Language Selection

English French German Italian Portuguese Spanish

Security: BSDcan, Ransom and Exploits

Filed under
Security
  • ssh in https

    The wifi network at BSDcan, really the UOttawa network, blocks a bunch of ports. This makes it difficult to connect to outside machines using “exotic” protocols, basically anything except http or https. There are many ways to resolve this, here’s what I did.

  • These firms promise high-tech ransomware solutions—but typically just pay hackers [iophk: “Windows continues to enable entire cottage industries around grifting”]

    Proven Data promised to help ransomware victims by unlocking their data with the “latest technology,” according to company emails and former clients. Instead, it obtained decryption tools from cyberattackers by paying ransoms, according to Storfer and an FBI affidavit obtained by ProPublica.

    Another US company, Florida-based MonsterCloud, also professes to use its own data recovery methods but instead pays ransoms, sometimes without informing victims such as local law enforcement agencies, ProPublica has found. The firms are alike in other ways. Both charge victims substantial fees on top of the ransom amounts. They also offer other services, such as sealing breaches to protect against future attacks. Both firms have used aliases for their workers, rather than real names, in communicating with victims.

  • Google Starts Tracking Zero-Days Exploited in the Wild

    The new project, named 0Day ‘In the Wild’, is basically a spreadsheet that Project Zero uses to track vulnerabilities exploited before they became known to the public or the vendor.

    The spreadsheet currently lists over 100 vulnerabilities exploited in the wild since 2014. The table includes the flaw’s CVE identifier, impacted vendor, impacted product, the type of vulnerability, a brief description, the date of its discovery, the date when a patch was released, a link to the official advisory, a link to a resource analyzing the flaw, and information on attribution.

More in Tux Machines

Type Title Author Replies Last Postsort icon
Story The New Firmware Manager: Updating firmware across Linux distributions Roy Schestowitz 2 19/08/2019 - 4:11pm
Story today's leftovers Roy Schestowitz 19/08/2019 - 9:53am
Story Proprietary Traps and Failures Roy Schestowitz 19/08/2019 - 9:52am
Story today's howtos and programming bits Roy Schestowitz 19/08/2019 - 9:50am
Story Security: Open Source Security Podcast, Screwed Drivers, and Voting Machines Roy Schestowitz 19/08/2019 - 9:45am
Story CutiePi Open Source Tablet uses Raspberry Pi Compute Module 3 Roy Schestowitz 2 19/08/2019 - 9:42am
Story Linux Candy: WallGen – image generator tool Roy Schestowitz 19/08/2019 - 9:39am
Story Richard Brown: Changing of the Guard Roy Schestowitz 19/08/2019 - 9:37am
Story An introduction to bpftrace for Linux Rianne Schestowitz 19/08/2019 - 7:30am
Story Android Leftovers Rianne Schestowitz 19/08/2019 - 7:12am