Security News

Tencent floats bug bounties for its cloudy Linux and IoT OSes
2020-06-11 04:05

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

Thought you'd addressed those data-leaking Spectre holes on Linux? Guess again. The patches aren't perfect
2020-06-09 19:39

In three posts marked urgent to the Linux kernel mailing list on Tuesday, Anthony Steinhauser points out problems with countermeasures put in place to block Spectre vulnerabilities in modern Intel and AMD x86 microprocessors that perform speculative execution. The Spectre family of flaws involve making a target system speculate - perform an operation it may not need - in order to expose confidential data so an attacker can obtain it through an unprotected side channel.

Thought you'd fixed those Linux Spectre issues? Guess again, and AMD users need to be especially on their toes
2020-06-09 19:39

In three posts marked urgent to the Linux kernel mailing list on Tuesday, Anthony Steinhauser points out problems with countermeasures put in place to block Spectre vulnerabilities in modern Intel and AMD x86 microprocessors that perform speculative execution. The Spectre family of flaws involve making a target system speculate - perform an operation it may not need - in order to expose confidential data so an attacker can obtain it through an unprotected side channel.

This new ransomware targets Windows and Linux in surprising ways
2020-06-04 15:00

Aimed at SMBs, educational facilities, and software companies, the ransomware leverages Java to encrypt server-based files, according to BlackBerry and KPMG. Cybercriminals are always looking for new tricks and techniques to target potential victims without being caught. That's especially true of ransomware attackers who need to stealthily invade an organization's network to encrypt the sensitive files they plan to hold hostage.

'Beyond stupid': Linus Torvalds trashes 5.8 Linux kernel patch over opt-in Intel CPU bug mitigation
2020-06-02 12:19

Linus Torvalds has removed a patch in the next release of the Linux kernel intended to provide additional opt-in mitigation of attacks against the L1 data CPU cache. The patch from AWS engineer Balbir Singh was to provide "An opt-in mechanism to flush the L1D cache on context switch. The goal is to allow tasks that are paranoid due to the recent snoop-assisted data sampling vulnerabilities, to flush their L1D on being switched out. This protects their data from being snooped or leaked via side channels after the task has context switched out."

'Beyond stupid': Linus Torvalds trashes 5.8 Linux kernel patch over opt-in Intel CPU bug mitigation
2020-06-02 12:19

Linus Torvalds has removed a patch in the next release of the Linux kernel intended to provide additional opt-in mitigation of attacks against the L1 data CPU cache. The patch from AWS engineer Balbir Singh was to provide "An opt-in mechanism to flush the L1D cache on context switch. The goal is to allow tasks that are paranoid due to the recent snoop-assisted data sampling vulnerabilities, to flush their L1D on being switched out. This protects their data from being snooped or leaked via side channels after the task has context switched out."

How to properly secure sysctl on Linux
2020-05-28 15:40

Protecting your Linux servers against SYN attacks and IP spoofing isn't nearly as hard you think. Jack Wallen shows you how.

New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows
2020-05-28 12:09

With a new fuzzing tool created specifically for testing the security of USB drivers, researchers have discovered more than two dozen vulnerabilities in a variety of operating systems. "USBFuzz discovered a total of 26 new bugs, including 16 memory bugs of high security impact in various Linux subsystems, one bug in FreeBSD, three in macOS, and four in Windows 8 and Windows 10, and one bug in the Linux USB host controller driver and another one in a USB camera driver," Hui Peng and Mathias Payer explained.

IAR Systems’ build tools now support Linux
2020-05-27 01:00

IAR Systems, the future-proof supplier of software tools and services for embedded development, announces that its extensive product portfolio of embedded development tools is now extended with build tools supporting implementation in Linux-based frameworks for automated application build and test processes. This flexibility is now extended to the build environment as the well-known build tools in IAR Embedded Workbench now support Linux.

CrowdStrike Falcon bolsters Linux protection with ML prevention, custom and dynamic IoAs
2020-05-22 00:15

CrowdStrike, a leader in cloud-delivered endpoint protection, announced the CrowdStrike Falcon platform is bolstering its Linux protection capabilities with additional features, including machine learning prevention, custom Indicators of Attack and dynamic IoAs. CrowdStrike delivers proven breach prevention and visibility from its cloud-delivered platform via a single lightweight agent that supports endpoints and cloud workloads on all platforms including Windows, Mac, Linux and mobile devices.