Language Selection

English French German Italian Portuguese Spanish

Microsoft

Best Linux Distro for Windows 7 Refugees: Manjaro KDE

Filed under
GNU
Linux
Microsoft

Manjaro is based off of Arch Linux, but I like to describe it to people as the “Ubuntu of Arch” for its user-friendly design choices and its particular attention to helping new Linux users to learn what they are doing. Another great perk of the Arch foundation underneath Manjaro is the use of the Arch Linux Wiki.

The Arch wiki is easily one of the largest resources of help, information, and know-how for all Linux users— regardless of distribution, many of the articles found can be applied.

Back in the spring of 2017 I wrote a series of articles discussing various Desktop Environments for Linux systems, such as Cinnamon and KDE just to name a couple, and overall for Windows users who have decided to take the plunge, I’m recommending KDE.

Regardless of distribution, KDE is filled with eye candy, is highly-customizable, one of the most powerful file-browsers available (Dolphin), and is deeply documented with a long-standing history (KDE was created in 1996).

Read more

Confirmed: Microsoft Windows Zero-Day Exploit Used In Government Espionage Operation

Filed under
Microsoft
Security

It has been revealed that a threat actor once best known for cyber bank robbery in Russia has made a move to espionage. The highly targeted attacks against government institutions in Eastern Europe, which took place during June 2019, employed the use of a Microsoft Windows zero-day exploit. In and of itself this isn't unusual as there have been plenty of Windows zero-days discovered. However, this is the first time that researchers had seen the Buhtrap group using a zero-day attack, although the group has been involved in the cyber-spying business for some years now across Eastern Europe and Central Asia.

Anton Cherepanov, a senior malware researcher at security vendor ESET, explained how the zero-day exploit abused a local privilege escalation vulnerability in Microsoft Windows in order to run arbitrary code and install applications, and view or change data on the compromised systems. As soon as the researchers had properly analyzed the exploit, it was reported to the Microsoft Security Response Center, and a fix was included in the July 9 "Patch Tuesday" update.

The vulnerability itself only impacted older versions of Windows, specifically variations of Windows and Windows Server 2008. This is because, as Cherepanov explained, "since Windows 8 a user process is not allowed to map the NULL page. Microsoft back-ported this mitigation to Windows 7 for x64-based systems." The advice, predictably, is to upgrade to a newer version of the operating system if possible. Especially as critical security updates will disappear soon when extended support for Windows 7 Service Pack 1 ends in January 2020. Gavin Millard, vice-president of intelligence at Tenable, warns users not to be complacent seeing as the vulnerability is "now being actively exploited in the wild," advising that "patches should be deployed as soon as possible."

Read more

Openwashing, Microsoft Censorship of FOSS, and Microsoft Making Traps 'Open'

Filed under
Microsoft
OSS

Proprietary Software Insecurity

Filed under
Microsoft
Mac
  • Why recent hacks show Apple’s security strength, not its weakness [Ed: Spinning bug doors as a strength? Apple has its share of liars coming to the rescue of proprietary software (not the first such bug). Moving from Microsoft to Apple "for security" is like swapping vodka for rum to cure one's liver.]

    It might be tempting to follow that line of thinking in light of two recent stories of vulnerabilities affecting the Mac and the Apple Watch. In the first instance, the Zoom video-calling app could be abused to let someone spy on you through your webcam. In the second, a flaw in Apple’s Walkie Talkie app could let a hacker eavesdrop on your iPhone conversations. They’re both troubling security issues.

  • Eavesdropping Concerns Cause Apple Watch’s Walkie-Talkie App to Be Disabled

    Just like any other Internet of things device, it’s important to remember that smartwatches are still devices. And many cool features can also be used for unethical purposes. There is always another side of the coin.

    This is what Apple Watch users found this week when Apple disabled the Walkie-Talkie app when it was discovered that it allowed users to listen in on each other’s iPhone calls without the other person’s knowledge.

  • 250M Accounts Affected By ‘TrickBot’ Trojan’s New Cookie Stealing Ability

    Popular malware TrickBot is back and this time it has learned some new capabilities like stealing cookies. So far, it has infected around 250 million Gmail accounts.

    As per the research firm Deep Instinct, among the affected accounts, some belonging to the governments of the US, the UK, and Canada have also fallen victim to TrickBot.

  • TrickBooster – TrickBot’s Email-Based Infection Module - Deep Instinct

    Seeing a signed malware binary delivered to a customer environment prompted us to investigate further. We analyzed the malware sample and found swaths of PowerShell code in its memory. Analysis of this PowerShell code immediately led us to the conclusion that we are dealing with a mail-bot.

  • A better zip bomb

    This article shows how to construct a non-recursive zip bomb that achieves a high compression ratio by overlapping files inside the zip container. "Non-recursive" means that it does not rely on a decompressor's recursively unpacking zip files nested within zip files: it expands fully after a single round of decompression. The output size increases quadratically in the input size, reaching a compression ratio of over 28 million (10 MB → 281 TB) at the limits of the zip format. Even greater expansion is possible using 64-bit extensions. The construction uses only the most common compression algorithm, DEFLATE, and is compatible with most zip parsers.

Security: Microsoft Windows Strikes Again

Filed under
Microsoft
Security
  • U.S. Coast Guard Issues Alert After Ship Heading Into Port Of New York Hit By Cyberattack

    The U.S. Coast Guard has issued an official warning to owners of ships that cybersecurity at sea needs updating, and updating urgently. In the Marine Safety Alert published June 8, the Coast Guard "strongly encourages" that cybersecurity assessments are conducted to "better understand the extent of their cyber vulnerabilities." This follows an interagency investigation, led by the Coast Guard, into a "significant cyber incident" that had exposed critical control systems of a deep draft vessel bound for the Port of New York in February 2019 to what it called "significant vulnerabilities."

  • Malware on the High Seas: US Coast Guard Issues Alert [iophk: Windows TCO is not a laughing matter. Get rid of it.]

    The ship's network was mainly used for official business, including updating electronic charts, managing cargo data and communicating with shore-side facilities, pilots, agents and the Coast Guard, according to the report.

  • Eurofins Scientific: Forensic services firm paid ransom after cyber-attack [iophk: Windows TCO]

    BBC News has not been told how much money was involved in the ransom payment or when it was paid.

    The National Crime Agency (NCA) said it was a "matter for the victim" as to whether a ransom had been paid.

  • Eurofins Scientific Paid Up in Response to Ransomware Attack: Report [iophk: Windows TCO]

    Luxembourg-based laboratory testing services giant Eurofins Scientific reportedly paid the ransom demanded by cybercriminals following a successful ransomware attack that led to the company taking offline many of its systems and servers.

  • Eurofins Scientific forensics firm pays after hit with ransomware [iophk: Windows TCO]

    Eurofins didn’t disclose how much it paid to retrieve its information but the money was likely paid between June 10, when Eurofins issued a statement about the attack, and June 24 when it published an update saying it had “identified the variant of the malware used” in the attack and had strengthened its cybersecurity.

  • [Old] Combating WannaCry and Other Ransomware with OpenZFS Snapshots [iophk: use FreeBSD, OpenBSD, or GNU/Linux on the desktop to avoid ransomware and servers to avoid ransomware damage]

    OpenZFS is the powerful file system at the heart of every storage system that iXsystems sells and of its many features, snapshots can provide fast and effective recovery from ransomware attacks at both the individual user and enterprise level as I talked about in 2015. As a copy-on-write file system, OpenZFS provides efficient and consistent snapshots of your data at any given point in time. Each snapshot only includes the precise delta of changes between any two points in time and can be cloned to provide writable copies of any previous state without losing the original copy. Snapshots also provide the basis of OpenZFS replication or backing up of your data to local and remote systems. Because an OpenZFS snapshot takes place at the block level of the file system, it is immune to any file-level encryption by ransomware that occurs over it. A carefully-planned snapshot, replication, retention, and restoration strategy can provide the low-level isolation you need to enable your storage infrastructure to quickly recover from ransomware attacks.

German data protection organization: use of Office 365 in schools is illegal

Filed under
Microsoft

The data protection officer of the German federal state of Hessen has warned that the cloud-based Office 365 solution is not a compliant solution for use in schools when student information is being stored on it. This fits with earlier, similar conclusions by the Swedish and Dutch governments – US cloud solutions are not GDPR compliant.

Read more

Hey Microsoft, why is the Skype Snap app hopelessly outdated?

Filed under
Microsoft

The official Skype Snap app for Linux has not been updated in nearly six months, and Microsoft is yet to say why.

When introducing the cross-distro build in early 2018, the company said the Skype Snap app would give it the “…ability to push the latest features straight to our users, no matter which device or distribution they happen to use.”

Clearly, not.

Because at the time of writing this post the Skype Snap app sits on version 8.34.0.78, which the Snapcraft store reports was ‘last updated’ in November 2018.

However, the “regular” Linux version available to download from the Skype website is on version 8.47.0.73, released June 2019.

Read more

Also: Microsoft has caused an uproar among its partners by canceling one of their favorite perks: software for their own use [paywall]

Canonical GitHub account hacked, Ubuntu source code safe

Filed under
Microsoft
Security
Ubuntu

The GitHub account of Canonical Ltd., the company behind the Ubuntu Linux distribution, was hacked on Saturday, July 6.

"We can confirm that on 2019-07-06 there was a Canonical owned account on GitHub whose credentials were compromised and used to create repositories and issues among other activities," the Ubuntu security team said in a statement.

"Canonical has removed the compromised account from the Canonical organisation in GitHub and is still investigating the extent of the breach, but there is no indication at this point that any source code or PII was affected," it said.

"Furthermore, the Launchpad infrastructure where the Ubuntu distribution is built and maintained is disconnected from GitHub and there is also no indication that it has been affected."

Read more

Microsoft and VMware Buying 'Leadership' in Linux

Filed under
Linux
Microsoft

Openwashing Leftovers (Mostly Google and Microsoft)

Filed under
Google
Microsoft
OSS
Syndicate content

More in Tux Machines

Today in Techrights

8 Top Ubuntu server Web GUI Management Panels

Ubuntu Server with command-line interface might sound little bit wired to newbies because of no previous familiarization. Thus, if you are new to Ubuntu Linux server running on your local hardware or some Cloud hosting and planning to install some Linux Desktop Graphical environment (GUI) over it; I would like to recommend don’t, until and unless you don’t have supported hardware. Instead, think about free and open-source Ubuntu server Web GUI Management panels. Moreover, for a moment, you can think about Desktop Graphical environment for your local server but if you have some Linux cloud hosting server, never do it. I am saying this because Ubuntu or any other Linux server operating systems are built to run on low hardware resources, thus even old computer/server hardware can easily handle it. GUI means more RAM and hard disk storage space. Read more

Android Leftovers

Ubuntu 18.10 Cosmic Cuttlefish reaches end of life on Thursday, upgrade now

Canonical, earlier this month, announced that Ubuntu 18.10 Cosmic Cuttlefish will be reaching end-of-life status this Thursday, making now the ideal time to upgrade to a later version. As with all non-Long Term Support (LTS) releases, 18.10 had nine months of support following its release last October. When distributions reach their end-of-life stage, they no longer receive security updates. While you may be relatively safe at first, the longer you keep running an unpatched system, the more likely it is that your system will become compromised putting your data at risk. If you’d like to move on from Ubuntu 18.10, you’ve got two options; you can either perform a clean install of a more up-to-date version of Ubuntu or you can do an in-place upgrade. Read more