Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security

Security Updates and Intel's Latest Excuses

Filed under
Security
  • Security updates for Thursday
  • Misunderstood Intel Documentation Leads to Multivendor Vulnerability

    Major operating system vendors including Microsoft, Apple and Linux distributions somehow misinterpreted Intel documentation about a hardware debugging feature and ended up exposing users to potential risk. 

    The flaw, which has been identified as CVE-2018-8897, was publicly reported on May 8, though impacted vendors were notified on April 30 and have already released patches. The flaw could have enabled an unauthenticated user to read sensitive data in memory or control low-level operating system functions.

    "In some circumstances, some operating systems or hypervisors may not expect or properly handle an Intel architecture hardware debug exception," CERT warned in its advisory on the issue. "The error appears to be due to developer interpretation of existing documentation for certain Intel architecture interrupt/exception instructions, namely MOV to SS and POP to SS."

Accidental Back Doors and Intentional (Microsoft) Back Doors

Filed under
Security
  • Are you using Python module ‘SSH Decorator’? Newer versions include a backdoor

     

    Early this week, a developer noticed that multiple backdoored versions of the SSH Decorate module, the malicious code included in the library allowed to collect users’ SSH credentials and sent the data to a remote server controlled by the attackers.

  • Crypto backdoors are in the news again, and as bad for privacy as ever

     

    What is troubling, though, is that Ozzie’s reputation as one of the foremost engineers of recent years will allow some to claim that the backdoor puzzle has now been “solved” – because Ray Ozzie says it has. That’s definitely not the case, as the two critiques mentioned above, and others elsewhere, make plain. But politicians won’t worry about such technical niceties when it comes to calling for laws that mandate these “safe” backdoors in devices. That’s why it’s important that everyone who cares about their privacy and security should be ready to push back against attempts to turn a flawed idea into a flawed reality.

  • Ray Ozzie's Encryption Backdoor

     

    I have no idea why anyone is talking as if this were anything new. Several cryptographers have already explained explained why this key escrow scheme is no better than any other key escrow scheme. The short answer is (1) we won't be able to secure that database of backdoor keys, (2) we don't know how to build the secure coprocessor the scheme requires, and (3) it solves none of the policy problems around the whole system. This is the typical mistake non-cryptographers make when they approach this problem: they think that the hard part is the cryptography to create the backdoor. That's actually the easy part. The hard part is ensuring that it's only used by the good guys, and there's nothing in Ozzie's proposal that addresses any of that.

Security: Updates, "Hide n Seek" and World of Warcraft

Filed under
Security

Canonical Outs Kernel Security Update for Ubuntu 17.10, 16.04 LTS, and 14.04 LTS

Filed under
Security
Ubuntu

Following in the footsteps of the Debian Project, which recently released a similar kernel security patch for Debian GNU/Linux 9 "Stretch" and Debian GNU/Linux 8 "Jessie" operating system series to address two security vulnerabilities, Canonical also released kernel updates to patch these two flaws and another vulnerability in Ubuntu 17.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS.

One of these security vulnerabilities was caused by the way Linux kernel handled debug exceptions delivered via Mov SS or Pop SS instructions, which could allow a local attacker to crash the system by causing a denial of service. The issue (CVE-2018-8897) was discovered by Nick Peterson and affects only the amd64 architecture.

Read more

Security: CPUs, Xen, and Drupal

Filed under
Security

Security Leftovers

Filed under
Security
  • Save Joern — Open Source at ShiftLeft

    We want the technology developed at ShiftLeft to benefit open security projects and the security research community as much as possible.

  • Critical Windows bug fixed today is actively being exploited to hack users

    The first vulnerability resides in the VBScript Engine included in all currently supported versions of Windows. A so-called use-after-free flaw involving the way the engine handles computer memory allows attackers to execute code of their choice that runs with the same system privileges chosen by the logged-in user. When targeted users are logged in with administrative rights, attackers who exploit the bug can take complete control of the system. In the event users are logged in with more limited rights, attackers may still be able to escalate privileges by exploiting a separate vulnerability.

  • CVE-2018-10115 Affects All 7-Zip Versions Prior to 18.05

    7-Zip is a free open-source archiver with a high compression ratio. The program is under the License of GNU LGPL & BSD 3-clause and can be used both by home and enterprise users. “You can use 7-Zip on any computer, including a computer in a commercial organization. You don’t need to register or pay for 7-Zip,” its website says.

  • CVE-2018-8897 Opens Xen PV Systems Up To Exploit

    Besides kernels being addressed for the newly-disclosed CVE-2018-8897 vulnerability, users of Xen para-virtualization should also run a patched Xen system right away.

Security Leftovers

Filed under
Security
  • Security updates for Tuesday
  • Google Fixes Pixel XL Charging Bug, 56 Bugs with May 2018 Android Security Patch
  • Death by PowerPoint

    Some pretty wild stuff to send a message directly to Trump, and it seems to have worked (at least until actually informed people got involved.) The influence op was delivered over a channel likely to reach the target audience, using a format designed to appeal to their information consumption, and included a call to action. All necessary criteria for a successful PSYOPS operation. Basically, using TV to deliver a PowerPoint using lots of pictures, small words, and references to the Ego in Chief was textbook propaganda methodology — hats off to Netanyahu on that one. Of course, there is nothing new in the information here, it was just an influence op using misinformation to present factual evidence in the worst possible light. More on that in this thread: [...]

  • New SynAck ransomware uses Process Doppelgänging technique

    A new variant of the SynAck ransomware that infects Windows systems has been spotted by researchers from Russian security firm Kaspersky Lab who say it appears to be targeted malware as attacks have only been observed in the US, Kuwait, Germany and Iran.

    SynAck has been around since September 2017 but the new variant has some added functions which make it able to operate below the radar.

    It uses the Process Doppelgänging technique, basically a way in which malicious code is disguised as a legitimate Windows process. The technique was demonstrated at the Black Hat Europe security conference in December 2017 by the firm enSilo.

Download Kali Linux 2018.2 with new security features

Filed under
GNU
Linux
Security

On April 30th, 2018, Offensive Security announced releasing the new version of Kali Linux which in fact is the first ever version that includes Linux 4.15 kernel. It also includes x64 and x86 patches for the much-hyped Spectre and Meltdown security vulnerabilities.

Kali Linux is a popular Debian-derived Linux distribution developed for penetration testing and digital forensics. The platform is home to hundreds of penetration testing tools making it one of the best and advanced penetration testing distribution ever.

Read more

Security Leftovers

Filed under
Security
  • Report: China's Intelligence Apparatus Linked to Previously Unconnected Threat Groups

    Multiple groups operating under the China state-sponsored Winnti umbrella have been targeting organizations in the US, Japan, and elsewhere, says ProtectWise.

    Multiple previously unconnected Chinese threat actors behind numerous cyber campaigns aimed at organizations in the United States, Japan, and other countries over the past several years are actually operating under the control of the country's state intelligence apparatus.

    An investigation by security vendor ProtectWise has shown that the groups operating under the so-called Winnti umbrella since at least 2009 share a common goal, common infrastructure, and often the same tactics, techniques, and procedures.

  • Episode 95 - Twitter passwords and npm backdoors

    Josh and Kurt talk about Twitter doing the right thing when they logged a lot of passwords, the npm malicious getcookies package, and how backdoors work in code.

  • Security updates for Monday
Syndicate content

More in Tux Machines

Red Hat Woes and Fedora 29 Plans

  • Shares of open-source giant Red Hat pounded on weaker outlook
  • Fedora 29 Aims To Offer Up Modules For Everyone
    The latest Fedora 29 feature proposal is about offering "modules for everyone" across all Fedora editions. The "modules for everyone" proposal would make it where all Fedora installations have modular repositories enabled by default. Up to now the modular functionality was just enabled by default in Fedora Server 28. The modular functionality allows Fedora users to choose alternate versions of popular software, such as different versions of Node.js and other server software components where you might want to stick to a particular version.

GNU Make, FSFE Newsletter, and FSF's BLAG Removal

  • Linux Fu: The Great Power of Make
    Over the years, Linux (well, the operating system that is commonly known as Linux which is the Linux kernel and the GNU tools) has become much more complicated than its Unix roots. That’s inevitable, of course. However, it means old-timers get to slowly grow into new features while new people have to learn all in one gulp. A good example of this is how software is typically built on a Linux system. Fundamentally, most projects use make — a program that tries to be smart about running compiles. This was especially important when your 100 MHz CPU connected to a very slow disk drive would take a day to build a significant piece of software. On the face of it, make is pretty simple. But today, looking at a typical makefile will give you a headache, and many projects use an abstraction over make that further obscures things.
  • FSFE Newsletter June 2018
  • About BLAG's removal from our list of endorsed distributions
    We recently updated our list of free GNU/Linux distributions to add a "Historical" section. BLAG Linux and GNU, based on Fedora, joined the list many years ago. But the maintainers no longer believe they can keep things running at this time. As such, they requested that they be removed from our list. The list helps users to find operating systems that come with only free software and documentation, and that do not promote any nonfree software. Being added to the list means that a distribution has gone through a rigorous screening process, and is dedicated to diligently fixing any freedom issues that may arise.

Servers: Kubernetes, Oracle's Cloudwashing and Embrace of ARM

  • Bloomberg Eschews Vendors For Direct Kubernetes Involvement
    Rather than use a managed Kubernetes service or employ an outsourced provider, Bloomberg has chosen to invest in deep Kubernetes expertise and keep the skills in-house. Like many enterprise organizations, Bloomberg originally went looking for an off-the-shelf approach before settling on the decision to get involved more deeply with the open source project directly. "We started looking at Kubernetes a little over two years ago," said Steven Bower, Data and Infrastructure Lead at Bloomberg. ... "It's a great execution environment for data science," says Bower. "The real Aha! moment for us was when we realized that not only does it have all these great base primitives like pods and replica sets, but you can also define your own primitives and custom controllers that use them."
  • Oracle is changing how it reports cloud revenues, what's it hiding? [iophk: "probably Microsoft doing this too" (cloudwashing)]
     

    In short: Oracle no longer reports specific revenue for cloud PaaS, IaaS and SaaS, instead bundling them all into one reporting line which it calls 'cloud services and licence support'. This line pulled in 60% of total revenue for the quarter at $6.8 billion, up 8% year-on-year, for what it's worth.

  • Announcing the general availability of Oracle Linux 7 for ARM
    Oracle is pleased to announce the general availability of Oracle Linux 7 for the ARM architecture.
  • Oracle Linux 7 Now Ready For ARM Servers
    While Red Hat officially launched RHEL7 for ARM servers last November, on Friday Oracle finally announced the general availability of their RHEL7-derived Oracle Linux 7 for ARM. Oracle Linux 7 Update 5 is available for ARM 64-bit (ARMv8 / AArch64), including with their new Unbreakable Enterprise Kernel Release 5 based on Linux 4.14.

Graphics: XWayland, Ozone-GBM, Freedreno, X.Org, RadeonSI

  • The Latest Batch Of XWayland / EGLStream Improvements Merged
    While the initial EGLStreams-based support for using the NVIDIA proprietary driver with XWayland was merged for the recent X.Org Server 1.20 release, the next xorg-server release will feature more improvements.
  • Making Use Of Chrome's Ozone-GBM Intel Graphics Support On The Linux Desktop
    Intel open-source developer Joone Hur has provided a guide about using the Chrome OS graphics stack on Intel-based Linux desktop systems. In particular, using the Chrome OS graphics stack on the Linux desktop is primarily about using the Ozone-GBM back-end to Ozone that allows for direct interaction with Intel DRM/KMS support and evdev for input.
  • Freedreno Reaches OpenGL ES 3.1 Support, Not Far From OpenGL 3.3
    The Freedreno Gallium3D driver now supports all extensions required by OpenGL ES 3.1 and is also quite close to supporting desktop OpenGL 3.3.
  • X.Org Is Looking For A North American Host For XDC2019
    If software development isn't your forte but are looking to help out a leading open-source project while logistics and hospitality are where you excel, the X.Org Foundation is soliciting bids for the XDC2019 conference. The X.Org Foundation is looking for proposals where in North America that the annual X.Org Developers' Conference should be hosted in 2019. This year it's being hosted in Spain and with the usual rotation it means that in 2019 they will jump back over the pond.
  • RadeonSI Compatibility Profile Is Close To OpenGL 4.4 Support
    It was just a few days ago that the OpenGL compatibility profile support in Mesa reached OpenGL 3.3 compliance for RadeonSI while now thanks to the latest batch of patches from one of the Valve Linux developers, it's soon going to hit OpenGL 4.4. Legendary open-source graphics driver contributor Timothy Arceri at Valve has posted 11 more patches for advancing RadeonSI's OpenGL compatibility profile support, the alternative context to the OpenGL core profile that allows mixing in deprecated OpenGL functionality. The GL compatibility profile mode is generally used by long-standing workstation software and also a small subset of Linux games.