Your new post is loading...
Your new post is loading...
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
Several vulnerabilities in Ubuntu’s implementation of the Linux kernel, including a use-after-free vulnerability and a timing side-channel vulnerability, were patched today.
An advisory issued by Ubuntu Wednesday morning urges users to patch if they’re running 14.04 LTS or any derivative builds. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
Malware for Linux becomes more and more diverse. Among them are spyware programs, ransomware, and Trojans designed to carry out DDoS attacks. Doctor Web security researchers examined yet another cybercriminals’ creation dubbed Linux.Ekoms.1. This Trojan can periodically take screenshots and download different files to a compromised machine.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
A new ransomware campaign dubbed Linux.Encoder.1 is targeting web servers using the Linux operating system and is demanding a payment of one bitcoin, or $380, from its victims for the release of the captured files.
Researchers at the anti-virus firm Dr. Web said the cybercriminals appear to target network administrator computers because these hold the web server software that they are interested in controlling. It was also noted that in some cases the attackers used the CMS Magneto vulnerability to attack the web servers.
The Dr. Web staff did not have a firm idea how prevalent these attacks have been, but they “presume that at least tens of users have already fallen victim to this trojan.” An email by SCMagazine.com to Dr. Web to confirm the number of infected systems has not yet been returned.
Learn more:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
http://www.scoop.it/t/securite-pc-et-internet/?tag=RANSOMWARE
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
The company that builds Ubuntu, a popular Linux distribution, has said that its forums were hacked on Thursday.
Canonical, which develops the operating system, said in a statement on Friday that two million usernames, email addresses, IP addresses associated with the Ubuntu Forums were taken by an unnamed attacker.
Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
|
Scooped by
Gust MEES
|
Remaiten Linux Bot Targets Routers and Potentially Other Embedded (IoT) Devices
A new piece of malware is targeting embedded systems with the mission to compromise and make them part of a botnet, ESET security researchers have discovered.
Dubbed “Remaiten” (Linux/ Remaiten), the new threat combines the capabilities of previously spotted Tsunami (also known as Kaiten) and Gafgyt malware and also brings a series of improvements and new features. According to ESET, three versions of Remaiten have already emerged, while the malware authors call their creation “KTN-Remastered” or “KTN-RM.”
One of the capabilities that Remaiten borrows from Gafgyt is telnet scanning, though Remaiten enjoys a series of improvements, ESET’s Michal Malik explains in a blog post. Both, however, rely on improperly secured devices to successfully infect them.
Gafgyt attempts to connect to random routers via port 23, which it then issues a shell command to download bot executables for multiple architectures and tries to run them. Remaiten, on the other hand, carries downloaders for CPU architectures commonly used in embedded Linux devices, then tries to trigger the device’s platform to drop only the appropriate downloader. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things http://www.scoop.it/t/securite-pc-et-internet/?tag=Router
|
Scooped by
Gust MEES
|
Google and enterprise software firm Red Hat have discovered a critical security flaw affecting the Internet's Domain Name System (DNS), found in a universally used protocol. This means an attacker could use it to infect almost everything on the entire internet. With the flawed code spread far and wide, it will likely take years of effort to patch the bug.
Google and Red Hat engineers both independently discovered the DNS bug within the GNU C standard library (glibc), which has been assigned CVE-2015-7547, and then worked together to create a patch. The security vulnerability works by tricking browsers into looking up suspicious domains, which causes servers to reply with DNS names that are far too long, thus causing a buffer overflow in the victim's software.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
|
Scooped by
Gust MEES
|
If you downloaded a new build from the website over the weekend, you'll probably need to start over.
Hackers took control of the official website for the Linux Mint distro over the weekend, resulting in some users downloading a build of the OS that had been modified to include a backdoor that would give attackers full access to a user’s system. Announced in a blog post, the organization said it quickly spotted and rectified the issue, but that anyone who downloaded Linux Mint (Cinnamon Edition) on February 20 should probably start over. At the very least, you’ll want to check the MD5 signature of your download to ensure it’s legit.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux+Mint
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
The WebKit rendering engine used in many Linux applications is a complete security mess. That’s the takeaway from a blog post by Michael Catanzaro, who works on GNOME’s WebKitGTK+ project. He’s sounding the alarm about a problem the open-source community needs to fix.
The problem with WebKit Most web browsers issue regular security updates to their users. But, if you’re using a WebKit-based browser, or email client, or any other application that uses that rendering engine, on Linux, you almost certainly aren’t getting security updates.
WebKit is a large open-source project. Apple uses WebKit for Safari on Mac and iOS, and those versions of WebKit receive regular security updates. But the WebKit port used for Linux does not.
The common port used by Linux distros is WebKitGTK+, which is associated with GNOME software and other applications that use the GTK+ toolkit. This includes Epiphany, GNOME’s flagship web browser, often called simply “Web” or “GNOME Web.” It also includes a variety of other applications, such as the Evolution email client, Midori web browser, GIMP image-editing program, Banshee and Rhythmbox media players, and many other programs.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
|
Scooped by
Gust MEES
|
Sicherheitslücke gefährdet fast alle Linux-Systeme Eine schwerwiegende Sicherheitslücke klafft in der Glibc-Bibliothek, die in fast allen Linux-Systemen genutzt wird: Eine DNS-Funktion erlaubt die Ausführung von bösartigem Code. Nutzer sollten schnellstmöglich Updates installieren. Diese Sicherheitslücke hat es in sich: Mittels gezielter DNS-Antworten lässt sich unter Umständen die Namensauflösungsfunktion der Glibc-Bibliothek dazu bringen, fremden Code auszuführen. Die Glibc ist die Standard-C-Bibliothek, die üblicherweise auf Linux-Systemen zum Einsatz kommt.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
Researchers have exploited a flaw in the encryption procedure used by the Linux.Encoder.1 - the first ransomware targeting the Linux platform - to develop a decryption tool for victims.
On Thursday, Russian anti-virus company Dr. Web first disclosed the existence of Linux.Encoder.1, a strain of ransomware similar to other notorious ransomware families such as CryptoWall and TorLocker, but targeting computers running Linux rather than Windows. Evidence of infections by Linux.Encoder.1 are scattered across the net, because many websites appear to be revealing their impacted state in search engine results.
Learn more:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
http://www.scoop.it/t/securite-pc-et-internet/?tag=RANSOMWARE
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
The number of distributed denial of service (DDoS) attacks carried out by Linux botnets almost doubled from the first quarter to 70% of the total in the second quarter, a report reveals.
As a result, the proportion of DDoS attacks using the SYN flood DDoS attacks has increased because Linux tools are the most effective tool for this method, according to the latest report by Kaspersky Lab.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
http://www.scoop.it/t/securite-pc-et-internet/?tag=DDos...
http://www.scoop.it/t/securite-pc-et-internet/?tag=Botnet