2018年12月30日 星期日
VOTING MACHINES ARE STILL ABSURDLY VULNERABLE TO ATTACKS
2018 review: random reboots of Meltdown-Spectre patch
(January 12, 2018, 4:10 AM PST) Spectre and Meltdown are design flaws in modern CPUs that could allow hackers to bypass system protections on a wide range of devices, allowing attackers to read sensitive information, such as passwords, from memory.
Intel began making software and firmware updates available to mitigate attacks exploiting these flaws last week, pushing them out via system manufacturers. However, yesterday the chip maker admitted these updates were causing certain computers to unexpectedly reboot.
The random reboots appear to be affecting both PCs and servers that use Intel Broadwell and Haswell processors.
REF: https://www.techrepublic.com/article/meltdown-spectre-patch-watch-out-for-random-reboots-warns-intel/
Intel began making software and firmware updates available to mitigate attacks exploiting these flaws last week, pushing them out via system manufacturers. However, yesterday the chip maker admitted these updates were causing certain computers to unexpectedly reboot.
The random reboots appear to be affecting both PCs and servers that use Intel Broadwell and Haswell processors.
REF: https://www.techrepublic.com/article/meltdown-spectre-patch-watch-out-for-random-reboots-warns-intel/
2018年12月28日 星期五
Firefox 63.0 was released.
63.0
Firefox Release
October 23, 2018
Version 63.0, first offered to Release channel users on October 23, 2018
REF: https://www.mozilla.org/en-US/firefox/63.0/releasenotes/
LJ: Linux and Supercomputers
As we sit here, in the year Two Thousand and Eighteen (better known as "the future, where the robots live"), our beloved Linux is the undisputed king of supercomputing. Of the top 500 supercomputers in the world, approximately zero of them don't run Linux (give or take...zero).
2018年12月26日 星期三
LJ: Review: the Dell XPS 13 Developer Edition Laptop
A look at Dell's thin and sleek XPS 13 Developer Edition laptop that now ships with Ubuntu 18.04 LTS pre-installed.
2018年12月25日 星期二
TrendLabs: With Mirai Comes Miori: IoT Botnet Delivered via ThinkPHP Remote Code Execution Exploit
Figure 2. Miori infects device
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/with-mirai-comes-miori-iot-botnet-delivered-via-thinkphp-remote-code-execution-exploit/
LJ: Why Your Server Monitoring (Still) Sucks
Five observations about why your your server monitoring still stinks by a monitoring specialist-turned-consultant.
2018年12月23日 星期日
TrendLabs: New PowerShell-based Backdoor Found in Turkey, Strikingly Similar to MuddyWater Tools
Figure 1. Fake Office document tries to get user to enable malicious macros. The blurred document contains logos of different Turkish government entities
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/new-powershell-based-backdoor-found-in-turkey-strikingly-similar-to-muddywater-tools/
2018年12月22日 星期六
New Dashboard of Plex
New Dashboard to see who’s naughty and nice |
Do you share your libraries with friends and family? Wanna know who’s watching what? Now you lucky Plex Pass users have a new Dashboard to replace the previous Now Playing page, giving you instant insight into what’s currently being played and by whom. The new Dashboard can be found in your settings screen , and includes the following: |
2018年12月21日 星期五
Trello: The Self-Talk Struggle Is Real: How To Win At Work With Sports Psychology
In the 1998 NBA Finals, down by one point and with only 18 seconds left in the game, Michael Jordan tore the ball away from the opponent and made the winning shot of his last game with the Chicago Bulls.
REF: https://blog.trello.com/negative-self-talk
2018年12月20日 星期四
TrendLabs: Android Wallpaper Apps Found Running Ad Fraud Scheme
Figure 5. C&C server response.
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/android-wallpaper-apps-found-running-ad-fraud-scheme/
2018年12月19日 星期三
NewTek NDI version 3.8 SDK Available Now
Some of the most significant changes are:
- Performance improvements across the board, both on Windows and the cross-platform libraries.
- The NDI® Tools suite includes many improvements: Scan Converter now supports high frame-rate screen capture for game capture; likewise Studio Monitor has been updated to support high frame-rate playback; Virtual Input has separate signed drivers for Windows 10 and previous versions, allowing it to correctly run on all Windows versions.
- The Mac and Linux versions of NDI® have noticeable performance improvements, and now support almost all of the same options as the Windows versions.
- Major focus on the optimization of NDI® discovery. Hundreds of sources on a network with hundreds of receivers coming and going at any time, running entirely without centralized servers, make discovery and notification complex. The new version introduces dramatic performance improvements in the way all of this is handled.
- Extended sample code, examples, better routing, and much more.
- (Shhhh. Some secret things have been put in place ahead of time, in preparation for new capabilities to be revealed later in NDI® v4.)
TrendLabs: URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader
Figure 1. Connections of EMOTET, DRIDEX, URSNIF and BitPaymer.
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/ursnif-emotet-dridex-and-bitpaymer-gangs-linked-by-a-similar-loader/
2018年12月17日 星期一
Plex: TVs are lookin’ fiiine
We’ve updated the user experience on our Samsung and LG apps, as well as PlayStation 4, making it easier to find and enjoy the media that matters most to you. The experience is intended to be super-customizable—more consistent with more flexibility—to let you easily view and listen to different types of media from different sources. This means no more switching sources when you go from Photos (your own server) to Music (your favorite hipster friend’s music library)! |
REF: https://support.plex.tv/articles/navigating-the-big-screen-apps/
2018年12月16日 星期日
NewTek Premium Access with LiveGraphics™ and more!
|
2018年12月15日 星期六
TrendLabs: Cybercriminals Use Malicious Memes that Communicate with Malware
Figure 2. Private IP address that a Pastebin URL points to
2018年12月14日 星期五
Trello: Asking For A Remote Work Policy? Pro Tips And Trends Of The Year To Reference
Remote work is growing in popularity, and more and more companies are adopting the mentality and practices of hybrid teams: Offering employees the option to work from the office, remotely, or alternate between the two. Working remotely is not only comfortable (can you say no commute?) but it also provides flexible hours, more ability to focus, and opens opportunities for people around the world to find interesting work regardless of their location.
REF: https://blog.trello.com/remote-work-policy-pro-tips-and-trends
2018年12月13日 星期四
TrendLabs: Cryptocurrency Miner Spreads via Old Vulnerabilities on Elasticsearch
Figure 1. GreyNoise marked the host as a known scanner
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-miner-spreads-via-old-vulnerabilities-on-elasticsearch/
2018年12月12日 星期三
TrendLabs: New Exploit Kit “Novidade” Found Targeting Home and SOHO Routers
Figure 1. Novidade infection chain
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/new-exploit-kit-novidade-found-targeting-home-and-soho-routers/
2018年12月10日 星期一
Trello: Why We Always Switch Productivity Methods Before They Stick, According To Science
Image Source: Cheezburger.com
REF: https://blog.trello.com/how-to-stick-with-a-productivity-method
All new Roku channel!
Our totally reimagined Roku channel makes it easier than ever to find and enjoy the media that matters most to you, giving you unparalleled flexibility and customizability. We’ve also added subtitles-on-demand as a preview for our beloved Plex Passsubscribers. No more searching high and low for the right subtitles–we’ll find them for you automagically. Lastly, if you use Plex Live TV on Roku, we’ve added DVR* capability so you can schedule recordings for your favorite shows, movies, and games right from your Roku device. |
[USN-3840-1] OpenSSL vulnerabilities
---------- Forwarded message ---------
From: Marc Deslauriers
Date: 2018年12月7日 週五 上午4:49
Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An
attacker could possibly use this issue to perform a timing side-channel
attack and recover private DSA keys. (CVE-2018-0734)
Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An
attacker could possibly use this issue to perform a timing side-channel
attack and recover private ECDSA keys. This issue only affected Ubuntu
18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)
Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri,
and Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading
(SMT) architectures are vulnerable to side-channel leakage. This issue is
known as "PortSmash". An attacker could possibly use this issue to perform
a timing side-channel attack and recover private keys. (CVE-2018-5407)
References:
https://usn.ubuntu.com/usn/usn-3840-1
CVE-2018-0734, CVE-2018-0735, CVE-2018-5407
From: Marc Deslauriers
Date: 2018年12月7日 週五 上午4:49
Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An
attacker could possibly use this issue to perform a timing side-channel
attack and recover private DSA keys. (CVE-2018-0734)
Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An
attacker could possibly use this issue to perform a timing side-channel
attack and recover private ECDSA keys. This issue only affected Ubuntu
18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)
Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri,
and Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading
(SMT) architectures are vulnerable to side-channel leakage. This issue is
known as "PortSmash". An attacker could possibly use this issue to perform
a timing side-channel attack and recover private keys. (CVE-2018-5407)
References:
https://usn.ubuntu.com/usn/usn-3840-1
CVE-2018-0734, CVE-2018-0735, CVE-2018-5407
2018年12月7日 星期五
Trello: How To Be Your Most Productive Self: Let Go Of Being Perfect
We live in an era of overachievement, and in this era flaunting those achievements (we’re looking at you, social media) is totally the norm.
REF: https://blog.trello.com/productive-not-perfectionism
2018年12月6日 星期四
TrendLabs: A Look into the Connection Between XLoader and FakeSpy, and Their Possible Ties With the Yanbian Gang
Figure 1. Monthly infection count for XLoader and FakeSpy attacks this year
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/a-look-into-the-connection-between-xloader-and-fakespy-and-their-possible-ties-with-the-yanbian-gang/
2018年12月5日 星期三
Announcing CrossOver 18.1.0
CrossOver 18.1 supports Visio 2016 on Linux.
For macOS users, CrossOver 18.1 contains a number of important bug fixes. We have resolved a bug which prevented game downloads and the Steam Store page from working on the latest Steam release. CrossOver 18.1 also addresses an issue some macOS users experienced running recent versions of Quicken on CrossOver 18. Those who experienced crashes or launch failures when using Quicken 2016-2018 should see full functionality on CrossOver 18.1.
Finally, CrossOver 18.1 restores controller support for Steam on both macOS and Linux.
REF: https://www.codeweavers.com/support/forums/announce/?t=24;mhl=212141;msg=212141#msg212141
For macOS users, CrossOver 18.1 contains a number of important bug fixes. We have resolved a bug which prevented game downloads and the Steam Store page from working on the latest Steam release. CrossOver 18.1 also addresses an issue some macOS users experienced running recent versions of Quicken on CrossOver 18. Those who experienced crashes or launch failures when using Quicken 2016-2018 should see full functionality on CrossOver 18.1.
Finally, CrossOver 18.1 restores controller support for Steam on both macOS and Linux.
REF: https://www.codeweavers.com/support/forums/announce/?t=24;mhl=212141;msg=212141#msg212141
2018年12月4日 星期二
Trello: That Stress You Feel? It’s A ‘Mental Load’ Of Invisible Work That Needs Talking About
Source: The gender wars of household chores: a feminist comic
REF: https://blog.trello.com/mental-load-invisible-work-stress
2018年12月3日 星期一
[USN-3830-1] OpenJDK regression
---------- Forwarded message ---------
From: Steve Beattie
Date: 2018年11月28日 週三 下午5:16
USN-3804-1 fixed vulnerabilities in OpenJDK. Unfortunately, that update
introduced a regression when validating JAR files that prevented Java
applications from finding classes in some situations. This update
fixes the problem.
We apologize for the inconvenience.
References:
https://usn.ubuntu.com/usn/usn-3830-1
https://usn.ubuntu.com/usn/usn-3804-1
https://launchpad.net/bugs/1800792
From: Steve Beattie
Date: 2018年11月28日 週三 下午5:16
USN-3804-1 fixed vulnerabilities in OpenJDK. Unfortunately, that update
introduced a regression when validating JAR files that prevented Java
applications from finding classes in some situations. This update
fixes the problem.
We apologize for the inconvenience.
References:
https://usn.ubuntu.com/usn/usn-3830-1
https://usn.ubuntu.com/usn/usn-3804-1
https://launchpad.net/bugs/1800792
2018年12月2日 星期日
TrendLabs: Trickbot Shows Off New Trick: Password Grabber Module
Figure 6. Trickbot’s shareDll32 module allows it to connect to a C&C server to download a copy of itself
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/trickbot-shows-off-new-trick-password-grabber-module/
2018年12月1日 星期六
[USN-3817-1] Python vulnerabilities
---------- Forwarded message ---------
From: Marc Deslauriers
Date: 2018年11月14日 週三 上午1:03
Summary:
Several security issues were fixed in Python.
Software Description:
- python2.7: An interactive high-level object-oriented language
- python3.5: An interactive high-level object-oriented language
- python3.4: An interactive high-level object-oriented language
Details:
It was discovered that Python incorrectly handled large amounts of data. A
remote attacker could use this issue to cause Python to crash, resulting in
a denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1000030)
It was discovered that Python incorrectly handled running external commands
in the shutil module. A remote attacker could use this issue to cause
Python to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2018-1000802)
It was discovered that Python incorrectly used regular expressions
vulnerable to catastrophic backtracking. A remote attacker could possibly
use this issue to cause a denial of service. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1060, CVE-2018-1061)
It was discovered that Python failed to initialize Expat's hash salt. A
remote attacker could possibly use this issue to cause hash collisions,
leading to a denial of service. (CVE-2018-14647)
References:
https://usn.ubuntu.com/usn/usn-3817-1
CVE-2018-1000030, CVE-2018-1000802, CVE-2018-1060, CVE-2018-1061,
CVE-2018-14647
From: Marc Deslauriers
Date: 2018年11月14日 週三 上午1:03
Summary:
Several security issues were fixed in Python.
Software Description:
- python2.7: An interactive high-level object-oriented language
- python3.5: An interactive high-level object-oriented language
- python3.4: An interactive high-level object-oriented language
Details:
It was discovered that Python incorrectly handled large amounts of data. A
remote attacker could use this issue to cause Python to crash, resulting in
a denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1000030)
It was discovered that Python incorrectly handled running external commands
in the shutil module. A remote attacker could use this issue to cause
Python to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2018-1000802)
It was discovered that Python incorrectly used regular expressions
vulnerable to catastrophic backtracking. A remote attacker could possibly
use this issue to cause a denial of service. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1060, CVE-2018-1061)
It was discovered that Python failed to initialize Expat's hash salt. A
remote attacker could possibly use this issue to cause hash collisions,
leading to a denial of service. (CVE-2018-14647)
References:
https://usn.ubuntu.com/usn/usn-3817-1
CVE-2018-1000030, CVE-2018-1000802, CVE-2018-1060, CVE-2018-1061,
CVE-2018-14647
訂閱:
文章 (Atom)