Article URL: https://wordpress.org/news/2024/09/wp-engine-banned/ Comments URL: https://news.ycombinator.com/item?id=41652760 Points: 131 # Comments: 46
...moreTotal Articles Found: 36
Top sources:
Top Keywords:
Top Authors
Top Articles:
Published: 2024-09-25 22:59:26
Popularity: 2340
Author: lambda-dev
Article URL: https://wordpress.org/news/2024/09/wp-engine-banned/ Comments URL: https://news.ycombinator.com/item?id=41652760 Points: 131 # Comments: 46
...moreThe iconic Winamp media player has fulfilled a promise made in May to go open-source and has now published its complete source code on GitHub. [...]
...morePublished: 2024-09-26 14:50:17
Popularity: 421
Author: None
Keywords:
Published: 2024-09-29 14:23:34
Popularity: 159
Author: Bill Toulas
Keywords:
A critical vulnerability in NVIDIA Container Toolkit impacts all AI applications in a cloud or on-premise environment that rely on it to access GPU resources. [...]
...morePublished: 2024-09-26 12:30:38
Popularity: 157
Author: Edge Editors
The latest draft version of NIST's password guidelines simplifies password management best practices and eliminates those that did not promote stronger security.
...morePublished: 2024-09-25 17:00:00
Popularity: 146
Author: info@thehackernews.com (The Hacker News)
Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not only reduces the overall security risk of a codebase, but also makes the switch
...morePublished: 2024-09-26 01:45:09
Popularity: 99
Author: Thomas Claburn
That escalated quickly Updated WordPress on Wednesday escalated its conflict with WP Engine, a hosting provider, by blocking the latter's servers from accessing WordPress.org resources – and therefore from potentially vital software updates.…
...morePublished: 2024-09-26 17:34:01
Popularity: 75
Author: Jessica Lyons
Quick fix: Remove cups-browsed, block UDP port 631 Updated After days of waiting and anticipation, what was billed as one or more critical unauthenticated remote-code execution vulnerabilities in all Linux systems was today finally revealed.…
...morePublished: 2024-09-17 15:54:36
Popularity: 34
Author: Bruce Schneier
Keywords:
Wow. It seems they all exploded simultaneously, which means they were triggered. Were they each tampered with physically, or did someone figure out how to trigger a thermal runaway remotely? Supply chain attack? Malicious code update, or natural vulnerability? I have no idea, but I expect we will all learn over the next few days. EDITED TO ADD: I’m reading nine killed and 2,800 injured. That’s a lot of collateral damage. (I haven’t seen a good number as to the number of pagers yet.) EDITED TO ADD: Reuters writes: “The pagers that detonated were the latest model brought in by Hezbollah in recent months, three security sources said.” That implies supply chain attack. And it seems to be a large detonation for an overloaded battery...
...morePublished: 2024-09-23 22:10:14
Popularity: 22
Author: Iain Thomson
Maybe a spell in a French cell changed Durov's mind In a volte-face, Telegram CEO Pavel Durov announced that the made-in-Russia messaging platform will become a lot less cozy for criminals.…
...morePublished: 2024-10-02 12:31:05
Popularity: 17
Author: Jessica Lyons
Logjam 'hurting infosec processes world over' one expert tells us as US body blows its own Sept deadline NIST has made some progress clearing its backlog of security vulnerability reports to process – though it's not quite on target as hoped.…
...morePublished: 2024-09-18 02:32:08
Popularity: 16
Author: Simon Sharwood
Sting led to cuffing of alleged operator behind Ghost – an app for drug trafficking, money laundering, and violence-as-a-service Australia's Federal Police (AFP) yesterday arrested and charged a man with creating and administering an app named Ghost that was allegedly "a dedicated encrypted communication platform … built solely for the criminal underworld" and which enabled crims to arrange acts of violence, launder money, and traffic illicit drugs.…
...morePublished: 2024-09-17 21:26:38
Popularity: 14
Author: Nate Nelson, Contributing Writer
A researcher bypassed the Calendar sandbox, Gatekeeper, and TCC in a chain attack that allowed for wanton theft of iCloud photos.
...morePublished: 2024-09-23 21:30:10
Popularity: 12
Author: Connor Jones
11M devices exposed to trojan, Kaspersky says Updated The Necro trojan is once again making a move against Android users, with up to eleven million individuals thought to be exposed to infected apps.…
...morePublished: 2024-09-16 16:45:10
Popularity: 10
Author: Connor Jones
Now it's the default for all new accounts Snowflake continues to push forward in strengthening its users' cybersecurity posture by making multi-factor authentication the default for all new accounts.…
...morePublished: 2024-09-17 11:02:34
Popularity: 10
Author: Bruce Schneier
Keywords:
Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. From a news article These particular attacks from North Korean state-funded hacking team Lazarus Group are new, but the overall malware campaign against the Python development community has been running since at least August of 2023, when a number of popular open source Python tools were maliciously duplicated with added malware. Now, though, there are also attacks involving “coding tests” that only exist to get the end user to install hidden malware on their system (cleverly hidden with Base64 encoding) that allows remote execution once present. The capacity for exploitation at that point is pretty much unlimited, due to the flexibility of Python and how it interacts with the underlying OS...
...morePublished: 2024-09-16 21:04:22
Popularity: 8
Author: Dark Reading Staff
Three days after Ivanti published an advisory about the high-severity vulnerability CVE-2024-8190, threat actors began to abuse the flaw.
...morePublished: 2024-09-18 12:16:40
Popularity: 8
Author: Connor Jones
Italian mafia mobsters and Irish crime families scuppered by international cops Hours after confirming they had pwned the supposedly uncrackable encrypted messaging platform used for all manner of organized crime, Ghost, cops have now named the suspect they cuffed last night, who is charged with being the alleged mastermind.…
...morePublished: 2024-10-02 15:18:01
Popularity: 6
Author: Elizabeth Montalbano, Contributing Writer
The prolific Chinese APT Mustang Panda is the likely culprit behind a sophisticated cyber-espionage attack that sets up persistent remote access to victim machines.
...morePublished: 2024-10-03 16:59:00
Popularity: 6
Author: Edward Fernandez
Keywords:
Pixel phones have earned a well-deserved reputation for being security-conscious. In this blog, we'll take a peek under the hood to see how Pixel mitigates common exploits on cellular basebands.
Smartphones have become an integral part of our lives, but few of us think about the complex software that powers them, especially the cellular baseband – the processor on the device responsible for handling all cellular communication (such as LTE, 4G, and 5G). Most smartphones use cellular baseband processors with tight performance constraints, making security hardening difficult. Security researchers have increasingly exploited this attack vector and routinely demonstrated the possibility of exploiting basebands used in popular smartphones.
The good news is that Pixel has been deploying security hardening mitigations in our basebands for years, and Pixel 9 represents the most hardened baseband we've shipped yet. Below, we’ll dive into why this is so important, how specifically we’ve improved security, and what this means for our users.
The Cellular Baseband
The cellular baseband within a smartphone is responsible for managing the device's connectivity to cellular networks. This function inherently involves processing external inputs, which may originate from untrusted sources. For instance, malicious actors can employ false base stations to inject fabricated or manipulated network packets. In certain protocols like IMS (IP Multimedia Subsystem), this can be executed remotely from any global location using an IMS client.
The firmware within the cellular baseband, similar to any software, is susceptible to bugs and errors. In the context of the baseband, these software vulnerabilities pose a significant concern due to the heightened exposure of this component within the device's attack surface. There is ample evidence demonstrating the exploitation of software bugs in modem basebands to achieve remote code execution, highlighting the critical risk associated with such vulnerabilities.
The State of Baseband Security
Baseband security has emerged as a prominent area of research, with demonstrations of software bug exploitation featuring in numerous security conferences. Many of these conferences now also incorporate training sessions dedicated to baseband firmware emulation, analysis, and exploitation techniques.
Recent reports by security researchers have noted that most basebands lack exploit mitigations commonly deployed elsewhere and considered best practices in software development. Mature software hardening techniques that are commonplace in the Android operating system, for example, are often absent from cellular firmwares of many popular smartphones.
There are clear indications that exploit vendors and cyber-espionage firms abuse these vulnerabilities to breach the privacy of individuals without their consent. For example, 0-day exploits in the cellular baseband are being used to deploy the Predator malware in smartphones. Additionally, exploit marketplaces explicitly list baseband exploits, often with relatively low payouts, suggesting a potential abundance of such vulnerabilities. These vulnerabilities allow attackers to gain unauthorized access to a device, execute arbitrary code, escalate privileges, or extract sensitive information.
Recognizing these industry trends, Android and Pixel have proactively updated their Vulnerability Rewards Program in recent years, placing a greater emphasis on identifying and addressing exploitable bugs in connectivity firmware.
Building a Fortress: Proactive Defenses in the Pixel Modem
In response to the rising threat of baseband security attacks, Pixel has incrementally incorporated many of the following proactive defenses over the years, with the Pixel 9 phones (Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL and Pixel 9 Pro Fold) showcasing the latest features:
We also leverage a number of bug detection tools, such as address sanitizer, during our testing process. This helps us identify software bugs and patch them prior to shipping devices to our users.
The Pixel Advantage: Combining Protections for Maximum Security
Security hardening is difficult and our work is never done, but when these security measures are combined, they significantly increase Pixel 9’s resilience to baseband attacks.
Pixel's proactive approach to security demonstrates a commitment to protecting its users across the entire software stack. Hardening the cellular baseband against remote attacks is just one example of how Pixel is constantly working to stay ahead of the curve when it comes to security.
Special thanks to our colleagues who supported our cellular baseband hardening efforts: Dominik Maier, Shawn Yang, Sami Tolvanen, Pirama Arumuga Nainar, Stephen Hines, Kevin Deus, Xuan Xing, Eugene Rodionov, Stephan Somogyi, Wes Johnson, Suraj Harjani, Morgan Shen, Valery Wu, Clint Chen, Cheng-Yi He, Estefany Torres, Hungyen Weng, Jerry Hung, Sherif Hanna
...morePublished: 2024-09-17 18:30:08
Popularity: 3
Author: Iain Thomson
Eight-year-old among those slain, Israel blamed, Iran's Lebanese ambassador wounded, it's said Lebanon says at least nine people, including an eight-year-old girl, were killed today after pagers used by Hezbollah members exploded across the country. Israel has been blamed.…
...morePublished: 2024-09-17 23:38:47
Popularity: None
Author: None
Now it's the default for all new accounts
...morePublished: 2024-09-21 20:29:58
Popularity: None
Author: Dark Reading
Critical-rated CVE-2024-20017 allows remote code execution (RCE) on a range of phones and Wi-Fi access points from a variety of OEMs.
...morePublished: 2024-09-23 22:59:10
Popularity: None
Author: Guru Baran
A high-severity vulnerability in the FreeBSD hypervisor, bhyve, has been discovered, allowing malicious software running in a guest virtual machine (VM) to potentially execute arbitrary code on the host system.
...morePublished: 2024-09-24 23:37:24
Popularity: None
Author: Dan Goodin
Emails, documents, and other untrusted content can plant malicious memories.
...morePublished: 2024-09-25 19:45:49
Popularity: None
Author: securityonline.info via enpo
Keywords:
Comments
...morePublished: 2024-09-25 17:23:39
Popularity: None
Author: Written by
NVIDIA engineers have sent out an exciting set of Linux kernel patches for enabling NVIDIA vGPU software support for virtual GPU support among multiple virtual machines (VMs)
...morePublished: 2024-10-03 21:05:50
Popularity: None
Author: None
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which…
...morePublished: 2024-09-30 20:54:04
Popularity: None
Author: None
We couldn’t extract the content of this article. Here is the URL so you can access it:
https://www.rochesterfirst.com/space/rit-will-receive-9-9m-for-space-force-research/
Published: 2024-09-30 12:37:31
Popularity: None
Author: None
It’s a well-known secret that inkjet ink is being kept at artificially high prices, which is why many opt to forego ‘genuine’ manufacturer cartridges and get third-party ones inst…
...morePublished: 2024-09-28 18:10:46
Popularity: None
Author: None
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident ...
...morePublished: 2024-09-28 18:03:48
Popularity: None
Author: Dirk Knop
The RegreSSHion flaw enabled attackers to gain root access. An IT researcher has discovered another similar vulnerability in OpenSSH of RHEL 9 and descendants.
...morePublished: 2024-09-27 17:16:46
Popularity: None
Author: None
On June 11th, 2024, we discovered a set of vulnerabilities in Kia vehicles that allowed remote control over key functions using only a license plate. These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription.
...morePublished: 2024-09-26 23:25:16
Popularity: None
Author: None
The HardenedBSD Foundation is happy to announce a donation from the folks over at Protectli. Protectli is an open source firewall appliance company. This is their second donation to the HardenedBSD Foundation to date.
This donation is for a specific project: the development of a censorship- and surveillance-resistant mesh network. Protectli donated four FW4B devices. These devices will help us research and develop a prototype network, with the end goal being wider deployment once the initial proof-of-concept is developed and documented.
We--the HardenedBSD Foundation and the HardenedBSD Project--believe that Protectli offers a solid product line with which to base our reference implementation. We plan to start a concerted effort on the proof-of-concept implementation starting January through February 2025.
We are in talks with a Google Summer of Code contributor for FreeBSD in bringing their hard work to completion; or, at the very least, to a state that is usable for this project. The contributor, Aymeric Wibo, spoke at BSDCan 2024 about his efforts at porting BATMAN-adv to FreeBSD. We hope to bring his work into a special feature branch in HardenedBSD.
Special care must be taken so as not to introduce GPL code. Some bits of the BATMAN project are GPL. The bits that are BSD license compatible can land in the src tree, but GPL bits will land as ports entries.
Once we are satisfied with that work, we will begin work on a special version of HardenedBSD. This version will have all methods for capturing packets (eg, libpcap, tcpdump, BPF, etc.) removed. This would enable network operators to respond to law enforcement requests with a simple answer: "we have no customer data and lack the ability to capture customer data."
We envision networks akin to the NYC MESH project, with two key differences:
Node and Supernode operators will undergo a vetting process. Supernode operators must also run a public Tor relay to offset the bandwidth cost of users. Routing all traffic through Tor will place a large burden on the Tor network, so we must be kind citizens and try to offset that burden as much as possible.
Protectli plays a crucial role beyond this one donation. We are in talks with Protectli to establish a baseline set of equipment as gold standard. Network operators can supply their own equipment, but we will recommend Protectli as the "known working gold standard reference."
Node operators will be required to run hardened operating systems, with a strong recommendation of HardenedBSD.
We are grateful for Protectli's support of the HardenedBSD project and its goals. We dream of a decentralized digital world wherein safety of its participants is of utmost importance.
If you would like to play a part in this initial research and development, please reach out to the HardenedBSD Foundation at foundation@hardenedbsd.org.
Published: 2024-09-26 14:10:48
Popularity: None
Author: janandonly
Article URL: https://tails.net/news/tails_tor/ Comments URL: https://news.ycombinator.com/item?id=41658618 Points: 4 # Comments: 0
...morePublished: 2024-09-26 22:35:55
Popularity: None
Author: None
Quick fix: Remove cups-browsed, block UDP port 631
...more