Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • New coalition aims to combat growing wave of ransomware attacks [iophk: Windows TCO]

    The California-based nonprofit aims to produce recommendations that will help governments and the private sector tackle the scourge of ransomware attacks.

    [Attackers] have increasingly used these types of attacks -- which involve accessing and encrypting the victim’s network and demanding payment to allow access again -- to hit major targets, with city governments in Atlanta, Baltimore and New Orleans severely impaired by ransomware attacks over the past two years.

    More recently, hospitals have become a target during the COVID-19 pandemic, with cyber criminals seeing vulnerable hospitals as easy targets more likely to pay a quick ransom as health care systems struggle to keep up with coronavirus cases. In some instances, the cyberattacks have been blamed for deaths due to delayed care.

  • This tiny shortcut can completely crash your Windows 10 device

    A zero-day exploit has been discovered that can crash your Windows 10 device – and, even more worrying, can be delivered inside a seemingly harmless shortcut file. The vulnerability can corrupt any NTFS-formatted hard drive and even be exploited by standard and low privilege user accounts.

    Security researcher Jonas Lykkegaard referenced the vulnerability on Twitter last week and had previously drawn attention to the issue on two previous occasions last year. Despite this, the NTFS vulnerability remains unpatched.

    There are various ways to trigger the vulnerability that involve trying to access the $i30 NTFS attribute on a folder in a particular way. One such exploit involves the creation of a Windows shortcut file that has its icon location set to C:\:$i30:$bitmap. Bleeping Computer found that this triggered the vulnerability even if users did not attempt to click on the file in question. Windows Explorer’s attempts to access the icon path in the background would be enough to corrupt the NTFS hard drive.

  • This Easily-Exploitable Windows 10 NTFS Bug Can Instantly Corrupt Your Hard Drives

    Jonas says that this Windows 10 bug isn't new and has been around since the release of Windows 10 April 2018 Update, and remains exploitable on the latest versions, as well. BleepingComputer shared that the problematic command includes $i30 string, a Windows NTFS Index Attribute associated with directories.

    [...]

    After running the command, Windows 10 will start displaying prompts to restart the device and repair the corrupted drive. Apparently, the issue also impacts some Windows XP versions and similar NTFS bugs have been known for years but are yet to be addressed by the Windows maker.

  • Nidhi Razdan, Phishing, And Three Hard Lessons

    Nidhi Razdan, a career journalist, became a victim of an elaborate phishing attack that made her quit her 21-year-old job and part with many of her personal details.

  • Windows Finger command abused by phishing to download malware

    Attackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices.

    The 'Finger' command is a utility that originated in Linux/Unix operating systems that allows a local user to retrieve a list of users on a remote machine or information about a particular remote user. In addition to Linux, Windows includes a finger.exe command that performs the same functionality.

Windows 10 bug corrupts your hard drive on seeing this file

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

4 new open source licenses

As the steward of the Open Source Defintion, the Open Source Initiative has been designating licenses as "open source" for over 20 years. These licenses are the foundation of the open source software ecosystem, ensuring that everyone can use, improve, and share software. When a license is approved, it is because the OSI believes that the license fosters collaboration and sharing for the benefit of everyone who participates in the ecosystem. The world has changed over the past 20 years, with software now used in new and even unimaginable ways. The OSI has seen that the familiar open source licenses are not always well-suited for these new situations. But license stewards have stepped up, submitting several new licenses for more expansive uses. The OSI was challenged to evaluate whether these new concepts in licensing would continue to advance sharing and collaboration and merit being referred to as "open source" licenses, ultimately approving some new special purpose licenses. Read more

Stunning GNOME 40 Beta is Ready. Download and Test Now!

The GNOME team announced the availability of the official GNOME 40 Beta images in an email announcement. You can download and try the images now to experience the design overhaul. Read more

Can Linux Run Video Games?

Linux is a widely used and popular open source operating system that was first released back in 1991. It differs from operating systems like Windows and macOS in that it is open source and it is highly customizable through its use of “distributions”. Distributions or “distros” are basically different versions of Linux that can be installed along with the Linux core software so that users can customize their system to fit their specific need. Some of the more popular Linux distributions are Ubuntu, Debian and Fedora. For many years Linux had the reputation of being a terrible gaming platform and it was believed that users wouldn’t be able to engage in this popular form of entertainment. The main reason for this is that commercially successful games just weren’t being developed for Linux. A few well known video game titles like Doom, Quake and SimCity made it to Linux but for the most part they were overlooked through the 1990’s. However, things have changed a lot since then and there is an every expanding library of popular video games you can play on Linux. [...] There are plenty of Windows games you can run on Linux and no reason why you can’t play as well as you do when using Windows. If you are having trouble leveling up or winning the best loot, consider trying AskBoosters for help with your game. Aside from native Linux games and Windows games there are a huge amount of browser based games that work on any system including Linux. Read more

Security: DFI and Canonical, IBM/Red Hat/CentOS and Oracle, Malware in GitHub

  • DFI and Canonical offer risk-free system updates and reduced software lead times for the IoT ecosystem

    DFI and Canonical signed the Ubuntu IoT Hardware Certification Partner Program. DFI is the world’s first industrial computer manufacturer to join the program aimed at offering Ubuntu-certified IoT hardware ready for the over-the-air software update. The online update mechanism of and the authorized DFI online application store combines with DFI’s products’ application flexibility, to reduce software and hardware development time to deploy new services. DFI’s RemoGuard IoT solution will provide real-time monitoring and partition-level system recovery through out-of-band management technology. In addition to the Ubuntu online software update, RemoGuard avoids service interruption, reduces maintenance personnel costs, and response time to establish a seamless IoT ecosystem. From the booming 5G mobile network to industrial robot applications, a large number of small base stations, edge computing servers, and robots will be deployed in outdoor or harsh industrial environments. Ubuntu Core on DFI certified hardware and Remoguard brings the reassurance that no software update will bring risks and challenges of on-site repair.

  • Update CentOS Linux for free

    As you may know, in December 2020 IBM/Red Hat announced that CentOS Linux 8 will end in December 2021. Additionally, the updates for CentOS Linux 6 ended on November 30, 2020. If your organization relies on CentOS, you are faced with finding an alternative OS. The lack of regular updates puts these systems at increasing risk for major vulnerabilities with every passing day. A popular solution with minimal disruption is to simply point your CentOS systems to receive updates from Oracle Linux. This can be done anonymously and at no charge to your organization. With Oracle Linux, you can continue to benefit from a similar, stable CentOS alternative. Oracle Linux updates and errata are freely available and can be applied to CentOS or Red Hat Enterprise Linux (RHEL) instances without reinstalling the operating system. Just connect to the Oracle Linux yum server, and follow these instructions. Best of all, your apps continue to run as usual.

  • Malware in open-source web extensions

    Since the original creator has exclusive control over the account for the distribution channel (which is typically the user's only gateway to the program), it logically follows that they are responsible for transferring control to future maintainers, despite the fact that they may only have the copyright on a portion of the software. Additionally, as the distribution-channel account is the property of the project owner, they can sell that account and the accompanying maintainership. After all, while the code of the extension might be owned by its larger community, the distributing account certainly isn't. Such is what occurred for The Great Suspender, which was a Chrome extension on the Web Store that suspends inactive tabs, halting their scripts and releasing most of the resources from memory. In June 2020, Dean Oemcke, the creator and longtime maintainer, decided to move on from the project. He transferred the GitHub repository and the Web Store rights, announcing the change in a GitHub issue that said nothing about the identity of the new maintainer. The announcement even made a concerning mention of a purchase, which raises the question of who would pay money for a free extension, and why. Of course, as the vast majority of the users of The Great Suspender were not interested in its open-source nature, few of them noticed until October, when the new maintainer made a perfectly ordinary release on the Chrome Web Store. Well, perfectly ordinary except for the minor details that the release did not match the contents of the Git repository, was not tagged on GitHub, and lacked a changelog.