2017年11月30日 星期四
SG-3100 pfSense® Security Gateway Appliance
The SG-3100 pfSense Security Gateway Appliance can be configured as a firewall, LAN or WAN router, VPN appliance, DHCP Server, DNS Server, and IDS/IPS with optional packages to deliver a high performance, high throughput front-line security appliance at an excellent price in a compact footprint. With preloaded pfSense software, the SG-3100 is a fast networking security solution unencumbered by traditional annual contracts, licensing fees, or artificial limitations. Flexibility is built in to the SG-3100 with upgrade options such as a m.2 SATA SSD, LTE cellular, or mPCIe Wi-Fi.
REF: https://store.netgate.com/SG-3100.aspx
2017年11月29日 星期三
TrendLabs: New EMOTET Hijacks a Windows API
Figure 1. A CreateTimerQueueTimer API document (from CreateTimerQueueTimer function)
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/new-emotet-hijacks-windows-api-evades-sandbox-analysis/
2017年11月28日 星期二
Knoppix 8.1
The latest Knoppix comes with a new I/O scheduler, and the new hybrid ISO image format allows you to boot from either a DVD or USB stick. Klaus talks about the changes with the latest edition of Knoppix, and offers a glimpse at some of the problems he faces when producing a new Knoppix version.
REF: http://www.linux-magazine.com/Issues/2017/205/Professor-Knopper-s-Lab-Knoppix-8.1
REF: http://www.linux-magazine.com/Issues/2017/205/Professor-Knopper-s-Lab-Knoppix-8.1
TrendLabs: Daserf Backdoor Now Using Steganography
2017年11月26日 星期日
2017年11月25日 星期六
TrendLabs: November’s Patch Tuesday
Microsoft rolled out fixes for over 50 security issues in this month’s Patch Tuesday. The updates cover vulnerabilities and bugs in the Windows operating system, Internet Explorer (IE), Edge, ASP .NET Core, Chakra Core browsing engine, and Microsoft Office. Microsoft also released a security advisory providing defense-in-depth mitigations against attacks abusing the Dynamic Data Exchange (DDE) protocol in light of recent attacks misusing this feature.
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/november-patch-tuesday-includes-update-attacks-abusing-dynamic-data-exchange/
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/november-patch-tuesday-includes-update-attacks-abusing-dynamic-data-exchange/
2017年11月24日 星期五
Linux kernel (GCP) vulnerability
It was discovered that the KVM subsystem in the Linux kernel did not
properly keep track of nested levels in guest page tables. A local attacker
in a guest VM could use this to cause a denial of service (host OS crash)
or possibly execute arbitrary code in the host OS.
============================== ============================== ==============
Ubuntu Security Notice USN-3484-3
November 21, 2017
linux-gcp vulnerability
============================== ============================== ==============
properly keep track of nested levels in guest page tables. A local attacker
in a guest VM could use this to cause a denial of service (host OS crash)
or possibly execute arbitrary code in the host OS.
==============================
Ubuntu Security Notice USN-3484-3
November 21, 2017
linux-gcp vulnerability
==============================
2017年11月23日 星期四
TrendLabs: Spam Runs Against Russian Banks
2017年11月22日 星期三
Veeam Agent for Linux backup
As IT organizations look to run more Linux-based workloads in the public cloud, it is important to ensure they are backed up and can be recovered in order to avoid business disruption. However, backing up and recovering Linux instances is often cumbersome or expensive, requiring manual intervention and consuming an IT administrator’s valuable time.
REF: https://www.veeam.com/linux-cloud-server-backup-agent.html
2017年11月21日 星期二
Check_MK: stable release 1.4.0p19
This maintenance release ships with 6 changes affecing all editions of Check_MK,
1 Enterprise Edition specific changes and 0 Managed Services Edition specific changes.
* 5244 FIX: Activate Changes: Fixed "Has never been activated" status message
* 5478 FIX: fileinfo: fix globbing pattern expansion
* 5443 FIX: cisco_redundancy: Discover 'Redundancy Framework Status' service if device supports that.
* 5445 FIX: apc_symmetra_output: Fixed exception 'could not convert string to float' during discovery
* 5410 FIX: Windows agent: handle section Skype correctly
* 5227 FIX: Checkgroup humidity: Fix swapped lower levels and definition of only one kind of levels
REF: http://mathias-kettner.de/check_mk_download.html
1 Enterprise Edition specific changes and 0 Managed Services Edition specific changes.
* 5244 FIX: Activate Changes: Fixed "Has never been activated" status message
* 5478 FIX: fileinfo: fix globbing pattern expansion
* 5443 FIX: cisco_redundancy: Discover 'Redundancy Framework Status' service if device supports that.
* 5445 FIX: apc_symmetra_output: Fixed exception 'could not convert string to float' during discovery
* 5410 FIX: Windows agent: handle section Skype correctly
* 5227 FIX: Checkgroup humidity: Fix swapped lower levels and definition of only one kind of levels
REF: http://mathias-kettner.de/check_mk_download.html
Bring Remote Teams Together Without A Big Offsite Budget
The Trello team is distributed across the world, some co-located and some remote. So how do we bring everyone together to bond over a shared social experience when 65% of our team is not in the same office? The answer might surprise you.
REF: https://blog.trello.com/how-to-host-a-remote-team-offsite-budget
2017年11月19日 星期日
Official OpenBSD 6.2 CD set up for auction
---------- Forwarded message ----------
From: Bob Beck
Date: Sun, Nov 19, 2017 at 3:00 AM
So, the only 6.2 set to be produced is up for auction, featuring hand-drawn
artwork by Theo. Artisanally Made in Canada! All proceeds of the sale to fund OpenBSD development.
Go have a look at
http://www.ebay.ca/itm/Official-OpenBSD-6-2-CD-Set/253265944606
2017年11月18日 星期六
TrendLabs: ChessMaster’s New Strategy
Figure: 1 ChessMaster infection chain.
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/chessmasters-new-strategy-evolving-tools-tactics/
2017年11月17日 星期五
Dell Precision Machines Available With Ubuntu Pre-Installed
Dell Precision 5720
REF: https://insights.ubuntu.com/2017/11/14/new-dell-precision-machines-available-with-ubuntu-pre-installed/
Updates on Netflix’s Container Management Platform
REF: https://medium.com/netflix-techblog/updates-on-netflixs-container-management-platform-a91738360bd8
We have found three categories of collaborators that are looking for unique values from Titus. Specifically, those who are looking for battle hardened:
Natively integrated container solution within Amazon Web Services (AWS)
NetflixOSS integrated container management platform, specifically one that works well with Spinnaker (our continuous delivery platform) or our cloud RPC frameworks based on Eureka
A modern Apache Mesos unified batch and service container scheduler that works well on an elastic cloud with Docker containers
2017年11月15日 星期三
Check_MK: stable release 1.4.0p17
REF: http://mathias-kettner.de/check_mk_download.html
...the new stable release 1.4.0p17 of Check_MK is ready for download.
This maintenance release ships with 18 changes affecing all editions of Check_MK,
2 Enterprise Edition specific changes and 1 Managed Services Edition specific changes.
2 Enterprise Edition specific changes and 1 Managed Services Edition specific changes.
TrendLabs: Toast Overlay Weaponized
Google Cloud Organization
The Cloud Organization allows Google Cloud Platform admins to centrally manage all the Cloud Platform resources associated with their domain, apply IAM policies, consolidate Billing, and much more.
REF: https://cloud.google.com/resource-manager/
2017年11月12日 星期日
CrossOver on Chrome OS Beta
CrossOver on Chrome OS runs an enormous variety of Windows
applications. You can install applications from the same vast
compatibility database which we have built for years in CrossOver on
other platforms. CrossOver on Chrome OS integrates your Windows
applications with the native Chrome OS desktop. For users in the
enterprise, CrossOver Chrome OS also includes tools to integrate with
the Google Admin Console. CrossOver on Chrome OS helps enterprise
customers manage deployment of Windows applications to Chromebooks.
REF: https://play.google.com/store/apps/details?id=com.codeweavers.cxoffice
applications. You can install applications from the same vast
compatibility database which we have built for years in CrossOver on
other platforms. CrossOver on Chrome OS integrates your Windows
applications with the native Chrome OS desktop. For users in the
enterprise, CrossOver Chrome OS also includes tools to integrate with
the Google Admin Console. CrossOver on Chrome OS helps enterprise
customers manage deployment of Windows applications to Chromebooks.
Telestream Lightspeed Live Capture
|
2017年11月10日 星期五
Mozilla adds multiprocessing with Electrolysis in Firefox 54
REF: http://www.linux-magazine.com/Issues/2017/204/Firefox-54-with-Electrolysis
Developers are praising Firefox 54 as the "best Firefox ever." The revamped web browser adds multiprocessing and promises a significant boost in speed.
Developers are praising Firefox 54 as the "best Firefox ever." The revamped web browser adds multiprocessing and promises a significant boost in speed.
2017年11月9日 星期四
Video Control Room With NDI and Connect Spark
TrendLabs: New Malicious Macro Evasion
Figure 1. Infection diagram for EMOTET malware showing Macro-PowerShell use
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/new-malicious-macro-evasion-tactics-exposed-ursnif-spam-mail/
System76 Releases Pop!_OS
REF: http://www.linux-magazine.com/Online/News/System76-Releases-Pop!_OS
System76, one of the few hardware vendors that sell systems preloaded with Linux, has released the final version of Pop!_OS, their own Ubuntu-based distribution.
System76 CEO and founder Carl Richell told us in an interview that the OS is the result of the feedback that they received from their customers. What makes Pop!_OS different from many other Linux distributions is that System76 sells Linux hardware, so they do have a very trusted channel of feedback from customers.
System76, one of the few hardware vendors that sell systems preloaded with Linux, has released the final version of Pop!_OS, their own Ubuntu-based distribution.
System76 CEO and founder Carl Richell told us in an interview that the OS is the result of the feedback that they received from their customers. What makes Pop!_OS different from many other Linux distributions is that System76 sells Linux hardware, so they do have a very trusted channel of feedback from customers.
The Planning Fallacy
REF: https://blog.trello.com/planning-fallacy-overloaded-at-work
You look down at your to-do list and your heart starts racing. Why? You’ve just had that brutal realization that there is absolutely no way you’re going to be able to get everything done.
2017年11月5日 星期日
TrendLabs: ZNIU Found Distributing New Variant
Figure 1. Screenshot of an unsigned profile (left) and a signed profile (right). In English translation, the right photo describes 51 Apple Helper, an iOS app store that provides games, software, and wallpaper.
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/app-stores-formerly-coddled-zniu-found-distributing-new-ixintpwnyjsnpi-variant/
2017年11月3日 星期五
Overlooked Biases That Creep Into Your Work
REF: https://blog.trello.com/7-overlooked-biases-that-creep-into-your-work-and-undermine-its-success
From cooking dinner to deciding which new project to tackle at work, you make a lot of decisions throughout the day. Some of these decisions are so automatic that you don’t even think about them. And the decisions that you do think about (and put hours of research into) may not be as objective and rational as you may think.
2017年11月2日 星期四
About WPA2 compromised protocol
OpenBSD was notified of the vulnerability on 15 July 2017, before
CERT/CC was involved in the coordination. Quite quickly, Theo de Raadt
replied and critiqued the tentative disclosure deadline: In the open
source world, if a person writes a diff and has to sit on it for a
month, that is very discouraging. Note that I wrote and included a
suggested diff for OpenBSD already, and that at the time the tentative
disclosure deadline was around the end of August. As a compromise, I
allowed them to silently patch the vulnerability. In hindsight this was
a bad decision, since others might rediscover the vulnerability by
inspecting their silent patch. To avoid this problem in the future,
OpenBSD will now receive vulnerability notifications closer to the end
of an embargo.
REF: https://marc.info/?l=openbsd-misc&m=150815942414653&w=2
CERT/CC was involved in the coordination. Quite quickly, Theo de Raadt
replied and critiqued the tentative disclosure deadline: In the open
source world, if a person writes a diff and has to sit on it for a
month, that is very discouraging. Note that I wrote and included a
suggested diff for OpenBSD already, and that at the time the tentative
disclosure deadline was around the end of August. As a compromise, I
allowed them to silently patch the vulnerability. In hindsight this was
a bad decision, since others might rediscover the vulnerability by
inspecting their silent patch. To avoid this problem in the future,
OpenBSD will now receive vulnerability notifications closer to the end
of an embargo.
REF: https://marc.info/?l=openbsd-misc&m=150815942414653&w=2
2017年11月1日 星期三
TrendLabs: Coin Miner Mobile Malware
The following malicious apps were found on Google Play and are connected to this threat:
SHA256 hash | App name | Package name | Detection name |
22581e7e76a09d404d093ab755888743b4c908518c47af66225e2da991d112f0 | Recitiamo Santo Rosario Free | prsolutions.rosariofacileads | ANDROIDOS_JSMINER |
440cc9913d623ed42563e90eec352da9438a9fdac331017af2ab9b87a5eee4af | SafetyNet Wireless App | com.freemo.safetynet | ANDROIDOS_JSMINER |
d3c0bed627edab9ac1bbc2bcc6e8c3ff45b4708afa527790e42a4a6fe2c045f0 | Car Wallpaper HD: mercedes, ferrari, bmw and audi | com.yrchkor.newwallpapers | ANDROIDOS_CPUMINER |
訂閱:
文章 (Atom)