Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Submitted by Roy Schestowitz on Sunday 17th of June 2018 08:15:00 PM Filed under
Security
  • Hackers May Have Already Defeated Apple’s USB Restricted Mode For iPhone

    Recently, the iPhone-maker announced a security feature to prevent unauthorized cracking of iPhones. When the device isn’t unlocked for an hour, the Lightning port can be used for nothing but charging. The feature is a part of the iOS 12 update, which is expected to launch later this month.

  • Cops Are Confident iPhone Hackers Have Found a Workaround to Apple’s New Security Feature

    Apple confirmed to The New York Times Wednesday it was going to introduce a new security feature, first reported by Motherboard. USB Restricted Mode, as the new feature is called, essentially turns the iPhone’s lightning cable port into a charge-only interface if someone hasn’t unlocked the device with its passcode within the last hour, meaning phone forensic tools shouldn’t be able to unlock phones.

    Naturally, this feature has sent waves throughout the mobile phone forensics and law enforcement communities, as accessing iPhones may now be substantially harder, with investigators having to rush a seized phone to an unlocking device as quickly as possible. That includes GrayKey, a relatively new and increasingly popular iPhone cracking tool. But forensics experts suggest that Grayshift, the company behind the tech, is not giving up yet.

  • How Secure Are Wi-Fi Security Cameras?
  • Trump-Kim Meeting Was a Magnet For Russian Cyberattacks
»

Security Leftovers

Submitted by Roy Schestowitz on Sunday 17th of June 2018 10:30:10 AM Filed under
Security
  • Vendors, Disclosure, and a bit of WebUSB Madness

    Was there any specific bug to report before we gave the talk? No, because it was widely discussed in the security scene that WebUSB is a bad idea. We believe we have demonstrated that by showing how it breaks U2F. There was no single issue to report to Google or Yubico, but a public discussion to trigger so WebUSB is fixed.

    [...]

    I do not know what “private outreach” means and why Yubico lied about being unable to replicate our findings in a call on March 2nd, even though they had it apparently working internally.

  • Librarian Sues Equifax Over 2017 Data Breach, Wins $600

    “The small claims case was a lot more about raising awareness,” said West, a librarian at the Randolph Technical Career Center who specializes in technology training and frequently conducts talks on privacy and security.

    “I just wanted to change the conversation I was having with all my neighbors who were like, ‘Ugh, computers are hard, what can you do?’ to ‘Hey, here are some things you can do’,” she said. “A lot of people don’t feel they have agency around privacy and technology in general. This case was about having your own agency when companies don’t behave how they’re supposed to with our private information.”

  • On the matter of OpenBSD breaking embargos (KRACK)
  • The UK's worst public sector IT disasters
»

Lazy FPU Vulnerability Now Patched for Red Hat Enterprise Linux 7, CentOS 7 PCs

Submitted by Rianne Schestowitz on Sunday 17th of June 2018 12:18:57 AM Filed under
Security

Red Hat promised to release patches for the new speculative execution security vulnerability (CVE-2018-3665), which affects the "lazy restore" function for floating point state (FPU) in modern processors, leading to the leak of sensitive information, and the patches are now available for all Red Hat Enterprise Linux 7 users. The company urges everyone using any of the systems listed below to update immediately.

Affected systems include Red Hat Enterprise Linux Server 7, Red Hat Enterprise Linux Server - Extended Update Support 7.5, Red Hat Enterprise Linux Workstation 7, Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux 7 for IBM System z, POWER, ARM64 systems, Red Hat Enterprise Linux for Scientific Computing 7, Red Hat Enterprise Linux EUS Compute Node 7.5, and Red Hat Virtualization Host 4.

Read more

»

Security Leftovers

Submitted by Roy Schestowitz on Friday 15th of June 2018 08:43:05 PM Filed under
Security
»

Security: Cortana Hole, Docker Hub Woes, and Intel FPU Speculation Vulnerability

Submitted by Roy Schestowitz on Friday 15th of June 2018 04:07:36 AM Filed under
Security
»

Security: Intel, Updates and More

Submitted by Roy Schestowitz on Thursday 14th of June 2018 07:10:34 PM Filed under
Security
  • New Lazy FP State Restore Vulnerability Affects All Intel Core CPUs
  • CVE-2018-3665: Floating Point Lazy State Save/Restore vulnerability affects Intel chips
  • New flaw in Intel processors can be exploited in a similar way to Spectre

    A new security vulnerability has been found in Intel’s family of Core processors, along similar lines of the major Spectre bug that has been making headlines all year. Thankfully, this one appears to be less severe – and is already patched in modern versions of Windows and Linux.

    The freshly-discovered hole is known as the ‘Lazy FP state restore’ bug, and like Spectre, it is a speculative execution side channel attack. Just a few weeks back, we were told to expect further spins on speculative execution attack vectors, and it seems this is one.

    Intel explains: “Systems using Intel Core-based microprocessors may potentially allow a local process to infer data utilizing Lazy FP state restore from another process through a speculative execution side channel.”

  • openSUSE Leap 15 Now Offering Images for RPis, Another Security Vulnerability for Intel, Trusted News Chrome Extension and More

    Intel yesterday announced yet another security vulnerability with its Core-based microprocessors. According to ZDNet, Lazy FP state restore "can theoretically pull data from your programs, including encryption software, from your computer regardless of your operating system." Note that Lazy State does not affect AMD processors.

  • Security updates for Thursday
  • FBI: Smart Meter [Cracks] Likely to Spread

    A series of [cracks] perpetrated against so-called “smart meter” installations over the past several years may have cost a single U.S. electric utility hundreds of millions of dollars annually, the FBI said in a cyber intelligence bulletin obtained by KrebsOnSecurity. The law enforcement agency said this is the first known report of criminals compromising the hi-tech meters, and that it expects this type of fraud to spread across the country as more utilities deploy smart grid technology.

  • Introducing Graphene-ng: running arbitrary payloads in SGX enclaves

    A few months ago, during my keynote at Black Hat Europe, I was discussing how we should be limiting the amount of trust when building computer systems. Recently, a new technology from Intel has been gaining popularity among both developers and researchers, a technology which promises a big step towards such trust-minimizing systems. I’m talking about Intel SGX, of course.

»

Security: Windows Ransomware, Cortana Holes, Google Play Protect and More

Submitted by Roy Schestowitz on Thursday 14th of June 2018 12:03:05 PM Filed under
Security
  • The worst types of ransomware attacks
  • Patched Cortana Bug Let Hackers Change Your Password From the Lock Screen
  • What is Google Play Protect and How Does it Keep Android Secure?
  • ​Another day, another Intel CPU security hole: Lazy State

    Once upon a time, when we worried about security, we worried about our software. These days, it's our hardware, our CPUs, with problems like Meltdown and Spectre, which are out to get us. The latest Intel revelation, Lazy FP state restore, can theoretically pull data from your programs, including encryption software, from your computer regardless of your operating system.

    Like its forebears, this is a speculative execution vulnerability. In an interview, Red Hat Computer Architect Jon Masters explained: "It affects Intel designs similar to variant 3-a of the previous stuff, but it's NOT Meltdown." Still, "It allows the floating point registers to be leaked from another process, but alas that means the same registers as used for crypto, etc." Lazy State does not affect AMD processors.

  • Eric S. Raymond on Keeping the Bazaar Secure and Functional
  • Purple testing and chaos engineering in security experimentation

    The way we use technology to construct products and services is constantly evolving, at a rate that is difficult to comprehend. Regrettably, the predominant approach used to secure design methodology is preventative, which means we are designing stateful security in a stateless world. The way we design, implement, and instrument security has not kept pace with modern product engineering techniques such as continuous delivery and complex distributed systems. We typically design security controls for Day Zero of a production release, failing to evolve the state of our controls from Day 1 to Day (N).

    This problem is also rooted in the lack of feedback loops between modern software-based architectures and security controls. Iterative build practices constantly push product updates, creating immutable environments and applying complex blue-green deployments and dependencies on ever-changing third-party microservices. As a result, modern products and services are changing every day, even as security drifts into the unknown.

»

Security Leftovers

Submitted by Roy Schestowitz on Thursday 14th of June 2018 01:54:20 AM Filed under
Security
»

Red Hat Responds to New Speculative Execution Vulnerability, Patches Coming Soon

Submitted by Rianne Schestowitz on Thursday 14th of June 2018 12:35:43 AM Filed under
Red Hat
Security

Red Hat is the top open-source software company known for their Red Hat Enterprise Linux (RHEL) operating system, and they're always quick to address newly discovered security vulnerabilities that not only affect its enterprise-ready operating system but the entire Open Source and Free Software community.

Many modern microprocessors leverage the "lazy restore" function for floating point state (FPU), which is used when needed for improving the overall performance of the system when saving and restoring the state of apps in the internal memory when switching from one application to another.

Read more

»

Fun With Microsoft

Submitted by Roy Schestowitz on Wednesday 13th of June 2018 04:56:30 PM Filed under
Security
  • Intelligence agency National Cyber Security Centre is working with Dixons Carphone on huge data breach

    The National Cyber Security Centre (NCSC), part of GCHQ, said today it is working with Dixons Carphone on mitigation measures, after the retailer said it was investigating a data breach involving 5.9m payment cards and 1.2m personal data records.

    The company announced earlier on that there was an attempt to compromise 5.9m cards in one of the processing systems of Currys PC World and Dixons Travel stores.

  • Spy agency investigates Dixons Carphone bank card data breach
  • Want to Break Into a Locked Windows 10 Device? Ask Cortana (CVE-2018-8140)
  • Cortana Flaw Lets Hackers Access Data, Reset Password On Locked Windows 10 PCs

    Security researchers have found a critical flaw in Windows 10 where Cortana can be manipulated into executing Powershell commands on locked devices.

    Attackers can misuse this vulnerability to retrieve confidential data, reset the password, log into a device, and even execute codes from above the lock screen. The only sense of satisfaction is that it requires physical access to the device.

  • Windows 10 Cumulative Update KB4284835 Might Be Failing to Install as Well

    Windows 10 April 2018 Update has received a new cumulative update as part of this month’s Patch Tuesday cycle, and although it seemed to install correctly at first, it looks like some users are now hitting issues with this new release.
    Windows 10 cumulative update KB4284835 brings several important fixes and it resolves a bug causing the April 2018 Update to fail with a black screen on a number of systems.

    Microsoft says it’s aware of just one known issue in this cumulative update, but as it turns out, KB4284835 fails to install in some cases, eventually causing an infinite loop where the update is listed as successfully installed, only to be re-offered again after every boot.

    There are several posts on reddit pointing to such an issue, and for the time being, no workaround appears to be available. Manually installing the update does not correct this behavior.

»
Syndicate content

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6