    Tenable®, Inc., the Cyber Exposure company, today announced that its research team has discovered a zero-day vulnerability which would allow cybercriminals to view and tamper with video surveillance recordings via a remote code execution vulnerability in NUUO software — one of the leading global video surveillance solution providers. The vulnerability, dubbed Peekaboo by Tenable Research, would allow cybercriminals to remotely view video surveillance feeds and tamper with recordings using administrator privileges. For example, they could replace the live feed with a static image of the surveilled area, allowing criminals to enter the premises undetected by the cameras.

  • 5 ways DevSecOps changes security

    There’s been an ongoing kerfuffle over whether we need to expand DevOps to explicitly bring in security. After all, the thinking goes, DevOps has always been something of a shorthand for a broad set of new practices, using new tools (often open source) and built on more collaborative cultures. Why not DevBizOps for better aligning with business needs? Or DevChatOps to emphasize better and faster communications?

    However, as John Willis wrote earlier this year on his coming around to the DevSecOps terminology, “Hopefully, someday we will have a world where we no longer have to use the word DevSecOps and security will be an inherent part of all service delivery discussions. Until that day, and at this point, my general conclusion is that it’s just three new characters. More importantly, the name really differentiates the problem statement in a world where we as an industry are not doing a great job on information security.”

Security: Updates, Reproducible Builds, Microsoft's Spying Marketed as 'Security', and Xbash Hype

Filed under
Security

10 Free Open Source Tools for Creating Your Own VPN

Filed under
Software
Security

As more people use the Internet everyday they are becoming more conscious about their privacy with regards to how much of the information they don’t want to share at all is being compromised. Tons of VPN services have been created to solidify users’ safety but that doesn’t seem to be enough as there seems to be an increasing need to create custom VPNs.

It isn’t a bad thing to create a VPN service for yourself and there are actually a good number of developers and organizations that favour this habit.

Today, we bring you a list of the best open-source tools that you can use to create your own VPN. Some of them are relatively more difficult to set up and use than the others and they all have their feature highlights.

Depending on the reason why you want to deploy your own VPN, choose the title that is suitable for you.

Read more

Security: UIDAI, Wireshark, Hackers For Good

Filed under
Security
  • Software Patch Claimed To Allow Aadhaar's Security To Be Bypassed, Calling Into Question Biometric Database's Integrity

    As the Huffington Post article explains, creating a patch that is able to circumvent the main security features in this way was possible thanks to design choices made early on in the project. The unprecedented scale of the Aadhaar enrollment process -- so far around 1.2 billion people have been given an Aadhaar number and added to the database -- meant that a large number of private agencies and village-level computer kiosks were used for registration. Since connectivity was often poor, the main software was installed on local computers, rather than being run in the cloud. The patch can be used by anyone with local access to the computer system, and simply involves replacing a folder of Java libraries with versions lacking the security checks.

    The Unique Identification Authority of India (UIDAI), the government body responsible for the Aadhaar project, has responded to the Huffington Post article, but in a rather odd way: as a Donald Trump-like stream of tweets. The Huffington Post points out: "[the UIDAI] has simply stated that its systems are completely secure without any supporting evidence."

  • New CAS BACnet Wireshark Report Tool Helps User to Quickly Locate Intermittent Issues
  • Hackers For Good, Working To Gather Stakeholders To Find Answers To Cyberspace Challenges

    For a number of people, the word hacker means bad news. However, if some hackers have malevolent intentions, there are also hackers for good, and their skills were put to the challenge last week as they tried to save a fictitious city fallen into the hands of a group of cyber terrorists. The challenge was part of a two-day event organised by a young Geneva-based non-governmental organisation seeking to raise awareness about digital trust and bring accountability to cyberspace.

Security: Quantum Computing and Cryptography, Time to Rebuild Alpine Linux Docker Container

Filed under
Security
  • Quantum Computing and Cryptography

    Quantum computing is a new way of computing -- one that could allow humankind to perform computations that are simply impossible using today's computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today. And it allows us to easily factor large numbers, something that would break the RSA cryptosystem for any key length.

    This is why cryptographers are hard at work designing and analyzing "quantum-resistant" public-key algorithms. Currently, quantum computing is too nascent for cryptographers to be sure of what is secure and what isn't. But even assuming aliens have developed the technology to its full potential, quantum computing doesn't spell the end of the world for cryptography. Symmetric cryptography is easy to make quantum-resistant, and we're working on quantum-resistant public-key algorithms. If public-key cryptography ends up being a temporary anomaly based on our mathematical knowledge and computational ability, we'll still survive. And if some inconceivable alien technology can break all of cryptography, we still can have secrecy based on information theory -- albeit with significant loss of capability.

    At its core, cryptography relies on the mathematical quirk that some things are easier to do than to undo. Just as it's easier to smash a plate than to glue all the pieces back together, it's much easier to multiply two prime numbers together to obtain one large number than it is to factor that large number back into two prime numbers. Asymmetries of this kind -- one-way functions and trap-door one-way functions -- underlie all of cryptography.

  • This New CSS Attack Restarts iPhones & Freezes Macs
  • Time to Rebuild Alpine Linux Docker Containers After Package Manager Patch
  • GrrCon 2018 Augusta15 Automation and Open Source Turning the Tide on Attackers John Grigg

Security: Updates, PAM HaveIBeenPwned Module, Alpine Linux and Wireshark

Filed under
Security
  • Security updates for Monday
  • PAM HaveIBeenPwned module
  • Remote code exec found in Alpine Linux

    Users of Alpine Linux are advised to update their installations - especially those used for Docker production environments - after a researcher found a remotely exploitable bug in the distribution's package manager.

    Alpine Linux is popular with Docker users due to its small size and package repository.

    Crowdfunded bug bounty program BountyGraph co-founder Max Justicz managed to exploit Alpine .apk package files to create arbitrary files which could be turned into code execution.

  • What is Wireshark? What this essential troubleshooting tool does and how to use it

    Wireshark is the world's leading network traffic analyzer, and an essential tool for any security professional or systems administrator. This free software lets you analyze network traffic in real time, and is often the best tool for troubleshooting issues on your network.

    Common problems that Wireshark can help troubleshoot include dropped packets, latency issues, and malicious activity on your network. It lets you put your network traffic under a microscope, and provides tools to filter and drill down into that traffic, zooming in on the root cause of the problem. Administrators use it to identify faulty network appliances that are dropping packets, latency issues caused by machines routing traffic halfway around the world, and data exfiltration or even hacking attempts against your organization.

    [...]

    While Wireshark supports more than two thousand network protocols, many of them esoteric, uncommon, or old, the modern security professional will find analyzing IP packets to be of most immediate usefulness. The majority of the packets on your network are likely to be TCP, UDP, and ICMP.

    Given the large volume of traffic that crosses a typical business network, Wireshark's tools to help you filter that traffic are what make it especially useful. Capture filters will collect only the types of traffic you're interested in, and display filters will help you zoom in on the traffic you want to inspect. The network protocol analyzer provides search tools, including regular expressions and colored highlighting, to make it easy to find what you're looking for.

Apache SpamAssassin 3.4.2 released

Filed under
Security

On behalf of the Apache SpamAssassin Project Management Committee, I am
very pleased to announce the release of Apache SpamAssassin v3.4.2.
This release contains security bug fixes. A security announcement will
follow within the next 24 hours.

Apache SpamAssassin can be downloaded from
https://spamassassin.apache.org/downloads.cgi and via cpan
(Mail::SpamAssassin).

Our project website is https://spamassassin.apache.org/

Our DOAP is available at https://spamassassin.apache.org/doap.rdf

Read more

Security: Windows/NSA Back Doors, Election Cracking, and Open Source Security Podcast

Filed under
Security
  • Cryptocurrency mining attacks using leaked NSA hacking tools are still highly active a year later

    Yet, more than a year since Microsoft released patches that slammed the backdoor shut, almost a million computers and networks are still unpatched and vulnerable to attack.

  • Leaked NSA exploits are still used to infect at least 919K servers with cryptojacking malware [Ed: Microsoft gave the NSA back doors. It was inevitable that crackers who do not work for the US government would get in too.]

    Although Microsoft indicated that they have closed the backdoor used by this ransomware, more computers globally are not fully secured to prevent the infection by the malware. Interestingly, the hackers have shifted their game from asking for ransom and are now infecting new computers with cryptojacking malware.

  • Cybersecurity Is Only 1 Part of Election Security

    The DEF CON 2018 Voting Machine Hacking Village aimed to raise awareness in voting security through a full day of speakers and panel discussions along with a challenge for attendees to hack more than 30 pieces of voting equipment. A partnership with rOOtz Asylum offered youths between 8 and 16 years old an opportunity to hack replicas of the websites of secretaries of state to demonstrate that even hackers with limited years of experience can easily compromise critical systems. The goal was to break as many voting machine pieces as possible in order to draw attention to the vulnerabilities that will be present in the upcoming 2018 elections.

    The focus on election equipment, however, ignores the greater danger caused by hacking into the diverse collection of sensitive information that flows through political campaigns and the electoral process, and using that to influence and sow distrust among voters. While changing a vote or voting results can be traced back to a particular stakeholder, changing people's understanding of facts is far more insidious.

  • Open Source Security Podcast: Episode 114 - Review of "Click Here to Kill Everybody"

    Josh and Kurt review Bruce Schneier's new book Click Here to Kill Everybody. It's a book everyone could benefit from reading. It does a nice job explaining many existing security problems in a simple manner.

Syndicate content

More in Tux Machines

Windows 10 October 2018 Update Performance Against Ubuntu 18.10, Fedora 29

As the latest of our benchmarks using the newly re-released Microsoft Windows 10 October 2018 Update, here are benchmarks of this latest Windows 10 build against seven different Linux distributions on the same hardware for checking out the current performance of these operating systems. For this latest Linux OS benchmarking comparison against Windows, the following platforms were tested: - The Windows 10 April 2018 release as the previous major milestone of Windows 10. - The newest Windows 10 October 2018 build as the latest Windows 10 build from Microsoft. - OpenSUSE Tumbleweed as the openSUSE rolling-release distribution that as of testing was on the Linux 4.18.12 kernel, KDE Plasma 5.14, Mesa 18.1.7, and GCC 8.2.1 atop an XFS home file-system with Btrfs root file-system (the default partitioning scheme). Read more

Android Leftovers

Release of KDE Frameworks 5.51.0

KDE Frameworks are 70 addon libraries to Qt which provide a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms. For an introduction see the Frameworks 5.0 release announcement. This release is part of a series of planned monthly releases making improvements available to developers in a quick and predictable manner. Read more Also: KDE Frameworks 5.51 Released

Linux 4.19-rc8

As mentioned last week, here's a -rc8 release as it seems needed. There were a lot of "little" pull requests this week, semi-normal for this late in the cycle, but a lot of them were "fix up the previous fix I just sent" which implies that people are having a few issues still. I also know of at least one "bad" bug that finally has a proposed fix, so that should hopefully get merged this week. And there are some outstanding USB fixes I know of that have not yet landed in the tree (I blame me for that...) Anyway, the full shortlog is below, lots of tiny things all over the tree. Please go and test and ensure that all works well for you. Hopefully this should be the last -rc release. Read more Also: Linux 4.19-rc8 Released With A Lot Of "Tiny Things"