Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers: Russian Critic, NTFS Chaos, CentOS Patches, and British Airways Grounded

Filed under
Security

Security: Samba and WannaCry

Filed under
Security

Security Leftovers

Filed under
Security
  • Security updates for Friday
  • That Nasty Samba Vulnerability Is Now Patched in All Supported Ubuntu Releases

    You might have read the news this morning about a wormable code-execution bug discovered in the Samba free software re-implementation of the SMB/CIFS networking protocol, which existed in Samba for more than 7 years.

  • Why Is Linux More Secure Than Windows?

    When choosing an operating system, there are many different factors that are taken into consideration. However, security is becoming increasingly important. You only need to look at the news to see the increasing number of data breaches that are occurring around the world at present. Choosing an operating system with care is your first step when defending your personal data. With that in mind, read on to discover the reasons why Linux is more secure than Windows.

  • CloudLinux 7 Stable Kernel Security Update Patches Multiple Issues, Update Now

    CloudLinux's Mykola Naugolnyi has announced today the availability of a new stable kernel update for users of the CloudLinux 7 and CloudLinux 6 Hybrid operating systems, addressing multiple security issues and bugs.

    This new CloudLinux 7 stable kernel comes less than 24 hours after the release of the Beta kernel with the same version number, specifically 3.10.0-614.10.2.lve1.4.50, which replaces kernel-3.10.0-427.36.1.lve1.4.47 and is available for download as we speak from the production repository of CloudLinux 7 operating system series.

  • [Older] E-Health Cyber-DOOOOOOM.

    We know the Australian government has one of the worst record of data breaches in the world. So naturally, rather than addressing their incompetencies, the Australian government has decided to roll out an e-health record for every Australian citizen. And it's opt-out only.

  • Chipotle says 'most' of its restaurants were infected with credit card stealing malware

    We browsed through the tool and found that every state Chipotle operates in had restaurants that were breached, including most major cities. The restaurants were vulnerable in various time frames between March 24th and April 18th, 2017. Chipotle also operates another chain called Pizzeria Locale, which was affected by the hack as well.

  • 'Thousands' of known bugs found in pacemaker code

    The other study of the broader device market found only 17% of manufacturers had taken steps to secure gadgets.

  • Kaspersky says no idea why company targeted by US govt [iophk: "dared to show vista7 in an unfavorable light"]
  • Any website can crash your Windows 7 or 8 PC with these four characters

    Here's how the bug works. All a naughty website has to do is use the character string '$MFT' in the directory name where a website keeps its images. Windows expects to see the four characters $MFT only in a special metadate file on your PC. When it sees those characters as a directory name, however, it causes enough problems that an affected PC will begin to slow down and eventually hang. At that point your only recourse is to reboot the machine. In some cases, the problem may even trigger the dreaded blue screen of death (BSOD).

Security Leftovers

Filed under
Security
  • Samba flaw opens Linux systems to remote exploit

    A vulnerability in Samba, the standard Windows interoperability suite of programs for Linux and Unix, can be exploited remotely to gain access to Linux machines that have port 445 exposed.

  • UK cyber chief says directors are devolving responsibility for hacks {sic} [iophk: "a step towards banning Microsoft, yet the article closes with Microsoft talking points"]

    Ciaran Martin, the head of the agency's National Cyber Security Centre (NCSC), said it is unacceptable for boards to plead ignorance about the threat from cyber attacks.

  • Ransomware and the Internet of Things

    But it is a system that's going to fail in the "Internet of things": everyday devices like smart speakers, household appliances, toys, lighting systems, even cars, that are connected to the web. Many of the embedded networked systems in these devices that will pervade our lives don't have engineering teams on hand to write patches and may well last far longer than the companies that are supposed to keep the software safe from criminals. Some of them don't even have the ability to be patched.

    Fast forward five to 10 years, and the world is going to be filled with literally tens of billions of devices that hackers can attack. We're going to see ransomware against our cars. Our digital video recorders and web cameras will be taken over by botnets. The data that these devices collect about us will be stolen and used to commit fraud. And we're not going to be able to secure these devices.

  • Kodi 17.3 Security Update Patches Infamous Subtitle Hack, Ubuntu 14.04 LTS Crash

    The second stable point release of the major Kodi 17 "Krypton" open-source and cross-platform media center was launched the other day, on May 24, 2017, but it was missing some binary add-ons, so Martijn Kaijser announced today Kodi 17.3.

  • Samba vulnerability brings WannaCry fears to Linux/Unix

Security Leftovers

Filed under
Security
  • Check Point Discovers Media Subtitle Vulnerability Impacting Millions
  • How does Rakos malware attack embedded Linux systems?

    Rakos attacks embedded Linux systems using methods similar to those used by the Moose worm, where it tries to brute force the login credentials via SSH on vulnerable devices. When a vulnerable device is found, the malware transfers the malicious binary to the target system and downloads the configuration file that lists the command-and-control (C&C) servers. The malicious binary starts a web server to accept commands from remote systems. The C&C connection can be used to update the malicious binary and the configuration file.

  • Congressional Rep Pushes His 'Hack Back' Bill By Claiming It Would Have Prevented The WannaCry Ransomware Attack
  • Best password management tool.
  • Top hacker conference to target voting machines

    When over 25,000 of them descend on Caesar's Palace in Las Vegas at the end of July for DEFCON, the world's largest hacking conference, organizers are planning to have waiting what they call "a village" of different opportunities to test how easily voting machines can be manipulated.

  • A wormable code-execution bug has lurked in Samba for 7 years. Patch now!

    The seven-year-old flaw, indexed as CVE-2017-7494, can be reliably exploited with just one line of code to execute malicious code, as long as a few conditions are met. Those requirements include vulnerable computers that (a) make file- and printer-sharing port 445 reachable on the Internet, (Cool configure shared files to have write privileges, and (c) use known or guessable server paths for those files. When those conditions are satisfied, remote attackers can upload any code of their choosing and cause the server to execute it, possibly with unfettered root privileges, depending on the vulnerable platform.

  • Dated Linux bug might be key to lesser Wanna Cry

    Linux, the widely used free operating system, uses a module called Samba to share files in the same way Windows does. Older versions of Samba — 3.5 through 4.4 — are vulnerable to an attack that is similar to, but smaller than, the one behind Wanna Cry, the ransomware that caused a worldwide panic earlier this month.

Security Leftovers

Filed under
Security
  • Security updates for Wednesday
  • Microsoft says its best not to fiddle with its Windows 10 group policies (that don't work)

    On Monday, we revealed that a security researcher had used a packet sniffer to show that many settings designed to prevent access to the internet were being ignored with connections to a range of third party servers including advertising hubs.

  • What's got a vast attack surface and runs on Linux? Windows Defender, of course

    Google Project Zero's Windows bug-hunter and fuzz-boffin Tavis Ormandy has given the world an insight into how he works so fast: he works on Linux, and with the release of a personal project on GitHub, others can too.

    Ormandy's project is to port Windows DLLs to Linux for his vuln tests (“So that's how he works so fast!” Penguinistas around the world are saying).

    Typically self-effacing, Ormandy made this simple announcement on Twitter (to a reception mixing admiration, humour, and horror):

  • Hacked in Translation – from Subtitles to Complete Takeover

    Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io. We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years.

  • A Samba remote code execution vulnerability

    Distributors are already shipping the fix; there's also a workaround in the advisory for those who cannot update immediately.

Security Leftovers: HackerOne, Let's Encrypt, and Shadow Brokers

Filed under
Security
  • Security updates for Tuesday
  • HackerOne experience with Weblate

    Weblate has started to use HackerOne Community Edition some time ago and I think it's good to share my experience with that. Do you have open source project and want to get more attention of security community? This post will answer how it looks from perspective of pretty small project.

    I've applied with Weblate to HackerOne Community Edition by end of March and it was approved early in April. Based on their recommendations I've started in invite only mode, but that really didn't bring much attention (exactly none reports), so I've decided to go public.

  • Who Are the Shadow Brokers?

    In 2013, a mysterious group of hackers that calls itself the Shadow Brokers stole a few disks full of National Security Agency secrets. Since last summer, they’ve been dumping these secrets on the internet. They have publicly embarrassed the NSA and damaged its intelligence-gathering capabilities, while at the same time have put sophisticated cyberweapons in the hands of anyone who wants them. They have exposed major vulnerabilities in Cisco routers, Microsoft Windows, and Linux mail servers, forcing those companies and their customers to scramble. And they gave the authors of the WannaCry ransomware the exploit they needed to infect hundreds of thousands of computer worldwide this month.

    After the WannaCry outbreak, the Shadow Brokers threatened to release more NSA secrets every month, giving cybercriminals and other governments worldwide even more exploits and hacking tools.

  • Why Akamai Supports Let's Encrypt

    The Let's Encrypt project has re-shaped the market for SSL/TLS certificates, providing millions of free security certificate to organization around the world.

    Among the many backers of Let's Encrypt is content delivery network platform provider Akamai. In a video interview with eSecurityPlanet, Andy Ellis, Chief Security Officer at Akamai, explains why Let's Encrypt matters and his view on the effort's real value.

  • Security in Serverless: What Gets Better, What Gets Worse?
  • Open Source Security Podcast: Episode 48 - Machine Learning: Not actually magic

    Josh and Kurt have a guest! Mike Paquette from Elastic discusses the fundamentals and basics of Machine Learning. We also discuss how ML could have helped with WannaCry.

4 Great Linux Distros Designed for Privacy and Security

Filed under
GNU
Linux
Security

Conventional security measures like antivirus programs are behind the curve when it comes to modern hackers and malware. Unfortunately, antivirus software and firewalls give users a false sense of security. In reality, new threats are being developed and unleashed into the wild every single day, and even the best antivirus programs have to play catchup.

Recent ransomware attacks (aka. WannaCry) have targeted Windows-based PCs in over 150 countries – cyber security and privacy is incredibly important. Windows and macOS are easy to use and popular; however, they are much more susceptible to malicious code.

Linux is free and open source, which means there are hundreds of “flavors.” These individual distributions are tweaked to different specifications. Security-focused users will be pleased to know that there are a number of Linux distros designed with security and privacy in mind.

Read more

Security Leftovers: WannaCry, Windows in Linux, Windows 7, Windows 10 is Spyware

Filed under
Security

Security Leftovers: WCry/Ransomwar, WannaCry, Athena

Filed under
Security
Syndicate content

More in Tux Machines

Debian Leftovers: Installer, CI, Stretch, and Devuan Jessie

Fedora Leftovers: Memorial Weekend ISO, LGBTQA Awareness Day and More

Linux 4.12 RC3, Linux Foundation Project Updates

  • Linux 4.12-rc3
    Hey, things continue to look good, and rc3 isn't even very big. I'm hoping there's not another shoe about to drop, but so far this really feels like a nice calm release cycle, despite the size of the merge window. Knock wood. Anyway, rc3 has a little bit of everything. The biggest single change is actually just a documentation update (the intel pstate docs were converted to rst format), so the diffstat actually looks a bit odd with a wuarter just being documentation. There's also some tooling updates (perf and some bpf selftest). But if you ignore those two pieces, it looks pretty normal: two thirds of it being drivers (gpu, nvme, scsi, tty, block), with the remainder being about half networking and haf "misc" (core kernel, header files, XFS, arch updates). Go forth and test, Linus
  • Linux 4.12-rc3 Kernel Released
    Linus Torvalds has announced the third weekly test candidate for the upcoming Linux 4.12 kernel debut. Linus commented of Linux 4.12-rc3 that it isn't a very big release over the prior RCs and so far it's a "nice calm release cycle." The biggest change this past week was actually documentation updates.
  • Linus Torvalds Announced the Third Release Candidate of the Linux 4.12 Kernel
    Even if it's Memorial weekend, Linus Torvalds is on the job announcing the release and immediate availability of the third RC (Release Candidate) milestone of the upcoming Linux 4.12 kernel series.
  • Hyperledger Sawtooth Graduates to Active Status
    We’re happy to share that Hyperledger’s Technical Steering Committee (TSC) has granted the Hyperledger Sawtooth maintainer’s request to advance the project’s status from Incubation to Active. Hyperledger Iroha also graduated today.
  • Stronger Together: How Cloud Foundry Supports Other Communities
    The open source Cloud Foundry application development platform was publicly announced over six years ago, and along the way, we have connected with other projects, adopting technologies from other open source communities as they matured. For example, before Docker was a company or even a project, the Cloud Foundry platform was using Linux containers to isolate deployed applications from one another. Our container implementation wasn’t built in a general purpose way like Docker’s; it wasn’t designed to solve all of the potential use cases for a container runtime. It was designed specifically to support the stateless web applications that Cloud Foundry was initially intended to support, and to do that in a secure, multitenant fashion.

Reasons to use the GNOME 3 desktop environment, cool KDE tweaks, and GNOME integration for Qt based application

  • 11 reasons to use the GNOME 3 desktop environment for Linux
    Late last year, an upgrade to Fedora 25 caused issues with the new version of KDE Plasma that made it difficult for me to get any work done. So I decided to try other Linux desktop environments for two reasons. First, I needed to get my work done. Second, having been using KDE exclusively for many years, I thought it might be time to try some different desktops.
  • Which Linux desktop environment do you prefer?
  • 7 cool KDE tweaks that will change your life
  • Gnome integration for Qt based applications in Flatpak
    Following blog post from Patrick Griffis about new themes support in Flatpak, we started working on supporting this new feature too. Currently wherever you start a Qt application, it would always look like a KDE application or something would be missing, like icons so you would end up with bad experience and mixed feelings. This is going to change now as we now support Gnome in form of icons, widget style and Qt platform theme and with this, when you run a Qt application in Gnome, it will look definitely better and more natively than before. We packaged regular adwaita icons which are used by default in Gnome as extension of freedesktop runtime. For widget style we use adwaita-qt style, which is a Qt style attempting to look like Gtk’s adwaita and the most important part putting this all together is QGnomePlatform, a Qt platform theme which reads your Gnome configuration and applies it to running Qt applications. QGnomePlatform also enforces Qt apps to use adwaita icons and adwaita-qt style by default so that’s another reason why it is important. Both adwaita-qt and QGnomePlatform projects are by the way authored by Martin Bříza, a collegue of mine from Red Hat so if you meet him in person somewhere buy him a beer for that he cares about Qt integration in Gnome :). Now coming to a question how to install this and make it work. Basically all you need to do is install following extensions and you shold be done: