Systemd, the Linux world’s favorite init monolith, can be potentially crashed or hijacked by malicious DNS servers. Patches are available to address the security flaw, and should be installed ASAP if you’re affected.
Continue reading Systemd Vulnerable to DNS Attacks
I started using CentOS over several other Distros that I have been testing ever the years. I still have an Ubuntu laptop just to keep up to date with things seeing that it’s one of the most popular ones.
I’ve covered installing Kernels before but I wanted to refresh that topic and include how to do it on CentOS.
Continue reading Installing Linux Kernel v4.10
Netgear noted that several of their routers have a command injection Vulnerability issue where an attacker can use a phishing method to gain control of your router.
To find the model/version number, check the bottom or back panel of your NETGEAR device.
From the vulnerability Notes Database:
R6200, R6250, R6400, R6700, R6900, R7000, R7100LG, R7300, R7900, R8000, D6220, and D6400 contain an unauthenticated command injection vulnerability that may be executed directly or via cross-domain requests. Known affected firmware versions include Netgear R7000 version 220.127.116.11_1.1.93, R6400 version 18.104.22.168_1.0.11, and R8000 version 22.214.171.124_1.1.2. Earlier versions may also be affected. The command injection vulnerability has been assigned CVE-2016-6277.
By convincing a user to visit a specially crafted web site, a remote, unauthenticated attacker may execute arbitrary commands with root privileges on affected routers. An unauthenticated, LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND
Continue reading Netgear Router Security Update
Security expert Bruce Schneier recently talked about how someone is learning how to take down the internet. We have seen lots of companies talk about attacks on their infrastructure, breaches, hacking and stealing accounts, etc. As per the companies, it seems name of the attacks are made out to seem like probing for ways to get into networks and do harm.
It reminds me of the US’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.
– Bruce Schneier
Continue reading Bringing down the Net?
Researchers find over 100 spying Tor nodes that attempt to compromise darknet sites
When it comes to accessing public websites, Tor has an intrinsic security problem: though the nodes between your computer and the public internet are unable to see where the traffic is coming from or going to, the final hop in the network (known as an exit node) gets to know what webserver you are connecting to. Continue reading Researchers find over 100 spying Tor nodes
This vulnerability has existed since 2012 and it affects Android and Linux systems running Linux Kernel version 3.8+, and Linux server or desktop running kernel 3.8+ is vulnerable.
As of the date of disclosure, this vulnerability has implications for approximately tens of millions of Linux PCs and servers, and 66 percent of all Android devices (phones/tablets).
How do I fix this?
First some background on what the CVE-2016-0728 bug is. From the Perception Point Research Team
CVE-2016-0728 is caused by a reference leak in the keyrings facility. Before we dive into the details, let’s cover some background required to understand the bug. It can successfully escalates privileges from a local user to root.
Continue reading Linux Kernel Zero Day Vulnerability CVE-2016-0728
Standard Ubuntu releases are supported for 9 months and Ubuntu LTS (Long Term Support) releases are supported for five years on both the desktop and the server. During that time, there will be security fixes and other critical updates.
Continue reading Ubuntu and Debian End-of-Life Timeline