Cybersecurity

http://thehackernews.com/2017/06/windows-10-redstone3-smb.html?m=1 The Server Message Block version 1 (SMBv1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — will be removed from the upcoming Windows 10 (1709) Redstone 3 Update. The WannaCry ransomware wreaked havoc last month. You can find more information on WannaCry at http://www.epanorama.net/newepa/2017/05/12/an-nsa-derived-ransomware-worm-is-shutting-down-computers-worldwide/ →

http://www.commitstrip.com/en/2017/06/19/security-too-expensive-try-a-hack/ Sadly so true. →

https://www.cyberciti.biz/faq/howto-patch-linux-kernel-stack-clash-vulnerability-cve-2017-1000364/ A very serious security problem has been found in the Linux kernel called “The Stack Clash.” The Qualys Research Labs discovered various problems in the dynamic linker of the GNU C Library (CVE-2017-1000366) which allow local privilege escalation by clashing the stack including Linux kernel. This bug affects Linux, OpenBSD, NetBSD, FreeBSD and Solaris, →

http://www.zdnet.com/article/how-to-use-linuxs-built-in-usb-attack-protection/ USB is insecure. There are USB sticks that will destroy your computer, USB sticks loaded with spyware, and even official enterprise USB sticks infected with malware. Windows and Macs are easy to crack with USB-borne tools. There are devices like the USG USB stick firewall, which can protect you. Linux users can stop attackers armed with USB sticks with USBGuard software. →

http://securityaffairs.co/wordpress/60013/hacking/ics-cybersecurity.html The equipment was expected to be installed and left alone for a long time. Pressures to reduce operating costs led to this equipment being connected, and the easiest networking equipment to find was designed for convenience in a corporate environment — not security in an ICS environment.  This has led to the current situation where malware →

http://www.visualcapitalist.com/worlds-biggest-data-breaches/?utm_source=facebook&utm_medium=social&utm_campaign=SocialWarfare Before 2009, the majority of data breaches were the fault of human errors like misplaced hard drives and stolen laptops, or the efforts of “inside men” looking to make a profit by selling data to the highest bidder. Since then, the volume of malicious hacking has exploded relative to other forms of data loss. →

https://www.cyberciti.biz/faq/how-to-prevent-unprivileged-users-from-viewing-dmesg-command-output-on-linux/ One can use dmesg command see or control the kernel ring buffer.  The kernel syslog contains debugging information that is often useful during exploitation of other vulnerabilities, such as kernel heap addresses.  There is an option that prevents unprivileged users from reading the syslog. sudo sysctl -w kernel.dmesg_restrict=1 →

http://www.zdnet.com/article/why-you-must-patch-the-new-linux-sudo-security-hole/ Ironically, only the most secure Linux server setups are vulnerable to this newly discovered hole. If you want your Linux server to be really secure, you defend it with SELinux. Many sysadmins don’t bother because SELinux can be difficult to set up. This makes the newly discovered Linux security hole — with the sudo command that only hits →

https://techcrunch.com/2017/06/02/who-catches-the-imsi-catchers-researchers-demonstrate-stingray-detection-kit/?ncid=rss&utm_source=tcfbpage&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29&utm_content=FaceBook&sr_share=facebook What’s needed is an independent method of identifying IMSI catchers in the wild. That’s what University of Washington researchers Peter Ney and Ian Smith have attempted to create with SeaGlass. “Up until now the use of IMSI-catchers around the world has been shrouded in mystery, and this lack of concrete information is a barrier to →

https://opensource.com/article/17/5/secure-open-source-devops?sc_cid=7016000000127ECAAY The key to secure app development is to “shift left”—move security testing away from late-stage production and back towards design and development. →