Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers: Russian Critic, NTFS Chaos, CentOS Patches, and British Airways Grounded

Filed under
Security

Security: Samba and WannaCry

Filed under
Security

Security Leftovers

Filed under
Security
  • Security updates for Friday
  • That Nasty Samba Vulnerability Is Now Patched in All Supported Ubuntu Releases

    You might have read the news this morning about a wormable code-execution bug discovered in the Samba free software re-implementation of the SMB/CIFS networking protocol, which existed in Samba for more than 7 years.

  • Why Is Linux More Secure Than Windows?

    When choosing an operating system, there are many different factors that are taken into consideration. However, security is becoming increasingly important. You only need to look at the news to see the increasing number of data breaches that are occurring around the world at present. Choosing an operating system with care is your first step when defending your personal data. With that in mind, read on to discover the reasons why Linux is more secure than Windows.

  • CloudLinux 7 Stable Kernel Security Update Patches Multiple Issues, Update Now

    CloudLinux's Mykola Naugolnyi has announced today the availability of a new stable kernel update for users of the CloudLinux 7 and CloudLinux 6 Hybrid operating systems, addressing multiple security issues and bugs.

    This new CloudLinux 7 stable kernel comes less than 24 hours after the release of the Beta kernel with the same version number, specifically 3.10.0-614.10.2.lve1.4.50, which replaces kernel-3.10.0-427.36.1.lve1.4.47 and is available for download as we speak from the production repository of CloudLinux 7 operating system series.

  • [Older] E-Health Cyber-DOOOOOOM.

    We know the Australian government has one of the worst record of data breaches in the world. So naturally, rather than addressing their incompetencies, the Australian government has decided to roll out an e-health record for every Australian citizen. And it's opt-out only.

  • Chipotle says 'most' of its restaurants were infected with credit card stealing malware

    We browsed through the tool and found that every state Chipotle operates in had restaurants that were breached, including most major cities. The restaurants were vulnerable in various time frames between March 24th and April 18th, 2017. Chipotle also operates another chain called Pizzeria Locale, which was affected by the hack as well.

  • 'Thousands' of known bugs found in pacemaker code

    The other study of the broader device market found only 17% of manufacturers had taken steps to secure gadgets.

  • Kaspersky says no idea why company targeted by US govt [iophk: "dared to show vista7 in an unfavorable light"]
  • Any website can crash your Windows 7 or 8 PC with these four characters

    Here's how the bug works. All a naughty website has to do is use the character string '$MFT' in the directory name where a website keeps its images. Windows expects to see the four characters $MFT only in a special metadate file on your PC. When it sees those characters as a directory name, however, it causes enough problems that an affected PC will begin to slow down and eventually hang. At that point your only recourse is to reboot the machine. In some cases, the problem may even trigger the dreaded blue screen of death (BSOD).

Security Leftovers

Filed under
Security
  • Samba flaw opens Linux systems to remote exploit

    A vulnerability in Samba, the standard Windows interoperability suite of programs for Linux and Unix, can be exploited remotely to gain access to Linux machines that have port 445 exposed.

  • UK cyber chief says directors are devolving responsibility for hacks {sic} [iophk: "a step towards banning Microsoft, yet the article closes with Microsoft talking points"]

    Ciaran Martin, the head of the agency's National Cyber Security Centre (NCSC), said it is unacceptable for boards to plead ignorance about the threat from cyber attacks.

  • Ransomware and the Internet of Things

    But it is a system that's going to fail in the "Internet of things": everyday devices like smart speakers, household appliances, toys, lighting systems, even cars, that are connected to the web. Many of the embedded networked systems in these devices that will pervade our lives don't have engineering teams on hand to write patches and may well last far longer than the companies that are supposed to keep the software safe from criminals. Some of them don't even have the ability to be patched.

    Fast forward five to 10 years, and the world is going to be filled with literally tens of billions of devices that hackers can attack. We're going to see ransomware against our cars. Our digital video recorders and web cameras will be taken over by botnets. The data that these devices collect about us will be stolen and used to commit fraud. And we're not going to be able to secure these devices.

  • Kodi 17.3 Security Update Patches Infamous Subtitle Hack, Ubuntu 14.04 LTS Crash

    The second stable point release of the major Kodi 17 "Krypton" open-source and cross-platform media center was launched the other day, on May 24, 2017, but it was missing some binary add-ons, so Martijn Kaijser announced today Kodi 17.3.

  • Samba vulnerability brings WannaCry fears to Linux/Unix

Security Leftovers

Filed under
Security
  • Check Point Discovers Media Subtitle Vulnerability Impacting Millions
  • How does Rakos malware attack embedded Linux systems?

    Rakos attacks embedded Linux systems using methods similar to those used by the Moose worm, where it tries to brute force the login credentials via SSH on vulnerable devices. When a vulnerable device is found, the malware transfers the malicious binary to the target system and downloads the configuration file that lists the command-and-control (C&C) servers. The malicious binary starts a web server to accept commands from remote systems. The C&C connection can be used to update the malicious binary and the configuration file.

  • Congressional Rep Pushes His 'Hack Back' Bill By Claiming It Would Have Prevented The WannaCry Ransomware Attack
  • Best password management tool.
  • Top hacker conference to target voting machines

    When over 25,000 of them descend on Caesar's Palace in Las Vegas at the end of July for DEFCON, the world's largest hacking conference, organizers are planning to have waiting what they call "a village" of different opportunities to test how easily voting machines can be manipulated.

  • A wormable code-execution bug has lurked in Samba for 7 years. Patch now!

    The seven-year-old flaw, indexed as CVE-2017-7494, can be reliably exploited with just one line of code to execute malicious code, as long as a few conditions are met. Those requirements include vulnerable computers that (a) make file- and printer-sharing port 445 reachable on the Internet, (Cool configure shared files to have write privileges, and (c) use known or guessable server paths for those files. When those conditions are satisfied, remote attackers can upload any code of their choosing and cause the server to execute it, possibly with unfettered root privileges, depending on the vulnerable platform.

  • Dated Linux bug might be key to lesser Wanna Cry

    Linux, the widely used free operating system, uses a module called Samba to share files in the same way Windows does. Older versions of Samba — 3.5 through 4.4 — are vulnerable to an attack that is similar to, but smaller than, the one behind Wanna Cry, the ransomware that caused a worldwide panic earlier this month.

Security Leftovers

Filed under
Security
  • Security updates for Wednesday
  • Microsoft says its best not to fiddle with its Windows 10 group policies (that don't work)

    On Monday, we revealed that a security researcher had used a packet sniffer to show that many settings designed to prevent access to the internet were being ignored with connections to a range of third party servers including advertising hubs.

  • What's got a vast attack surface and runs on Linux? Windows Defender, of course

    Google Project Zero's Windows bug-hunter and fuzz-boffin Tavis Ormandy has given the world an insight into how he works so fast: he works on Linux, and with the release of a personal project on GitHub, others can too.

    Ormandy's project is to port Windows DLLs to Linux for his vuln tests (“So that's how he works so fast!” Penguinistas around the world are saying).

    Typically self-effacing, Ormandy made this simple announcement on Twitter (to a reception mixing admiration, humour, and horror):

  • Hacked in Translation – from Subtitles to Complete Takeover

    Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io. We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years.

  • A Samba remote code execution vulnerability

    Distributors are already shipping the fix; there's also a workaround in the advisory for those who cannot update immediately.

Security Leftovers: HackerOne, Let's Encrypt, and Shadow Brokers

Filed under
Security
  • Security updates for Tuesday
  • HackerOne experience with Weblate

    Weblate has started to use HackerOne Community Edition some time ago and I think it's good to share my experience with that. Do you have open source project and want to get more attention of security community? This post will answer how it looks from perspective of pretty small project.

    I've applied with Weblate to HackerOne Community Edition by end of March and it was approved early in April. Based on their recommendations I've started in invite only mode, but that really didn't bring much attention (exactly none reports), so I've decided to go public.

  • Who Are the Shadow Brokers?

    In 2013, a mysterious group of hackers that calls itself the Shadow Brokers stole a few disks full of National Security Agency secrets. Since last summer, they’ve been dumping these secrets on the internet. They have publicly embarrassed the NSA and damaged its intelligence-gathering capabilities, while at the same time have put sophisticated cyberweapons in the hands of anyone who wants them. They have exposed major vulnerabilities in Cisco routers, Microsoft Windows, and Linux mail servers, forcing those companies and their customers to scramble. And they gave the authors of the WannaCry ransomware the exploit they needed to infect hundreds of thousands of computer worldwide this month.

    After the WannaCry outbreak, the Shadow Brokers threatened to release more NSA secrets every month, giving cybercriminals and other governments worldwide even more exploits and hacking tools.

  • Why Akamai Supports Let's Encrypt

    The Let's Encrypt project has re-shaped the market for SSL/TLS certificates, providing millions of free security certificate to organization around the world.

    Among the many backers of Let's Encrypt is content delivery network platform provider Akamai. In a video interview with eSecurityPlanet, Andy Ellis, Chief Security Officer at Akamai, explains why Let's Encrypt matters and his view on the effort's real value.

  • Security in Serverless: What Gets Better, What Gets Worse?
  • Open Source Security Podcast: Episode 48 - Machine Learning: Not actually magic

    Josh and Kurt have a guest! Mike Paquette from Elastic discusses the fundamentals and basics of Machine Learning. We also discuss how ML could have helped with WannaCry.

4 Great Linux Distros Designed for Privacy and Security

Filed under
GNU
Linux
Security

Conventional security measures like antivirus programs are behind the curve when it comes to modern hackers and malware. Unfortunately, antivirus software and firewalls give users a false sense of security. In reality, new threats are being developed and unleashed into the wild every single day, and even the best antivirus programs have to play catchup.

Recent ransomware attacks (aka. WannaCry) have targeted Windows-based PCs in over 150 countries – cyber security and privacy is incredibly important. Windows and macOS are easy to use and popular; however, they are much more susceptible to malicious code.

Linux is free and open source, which means there are hundreds of “flavors.” These individual distributions are tweaked to different specifications. Security-focused users will be pleased to know that there are a number of Linux distros designed with security and privacy in mind.

Read more

Security Leftovers: WannaCry, Windows in Linux, Windows 7, Windows 10 is Spyware

Filed under
Security

Security Leftovers: WCry/Ransomwar, WannaCry, Athena

Filed under
Security
Syndicate content

More in Tux Machines