Language Selection

English French German Italian Portuguese Spanish

Security

10 Free Open Source Tools for Creating Your Own VPN

Filed under
Software
Security

As more people use the Internet everyday they are becoming more conscious about their privacy with regards to how much of the information they don’t want to share at all is being compromised. Tons of VPN services have been created to solidify users’ safety but that doesn’t seem to be enough as there seems to be an increasing need to create custom VPNs.

It isn’t a bad thing to create a VPN service for yourself and there are actually a good number of developers and organizations that favour this habit.

Today, we bring you a list of the best open-source tools that you can use to create your own VPN. Some of them are relatively more difficult to set up and use than the others and they all have their feature highlights.

Depending on the reason why you want to deploy your own VPN, choose the title that is suitable for you.

Read more

Security: UIDAI, Wireshark, Hackers For Good

Filed under
Security
  • Software Patch Claimed To Allow Aadhaar's Security To Be Bypassed, Calling Into Question Biometric Database's Integrity

    As the Huffington Post article explains, creating a patch that is able to circumvent the main security features in this way was possible thanks to design choices made early on in the project. The unprecedented scale of the Aadhaar enrollment process -- so far around 1.2 billion people have been given an Aadhaar number and added to the database -- meant that a large number of private agencies and village-level computer kiosks were used for registration. Since connectivity was often poor, the main software was installed on local computers, rather than being run in the cloud. The patch can be used by anyone with local access to the computer system, and simply involves replacing a folder of Java libraries with versions lacking the security checks.

    The Unique Identification Authority of India (UIDAI), the government body responsible for the Aadhaar project, has responded to the Huffington Post article, but in a rather odd way: as a Donald Trump-like stream of tweets. The Huffington Post points out: "[the UIDAI] has simply stated that its systems are completely secure without any supporting evidence."

  • New CAS BACnet Wireshark Report Tool Helps User to Quickly Locate Intermittent Issues
  • Hackers For Good, Working To Gather Stakeholders To Find Answers To Cyberspace Challenges

    For a number of people, the word hacker means bad news. However, if some hackers have malevolent intentions, there are also hackers for good, and their skills were put to the challenge last week as they tried to save a fictitious city fallen into the hands of a group of cyber terrorists. The challenge was part of a two-day event organised by a young Geneva-based non-governmental organisation seeking to raise awareness about digital trust and bring accountability to cyberspace.

Security: Quantum Computing and Cryptography, Time to Rebuild Alpine Linux Docker Container

Filed under
Security
  • Quantum Computing and Cryptography

    Quantum computing is a new way of computing -- one that could allow humankind to perform computations that are simply impossible using today's computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today. And it allows us to easily factor large numbers, something that would break the RSA cryptosystem for any key length.

    This is why cryptographers are hard at work designing and analyzing "quantum-resistant" public-key algorithms. Currently, quantum computing is too nascent for cryptographers to be sure of what is secure and what isn't. But even assuming aliens have developed the technology to its full potential, quantum computing doesn't spell the end of the world for cryptography. Symmetric cryptography is easy to make quantum-resistant, and we're working on quantum-resistant public-key algorithms. If public-key cryptography ends up being a temporary anomaly based on our mathematical knowledge and computational ability, we'll still survive. And if some inconceivable alien technology can break all of cryptography, we still can have secrecy based on information theory -- albeit with significant loss of capability.

    At its core, cryptography relies on the mathematical quirk that some things are easier to do than to undo. Just as it's easier to smash a plate than to glue all the pieces back together, it's much easier to multiply two prime numbers together to obtain one large number than it is to factor that large number back into two prime numbers. Asymmetries of this kind -- one-way functions and trap-door one-way functions -- underlie all of cryptography.

  • This New CSS Attack Restarts iPhones & Freezes Macs
  • Time to Rebuild Alpine Linux Docker Containers After Package Manager Patch
  • GrrCon 2018 Augusta15 Automation and Open Source Turning the Tide on Attackers John Grigg

Security: Updates, PAM HaveIBeenPwned Module, Alpine Linux and Wireshark

Filed under
Security
  • Security updates for Monday
  • PAM HaveIBeenPwned module
  • Remote code exec found in Alpine Linux

    Users of Alpine Linux are advised to update their installations - especially those used for Docker production environments - after a researcher found a remotely exploitable bug in the distribution's package manager.

    Alpine Linux is popular with Docker users due to its small size and package repository.

    Crowdfunded bug bounty program BountyGraph co-founder Max Justicz managed to exploit Alpine .apk package files to create arbitrary files which could be turned into code execution.

  • What is Wireshark? What this essential troubleshooting tool does and how to use it

    Wireshark is the world's leading network traffic analyzer, and an essential tool for any security professional or systems administrator. This free software lets you analyze network traffic in real time, and is often the best tool for troubleshooting issues on your network.

    Common problems that Wireshark can help troubleshoot include dropped packets, latency issues, and malicious activity on your network. It lets you put your network traffic under a microscope, and provides tools to filter and drill down into that traffic, zooming in on the root cause of the problem. Administrators use it to identify faulty network appliances that are dropping packets, latency issues caused by machines routing traffic halfway around the world, and data exfiltration or even hacking attempts against your organization.

    [...]

    While Wireshark supports more than two thousand network protocols, many of them esoteric, uncommon, or old, the modern security professional will find analyzing IP packets to be of most immediate usefulness. The majority of the packets on your network are likely to be TCP, UDP, and ICMP.

    Given the large volume of traffic that crosses a typical business network, Wireshark's tools to help you filter that traffic are what make it especially useful. Capture filters will collect only the types of traffic you're interested in, and display filters will help you zoom in on the traffic you want to inspect. The network protocol analyzer provides search tools, including regular expressions and colored highlighting, to make it easy to find what you're looking for.

Apache SpamAssassin 3.4.2 released

Filed under
Security

On behalf of the Apache SpamAssassin Project Management Committee, I am
very pleased to announce the release of Apache SpamAssassin v3.4.2.
This release contains security bug fixes. A security announcement will
follow within the next 24 hours.

Apache SpamAssassin can be downloaded from
https://spamassassin.apache.org/downloads.cgi and via cpan
(Mail::SpamAssassin).

Our project website is https://spamassassin.apache.org/

Our DOAP is available at https://spamassassin.apache.org/doap.rdf

Read more

Security: Windows/NSA Back Doors, Election Cracking, and Open Source Security Podcast

Filed under
Security
  • Cryptocurrency mining attacks using leaked NSA hacking tools are still highly active a year later

    Yet, more than a year since Microsoft released patches that slammed the backdoor shut, almost a million computers and networks are still unpatched and vulnerable to attack.

  • Leaked NSA exploits are still used to infect at least 919K servers with cryptojacking malware [Ed: Microsoft gave the NSA back doors. It was inevitable that crackers who do not work for the US government would get in too.]

    Although Microsoft indicated that they have closed the backdoor used by this ransomware, more computers globally are not fully secured to prevent the infection by the malware. Interestingly, the hackers have shifted their game from asking for ransom and are now infecting new computers with cryptojacking malware.

  • Cybersecurity Is Only 1 Part of Election Security

    The DEF CON 2018 Voting Machine Hacking Village aimed to raise awareness in voting security through a full day of speakers and panel discussions along with a challenge for attendees to hack more than 30 pieces of voting equipment. A partnership with rOOtz Asylum offered youths between 8 and 16 years old an opportunity to hack replicas of the websites of secretaries of state to demonstrate that even hackers with limited years of experience can easily compromise critical systems. The goal was to break as many voting machine pieces as possible in order to draw attention to the vulnerabilities that will be present in the upcoming 2018 elections.

    The focus on election equipment, however, ignores the greater danger caused by hacking into the diverse collection of sensitive information that flows through political campaigns and the electoral process, and using that to influence and sow distrust among voters. While changing a vote or voting results can be traced back to a particular stakeholder, changing people's understanding of facts is far more insidious.

  • Open Source Security Podcast: Episode 114 - Review of "Click Here to Kill Everybody"

    Josh and Kurt review Bruce Schneier's new book Click Here to Kill Everybody. It's a book everyone could benefit from reading. It does a nice job explaining many existing security problems in a simple manner.

Security: Windows Back Doors, Rogue Kodi Add-on, and Baseband OS (Back Door) in iPhone

Filed under
Security
  • Illegally Released NSA Hacker Tool EternalBlue Being Used to Mine Cryptocurrency [Ed: Microsoft's collusion with NSA for back doors continues to serve crackers well, enriching them.]

    One Year After Their Illegal Release, the NSA’s Classified Exploits Are Still Being Used to Mine Crypto

    One year ago, the National Security Agency suffered one of the worst leaks in its history: a series of classified exploits built by the NSA were stolen and published online. Today, those exploits continue to be used to attack cryptocurrency miners worldwide.

    One of the exploits, called EternalBlue, is a particularly effective backdoor exploit. EternalBlue can be used to silently break into virtually any Windows machine in the world.

    Hackers have used EternalBlue to install ransomware on thousands of computers worldwide. Government organizations, corporations, and even entire towns have ground to a halt due to EternalBlue ransomware attacks.

  • Kodi users fall victim to malware due to malicious add-on
  • x86 finds its way into your iPhone

    The baseband cpu is a standalone core that lives in your phone and is responsible for managing 2g/3g/4g/cdma/5g wireless communications. Given the absurd complexity of these standards, today a baseband cpu must be very powerful and enough general purpose, so the days of custom FPGA based IPs are long gone, at least for the main part. A lot has been said and written about basebands on modern smartphones, so I won’t repeat it. For our purpose, you just need to know that usually basebands are implemented using embedded friendly CPUs, like for example ARM (Cortex-M, Cortex-R or something inbetween), Qualcomm Hexagon (a kind of general purpose, VLIW dsp) or other more or less known architectures.

    Apple is nothing special in this regard, up until the iPhone8/iPhoneX, they used to have two different basebands, one for CDMA markets and one for everything else. The CDMA one was based on Qualcomm Hexagon dsp, while the GSM one was based on Intel XMMxxxx architecture. For those that like to play around with iPhone firmwares, you might have seen MAVxxx and ICExxx files in the ipsw, well those two files contain the firmware respectively for Qualcomm based devices (MAV) and Intel based ones (ICE).

    As you may know, Apple decided to drop Qualcomm and now they’re using exclusively Intel based basebands, so we will concentrate on this.

It's Looking Like WireGuard Could Be Ready In Time For Linux 4.20~5.0

Filed under
Linux
Security

The latest revised patches were sent out on Friday evening for WireGuard, the very promising secure VPN tunnel technology developed over the past few years by Jason Donenfeld.

This marks the fourth time these patches have been revised with this latest series fixing various issues discovered during earlier rounds of review, porting more crypto code to the new Zinc crypto library, documentation improvements, and other code improvements.

Read more

Security: HackRF, WPScan, BGP

Filed under
Security
  • Course Review: Software Defined Radio with HackRF

    Over the past two days, I had the opportunity to attend Michael Ossman’s course “Software Defined Radio with HackRF” at Toorcon XX. This is a course I’ve wanted to take for several years, and I’m extremely happy that I finally had the chance. I wanted to write up a short review for others considering taking the course.

  • WPScan – A Black Box WordPress Vulnerability Scanner

    WordPress is all over the web; it’s the most popular and most used content management system (CMS) out there. Is your website or blog is powered by WordPress? Did you know that malicious hackers are always attacking WordPress sites every minute? If you didn’t, now you know.

    The first step towards securing your website or blog is to perform a vulnerability assessment. This is simply an operation to identify common security loopholes (known to the public), within your site or its underlying architecture.

  • Are BGPs security features working yet?

    This post is a textual version of a talk I gave at NLNOG 2018, You can watch the talk below if that’s your preferred medium: [...]

    BGP has had a problem for quite a while, most of the time when we hear about this in the news outside of the networking word it is referred to as a “BGP Hijack”. Which can be better phrased as “someone routed someone else’s addresses to them”.

Security: Entryism, Alpine Linux, FUD, and Securonix Threat Research on Osiris

Filed under
Security
  • Open Source Security Research Group gets a new office [Ed: "Open Source Security Research Group" = anti-Open Source FUD group connected to Microsoft]
  • Docker fave Alpine Linux suffers bug miscreants can exploit to poison containers

    An infosec bod has documented a remote-code execution flaw in Alpine Linux, a distro that pops up a lot in Docker containers.

    Max Justicz, researcher and creator of crowd-sourced bug bounty system Bountygraph, said on Thursday that the vulnerability could be exploited by someone with man-in-the-middle (MITM) network access, or operating a malicious package mirror, to inject arbitrary code via apk, Alpine's default package manager.

    Justicz said that the vulnerability is particularly dangerous because, first, Alpine is commonly used for Docker images thanks to its small footprint, and second, most of the packages apk handles are not served via secure TLS connections, making them more susceptible to tampering.

    In the worst-case scenario, the attacker could intercept apk's package requests during Docker image building, inject them with malicious code, and pass them along to the target machines that would unpack and run the code within their Docker container.

  • Kodi users on Windows and Linux infected with cryptomining malware [Ed: 1) not many affected. 2) it's due to add-ons, not Kodi. 3) the severity is low because it's mining, not blackmail or destruction of data.]

    What just happened? Unofficial repositories serving third-party add-ons for open source media player Kodi have been serving malicious cryptocurrency mining malware for several months. Fewer than 5,000 victims are estimated but that number could grow as the malware spreads.

  • Securonix Threat Research: KRONOS/Osiris Banking Trojan Attack

    The KRONOS malware was first discovered in June 2014 as a Banker Trojan available for purchase in a Russian underground forum for $7,000 [1]. After staying dormant for few years, a new variant of KRONOS, known as Osiris, was discovered in July 2018, with three distinct campaigns targeting Germany, Japan, and Poland [2]. The new variant contains features like TOR network command and control (C2), keylogging, and remote control via VNC along with older features like form grabbing and web-injection [3].

    [...]

    Infiltration vector(s): The primary infiltration vector used by KRONOS/Osiris malware is phishing email campaigns containing specially crafted Microsoft Word documents/RTF attachments with macro/OLE content that cause malicious obfuscated VB stagers to be dropped and executed. In many scenarios the malware is distributed using exploit kits like RIG EK.

    The malicious document exploits a well-known buffer overflow vulnerability in Microsoft Office Equation Editor Component—CVE-2017-11882—which allows the attacker to perform arbitrary code execution [4][5].

  • KRONOS Trojan, Known For Hacking Bank Accounts, Gets A New Update [Ed: targets Windows]
Syndicate content

More in Tux Machines

Ubuntu MATE 18.10 Released for GPD Pocket PCs, Raspberry Pi Images Coming Soon

Shipping with the latest MATE 1.20.3 desktop environment and Linux 4.18 kernel, Ubuntu MATE 18.10 is now available with updated apps and core components, better hardware support, and, for the first time, images for the GDP Pocket and GDP Pocket 2 handheld computers, along with the generic images for 64-bit Intel PCs. According to Martin Wimpress, Ubuntu MATE 18.10 (Cosmic Cuttlefish) includes some hardware-specific tweaks and other improvements to core components in an attempt to make the Linux-based operating system work out-of-the-box and without any hiccups on both the GDP Pocket and GDP Pocket 2 tiny computers. Read more

Plasma 5.14.2

Today KDE releases a Bugfix update to KDE Plasma 5, versioned 5.14.2. Plasma 5.14 was released in October with many feature refinements and new modules to complete the desktop experience. Read more Also: KDE Plasma 5.14.2 Desktop Environment Improves Firmware Updates, Snap Support

Red Hat and Fedora Leftovers

  • Red Hat: Creativity is risky (and other truths open leaders need to hear)
    Leaders are all too aware of the importance of invention and innovation. Today, the health and wealth of their businesses have become increasingly dependent on the creation of new products and processes. In the digital age especially, competition is more fierce than ever as global markets open and expand. Just keeping pace with change requires a focus on constant improvement and consistent learning. And that says nothing about building for tomorrow.
  • APAC Financial Services Institutions Bank on Red Hat to Enhance Agility
  • APAC banks aim to use open source to enhance agility
  • Huawei CloudFabric Supports Container Network Deployment Automation, Improving Enterprise Service Agility
    At HUAWEI CONNECT 2018, Huawei announced that its CloudFabric Cloud Data Center Solution supports container network deployment automation and will be available for the industry-leading enterprise Kubernetes platform via a new plug-in.
  • Redis Labs Integrates With Red Hat OpenShift, Hits 1B Milestone
    Redis Labs is integrating its enterprise platform as a hosted and managed database service on Red Hat’s OpenShift Container Platform. That integration includes built-in support for Red Hat’s recently launched Kubernetes Operator. The Redis Enterprise integration will allow customers to deploy and manage Redis databases as a stateful Kubernetes service. It will also allow users to run Redis Enterprise on premises or across any cloud environment.
  • Needham & Company Starts Red Hat (RHT) at Buy
  • Fedora Toolbox — Hacking on Fedora Silverblue
    Fedora Silverblue is a modern and graphical operating system targetted at laptops, tablets and desktop computers. It is the next-generation Fedora Workstation that promises painless upgrades, clear separation between the OS and applications, and secure and cross-platform applications. The basic operating system is an immutable OSTree image, and all the applications are Flatpaks. It’s great! However, if you are a hacker and decide to set up a development environment, you immediately run into the immutable OS image and the absence of dnf. You can’t install your favourite tools, editors and SDKs the way you’d normally do on Fedora Workstation. You can either unlock your immutable OS image to install RPMs through rpm-ostree and give up the benefit of painless upgrades; or create a Docker container to get an RPM-based toolbox but be prepared to mess around with root permissions and having to figure out why your SSH agent or display server isn’t working.
  • Fedora 28 : Alien, Steam and Fedora distro.

Raspberry Pi: Hands-on with the updated Raspbian Linux

wrote last week about the new Raspbian Linux release, but in that post I was mostly concerned with the disappearance of the Wolfram (and Mathematica) packages, and I didn't really do justice to the release itself. So now I have continued with installing or upgrading it on all of my Raspberry Pi systems, and this post will concentrate on the process and results from that. First, the new ISO images are available from the Raspberry Pi Downloads page (as always), and the Release Notes have been added to the usual text document. I have only downloaded the plain Raspbian images, I don't bother with the NOOBS images much any more - but the new ISO is included in those as well of course. Please note that the SHA-256 checksum for the images is given on the web page, so be sure to verify that before you continue with the file that you downloaded. If you prefer stronger (or weaker) verification, you can find a PGP signature (and an SHA-1 checksum) on the Raspbian images download page. Read more