Language Selection

English French German Italian Portuguese Spanish

Security

Security: Linux 5.2 Dissection, New Patches, New ZDNet (CBS) FUD and Kali NetHunter App Store

Filed under
Linux
Security
  • Kees Cook: security things in Linux v5.2

    Gustavo A. R. Silva is nearly done with marking (and fixing) all the implicit fall-through cases in the kernel. Based on the pull request from Gustavo, it looks very much like v5.3 will see -Wimplicit-fallthrough added to the global build flags and then this class of bug should stay extinct in the kernel.

    That’s it for now; let me know if you think I should add anything here. We’re almost to -rc1 for v5.3!

  • Security updates for Wednesday

    Security updates have been issued by Debian (libreoffice), Red Hat (thunderbird), SUSE (ardana and crowbar, firefox, libgcrypt, and xrdp), and Ubuntu (nss, squid3, and wavpack).

  • Malicious Python libraries targeting Linux servers removed from PyPI [Ed: Python does not run only on Linux, but Microsoft-funded sites like ZDNet (CBS) look for ways to blame everything on "Linux", even malicious software that gets caught in the supply chain]
  • Malicious Python Libraries Discovered on PyPI, Offensive Security Launches the Kali NetHunter App Store, IBM Livestreaming a Panel with Original Apollo 11 Technicians Today, Azul Systems Announces OpenJSSE and Krita 4.2.3 Released

    Offensive Security, the creators of open-source Kali Linux, has launched the Kali NetHunter App Store, "a new one stop shop for security relevant Android applications. Designed as an alternative to the Google Play store for Android devices, the NetHunter store is an installable catalogue of Android apps for pentesting and forensics". The press release also notes that the NetHunter store is a slightly modified version of F-Droid: "While F-Droid installs its clients with telemetry disabled and asks for consent before submitting crash reports, the NetHunter store goes a step further by removing the entire code to ensure that privacy cannot be accidentally compromised". See the Kali.org blog post for more details.

OPNsense 19.7 "Jazzy Jaguar" released

Filed under
OS
Security

For four and a half years now, OPNsense is driving innovation through
modularising and hardening the open source firewall, with simple
and reliable firmware upgrades, multi-language support, HardenedBSD
security, fast adoption of upstream software updates as well as clear
and stable 2-Clause BSD licensing.

19.7, nicknamed "Jazzy Jaguar", embodies an iteration of what should be
considered enjoyable user experience for firewalls in general: improved
statistics and visibility of rules, reliable and consistent live logging
and alias utility improvements.  Apart from the usual upgrades of third
party software to up-to-date releases, OPNsense now also offers built-in
remote system logging through Syslog-ng, route-based IPsec, updated
translations with Spanish as a brand new and already fully translated
language and newer Netmap code with VirtIO, VLAN child and vmxnet support.

Last but not least we would like to thank m.a.x. it for their sponsorship
of the default gateway priority switching feature and their continued work
of writing and maintaining plenty of community plugins.  This time around,
Maltrail, Netdata and WireGuard VPN have been freshly added to the mix.


Read more

Security and Spying With Listening Devices (Google, Amazon, Microsoft)

Filed under
Security
  • Was DNS intentionally designed to be insecure?

    but noone considered that now-controversial near-truism at all when the core internet protocols were first designed and implemented. the idea of abuse was considered novel in the 1990's when commercialization and privatization brought abuse into the internet world and burst the academic bubble. a lot of old timers blamed AOL and MSN and even Usenet for the problems, but in actuality, it's what humans _always_ do at scale. putting the full spectrum of human culture atop a technology platform designed for academic and professional culture should have been understood to be a recipe for disaster.

  • Smart meters in England are mysteriously switching to Welsh

    Bulb says that the problem has occurred in around 200 cases and that it takes five steps to fix it, though if you don't know Welsh, you'll need to get Bulb to talk you through it by way of numbers of button pushes.

    "While we think Welsh is a great language, we understand that in many cases people will want their display to be in English." it jibbered in a statement.

  • 'Defnydd heddiw': Smart meter displays in England turn Welsh in bizarre language glitch

    One customer, James Tombs, who lives well over 100 miles from the Welsh border, in West Sussex, told us: "I don't live in Wales and don't know Welsh. One day I saw my meter was in Welsh but ignored it as I was busy. I then came back to it later and realised that the screen was locked, the buttons didn't do anything and the unit wasn't updating. The clock was stuck at 15.47.

  • iOS 13 beta exposes iCloud Keychain passwords and usernames

    This allows for access to iCloud Keychain passwords, which pretty much means access to a whole suite of usernames and passwords stored by Apple's cloud service. We can envision the potential for another iCloud hack, only with leaked nudes of early adopter Apple fanatics rather than celebs indulging their promiscuous sides.

  • Windows 10 will soon allow third-party voice assistants to take precedence over Cortana

    Watch out for the change is 19H2 - which will be the first bi-annual update to the operating system to be a patch rollup, similar to the old Service Packs, instead of a full new build.

  • Google Home integrations are borking left, right and centre

    So what's the problem? Well, from the sound of the workaround, it appears that Google has been mucking about with the API under the hood again.

  • Google Assistant currently can’t connect to Philips Hue lights, fix is in the works

    For the past several months, Google Home owners have been encountering spotty issues between Assitant and Philips Hue products. In recent weeks especially, this problem has only gotten worse, and currently, the two products can’t talk to each other whatsoever. For most users, this results in attempting to unlink and relink a Hue account to Assistant, but that only results in an error when trying to relink the two accounts.

Security Leftovers

Filed under
Security
  • Security updates for Tuesday

    Security updates have been issued by Fedora (expat and radare2), Oracle (thunderbird), Red Hat (389-ds-base, keepalived, libssh2, perl, and vim), Scientific Linux (thunderbird), SUSE (bzip2, kernel, podofo, systemd, webkit2gtk3, and xrdp), and Ubuntu (bash, nss, redis, squid, squid3, and Zipios).

  • Explainer: What is post-quantum cryptography?

    Few of us give much thought to the tiny padlock symbol that appears in our web browsers every time we use an e-commerce site, send and receive emails, or check our bank or credit card accounts. But it’s a signal that the online services are using HTTPS, a web protocol that encrypts the data we send across the internet and the responses we receive. This and other forms of encryption protect all kinds of electronic communications, as well as things like passwords, digital signatures, and health records.

  • Monitoring Linux Logs with Kibana and Rsyslog

    f you are a system administrator, or even a curious application developer, there is a high chance that you are regularly digging into your logs to find precious information in them.

    Sometimes you may want to monitor SSH intrusions on your VMs.

    Sometimes, you might want to see what errors were raised by your application server on a certain day, on a very specific hour. Or you may want to have some insights about who stopped your systemd service on one of your VMs.

    If you pictured yourself in one of those points, you are probably on the right tutorial.

    In this tutorial, we are to build a complete log monitoring pipeline using the ELK stack (ElasticSearch, Logstash and Kibana) and Rsyslog as a powerful syslog server.

    Before going any further, and jumping into technical considerations right away, let’s have a talk about why do we want to monitor Linux logs with Kibana.

  • Critical Vulnerability Found In Ad Inserter WordPress Plugin [Ed: Well, ads are malicious, many are literally malware, so people who put this crap in their site ask for if not deserve the worst.]

    On July 12, Wordfence team(Another popular security plugin for WordPress), discovered a vulnerability called RCE — Remote Code Execution in Ad inserter. This vulnerability can allow an attacker to run any arbitrary PHP code on the site.

    The vulnerability was found in Ad preview module of the plugin where you can preview the ads position, size, etc. before publishing it. This action can only be executed by the WordPress administrators and to ensure this, the plugin writer used WordPress function ‘check_admin_referer()‘ which ensures that the action is being performed by the administrator.

    Wordfence threat intelligence team who discovered this vulnerability said the ‘check_admin_referer()‘ function is not enough protection. check_admin_referer() is designed to protect against CSRF (Cross-site request forgery) and the way it ensures this is by checking if nonce (a one-time token) exists in the request.

  • Wanna work on Debian LTS (and get funded)?

    If you are in Curitiba and are interested to work on Debian LTS (and get paid for that work), please come and talk to me, Debian LTS is still looking for more contributors!

Kali NetHunter App Store – Public Beta

Filed under
GNU
Linux
Security

Kali NetHunter has been undergoing a ton of changes of late. Now supporting over 50 devices and running on Android devices from KitKat (v4.4) to Pie (v9.0), its amazing the extra capabilities that have been introduced.

But, we don’t want to stop there. After a ton of work, we are really excited to introduce the Kali NetHunter App Store!

Read more

Network Security Toolkit 30-11210

Filed under
GNU
Linux
Red Hat
Security

We are pleased to announce the latest NST release: "NST 30 SVN:11210". This release is based on Fedora 30 using Linux Kernel: "kernel-5.1.17-300.fc30.x86_64". This release brings the NST distribution on par with Fedora 30.

Read more

Security: Windows, Books, Apple and More

Filed under
Security
  • Windows 7 Enters the Last Six Months of Support [Ed: Microsoft propagandist (for ages) Bogdan Popa won't advise people to hop over to GNU/Linux (which he lies about, saying Microsoft "loves Linux")]

    According to third-party data provided by NetMarketShare, Windows 7 continues to be one of the most popular choices for desktop users.

  • Security bootcamp: 8 must-read books for leaders

    The threat of cybercrime constantly looms over business leaders – and it becomes more urgent as cyber attacks become more sophisticated. In 2019, security breaches happen more frequently, and the associated financial hit has increased, according to research from Accenture.

    Notably, the report points out that hackers increasingly target humans – the “weakest link in cyber defenses” – at all levels of organizations, through tactics like ransomware and phishing. (Witness the recent wave of ransomware attacks against U.S. cities, large and small.) That’s why it’s becoming essential for everyone – not just security professionals – to be well-versed in risk and their organization’s security efforts.

  • Security scanning your DevOps pipeline

    Security is one of the most important considerations for running in any environment, and using open source software is a great way to handle security without going over budget in your corporate environment or for your home setup. It is easy to talk about the concepts of security, but it's another thing to understand the tools that will get you there. This tutorial explains how to set up security using Jenkins with Anchore.

    There are many ways to run Kubernetes. Using Minikube, a prepackaged virtual machine (VM) environment designed for local testing, reduces the complexity of running an environment.

  • This Is Why We Have Betas. iOS 13 Beta Shows Saved Passwords

    There’s a reason we have beta versions of software: all the kinks need to be worked out. This is also why using beta versions always come with warnings and disclaimers that you’re using the software at your own risk.

    Users of the iOS 13 beta have discovered that there’s a bug that makes it easy to access the data in “Website & App Passwords” in the Settings app. Certainly, this is something Apple needs to get fixed before the official release, expected for September.

  • Hackers breached Bulgaria’s tax agency and leaked the data of 5M people

    Bulgaria has suffered what has been described as the biggest data leak in its history. The stolen data, which hackers emailed to local media on July 15, originates from the country’s tax reporting service – the National Revenue Agency (NRA).

    The breach contains the personal data of 5 million citizens, local outlet Capital reports. To put that into perspective, Bulgaria has a population of 7 million. Among other things, the trove includes personal identifiable numbers, addresses, and even income data.

Security: FOSS Updates, WhatsApp and Telegram, Windows as Malware and Respect to Fernando Corbató

Filed under
Security
  • Security updates for Monday

    Security updates have been issued by CentOS (firefox), Debian (libspring-java, ruby-mini-magick, and thunderbird), Fedora (fossil, python-django, snapd-glib, and thunderbird), openSUSE (helm and monitoring-plugins), Red Hat (cyrus-imapd, thunderbird, and vim), Scientific Linux (vim), Slackware (bzip2), SUSE (bubblewrap, bzip2, expat, glib2, kernel, php7, python3, and tomcat), and Ubuntu (exiv2, firefox, and flightcrew).

  • WhatsApp, Telegram Vulnerable To ‘Media File Jacking’: Change Your Settings Now!

    Instant messaging apps like WhatsApp and Telegram keep your messages encrypted in transit, but once a media file reaches your phone, the same cannot be guaranteed.

    Researchers from Symantec have demonstrated how a vulnerability in WhatsApp and Telegram can be exploited by hackers to hijack the media files that are sent through these services.

  • Windows 7 & security-only telemetry - What gives?

    Sometimes, it is hard to separate fact from emotion when it comes to technology. This does not help the end user, because when people come searching for solutions to genuine concerns like this, they first have to filter through outbursts of pent-up frustration as a result of many years of salesy bullshit.

    From the technological point of view, there's nothing new here. However, the fact you now get non-security nonsense with security means you can't really trust updates from Microsoft anymore. So if anything, this will majestically backfire. People don't like being pushed, and I'm amazed with the repeated attempts to do so, again and again.

  • Fernando Corbató, Early Operating System Pioneer And Password Inventor, Dies At 93

    Corbató and his fellow researchers at MIT made possible much of what we now think of as computing.

  • Professor Emeritus Fernando Corbató, MIT computing pioneer, dies at 93

    Longtime MIT professor developed early “time-sharing” operating systems and is widely credited as the creator of the world's first computer password.

Security Leftovers

Filed under
Security
  • EAP-pwd security issues – SAE (Simultaneous Authentication of Equals) WPA3-Personal – potential full password recovery with weak passwords – CVE-2019-9495, CVE-2019-9497, CVE-2019-9498, CVE-2019-9499

    it might sound strange… and even if it sucks, but if you are concerned about security, call me paranoid but:

    your company’s critical infrastructure SHALL NOT BE REACHABLE BY WIFI! (especially not if you are running a nuclear power plant, just saying… nobody wants meltdown vulnerability of CPUs to actually be able to cause a meltdown)

  • RIP Fernando “Corby” Corbató, inventor of the password (1926-2019)

    Last Friday, legendary MIT computer scientist Fernando “Corby” Corbató passed away at his home in Newton, Massachusetts. He was 93.

    The Oakland-born researcher was responsible for several pivotal advances in the computer science space, most notably the password, which he invented during his pioneering work in computer time sharing.

  • GE Aviation Passwords, Source Code Exposed in Open Jenkins Server [Ed: 'Windows shop' GE needs to hire actual FOSS and GNU/Linux people who know how to properly set up and maintain things. This one is a shot in one's foot.]

    A DNS misconfiguration resulted in an open Jenkins server being available to all.

    A public Jenkins server owned by GE Aviation has exposed source code, plaintext passwords, global system configuration details and private keys from the company’s internal commercial infrastructure.

    GE Aviation, a subsidiary of General Electrics, is among the top commercial aircraft engine suppliers, and offers various airplane components. The server also contained a ReadMe file, outlining all the files it contained and their sensitivity.

  • Open Source Genomic Analysis Software Flaw Patched

    A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions. But the vulnerability was patched before hackers took advantage of it, researchers believe.

Security Leftovers

Filed under
Security
  • France Says Ransomware Attacks on Big Companies Are on the Rise [iophk: Windows TCO]

    Attackers changed strategy in the second half of 2018, ditching smaller companies to go after big corporations, sometimes strategic or vital to the nation’s economy, the ministry said on Tuesday in its 2019 cyber threats report. The trend accelerated this year.

  • New Elections Systems Vulnerable to Hacks, AP Analysis Shows

    An Associated Press analysis has found that like many counties in Pennsylvania, the vast majority of 10,000 election jurisdictions nationwide use Windows 7 or an older operating system to create ballots, program voting machines, tally votes and report counts.

    That’s significant because Windows 7 reaches its “end of life” on Jan. 14, meaning Microsoft stops providing technical support and producing “patches” to fix software vulnerabilities, which hackers can exploit. In a statement to the AP, Microsoft said Friday it would offer continued Windows 7 security updates for a fee through 2023.

  • Unusual Linux Ransomware Targets NAS Servers [Ed: Does not explain how the malware/ransomware gets onto there in the first place and whether it has anything at all to do with "Linux" rather than reckless people who install malware ot very weak passwords. They use a Tux logo/mascot anyway.]

    As for the decision to target NAS, Chris Morales, head of security analytics at Vectra, told Threatpost that it isn’t as common to deploy endpoint monitoring to a Linux dedicated network file server — thus, the QNAPCrypt malware represents the evolution and adaptation of an attack to bypass security controls.

  • Why Trump Caved to China and Huawei

    Everything about the trade war between the United States and China is bewildering. The world’s two largest economies entered a titanic struggle with harsh words and high tariffs, sending shudders through the global economy. Hundreds of billions of dollars of goods on either side stood before tariff walls that seemed unbreachable. Truces would come out of nowhere—as at the 2018 G20 meeting in Buenos Aires—but then they would be set aside by U.S. President Donald Trump in a stream of tweets at odd hours.

    In May, Trump went after Huawei, one of the world’s largest technology firms. The attack this time was not on economic grounds. Trump accused Huawei of being an espionage arm of the Chinese government. Firms from the United States that supplied Huawei with software and chips would no longer be permitted to do so. Trump’s diplomats went on the road to strongarm U.S. allies into no longer using Huawei technology in their countries. Pressure on China resulted in the arrest of Meng Wanzhou, Huawei’s chief financial officer, on charges of bank and wire fraud in relation to U.S. sanctions against Iran. Meng Wanzhou is the daughter of Huawei’s founder, Ren Zhengfei.

Syndicate content

More in Tux Machines

Audiocasts/Shows: Linux in the Ham Shack, FLOSS Weekly, Test and Code

  • LHS Episode #292: Digital Operation Deep Dive

    Welcome to Episode 292 of Linux in the Ham Shack. In this episode, the hosts are joined by Rob, KA2PBT, in a deep disucussion of digital mode operation on the amateur radio bands including what modes are available, the technology behind the creation and operation of those modes and even dive into current controversy behind FCC rules regarding encryption, PACTOR-4 and much more. Thank you for tuning in and we hope you have a wonderful week.

  • FLOSS Weekly 538: Leo Laporte

    Randal Schwartz and Jonathan Bennett talk to Leo Laporte about FLOSS's history and the TWiT Network.

  • Test and Code: 81: TDD with flit

    In the last episode, we talked about going from script to supported package. I worked on a project called subark and did the packaging with flit. Today's episode is a continuation where we add new features to a supported package and how to develop and test a flit based package.

Windows vs Ubuntu

Kubuntu is my favorite derivative of all the Ubuntu-based operating systems. I can not point out any features as favorite because I like all of them. Everything mentioned above is part of my daily workflow. Now when you know all of this it is worth trying them out. I was skeptical at first but later when I built my flow and learned how to utilize these features I can do everything faster, with fewer keystrokes and the most important thing is that I have a nicely organized desktop that helps me to minimize brain fatigue while doing my job. Kubuntu is a great distro to switch to if you’re coming from Windows. They have a quite similar UI, and Kubuntu has all the features Windows has, plus more. Read more

KDE: KDevelop 5.3.3 Released, Latte Dock Update and Release of Kaidan 0.4.1

  • KDevelop 5.3.3 released

    We today provide a stabilization and bugfix release with version 5.3.3. This is a bugfix-only release, which introduces no new features and as such is a safe and recommended update for everyone currently using a previous version of KDevelop 5.3. You can find a Linux AppImage as well as the source code archives on our download page. Windows installers are no longer offered, we are looking for someone interested to take care of that.

  • Latte, Documentation and Reports...

    First Latte beta release for v0.9.0 is getting ready and I am really happy about it :) . But today instead of talking for the beta release I am going to focus at two last minute "arrivals" for v0.9; that is Layouts Reports and Documentation. If you want to read first the previous article you can do so at Latte and "Flexible" settings...

  • Kaidan 0.4.1 released!

    After some problems were encountered in Kaidan 0.4.1, we tried to fix the most urgent bugs.

Security: Linux 5.2 Dissection, New Patches, New ZDNet (CBS) FUD and Kali NetHunter App Store

  • Kees Cook: security things in Linux v5.2

    Gustavo A. R. Silva is nearly done with marking (and fixing) all the implicit fall-through cases in the kernel. Based on the pull request from Gustavo, it looks very much like v5.3 will see -Wimplicit-fallthrough added to the global build flags and then this class of bug should stay extinct in the kernel. That’s it for now; let me know if you think I should add anything here. We’re almost to -rc1 for v5.3!

  • Security updates for Wednesday

    Security updates have been issued by Debian (libreoffice), Red Hat (thunderbird), SUSE (ardana and crowbar, firefox, libgcrypt, and xrdp), and Ubuntu (nss, squid3, and wavpack).

  • Malicious Python libraries targeting Linux servers removed from PyPI [Ed: Python does not run only on Linux, but Microsoft-funded sites like ZDNet (CBS) look for ways to blame everything on "Linux", even malicious software that gets caught in the supply chain]
  • Malicious Python Libraries Discovered on PyPI, Offensive Security Launches the Kali NetHunter App Store, IBM Livestreaming a Panel with Original Apollo 11 Technicians Today, Azul Systems Announces OpenJSSE and Krita 4.2.3 Released

    Offensive Security, the creators of open-source Kali Linux, has launched the Kali NetHunter App Store, "a new one stop shop for security relevant Android applications. Designed as an alternative to the Google Play store for Android devices, the NetHunter store is an installable catalogue of Android apps for pentesting and forensics". The press release also notes that the NetHunter store is a slightly modified version of F-Droid: "While F-Droid installs its clients with telemetry disabled and asks for consent before submitting crash reports, the NetHunter store goes a step further by removing the entire code to ensure that privacy cannot be accidentally compromised". See the Kali.org blog post for more details.