Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • A vigilante hacker may have built a computer worm to protect smart devices

    The worm, known as Hajime, has infected tens of thousands of easy-to-hack products such as DVRs, internet cameras, and routers. However, the program so far hasn’t done anything malicious.

    Instead, the worm has been preventing a notorious malware known as Mirai from infecting the same devices. It’s also been carrying a message written from its developer.

  • vuln disclosure and risk equilibrium
  • How to Look at Mission-Critical Safety in the Internet of Cars

    The autonomous car will redefine how we travel, ship inventory, and design infrastructure. As physical objects become more deeply integrated into the Internet of Things, the connected car will soon become an essential component of the IoT ecosystem.

    An important element as we look towards actually implementing the autonomous car is understanding how mission-critical safety software and the Internet of Cars will operate within the car ecosystem. This is a blog that tries to explain what is happening currently; the importance of creating a security-first approach with open source software; and how we at EPAM are approach and solving some of the common problems.

  • Google tells users with borked WiFi to stop using Windows 10
  • Tanium exposed hospital’s IT while using its network in sales demos

    Starting in 2012, Tanium apparently had a secret weapon to help it compete with the wave of newcomers, which the company's executives used in sales demonstrations: a live customer network they could tap into for product demonstrations. There was just one problem: the customer didn't know that Tanium was using its network. And since the customer was a hospital, the Tanium demos—which numbered in the hundreds between 2012 and 2015, according to a Wall Street Journal report—exposed live, sensitive information about the hospital's IT systems. Until recently, some of that data was shown in publicly posted videos.

  • Tanium CEO Apologizes for Being 'Hard-Edged' After Executive Exodus

    Cybersecurity startup used hospital's computer network for sales pitches without permission

Tails 2.12 Anonymous Live OS Is Out, Drops I2P as Alternative Anonymity Network

Filed under
Security
Debian

The development team behind the popular and open-source Tails amnesic incognito live system announced today, April 19, 2017, the release and immediate availability for download of the Tails 2.12 maintenance update.

Tails 2.12 is the second security update to the Tails 2.x series, and possibly the last one to be published as the development of the major Tails 3.0 release nears its end. Besides addressing various long-standing issues and patching recently discovered security holes, Tails 2.12 ships with the more recent Linux 4.9.13 kernel.

Read more

Oracle Patches Solaris 10

Filed under
Server
Security

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

Ubuntu 16.04 LTS Users Get New Kernel Live Update, 14 Vulnerabilities Patched

Filed under
Security
Ubuntu

If you're using Canonical's kernel live patch update system for rebootless Linux kernel updates, Benjamin M. Romer is informing users about the availability of a major patch.

Read more

Security Leftovers

Filed under
Security
  • Using Microsegmentation to Prevent Security Breaches

    No one likes to admit it but most of what has passed for IT security in the enterprise has historically been rudimentary at best. Most organizations physically segmented their networks behind a series of firewalls deployed at the edge of the network. The trouble is that once malware gets past the firewall it could move laterally almost anywhere in the data center.

    With the rise of network virtualization, a new approach to microsegmenting networks is now possible. The new approach involves using microsegmenting to prevent malware from laterally generating East-West traffic across the data center. Instead of a physical instance of a firewall, there is now a virtual instance of a firewall that is simpler to provision and update.

  • Latest Exploit Dump By Shadow Brokers Contains Easy-To-Use Windows Exploits, Most Already Patched By Microsoft [Ed: Sad to see TechDirt repeating Microsoft's lies in the same way many ‘journalists’ repeated Apple lies after Vault 7 revelations. Some of the holes remain unpatched, and some versions (still under support) will always remain unpatched.]

    Not that those with the latest and greatest should rest easy. The NSA hasn't stopped producing and purchasing exploits. The SB stash was a few years old. Current Microsoft software remains under attack from state intelligence agencies and criminals. But this dump of tools shows just how powerful the NSA's toolkit is -- one made even more dangerous by its apparent ease of use. It makes exploit delivery possible for anyone, not just those with a very specific skillset.

  • Leaked NSA exploits plant a bull's-eye on Windows Server

    Friday’s release of suspected NSA spying tools is bad news for companies running Windows Server. The cyberweapons, which are now publicly available, can easily hack older versions of the OS.

    The Shadow Brokers, a mysterious hacking group, leaked the files online, setting off worries that cybercriminals will incorporate them in their own hacks.

  • The YARA tool for Linux security - part 001.
  • Twistlock 2.0 Improves Container Security and Compliance

    Container security vendor Twistlock is updating its namesake platform with a 2.0 release that aims to help improve container visibility and security.

    Twistlock first debuted its container security platform in November 2015, providing runtime security options for container deployments. The platform has evolved since then with a steady stream of updates. The new Twistlock 2.0 update, includes several enhanced container security capabilities as well as a new backend code infrastructure.

In Defence of Dmitry Bogatov

Filed under
Security
Debian
  • Statement concerning the arrest of Dmitry Bogatov

    The Debian Project is concerned to hear that one of our members, Dmitry Bogatov, has been arrested by Russian authorities.

    Dmitry is a mathematics teacher, and an active Debian contributor. As a Debian Maintainer, he worked in the Debian Haskell group and currently maintains several packages for command line and system tools.

  • Statement regarding Dmitry Bogatov

    What we know right now is that serious accusations of wrongdoing have been made against a valued member of our community, a person who has, among other things, been a Tor relay operator, Debian Developer, GNU developer, and privacy activist. We are collecting facts, monitoring the situation closely, and sharing information with allied organizations and individuals.

  • Debian Issues Statement Over Arrested Russian Developer

    Debian developer Dmitry Bogatov was arrested by Russian authorities for running a Tor exit node and accused of supporting terrorism.

Security Leftovers and Fixes

Filed under
Security

Security and Microsoft Back/Bug Doors

Filed under
Microsoft
Security
  • Security updates for Friday
  • careful with the chrome HSTS

    I mean, yes, I set the HSTS header, but that was with the same cert that chrome is now insisting can’t be trusted. Why in the world would you permanently store “must have trusted cert” on the basis of an untrusted cert?

  • Hacked NSA tools put Windows users at possible risk

    The hacking group known as Shadow Brokers claims to have released National Security Agency malware designed to break into Windows computers. The software could make millions of Microsoft users vulnerable to malicious parties.

    [...]

    The NSA didn't immediately respond to a request for comment. But this isn't the first US intelligence agency whose tools have been leaked to the public. Just last month, WikiLeaks released techniques it claimed the CIA used for breaking into phones, computers, cars and smart TVs.

  • Leaked NSA point-and-pwn hack tools menace Win2k to Windows 8

    The Shadow Brokers have leaked more hacking tools stolen from the NSA's Equation Group – this time four-year-old exploits that attempt to hijack venerable Windows systems, from Windows 2000 up to Server 2012 and Windows 7 and 8.

    The toolkit puts into anyone's hands – from moronic script kiddies to hardened crims – highly classified nation-state-level weaponry that can potentially compromise and commandeer systems around the world. This is the same powerful toolkit Uncle Sam used once upon a time to hack into and secretly snoop on foreign governments, telcos, banks, and other organizations.

  • Microsoft blocks Kaby Lake and Ryzen PCs from Windows 7, 8 updates

    That means all updates, including security updates, will be unavailable on PCs with brand new hardware running the two older operating systems.

  • Microsoft says U.S. foreign intelligence surveillance requests more than doubled

    Microsoft said it received between 1,000 and 1,499 FISA orders for user content between January and June of 2016, compared to between 0 and 499 during both January-June 2015 as well as the second half of 2015.> Microsoft Corp (MSFT.O) said on Thursday it had received at least a thousand surveillance requests from the U.S. government that sought user content for foreign intelligence purposes during the first half of 2016.

Syndicate content

More in Tux Machines

Debian Leftovers: Installer, CI, Stretch, and Devuan Jessie

Fedora Leftovers: Memorial Weekend ISO, LGBTQA Awareness Day and More

Linux 4.12 RC3, Linux Foundation Project Updates

  • Linux 4.12-rc3
    Hey, things continue to look good, and rc3 isn't even very big. I'm hoping there's not another shoe about to drop, but so far this really feels like a nice calm release cycle, despite the size of the merge window. Knock wood. Anyway, rc3 has a little bit of everything. The biggest single change is actually just a documentation update (the intel pstate docs were converted to rst format), so the diffstat actually looks a bit odd with a wuarter just being documentation. There's also some tooling updates (perf and some bpf selftest). But if you ignore those two pieces, it looks pretty normal: two thirds of it being drivers (gpu, nvme, scsi, tty, block), with the remainder being about half networking and haf "misc" (core kernel, header files, XFS, arch updates). Go forth and test, Linus
  • Linux 4.12-rc3 Kernel Released
    Linus Torvalds has announced the third weekly test candidate for the upcoming Linux 4.12 kernel debut. Linus commented of Linux 4.12-rc3 that it isn't a very big release over the prior RCs and so far it's a "nice calm release cycle." The biggest change this past week was actually documentation updates.
  • Linus Torvalds Announced the Third Release Candidate of the Linux 4.12 Kernel
    Even if it's Memorial weekend, Linus Torvalds is on the job announcing the release and immediate availability of the third RC (Release Candidate) milestone of the upcoming Linux 4.12 kernel series.
  • Hyperledger Sawtooth Graduates to Active Status
    We’re happy to share that Hyperledger’s Technical Steering Committee (TSC) has granted the Hyperledger Sawtooth maintainer’s request to advance the project’s status from Incubation to Active. Hyperledger Iroha also graduated today.
  • Stronger Together: How Cloud Foundry Supports Other Communities
    The open source Cloud Foundry application development platform was publicly announced over six years ago, and along the way, we have connected with other projects, adopting technologies from other open source communities as they matured. For example, before Docker was a company or even a project, the Cloud Foundry platform was using Linux containers to isolate deployed applications from one another. Our container implementation wasn’t built in a general purpose way like Docker’s; it wasn’t designed to solve all of the potential use cases for a container runtime. It was designed specifically to support the stateless web applications that Cloud Foundry was initially intended to support, and to do that in a secure, multitenant fashion.

Reasons to use the GNOME 3 desktop environment, cool KDE tweaks, and GNOME integration for Qt based application

  • 11 reasons to use the GNOME 3 desktop environment for Linux
    Late last year, an upgrade to Fedora 25 caused issues with the new version of KDE Plasma that made it difficult for me to get any work done. So I decided to try other Linux desktop environments for two reasons. First, I needed to get my work done. Second, having been using KDE exclusively for many years, I thought it might be time to try some different desktops.
  • Which Linux desktop environment do you prefer?
  • 7 cool KDE tweaks that will change your life
  • Gnome integration for Qt based applications in Flatpak
    Following blog post from Patrick Griffis about new themes support in Flatpak, we started working on supporting this new feature too. Currently wherever you start a Qt application, it would always look like a KDE application or something would be missing, like icons so you would end up with bad experience and mixed feelings. This is going to change now as we now support Gnome in form of icons, widget style and Qt platform theme and with this, when you run a Qt application in Gnome, it will look definitely better and more natively than before. We packaged regular adwaita icons which are used by default in Gnome as extension of freedesktop runtime. For widget style we use adwaita-qt style, which is a Qt style attempting to look like Gtk’s adwaita and the most important part putting this all together is QGnomePlatform, a Qt platform theme which reads your Gnome configuration and applies it to running Qt applications. QGnomePlatform also enforces Qt apps to use adwaita icons and adwaita-qt style by default so that’s another reason why it is important. Both adwaita-qt and QGnomePlatform projects are by the way authored by Martin Bříza, a collegue of mine from Red Hat so if you meet him in person somewhere buy him a beer for that he cares about Qt integration in Gnome :). Now coming to a question how to install this and make it work. Basically all you need to do is install following extensions and you shold be done: