Language Selection

English French German Italian Portuguese Spanish

Security

Security: BoE, North Korea, Russia

Filed under
Security

  • Bank of England stages day of war games to combat cyber-attacks [iophk: "neglects to implicate Windows as the key facilitator of attacks, both by making victims vulnerable and by providing a platform for attackers"]

    Up to 40 firms are taking part in the voluntary exercise, alongside the BoE, the Treasury, City regulator the Financial Conduct Authority and UK Finance, the industry trade body.

  • North Korean hackers filched tens of millions from cash machines in ATM heist

    Symantec reports that the scheme has been going on for some time, and while the 2018 attack targeted 23 countries in Africa and Asia, the US government reports a similar attack in 2017 which saw 30 nations' ATMs breached simultaneously.

    The good news - well, goodish - is that all Trojan.Fastcash attacks seem to have hit servers running outdated software.

  • The US Military Just Publicly Dumped Russian Government Malware Online

    The malware itself does not appear to still be active. A spokesperson for Symantec told Motherboard in an email that the command and control servers—the computers that tell the malware what commands to run or store stolen data—are no longer operational. The spokesperson added that Symantec detected the sample when the company updated its detection tools a couple of months ago.

Security and DRM

Filed under
Security
  • The Morris Worm Turns 30
  • DJI Fixes Massive Vulnerability In User Accounts That Could’ve Allowed Hackers To Take Control Of Your Drone And Steal Personal Information

    DJI drones are the hot trend of 21st century. However, as functional and well built they are, some vulnerabilities in them could pose serious threat to your security. As these drones rely on a DJI account to be functional, you can land in serious trouble if a hacker gains access to your account. The hacker may access your drone and fly or crash it into a sensitive more or no fly zone. Not only that, personal information can also be accessed through the exploit and that may put you in more danger.

  • Denuvo: Every Download Is A Lost Sale For This Anonymous AAA Title We're Referencing, So Buy Moar Dunuvo!

    The saga of antipiracy DRM company Denuvo is a long and tortured one, but the short version of it is that Denuvo was once a DRM thought to be unbeatable but which has since devolved into a DRM that cracking groups often beat on timelines measured in days if not hours. Denuvo pivoted at that point, moving on from boasting at the longevity of its protection to remarking that even this brief protection offered in the release windows of games made it worthwhile. Around the same time, security company Irdeto bought Denuvo and rolled its services into its offering.

    And Irdeto apparently wants to keep pushing the line about early release windows, but has managed to do so by simply citing some unnamed AAA sports game that it claims lost millions by being downloaded instead of using Denuvo to protect it for an unspecified amount of time.

  • Denuvo Research Claims Unnamed “major sports title” Lost $21m in Revenue Because of Piracy [Ed: Amplifying the lies of disgraced DRM firm Denuvo]

    Denuvo, the infamous video game anti-piracy software provider, was acquired by Irdeto earlier this year in January. In a statement posted on Irdeto’s website, the software company shared research results which claim game piracy caused a potential loss of $21 million for an unnamed AAA sports title in the two weeks following its release.

Security Updates and FUD

Filed under
Security
  • Security updates for Friday
  • Linux CryptoMiners Are Now Using Rootkits to Stay Hidden [Ed: This impacts already-cracked machines; unlike Windows, where rootkits come though official channels like CD-ROM (Sony)]

    As the popularity of cryptocurrency rises, so does the amount of cryptominer Tojans that are being created and distributed to unsuspecting victims. One problem for cryptominers, though, is that the offending process is easily detectable due to their heavy CPU utilization.

    To make it harder to spot a cryptominer process that is utilizing all of the CPU, a new variant has been discovered for Linux that attempts to hide its presence by utilizing a rootkit.

    According to a new report by TrendMicro, this new cryptominer+rootkit combo will still cause performance issues due to the high CPU utilization, but administrators will not be able to detect what process is causing it.

    "We recently encountered a cryptocurrency-mining malware (detected by Trend Micro as Coinminer.Linux.KORKERDS.AB) affecting Linux systems," stated a report by TrendMicro. "It is notable for being bundled with a rootkit component (Rootkit.Linux.KORKERDS.AA) that hides the malicious process’ presence from monitoring tools. This makes it difficult to detect, as infected systems will only indicate performance issues. The malware is also capable of updating and upgrading itself and its configuration file."

  • Linux cryptocurrency miners are installing rootkits to hide themselves [Ed: By hiring Catalin Cimpanu CBS ZDNet basically imported the same misleading headlines and style as the sensationalist Bleeping Computer (above, where he came from). Because all CBS judges "success" by is clicks and ad impressions.]

Security: DJI, Electronic Arts, ZTE, Red Hat

Filed under
Security

Security: Updates, VirtualBox Zero-Day Vulnerability, Red Hat Enterprise Linux FIPS 140-2, Extended Security Maintenance

Filed under
Security
  • Security updates for Thursday
  • VirtualBox Zero-Day Vulnerability Goes Public, No Security Patch Yet Available

    A zero-day vulnerability in VirtualBox was publicly disclosed by an independent vulnerability researcher and exploit developer Sergey Zelenyuk. VirtualBox is a famous open sourced virtualization software which has been developed by Oracle. This recently discovered vulnerability can allow a malicious program to escape virtual machine and then execute code on OS of the host machine.

  • Red Hat Continues Drive for More Secure Enterprise IT, Re-Certifies Red Hat Enterprise Linux for FIPS 140-2
  • Keep legacy applications secure with Extended Security Maintenance

    Application updates come and go, often they provide your business with added value, but sometimes an update isn’t what is needed or wanted for a legacy application.

    Choosing not to update an application can cause issues. Often, that application becomes unsupported, and with security patches no longer available, it can see your business falling foul of regulatory demands, such as GDPR or security threats.

    Ubuntu LTS users have a five-year window for support, for ITstrategen, when that window came to an end on 12.04, some of ITstrategen’s customers still depended on servers running the now out of support operating system and without support, the security of those servers was at risk.

    The German hosting provider, which was founded in 2011 and supports some of Germany’s most successful businesses, uses Ubuntu as its server operating system.

Security: Secure Shell, MasterPeace, “Dark Web Scan” and Reproducible Builds

Filed under
Security
  • Secure Shell: What is SSH?

    So, here is my ode to Secure Shell for those that are unaware of SSH (It will not be any kind of artistic prose.) Many outside of the technology world may not realize how oft-utilized and important SSH and, indeed, shelling is in our everyday technological lives. This article will examine SSH and shelling, in general, and go over some of the technical aspects that encompass SSH and secure shell.

  • A Columbia cyber firm’s open source project is looking to improve IoT security

    Columbia-based MasterPeace Solutions is working on an open source project to address security vulnerabilities in Internet of Things devices.

    osMUD is aimed at protecting internet-connected devices used at homes and small businesses. The project was shared with the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence, which is based in Rockville, according to MasterPeace.

    Now, the cybersecurity firm will participate in a consortium that was formed around the effort that looks to bring together bring together device manufacturers, network security companies, and network administrators. Participating organizations include Cable Labs, Cisco, CTIA, Digicert, ForeScout, Global Cyber Alliance, Patton, and Symantec. Each organization will provide code and expertise to the effort. MasterPeace is providing network security engineering and defense operations expertise. The longtime government contractor has previously shown willingness to gather the community in recent years with efforts like an in-house accelerator.

  • What is a “Dark Web Scan” and Should You Use One?

    The “dark web” consists of hidden websites that you can’t access without special software. These websites won’t appear when you use Google or another search engine, and you can’t even access them unless you go out of your way to use the appropriate tools.

    For example, the Tor software can be used for anonymous browsing of the normal web, but it also hides special sites known as “.onion sites” or “Tor hidden services.” These websites use Tor to cloak their location, and you only access them through the Tor network.

  • Reproducible Builds Joins Conservancy

    We are very excited to announce the Reproducible Builds project as our newest member project. Reproducible builds is a set of software development practices that create an independently-verifiable path from the source code to the binary code used by computers. This ensures that the builds you are installing are exactly the ones you were expecting, which is critical for freedom, security and compatibility and exposes injections of backdoors introduced by compromising build servers or coercing developers to do so via political or violent means.

    The Reproducible Builds project, which began as a project within the Debian community, joins our other adjacent work around this distribution, such as the Debian Copyright Aggregation Project. Reproducible Builds is also critical to Conservancy's own compliance work: a build that cannot be verified may contain code that triggers different license compliance responsibilities than those which the recipient is expecting. Unaccounted-for code makes it hard for anyone who distributes software to guarantee that they are doing so responsibly and with care for those who receive the software.

Security Leftovers

Filed under
Security

This MIT PhD Wants to Replace America's Broken Voting Machines with Open Source Software, Chromebooks, and iPads

Filed under
OSS
Security

Tuesday morning, as millions of Americans lined up at their polling places to participate in the often quite literally broken democratic process, a new Twitter account tweeted a link to a short manifesto: “today’s voting machines are often insecure, not particularly easy-to-use, and so expensive that they’re often used much longer than they were designed for and election officials are forced to hunt for replacement parts on eBay. The market has failed us.”

The announcement, from a new nonprofit called VotingWorks, ended with a promise to build a “secure, affordable, open-source voting machine” from the ground up. The letter wasn’t signed, but it’s the work of Ben Adida, a software developer who has studied voting machines for more than 20 years and had a PhD from MIT in secure voting.

“I thought this launch would be pretty quiet, I thought it would be buried in the news of the actual election, but already a lot of people have reached out to volunteer to make it happen,” Adida told me on the phone. “It’s super early days, but the response to the announcement shows that people are hungry for this.”

Adida says that VotingWorks plans to use already existing, commodity hardware and open-source software to compete with the proprietary, expensive, and often insecure voting machines that currently dominate the market. He pitches it as an attempt to rethink voting machine from “first principles,” to reconsider what a voting machine is.

Read more

Plasma 5.14.3 update for Cosmic backports PPA

Filed under
KDE
Security

We are pleased to announce that the 3rd bugfix release of Plasma 5.14, 5.14.3, is now available in our backports PPA for Cosmic 18.10.

The full changelog for 5.14.3 can be found here.

Already released in the PPA is an update to KDE Frameworks 5.51.

Read more

Security: HardenedBSD, BitLocker, Updates, Google Play, Ubuntu and Reproducible Builds

Filed under
Security
  • Stable release: HardenedBSD-stable 11-STABLE v1100056.8
  • Your Data Might Be At Risk Even In Encrypted Drives, Researchers Find Major Vulnerabilities In Hardware Encryption Present In Some SSDs [Ed: BitLocker is fake encryption. Microsoft put back doors in it.]

    Talking about software, BitLocker is a full-disk encryption software offered by Windows. Although the researchers show its very unreliable. It uses the hardware encryption present on the drives by default, thus the vulnerabilities remain. The researchers state “BitLocker, the encryption software built into Microsoft Windows, can make this kind of switch to hardware encryption but offers the affected disks no effective protection in these cases. Software encryption built into other operating systems (such as macOS, iOS, Android, and Linux) seems to be unaffected if it does not perform this switch.” This can be fixed by forcing software encryption on BitLocker.

  • Security updates for Tuesday
  • Banking Trojans sneaked into Google Play store disguised as apps

    Malware authors keep testing the vigilance of Android users by sneaking disguised mobile banking Trojans into the Google Play store. We’ve recently analyzed a set of 29 such stealthy Trojans, found in the official Android store from August until early October 2018, masquerading as device boosters and cleaners, battery managers and even horoscope-themed apps.

  • These Apps On Google Play Store Can Steal Your Bank Details
  • How Ubuntu is at the forefront of security & compliance

    Whether it is HIPAA, MiFID II or GDPR, the importance of being compliant cannot be underestimated. Protecting your customers and avoiding the significant financial and reputational ramifications that threaten non-compliant organisations, is a must, and this starts with the technology powering your enterprise.

    Ubuntu is used by businesses spanning all sizes, industries and geographies, and at the foundation of the relationship between Ubuntu and its users is trust and the assurance that Ubuntu will provide a compliant platform upon which to conduct business.

    Canonical, the company behind Ubuntu, provides businesses with compliance-enabling technologies. The Landscape management tool can help ensure the latest patches are in place, avoiding negligence in complying with GDPR data standards.

  • Reproducible Builds: Weekly report #184
Syndicate content

More in Tux Machines

today's leftovers

OSS Leftovers

  • #RecruitmentFocus: Open source skills in high demand
    The unemployment rate in South Africa rose to 27.5% in the third quarter of 2018, while the demand for skills remains high - leaving an industry conundrum that is yet to be solved. According to SUSE, partnerships that focus on upskilling graduates and providing real-work skills, as well as placement opportunities - could be exactly what the industry in looking for.
  • Stable: not moving vs. not breaking
    There are two terms that brings a heavy controversy in the Open Source world: support and stable. Both of them have their roots in the “old days” of Open Source, where its commercial impact was low and very few companies made business with it. You probably have read a lot about maintenance vs support. This controversy is older. I first heard of it in the context of Linux based distributions. Commercial distribution had to put effort in differentiating among the two because in Open SOurce they were used indistictly but not in business. But this post is about the adjectivet stable…
  • Cameron Kaiser: A thank you to Ginn Chen, whom Larry Ellison screwed
    Periodically I refresh my machines by dusting them off and plugging them in and running them for a while to keep the disks spinnin' and the caps chargin'. Today was the day to refurbish my Sun Ultra-3, the only laptop Sun ever "made" (they actually rebadged the SPARCle and later the crotchburner 1.2GHz Tadpole Viper, which is the one I have). Since its last refresh the IDPROM had died, as they do when they run out of battery, resetting the MAC address to zeroes and erasing the license for the 802.11b which I never used anyway. But, after fixing the clock to prevent GNOME from puking on the abnormal date, it booted and I figured I'd update Firefox since it still had 38.4 on it. Ginn Chen, first at Sun and later at Oracle, regularly issued builds of Firefox which ran very nicely on SPARC Solaris 10. Near as I can determine, Oracle has never offered a build of any Firefox post-Rust even to the paying customers they're bleeding dry, but I figured I should be able to find the last ESR of 52 and install that. (Amusingly this relic can run a Firefox in some respects more current than TenFourFox, which is an evolved and patched Firefox 45.)
  • Protecting the world’s oceans with open data science
    For environmental scientists, researching a single ecosystem or organism can be a daunting task. The amount of data and literature to comb through (or create) is often overwhelming. So how, then, can environmental scientists approach studying the health of the world’s oceans? What ocean health means is a big question in itself—oceans span millions of square miles, are home to countless species, and border hundreds of countries and territories, each of which has its own unique marine policies and practices. But no matter how daunting this task may seem, it’s a necessary and vital one. So in 2012, the National Center for Ecological Analysis and Synthesis (NCEAS) and Conservation International publicly launched the Ocean Health Index (OHI), an ambitious initiative to measure the benefits that oceans provide to people, including clean water, coastal protections, and biodiversity. The idea was to create an annual assessment to document major oceanic changes and trends, and in turn, use those findings to craft better marine policy around the world.

Openwashing Leftovers

The Last Independent Mobile OS

The year was 2010 and the future of mobile computing was looking bright. The iPhone was barely three years old, Google’s Android had yet to swallow the smartphone market whole, and half a dozen alternative mobile operating systems—many of which were devoutly open source—were preparing for launch. Eight years on, you probably haven’t even heard of most of these alternative mobile operating systems, much less use them. Today, Android and iOS dominate the global smartphone market and account for 99.9 percent of mobile operating systems. Even Microsoft and Blackberry, longtime players in the mobile space with massive revenue streams, have all but left the space. Then there’s Jolla, the small Finnish tech company behind Sailfish OS, which it bills as the “last independent alternative mobile operating system.” Jolla has had to walk itself back from the edge of destruction several times over the course of its seven year existence, and each time it has emerged battered, but more determined than ever to carve out a spot in the world for a truly independent, open source mobile operating system. After years of failed product launches, lackluster user growth, and supply chain fiascoes, it’s only been in the last few months that things finally seem to be turning to Jolla’s favor. Over the past two years the company has rode the wave of anti-Google sentiment outside the US and inked deals with large foreign companies that want to turn Sailfish into a household name. Despite the recent success, Jolla is far from being a major player in the mobile market. And yet it also still exists, which is more than can be said of every other would-be alternative mobile OS company. Read more