Language Selection

English French German Italian Portuguese Spanish

Security

Security: Cyber Security Today, Opportunistic Wireless Encryption (OWE) and Latest Patches

Filed under
Security
  • Cyber Security Today – An email gift card scam, please stop re-using passwords and more open data found on Amazon storage

    Welcome to Cyber Security Today. It’s Friday December 6th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.

  • NetworkManager Adds Support For Enhanced Open / Opportunistic Wireless Encryption

    Opportunistic Wireless Encryption (OWE) provides a means of encrypting wireless data transfers without having any secret/key. Opportunistic Wireless Encryption is advertised as Wi-Fi Certified Enhanced Open.

    This OWE / "Enhanced Open" standard is now supported by NetworkManager for allowing supported devices connecting to Linux systems to make use of this means of opportunistic encryption. The Wi-Fi CERTIFIED Enhanced Open has been around just since summer of 2018 to better secure open WiFi networks. More details on the standard can be found via Wi-Fi.org.

  • Security updates for Friday

    Security updates have been issued by Debian (libav), Fedora (kernel, libuv, and nodejs), Oracle (firefox), Red Hat (firefox and java-1.7.1-ibm), SUSE (clamav, cloud-init, dnsmasq, dpdk, ffmpeg, munge, opencv, and permissions), and Ubuntu (librabbitmq).

VPN Vulnerability (CVE-2019-14899)

Filed under
Security
  • New Vulnerability Lets Attackers Hijack VPN Connections on Most UNIX Systems

    Affecting most GNU/Linux distributions, as well as FreeBSD, OpenBSD, Android, iOS and macOS systems, the new security vulnerability could allow a local attacker to determine if another user is connected to a VPN (Virtual Private Network) server and whether or not there's an active connection to a certain website.

    The vulnerability (CVE-2019-14899) is exploitable with adjacent network access, which requires the attacker to have access to either the broadcast or collision domain of the vulnerable operating system, and lets attackers to hijack connections by injecting data into the TCP (Transmission Control Protocol) stream.

    The vulnerability has been reported to work against various popular VPN solutions, including OpenVPN, IKEv2/IPSec, as well as WireGuard, and it doesn't matter which VPN technology is being used, thus allowing attacker to determine the type of packets being sent through the encrypted VPN tunnel.

  • Tricky VPN-busting bug lurks in iOS, Android, Linux distros, macOS, FreeBSD, OpenBSD, say university eggheads

    A bug in the way Unix-flavored systems handle TCP connections could put VPN users at risk of having their encrypted traffic hijacked, it is claimed.

    The University of New Mexico team of William Tolley, Beau Kujath, and Jedidiah Crandall this week said they've discovered CVE-2019-14899, a security weakness they report to be present in "most" Linux distros, along with Android, iOS, macOS, FreeBSD, and OpenBSD. The upshot is, if exploited, encrypted VPN traffic can be potentially hijacked and disrupted by miscreants on the network.

    To pull off the attack, the US-based posse says, a hacker would need to be "network adjacent" to their target, or control an access point on the victim's local network. Once the victim connected to their VPN, the spy would be able to, for one thing, tamper with the TCP stream to do things like inject packets into the stream.

  • New Linux Vulnerability Lets Attackers Hijack VPN Connections

    Security researchers found a new vulnerability allowing potential attackers to hijack VPN connections on affected *NIX devices and inject arbitrary data payloads into IPv4 and IPv6 TCP streams. They disclosed the security flaw tracked as CVE-2019-14899 to distros and the Linux kernel security team, as well as to others impacted such as Systemd, Google, Apple, OpenVPN, and WireGuard. The vulnerability is known to impact most Linux distributions and Unix-like operating systems including FreeBSD, OpenBSD, macOS, iOS, and Android. A currently incomplete list of vulnerable operating systems and the init systems they came with is available below, with more to be added once they are tested and found to be affected: Ubuntu 19.10 (systemd), Fedora (systemd), Debian 10.2 (systemd), Arch 2019.05 (systemd), Manjaro 18.1.1 (systemd), Devuan (sysV init), MX Linux 19 (Mepis+antiX), Void Linux (runit), Slackware 14.2 (rc.d), Deepin (rc.d), FreeBSD (rc.d), and OpenBSD (rc.d).

  • New Linux Vulnerability Lets Attackers Hijack VPN Connections

    Security researchers found a new vulnerability allowing potential attackers to hijack VPN connections on affected *NIX devices and inject arbitrary data payloads into IPv4 and IPv6 TCP streams.

    They disclosed the security flaw tracked as CVE-2019-14899 to distros and the Linux kernel security team, as well as to others impacted such as Systemd, Google, Apple, OpenVPN, and WireGuard.

  • New vulnerability lets attackers sniff or hijack VPN connections

    The vulnerability -- tracked as CVE-2019-14899 -- resides in the networking stacks of multiple Unix-based operating systems, and more specifically, in how the operating systems reply to unexpected network packet probes.

Security: Windows Ransomware and Malware, New Patches and More

Filed under
Security
  • Ransomware attacks on business, government pick up pace

    Ransomware attacks on businesses and governments will continue at a more rapid pace, thanks to newly found security vulnerabilities, according to one global security firm which forecasts further increases in ransomware attacks and VPN “scandals” in 2020 and beyond.

  • ThreatList: A Third of Biometric Systems Targeted by Malware in Q3 [iophk: Windows TCO]

    Kaspersky researchers found that in the third quarter, one in three (37 percent) of computers within the firm’s telemetry that collect, process and store biometric data were targeted by malware attacks. The malware in question included spyware and remote access trojans (RATs), which accounted for 5.4 percent of all computers analyzed; followed by malware used in phishing attacks (5.1 percent), ransomware (1.9 percent) and trojan bankers (1.5 percent).

  • Biometric data processing and storage system threats

    Thirdly (and most importantly), biometric data, once compromised, is compromised for good: users cannot change their stolen fingerprints the way they do stolen passwords. What’s more, biometric data may turn out to be compromised for all applications at the same time. An individual will therefore potentially be affected for the rest of his or her life.

    Given all of the issues above, it is remarkable how careless biometric authentication system developers and users are about protecting these systems and the biometric data collected by them against computer attacks.

  • Security updates for Thursday

    Security updates have been issued by Arch Linux (firefox), Fedora (cyrus-imapd, freeipa, haproxy, ImageMagick, python-pillow, rubygem-rmagick, sqlite, squid, and tnef), openSUSE (haproxy), Oracle (microcode_ctl), and Ubuntu (squid, squid3).

  • Aviatrix VPN vulnerability left user endpoints wide open

    Aviatrix, a supplier of open source enterprise virtual private networks (VPNs) to customers including BT, Nasa and Shell, has patched a serious vulnerability in its client that could have given an attacker escalation privileges on a machine to which they already had access.

    The vulnerability was uncovered by Immersive Labs researcher and content engineer Alex Seymour, after noticing that the VPN client was unusually verbose when booting on a Linux machine.

    Its disclosure comes hot on the heels of government warnings about the possibility of state-sponsored threat actors targeting high-profile organisations through VPN vulnerabilities in products from the likes of Pulse Secure, Palo Alto Networks and Fortinet.

Security Leftovers

Filed under
Security
  • Security updates for Wednesday

    Security updates have been issued by CentOS (389-ds-base, ghostscript, kernel, and tcpdump), Debian (libonig), Fedora (clamav, firefox, and oniguruma), openSUSE (calamares, cloud-init, haproxy, libarchive, libidn2, libxml2, and ucode-intel), Scientific Linux (SDL and tcpdump), Slackware (mozilla), and Ubuntu (haproxy, intel-microcode, and postgresql-common).

  • Samba Patch Caps Busy Year for IBM i Security

    IBM last week patched a moderately severe security flaw in IBM i’s Samba implementation that could enable hackers to access data they really shouldn’t be able to access. The disclosure caps a rather busy second half of the year for security patches on IBM i that saw 26 emergency PTFs and Yum updates for Node.js, Python, the Apache HTTP Server, OpenSSL, ISC Bind, IBM Navigator, and even Db2 Mirror for IBM i.

    On November 26, IBM issued this security bulletin to let people know about the new flaw in the Samba client. The flaw could allow a hacker to not only access files and folders on the affected server that are outside of the SMB network pathnames, but to also create files outside of the working directory, according to IBM’s description. The flaw, which carries a CVSS Base Score of 5.3, was fixed with a series of PTFs for IBM i 7.2, 7.3, and 7.4.

    It was the second patch that month, with the first coming on November 4, when IBM issued a security bulletin that discussed four separate vulnerabilities in Python that impact IBM i versions 7.2 through 7.4. All of the Python vulnerabilities are in the open source programing language, which runs on IBM i via the PASE Unix runtime, and not in any code that’s unique to IBM i.

  • RSA-240 Factored

    We are pleased to announce the factorization of RSA-240, from RSA's challenge list, and the computation of a discrete logarithm of the same size (795 bits): [...]

  • Authentication vulnerabilities in OpenBSD

    We discovered an authentication-bypass vulnerability in OpenBSD's authentication system: this vulnerability is remotely exploitable in smtpd, ldapd, and radiusd, but its real-world impact should be studied on a case-by-case basis. For example, sshd is not exploitable thanks to its defense-in-depth mechanisms.

  • Senators sound alarm on dangers of ransomware attacks after briefing [iophk: Windows TCO]

    Sen. Gary Peters (D-Mich.), another member of the Cybersecurity Caucus and the top Democrat on the chamber's Homeland Security and Governmental Affairs Committee, told reporters that while he was not at the briefing on Wednesday, he would support holding a public hearing on ransomware threats.

Security: Updates, Tips and Breaches

Filed under
Security
  • Security updates for Tuesday

    Security updates have been issued by Arch Linux (intel-ucode and libtiff), Debian (exiv2), Oracle (SDL), Red Hat (kernel, patch, and python-jinja2), and Ubuntu (graphicsmagick, linux, linux-aws, linux-aws-5.0, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem-osp1, linux-oracle, linux-oracle-5.0, linux-raspi2, linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-gcp, linux-gcp-5.3, linux-kvm, linux-oracle, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-lts-xenial, linux-aws, and sqlite3).

  • How to validate your security measures

    In parts one and two of this series, I walked you through hardening your system by identifying unneeded services, and then segmenting and firewalling. Now that you’re all locked down, let’s talk about how we might validate that all of that hard work is actually providing the desired results. In this final installment, we'll talk about how to scan your network for open ports, and we’ll even touch on vulnerability scanning.

  • Mixcloud Breach Exposes 20 Million Accounts — Mixcloud Responds

    Hackers have managed to breach Mixcloud and expose over 20 million user data accounts. Mixcloud confirmed the breach over the Thanksgiving weekend.

  • Security attacks: 3 habits of the most resilient companies

    What is the difference between a firm that is resilient against cyber threats and one that is vulnerable? What strategies and technologies ensure that a company can continue its day-to-day operations even as it faces a growing list of cyber threats?

    When my team started compiling research to develop PwC’s latest Digital Trust and Insights report, we hoped to answer these questions. We expected to find differences between businesses that are resilient and those that are not, but we were surprised to see the stark differences in the actions and strategies taken by the two groups.

Red Hat Enterprise Linux 7 and CentOS 7 Receive Important Kernel Security Update

Filed under
Red Hat
Security

Marked by Red Hat Product Security as having a security impact of "Important," the new Linux kernel security update is here to patch two vulnerabilities, namely CVE-2019-14821, an out-of-bounds memory access issue via MMIO ring buffer discovered in Linux kernel's KVM hypervisor, and CVE-2019-15239, a flaw that could allow a local attacker to trigger multiple use-after-free conditions, which may lead to a kernel crash or potentially in privilege escalation.

Additionally, the kernel update also addresses several bugs, including missing SCSI VPD information for NVMe drives that breaks InfoScale, NULL pointer dereference at check_preempt_wakeup+0x109, panic in pick_next_task_rt, "Detected Tx Unit Hang" error with adapter reset, broken load balancing over VF LAG configuration, security issues on crypto vmx driver, XFS hangs on acquiring xfs_buf semaphore, single CPU VM hangs during open_posix_testsuite, and many others.

Read more

Tails 4.1 is out

Filed under
Security
Web
Debian

This release fixes many security vulnerabilities. You should upgrade as soon as possible.

Read more

Also: Tails 4.1 Anonymous OS Released with Latest Tor Browser, Linux Kernel 5.3.9

Security: PDFs, McAfee, Windows and IPFire on AWS

Filed under
Security
  • Even PDF s can contain JavaScript macros! Why? Adobe Why? – how to disable JavaScript in PDF files

    90% of companies DO NOT NEED JavaScript or macros to run in PDF

  • Rendering McAfee web protection ineffective

    Now that I’m done with Kaspersky, it’s time to look at some other antivirus software. Our guest today is McAfee Total Protection 16.0. Let’s say this up front: it’s nowhere near the mess we’ve seen with Kaspersky. It doesn’t break up your encrypted connections, and the web protection component is limited to the McAfee WebAdvisor browser extension. So the attack surface is quite manageable here. The extension also uses native messaging to communicate with the application, so we won’t see websites taking over this communication channel.

    Of course, browser extensions claiming to protect you from online threats have some rather big shoes to fill. They have to be better than the browser’s built-in malware and phishing protection, not an easy task. In fact, McAfee WebAdvisor “blocks” malicious websites after they already started loading, this being not quite optimal but rather typical for this kind of extension. I also found three issues in the way McAfee WebAdvisor 6.0 was implemented which made its protection far less reliable than it should be.

    [...]

    A bug in the way McAfee WebAdvisor deals with malicious frames made it trivial for websites to avoid blocking. Also, I found ways for websites to unblock content programmatically, both for top-level and frame-level blocking.

    In fact, the way unblocking top-level content was implemented, it allowed arbitrary websites to open special pages. Browsers normally prevent websites from opening these pages to avoid phishing attacks or exploitation of potential security vulnerabilities in browser extensions. McAfee WebAdvisor allowed websites to circumvent this security mechanism.

  • A Window into Malicious Advertising - 61% of malvertising targets Windows devices

    Bad ad campaigns are targeting Windows more often than any other operating system. But should we be surprised? Let's first define a bad ad campaign.

    A bad ad campaign is merely a series of online ads linked to a common threat set, designed to have a malicious effect on the end-user. These campaigns are designed to redirect the user to malicious sites or to trick the user into downloading a piece of malware. Now we are ready to look at the data. Let's dive in!

    The below chart shows all of the new, uniquely defined bad ad campaigns DEVCON observed from July 11 - November 22, 2019.

  • 61% of malicious ads target Windows users

    Most malvertising campaigns (malicious ads) target Windows users, according to statistics shared last week by cyber-security firm Devcon.

  • IPFire on AWS: Update to IPFire 2.23 - Core Update 138

    We are very happy that from week to week, we are gaining more customers for IPFire in the cloud - where you now can manage your network just as you do it in your own data centre.

    In contrast to Amazon’s own features, IPFire is easier to manage, performs just as well, but brings you even more features like standard IPsec VPNs, OpenVPN for on-the-road connectivity to the cloud, Intrusion Prevention for your cloud servers, detailed logging and reporting and many more features.

Security News and Fear, Uncertainty, Doubt/Fear-Mongering

Filed under
Security
  • Criptext is a free encrypted email service with open source apps for Windows, Linux, macOS, Android and iOS

    Criptext is a free encrypted email service for Windows, Linux, macOS, Android and iOS. It has been around for a while, but I thought it may be worth looking into.

    [...]

    There is something you should know about Criptext. It is not cloud-based like Gmail or Outlook; Criptext emails are not stored on servers permanently, they are only stored on your device using end-to-end encryption. It uses the Signal Protocol for this.

  • Kaspersky uncovers open-source VNC vulnerabilities

    Kaspersky has presented analysis of open source Virtual Network Computing (VNC), which uncovered memory corruption vulnerabilities that have existed in a substantial number of projects for a very long time.
    The exploitation of some detected vulnerabilities could lead to remote code execution affecting the users of VNC systems, which amount to over 600 000 servers accessible from the global network alone, according to shodan.io.

  • Kaspersky Uncovers 37 Vulnerabilities in Open-Source VNC Systems

    Kaspersky researchers studied some the most popular VNC systems: LibVNC, UltraVNC, TightVNC1.X and TurboVNC.

    Although these VNC projects were analyzed previously by other researchers, it turned out not all vulnerabilities were then uncovered and patched. As a result, of the analysis by Kaspersky researchers, 37 CVE records marking various vulnerabilities were created. Vulnerabilities were found not only on the client, but also on the server-side of the system. Some of them can allow remote code execution, which in turn could allow a malicious actor to make arbitrary changes on the attacked systems. On a more positive note, many server-side vulnerabilities could only be exploited after password authentification and some servers do not allow to set up password-free access.

  • Security Researchers Uncover 37 Vulnerabilities In Open-source VNC Systems

    Security researchers revealed memory corruption vulnerabilities in open-source Virtual Network Computing (VNC) systems and warned that the exploitation of these vulnerabilities could lead to remote code execution affecting the users. As per shodan.io, Virtual Network Computing systems amount to more than 600,000 servers accessible from the global network. However, the real number of VNC installations is multi-fold considering that devices are only accessible within local networks.

    VNC systems provide remote access to one device from the other, courtesy of a remote frame buffer (RFB) protocol. According to researchers at cybersecurity firm Kaspersky, VNC systems have become some of the most popular desktop sharing tools to date due to their multiple-platform availability and multiple open-source versions. Approximately 32 per cent of industrial network computers have some form of remote administration tools including VNC and they are actively used in automated industrial facilities enabling remote control of systems.

  • How Agencies Can Use Open Source Intelligence to Close Cybersecurity Loopholes: Open source intelligence isn't just for spies.

    A few OSINT programs I examined specialized in specific aspects of intelligence gathering. For example, Shodan looks at the Internet of Things as well as operational technology devices found in places like power plants and the utilities industry. Metagoofil is optimized to pull hidden metadata from public documents. Simply point it at PDFs, Word files, PowerPoint slides, Excel spreadsheets or almost any document repository, and it will ferret out things like the names of authors and editors who worked on them, even if that information was not specifically disclosed.

  • Designing security for an open-source, containerized, cloud-native world

    Sysdig is the original creator of Falco, which Degioanni described as an open-source Cloud Native Computing Foundation phased anomaly detection system that’s based on collecting high granular data from a running Kubernetes environment.

  • 5 Best Free Password Managers

    Password managers are fantastic privacy tools, but they are even better when they are free! In this article, we list the five best free password managers.

  • No free puppy: How D2iQ helps customers navigate open-source journey in cloud-native world [Ed: As if proprietary software has no operational and maintenance costs (usually very high, licensing and renewals aside)]

    What do free goldfish, puppies, and open-source software have in common? When the gifts come home, there’s actually a lot of time and expense that goes into keeping them all alive and thriving.

  • Which Programming Language has the Most Vulnerabilities? [Ed: It's clear that Microsoft Nick is still doing Microsoft propaganda a decade plus down the line. Now an amplifier of Microsoft 'proxy' White Source (they co-author FUD)]

Security: Updates, Ken Thompson's Chess Secret, Healthcare Breaches Spike in October, "Private Internet Access Sold Out!" and Undercover Mode for the Fedora Security Lab

Filed under
Security
  • Security updates for Friday

    Security updates have been issued by Debian (libvpx and vino), Fedora (grub2 and nss), and SUSE (cloud-init, libarchive, libtomcrypt, ncurses, and ucode-intel).

  • Friday Fluff: Chess password cracked after four decades

    A good password paired with strong encryption protects data against unexpected loss. No password is unbreakable, but some can last for quote a long time. After 39 years, recently a few old Unix passwords were cracked. Computer pioneer Ken Thompson had hidden his access behind a chess opening.

  • ThreatList: Healthcare Breaches Spike in October

    October experienced a 44.44 percent month-over-month increase in healthcare data breaches, resulting in 661,830 healthcare records exposed or stolen during the month.

    That’s according to the Health and Human Services (HHS) Office for Civil Rights’ monthly report reported via HIPAA Journal. The department said that hospitals and other healthcare organizations reported 52 breaches to HHS during the month. Year-to-date, the total number of breached healthcare records stands at 38 million, affecting 11.64 percent of the population of the United States.

  • Private Internet Access Sold Out! | Choosing A New VPN

    This video goes over the purchase of Private Internet Access and Choosing a new VPN. I also layout the 3 points you NEED when choosing a new VPN.

  • Undercover mode for the Fedora Security Lab

    Every time when there is a new release of Kali Linux it doesn’t take long till people start to ask when a feature or tool will be added to the Fedora Security Lab.

    This time the most asked feature is the “undercover mode”.

    To make it short: Never.

    The reason is that the Fedora Security Lab live media doesn’t need this. We are running Xfce (in the meantime for several years now) with the default Fedora wallpaper and a default theme. It pretty hard to tell (reading impossible if you don’t have the menu open) for a person who only get a quick look at your desktop that you have a lot of specialized tools at your disposal.

    You are even stealthier if you only add the Fedora Security Lab toolset to your default Fedora installation. This make the Fedora Security Lab the perfect tool to perform security-related tasks in an office environment at customer’s sites.

Syndicate content

More in Tux Machines

Type Title Author Replies Last Postsort icon
Story Debian Etch: Solid, Crufty, Some Assembly Required srlinuxx
Story This months Cosmo srlinuxx 06/02/2005 - 4:03am
Story 50 gmail invites? srlinuxx 1 06/02/2005 - 4:10am
Story Moooore Spam! srlinuxx 1 06/02/2005 - 4:12am
Story Vin Diesel going soft on us? srlinuxx 2 06/02/2005 - 4:25pm
Poll How's the new site? srlinuxx 2 06/02/2005 - 9:01pm
Story Hackers homing in on Cellular Phones srlinuxx 5 07/02/2005 - 2:20pm
Story M$ Claims Safer than Linux srlinuxx 1 11/02/2005 - 5:34am
Story This Week At the Movies: Boogeyman & Alone in the Dark & Hide and Seek srlinuxx 1 11/02/2005 - 5:41am
Story Forbes Wants to Know srlinuxx 2 11/02/2005 - 6:13am