enfrdeitjaes

Democracy-minded DEF CON hackers promise punishing probe on US election computers

LinuxSecurity.com: Organizers at the DEF CON hacking conference in July are planning a mass cracking of US electronic election machines. The event, which for over 20 years has attracted the best and the brightest in the hacking community, will see a group hackathon against the voting machines that are used in every US election these days. The purpose is to check whether the machinery that underpins the electoral system is up to scratch. Ori...
Continue reading
157 Hits

New GitHub Marketplace Showcases Integrators, Speeds Development

GitHub earlier this week launched GitHub Marketplace, featuring apps from more than a dozen integrators, at the GitHub Satellite conference. The platform allows developers to review and purchase new tools that do everything from helping to manage projects, to automating code building, testing code quality, or monitoring the impact of code changes. The marketplace allows developers to start using the tools collected there without setting up ...
Continue reading
161 Hits

4 Reasons the Vulnerability Disclosure Process Stalls

LinuxSecurity.com: The relationship between a manufacturer or vendor and security researchers can be filled with tension and unease, and it's most often put to the test during the vulnerability disclosure process. Although their intentions are pure, researchers often feel they are being shut out of the process, while vendors may see disclosure deadlines as a threat from researchers looking to produce headlines. Original link
147 Hits

Red Hat Linux Upgrade Pushes New Security, Automation Tools

By Jack M. Germain May 23, 2017 2:02 PM PT Red Hat on Tuesday announced the availability of Red Hat Enterprise Linux 7.4 beta. RHEL 7.4 includes new security and compliance features and streamlined automation, along with tools for improved systems administration. This latest upgrade comes nearly three years into the series 7 lifecycle. It continues to provide enterprises with a rich and stable foundation for both existing applications and a...
Continue reading
148 Hits

Sn1per - Penetration Testing Automation Scanner

LinuxSecurity.com: Sn1per is a penetration testing automation scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Original link
191 Hits

Android at the Wheel: Google Aims for One Vehicle Ecosystem

Google showcased the next phase of its automotive strategy at its I/O conference earlier this week, and announced partnerships with Volvo and Audi, which unveiled concept vehicles running its new automotive operating system. Embedded Android for Automotive is an entirely new system rather than an update to the Android Auto that Google launched three years ago. Both Volvo and Audi announced plans to support Embedded Android for Automotive in...
Continue reading
163 Hits

Proposed PATCH Act forces US snoops to quit hoarding code exploits

LinuxSecurity.com: Two US senators have proposed a law limiting American intelligence agencies' secret stockpiles of vulnerabilities found in products. Original link
189 Hits

Twitter abandons 'Do Not Track' privacy protection

LinuxSecurity.com: Twitter was one of the first companies to support Do Not Track (DNT), the website privacy policy. Now, Twitter is abandoning DNT and its mission to protect people from being tracked as they wander over the web. Original link
160 Hits

Feren OS: A Linux Desktop Game-Changer

By Jack M. Germain May 18, 2017 1:55 PM PT Feren OS is a polished and well-stocked Linux distro that comes close to being an ideal replacement for Microsoft Windows and macOS. In fact, this impressive Linux OS is a very attractive replacement for any Linux distro. The only impediment to this assessment is dislike of the Cinnamon desktop. Feren OS does not give you any other desktop options. However, it comes with a wide assortment of config...
Continue reading
152 Hits

Intertwining Artificial Intelligence With Blockchain

Except for those folks living under rocks (sounds uncomfortable), everyone knows about or at least has heard of bitcoin. However, not everyone understands the technology of bitcoin, which extends well beyond Internet-based currency. For the rock people, bitcoin is an Internet-based currency that allows for transparency with respect to each transfer of the currency through the use of a distributed database. Each transaction is locked in a bl...
Continue reading
195 Hits

Good news, OpenVPN fans: Your software's only a little bit buggy

LinuxSecurity.com: The venerable OpenVPN client has been given a mostly clean bill of health. Between December and February, a team led by Johns Hopkins University crypto-boffin Dr Matthew Green has been auditing OpenVPN 2.4's code. Original link
163 Hits

Crate.io Packs New Features, Services Into DB Upgrade

By Jack M. Germain May 17, 2017 1:17 PM PT Crate.io on Tuesday announced an upgrade to its open source CrateDB, and introduced a commercial version. The database now is available as a managed service as well. CrateDB 2.0 features clustering enhancements and SQL improvements. The enterprise edition adds authentication and authorization features for enhanced security, which are not provided in the open source version. It also includes perform...
Continue reading
150 Hits

Google's New Mobile OS Will Have a Distinctly Non-Linux Hue

Google has been developing a new open source operating system called "Fuchsia" for smartphones, tablets and other devices, which could be unveiled as early as this summer. Little has been revealed about the new OS since it first came to light last year. However, new details surfaced last week, first reported by Ars Technica, and have been making the rounds. Fuchsia apparently will move Google away from its long association with Linux, accor...
Continue reading
180 Hits

The Ransomware Meltdown Experts Warned About Is Here

LinuxSecurity.com: A new strain of ransomware has spread quickly all over the world, causing crises in National Health Service hospitals and facilities around England, and gaining particular traction in Spain, where it has hobbled the large telecom company Telefonica, the natural gas company Gas Natural, and the electrical company Iberdrola. Original link
152 Hits

Lessons from last week's cyberattack

LinuxSecurity.com: Early Friday morning the world experienced the year's latest cyberattack. Starting first in the United Kingdom and Spain, the malicious "WannaCrypt" software quickly spread globally, blocking customers from their data unless they paid a ransom using Bitcoin. The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States. That theft was publicl...
Continue reading
176 Hits

Wana Decrypt0r Ransomware Outbreak Temporarily Stopped By "Accidental Hero"

LinuxSecurity.com: A security researcher that goes online by the nickname of MalwareTech is the hero of the day, albeit an accidental one, after having saved countless of computers worldwide from a virulent form of ransomware called Wana Decrypt0r (also referenced as WCry, WannaCry, WannaCrypt, and WanaCrypt0r). Original link
189 Hits

DDOS attacks in Q1 2017

LinuxSecurity.com: Thanks to IoT botnets, DDoS attacks have finally turned from something of a novelty into an everyday occurrence. According to the A10 Networks survey, this year the 'DDoS of Things' (DoT) has reached critical mass - in each attack, hundreds of thousands of devices connected to the Internet are being leveraged. Original link
Tags:
184 Hits

The IoT's Scramble to Combat Botnets

With shadowy botnet armies lurking around the globe and vigilante gray-hat actors inoculating susceptible devices, the appetite for Internet of Things security is stronger than ever. "If you throw IoT on a con talk, you've got a pretty good chance to get in," remarked information security professional Jason Kent , as he began his presentation at Chicago's Thotcon hacking and security conference last week. While the vulnerabilities he descri...
Continue reading
164 Hits

What Internet-Connected War Might Look Like

A technician hurriedly slings his backpack over his shoulders, straps on his M9 pistol, and bolts out of the transport with his squad of commandos in a hail of gunfire. As soon as his team reaches the compound, he whips out a laptop and starts deploying a rootkit to the target server, bullets whizzing overhead all the while. This might sound like the action movie of a hacker's dreams, but The Army Cyber Institute at West Point is training i...
Continue reading
160 Hits

Raspberry Pi Fans Can Build Their Own AI Voice Assistant

Google and AIY Projects last week launched an open source do-it-yourself artificial intelligence Voice Kit for Raspberry Pi hobbyists. The AIY Voice Kit includes hardware for audio capture and playback, connectors for the dual mike daughterboard and speaker, GPIO pins to connect low-voltage components such as micro servos and sensors, and an optional barrel connector for a dedicated power supply. The Voice Kit can use cloud services such as...
Continue reading
160 Hits

Not-so-secret DOD "spy drone" footage, live on the Internet

LinuxSecurity.com: On Wednesday, Kenneth Lipp, a contributor to the Daily Beast, was doing what amounts to a random search on the security search engine Shodan when he discovered what appears to be a Web console for full-motion video feeds from two Predator drones. Original link
159 Hits

Types of DDoS Attacks

LinuxSecurity.com: Distributed Denial of Service attacks (DDoS) are a favorite attack method of hackers and hacktivists, in large part due to their simplicity. We list the different types of DDoS attacks and offer resources to stop DDoS attacks. Original link
Tags:
152 Hits

A Taste of Linux From a Sample Disk Platter

Since Linus Torvalds developed the Linux kernel , there has been an explosion of distributions that can be categorized into several broad classes. The ecosystem is truly expansive. There are hundreds of distributions out there, but each category has some that have become emblematic. Here's a brief look at a few. My hope is that by showcasing some of these Linux standouts, you will appreciate what makes them special, and get inspired to take...
Continue reading
152 Hits

You only need 60 bytes to hose Linux's rpcbind

LinuxSecurity.com: A 60 byte payload sent to a UDP socket to the rpcbind service can crash its host by filling up the target's memory. Guido Vranken, who discovered the vuln and created the "Rpcbomb" exploit, complains that he couldn't get action from the package maintainers, so he's written patches himself. Original link
160 Hits

Ultimate Edition Linux: Rough Road to a Nice Destination

By Jack M. Germain May 3, 2017 3:49 PM PT Ultimate Edition has a lot going for it. However, the latest release, version 5.4, also reflects numerous missteps that developers of a seasoned Linux distro should avoid. Ultimate Edition is a fork of two popular Debian-based Linux families -- Ubuntu and Linux Mint. First released in December 2006, this distro aimed to take the best of both Linux entities and blend in a fresh mix of visually stimul...
Continue reading
153 Hits