Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • With ransomware on the rise, RCMP urging victims to 'be patient with police' [iophk: gross negligence in allowing use of Windows]

    But to get a real sense of the problem, Flynn said, you can multiply most online extortion stats by 20.

    "Numbers are hard to give because we also have a serious lack of reporting," he said.

    "There is a significant underreporting of cybercrime. Some of that comes from embarrassment, fear of reputational harm."

    Flynn said that major corporations don't want to lose customers and risk the public backlash.

  • Security updates for Friday

    Security updates have been issued by Debian (libssh2 and patch), Fedora (kernel and kernel-headers), Mageia (vlc), Red Hat (rh-redis32-redis), SUSE (libgcrypt, libsolv, libzypp, zypper, and rmt-server), and Ubuntu (exim4, firefox, libebml, linux, linux-aws, linux-kvm, linux-raspi2, and vlc).

  • Why you can’t backdoor cryptography

    Once again the topic of backdooring cryptography is in the news. The same people will fight the same fight. Again. So far sanity has prevailed every time we do this, but that doesn’t mean anyone should sit this one out. Make sure you tell everyone to pay attention and care. Trustworthy cryptography is too important.

    Given the language used it sounds a lot like what’s really being discussed is having the ability to view chat apps, view emails, and unlock phones. All things with a consumer focus. They’ve lost this fight more times than we can count now, no doubt this direction change is an attempt to spread confusion.

    I also want to look at this from a slightly different angle this time. Generally we talk about how the technology behind a backdoor doesn’t work. That’s still true, but let’s pretend the technology could work. Maybe some grad student is finishing up a paper and next month we’ll hear about a new form of cryptography that can be backdoored without any technical problems. It actually can’t because people are the problem. This is like insisting we build a rocketship out of cardboard to go to the moon. Just no. But in this post, we’re going to pretend we have a technical solution. Put on your cardboard space helmet, it’s time to get real.

  • Manage your passwords with Bitwarden and Podman

    You might have encountered a few advertisements the past year trying to sell you a password manager. Some examples are LastPass, 1Password, or Dashlane. A password manager removes the burden of remembering the passwords for all your websites. No longer do you need to re-use passwords or use easy-to-remember passwords. Instead, you only need to remember one single password that can unlock all your other passwords for you.

    This can make you more secure by having one strong password instead of many weak passwords. You can also sync your passwords across devices if you have a cloud-based password manager like LastPass, 1Password, or Dashlane. Unfortunately, none of these products are open source. Luckily there are open source alternatives available.

Security Leftovers

Filed under
Security
  • Original Cult of the Dead Cow Members Keep it "Wacky, Weird, and Wild" to Celebrate Joseph Menn's Newest Book

    On June 18, the Internet Archive hosted a reading and panel discussion in celebration of Joseph Menn's new book Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World.

    As the evening's event began, an archived video of Cult of the Dead Cow (cDc) interviews from 1996 played silently on a wall-mounted TV, featuring some of the very same original members who would be a part of that evening's panel. In addition to the strong turnout at the Internet Archive itself, those unable to attend in person were able to watch the event livestreamed on the Internet Archive's Youtube channel. Guests enjoyed light refreshments and mingled before moving into the main auditorium to be welcomed by Internet Archive founder Brewster Kahle. After sharing a brief history of the Internet Archive's mission, Executive Director of the Electronic Frontier Foundation Cindy Cohn took the stage as MC for the evening.

    Cohn expressed the importance of remembering the "wacky, weird, and wild" history of Internet security, and acknowledged the cDc's contributions to improving the community before introducing Joseph Menn to the stage. Menn recounted the beginning of cDc and cybersecurity by highlighting notable hackers and their contributions throughout the years, including crediting the cDc with coining the term "hacktivism" by "using it at every interview they could at DEFCON to get it into the English language." Looking forward, he went on to express how "the rank-and-file in Silicon Valley now are the most important heirs of the cDc's tradition of critical moral thinking."

  • Security updates for Thursday

    Security updates have been issued by CentOS (java-1.7.0-openjdk, java-1.8.0-openjdk, and java-11-openjdk), Debian (exim4), Fedora (java-latest-openjdk), openSUSE (libsass, tomcat, and ucode-intel), Oracle (java-1.7.0-openjdk and thunderbird), SUSE (OpenEXR, spamassassin, and thunderbird), and Ubuntu (ansible and patch).

  • UTSA Launches Open Source Software To Protect Users On AWS

    The University of Texas at San Antonio (UTSA) has launched an open source user computer environment for Amazon Cloud called Galahad. UTSA is also working to expand its capabilities to support OpenStack software.

Security FUD

Filed under
Security
  • 1 Million+ ProFTPD Servers Vulnerable To Remote Code Execution Attacks [Ed: Nope. FOSSBytes now manages to make more misleading and dramatic headlines than even Bleeping Computer (which initially spread this misleading headline and then deleted it.)]
  • VideoLAN says VLC security flaw is fixed

    Update 7/24: VideoLAN took to Twitter earlier this morning to clarify that the security issue discovered by CERT-Bund is not as severe as reported.

  • You need to uninstall VLC player ASAP! (Updated) [Ed: They posted an update, but the headline has not been corrected. Deliberate FUD.]

    We’re not recommending uninstalling action just yet, because there’s a bit more to the story. The bug report for the issue has been open for four weeks, but VideoLAN president and lead VLC developer Jean-Baptiste Kempf left a series of comments today indicating that the alleged bug isn’t as big a deal as everyone is making it out to be. In three separate comments, he wrote: VideoLAN also took to Twitter to talk about the bug—or rather, the non-bug.

  • Alleged critical VLC flaw is nothing to worry about -- and is nothing to do with VLC [Ed: Some people did correct their articles or issued a standalone correction.]

    There has been a degree of confusion over the last few days after news spread of a supposed vulnerability in the media player VLC. Despite being labelled by security experts as "critical", VLC's developers, VideoLAN, denied there was a problem at all.

Security: Ransomware, GAO/IRS and VPN (Palo Alto Networks, Fortinet, and Pulse Secure)

Filed under
Security
  • After Blackouts, Johannesburg’s Power Company Hit by Ransomware

    The attack didn’t affect the grid but denied access to City Power’s website and online power purchases Thursday.

  • IRS missing basic IT security measures

    Eight of the 14 security shortfalls identified by the GAO relate to access management, while an additional four weaknesses pertain to configuration management. The final two shortfalls pertained to segregation of duties and a contingency plan deficiency.

  • VPN flaw enables [attackers] to easily infiltrate corporate network

    Researchers at Devcore claim to have discovered security flaws in three popular corporate VPNs that could enable attackers to steal confidential information from a company's network.

    The vulns affect three corporate virtual private networks (VPN) providers, namely, Palo Alto Networks, Fortinet, and Pulse Secure.

VLC FUD Galore (Misclassification of Bug and Threat)

Filed under
Movies
OSS
Security

Security Leftovers

Filed under
Security
  • EvilGnome: A New Backdoor Implant Spies On Linux Desktop Users

    EvilGnome malware masquerades itself as a legit GNOME extension, a program that lets Linux users extend the functionality of their desktops.

  • Security updates for Wednesday

    Security updates have been issued by Debian (kernel, linux-4.9, and neovim), Fedora (slurm), openSUSE (ImageMagick, libgcrypt, libsass, live555, mumble, neovim, and teeworlds), Oracle (java-1.7.0-openjdk, java-1.8.0-openjdk, and java-11-openjdk), Red Hat (java-1.7.0-openjdk), Scientific Linux (java-1.7.0-openjdk), SUSE (glibc and openexr), and Ubuntu (mysql-5.7 and patch).

  • why trust and honesty pays off – in the long run

    The „for the NSA“ placed in products backdoords are just one example – now exploited not only by the NSA – but by many other parties as well – putting modern life 2.0 at risk of blackouts and collapses.

Cloud Files Encryption App Cryptomator 1.4.12 Adds Password Saving On Linux, Custom Mount Flags

Filed under
Software
Security

Cryptomator, a free and open source client-side encryption tool for cloud files, got an update today and with it, some new features like password saving on Linux, and custom mount flags.

Cryptomator is a Java tool to encrypt cloud storage files for services that don't support client-side encryption, which runs on Windows, Mac, Linux, iOS and Android. It works with cloud storage services that synchronize with a local directory, like Dropbox or Google Drive (including using it with Insync).

Read more

Security: Updates, VLC FUD and LinuxSecurity Turning 20

Filed under
Security
  • Security updates for Tuesday

    Security updates have been issued by Debian (libsdl2-image and libxslt), Oracle (java-1.8.0-openjdk and java-11-openjdk), Scientific Linux (java-1.8.0-openjdk and java-11-openjdk), SUSE (bzip2, microcode_ctl, and ucode-intel), and Ubuntu (clamav, evince, linux-hwe, linux-gcp, linux-snapdragon, and squid3).

  • Dodgy vids can hijack PCs via VLC security flaw, US, Germany warn. Software's makers not app-y with that claim

    In a bug-tracking ticket discussing CVE-2019-13615, VideoLAN lead developer Jean-Baptiste Kempf noted that he was unable to recreate the crash using a proof-of-concept .MP4 video, provided by a security researcher four weeks ago, that's supposed to knacker the latest version of VLC, 3.0.7.1. Nor was he able to crash the older 3.0.6 and work-in-progress releases, such as 3.0.8, he reported.

    "This does not crash a normal release of VLC 3.0.7.1," added Kempf. "Sorry, but this bug is not reproducible and does not crash VLC at all."

    VLC developer Francois Cartegnie was more blunt earlier today: "If you land on this ticket through a news article claiming a critical flaw in VLC, I suggest you to read the above comment first and reconsider your (fake) news sources."

  • Our Linux Sister Linuxsecurity.com are Celebrating their 20th Anniversary by Launching a New Website

    LinuxSecurity.com is the community’s central source for information on Linux and open source security. They follow the open source trends as they affect the community. Also they produce content that appeals to administrators, developers, home users, and security professionals.

    Having created a site that satisfies the needs of both IT professionals – including engineers, programmers, designers and system administrators – and those individuals seeking to learn more about security and open source, LinuxSecurity.com has grown to encompass not only their website but also two leading industry email newsletters, Linux Security Newsletter and Security Advisories Weekly.

Security: Windows Ransomware, Linux Tools and Linux FUD

Filed under
Security
  • The Growing Threat of Targeted Ransomware [iophk: Windows TCO]

    The two primary differences between targeted attacks and the early versions of spray-and-pray ransomware attacks is the size of ransom demanded and the technical expertise of the hackers. Symantec has analyzed six stages of a targeted attack: initial (typically involving PowerShell); lateral movement (typically with Mimikatz and/or Putty); stealth and countermeasures (with signed malware and disabled security software); ransomware spreading (typically through batch files and PS Exec); triggering the encryption; and finally the ransom demand.

    In January 2017 there were just two targeted attacks per month. By May 2019 this had risen to more than 50 per month, with the sharpest increasing occurring in 2019. There have already been at least two and probably three new targeted attack groups discovered. The pace of targeted attacks is clearly increasing, and it looks like it will continue to increase. Targeted ransomware attacks have evolved into one of the biggest cyber threats to business today.

  • Quest’s KACE SDA 7.0 automates large-scale system deployment and simplifies migrations

    The newest release of KACE SMA also supports new OS versions such as macOS 10.14, Windows 10 Fall 2018 Update, SUSE 15, and Fedora 28 and OpenSUSE 15 (both agentless only).

  • ESET unveils new version of File Security for Linux

    ESET File Security for Linux provides advanced protection to organisations’ general servers, network file storage and multipurpose servers. The software ensures the servers are stable and conflict-free in order to preserve system resources for vital tasks and avoid disrupting business continuity.

    As the use of Linux servers increases in popularity with organisations, it is vital that all users and their businesses remain protected against the latest threats.

  • Hackers Exploit Jira, Exim Linux Servers to "Keep the Internet Safe' [Ed: Troll site "BleepingComputer" is blaming on "Linux" unpatched applications; that's like blaming Windows for Adobe PhotoShop (with holes in it) because it can run on Windows]

    The newest variant spotted by Intezer Labs' researcher polarply on VirusTotal uses a malicious payload designed to exploit the 12-day old Jira template injection vulnerability tracked as CVE-2019-11581 that leads to remote code execution.

Security Leftovers

Filed under
Security
  • Security updates for Monday

    Security updates have been issued by Debian (bind9, exiv2, kernel, nss, openjdk-11, openjdk-8, patch, and squid3), Fedora (gvfs, libldb, and samba), Mageia (firefox, gvfs, libreswan, rdesktop, and thunderbird), openSUSE (bzip2, clementine, dbus-1, expat, fence-agents, firefox, glib2, kernel, kernel-firmware, ledger, libqb, libu2f-host, pam_u2f, libvirt, neovim, php7, postgresql10, python-requests, python-Twisted, ruby-bundled-gems-rpmhelper, ruby2.5, samba, webkit2gtk3, zeromq, and znc), Red Hat (java-1.8.0-openjdk, java-11-openjdk, rh-maven35-jackson-databind, rh-nodejs8-nodejs, and rh-redis5-redis), Slackware (kernel), and SUSE (ucode-intel).

  • VLC Player hit by buffer overflow vulnerability

    A security researcher has warned of a serious vulnerability in VideoLAN's VLC Player (VLC), a popular media playback tool, for which no patch is yet available.

  • Critical flaw in VLC Player affecs Linux, Windows and UNIX apps

    GERMAN SECURITY AGENCY CERT-Bund has uncovered a critical flaw n VLC Media Player that could enable hackers to access and modify data on devices.

Syndicate content

More in Tux Machines

Security: Sphinx, Ransomware, Webmin, YubiKey

  • Exposed Sphinx Servers Are No Challenge for Hackers [Ed: That’s the same agency and the same troll site that initially promoted the lies and the FUD about VLC]

    A popular open-source text search server, Sphinx offers impressive performance for indexing and searching data in databases or just in files. It is cross-platform, available for Linux, Windows, macOS, Solaris, FreeBSD, and a few other operating systems. [...] CERT-Bund posted the warning on Twitter today alerting network operators and providers about the risk of running Sphinx servers with a default configuration that are open on the web. The organization highlights that Sphinx lacks any authentication mechanisms. Exposing it on the web gives an attacker the possibility "to read, modify or delete any data stored in the Sphinx database."

  • Ransomware Hits Texas Local Governments [iophk: Windows TCO]

    The attack was observed on the morning of August 16 and appears to have been launched by a single threat actor, the DIR announcement reads.

    The State Operations Center (SOC) was activated soon after the attack reports started to come in, and DIR says that all of the entities that were actually or potentially affected appear to have been identified and notified.

    A total of twenty-three entities have been confirmed as impacted so far, and the responders are working on bringing the affected systems back online.

  • Webmin Backdoored for Over a Year

    The security hole impacts Webmin 1.882 through 1.921, but most versions are not vulnerable in their default configuration as the affected feature is not enabled by default. Version 1.890 is affected in the default configuration. The issue has been addressed with the release of Webmin 1.930 and Usermin version 1.780.

  • The YubiKey 5Ci is the 'first' iOS-compatible security key

    Like other YubiKey options in the 5 series, the YubiKey 5Ci supports multiple authentication protocols, including IDO2/WebAuthn, FIDO U2F, OTP (one-time-password), PIV (Smart Card), and OpenPGP.

Android Leftovers

Analysis of the state of play of Open Source policies in EU Member States

The study on OSS policies will answer the following research questions, each of which will be elaborated upon in dedicated chapters: [...] Read more

Android Leftovers