linux | Breaking Cybersecurity News | The Hacker News

Has anyone ever heard about a " Vigilante-style Hacker ," who hacks every possible system to make them more Secure? No. It's not funny, neither a movie story: Reportedly, someone is hacking thousands unprotected Wi-Fi routers everywhere and apparently forcing owners to make them more Secure. Security firm Symantec has discovered a new malware, dubbed " Linux.Wifatch " a.k.a " Ifwatch ," infected more than 10,000 vulnerable ' Internet of Things ' devices, and spreading quickly. However, Linux.Wifatch not only removes malicious backdoor but also encourages users to update their weak passwords. How Does Linux.Wifatch Work? Once a device is infected, the Linux.Wifatch malware connects to a peer-to-peer network that is being used to distribute threat updates. Linux.Wifatch's code does not deploy any payload for malicious activities, such as to carry out DDoS attacks , rather it detects and remediates the known

Earlier this month, Microsoft surprised us all with the announcement that they built a Linux kernel-based operating system, Azure Cloud Switch (ACS) , for developing software products for Network Devices. Now, Microsoft just announced that they have selected Ubuntu as the operating system for their Cloud-based Big Data services. Yes, Microsoft needs Linux. To expand its Azure Data Lake project, that makes Big Data processing and Analytics simpler and more accessible, Microsoft has partnered with Hortonworks and Canonical to launch " Azure HDInsight " for Linux users. Azure HDInsight is a Hadoop-based Big Data solution powered by Cloud that is now also available for Ubuntu, along with Windows OS. By offering both Windows and Linux clusters, Microsoft's fulfills its aim to enhance its own cross-platform aspirations that will accelerate a move towards Hybrid Cloud Computing . " The collaboration between Microsoft and Canonical to create the option to run Azur

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

To make the last week's top cyber security threats and challenges available to you in one shot, we are once again here with our weekly round up. Last week, we came across lots of cyber security threats like the XCodeGhost malware in Apple's App Store and lockscreen bypass bug in iOS 9 and iOS 9.0.1 that made us sad, but… …we were also thrilled by latest developments such as Microsoft's new Linux-based operating system  Azure Cloud Switch (ACS) , unhackable MicroKernel " SeL4 ", and Facebook ' Dislike or Empathy Button '. I recommend you to read the entire thing (just click ' Read More ' because there's some valuable advice in there as well). Here's the list: 1. Microsoft Developed its Own Linux Operating System One of the trending news of last week. Microsoft built its own Linux-based operating system known as Azure Cloud Switch (ACS) . The company described ACS as a "cross-platform, modular operating system for data center n

Remember Project: C.H.I.P. ? A $9 Linux-based, super-cheap computer that raised some $2 Million beyond a pledge goal of just $50,000 on Kickstarter will be soon in your pockets. Four months ago, Dave Rauchwerk , CEO of Next Thing Co., utilized the global crowd-funding corporation ' Kickstarter ' for backing his project C.H.I.P., a fully functioning computer that offers more than what you could expect for just $9. C.H.I.P. stands for " Computer Hardware in Products. " At first, the project was looking like a never ending project but here's something exciting — The $9 CHIP computer is shipping. Yes, Rauchwerk says that the first run of devices is beginning to be distributed to early backers within 7-9 days. Rauchwerk said, " If you backed the [CHIP] project at the Kernel Hacker Backer level on Kickstarter, you'll receive two CHIP computers — the second by mid-October. " Specifications and Capabilities: CHIP packages: 1

Do You Know:  China has planned to eliminate all foreign Technologies and Services by 2020, just like Google and Facebook . And it seems China in some years would be an entirely independent IT economy; building homegrown Mobile and computer devices, Operating Systems, Applications, Browsers and almost everything existing in the IT ecosystem. Well, China was not at all happy when Microsoft finally announced the end of official support for Windows XP. At the time, Windows holded 91% of total market share, compared to just for Mac OS X and just 1% for Linux. However, China wasn't interested to pay either for extended support for Windows XP or for switching to Windows 8. So, they decided to develop their own Operating System. Yes, China has developed a Desktop Operating System named " NeoKylin " ( and ' Kylin ' in Chinese ), tagged as a substitute to Windows XP by Quartz , who got an opportunity to have a hands-on experience of its "community version" OS. NeoKylin

Can you name which Operating System is most Secure ? ...Windows, Mac, Linux or any particular Linux Distribution? Yes, we get that! It's not an easy thing to pick. Besides Windows, Even the so-called ultra-secure Linux Distros were found to be vulnerable to various critical flaws in past years. Because, almost all Linux Distros use the same Kernel, and the most number of cyber attacks target the Kernel of an operating system. So, It doesn't matter which Linux distribution you use. The kernel is the core part an operating system, which handles all the main activities and enforces the security mechanisms to the entire operating system. Making an Operating System secure requires that vulnerabilities shall not exist in the Kernel, which is the communicating interface between the hardware and the user.  To overcome the above situation, Security Researchers, Mathematicians and Aviation gurus from Boeing and Rockwell Collins joined a team of dedicated NIC

First announced over five years ago, ex-Google engineer Kent Overstreet is pleasured in announcing the general availability of a new open-source file-system for Linux, called the Bcache File System (or Bcachefs ). Bcachefs is a Linux kernel block layer cache that aims at offering a speedier and more advanced way of storing data on servers. Bcachefs promises to provide the same performance and reliability as the consecrated EXT4 and XFS file systems while having features of the ZFS and Btrfs file systems . Features that Bcachefs Supports Bcachefs supports all the features of a modern file-system, including: Checksumming to ensure data integrity Compression to save space Caching for quick response Copy-on-Write (COW) that offers the ability for a single file to be accessed by multiple parties at once What's coming next for Bcachefs It seems that some of the features in Bcachefs are limited or missing, which includes: Snapshots Erasure codi

The United States National Security Agency (NSA) has released a network security tool for Government and the private sectors to help secure their networks against cyber attacks. Dubbed Systems Integrity Management Platform (SIMP) , the tool is now publicly available on the popular source code sharing website GitHub . According to an official release from NSA, SIMP makes it easier for government organizations and the private sector to "fortify their networks against cyber threats." SIMP aims at providing a reasonable combination of security compliance and operational flexibility , keeping networked systems compliant with security standards and requirements. It is considered to be a critical part of a layered, "defence-in-depth" approach to information security. " By releasing SIMP, the agency seeks to reduce duplication of effort and promote greater collaboration within the community: The wheel would not have to be reinvented for every organiza

Apple's operating system is considered to be the most secure operating system whether it's Mac OS X for desktop computers or iOS for iPhones. But believe it or not, they are the most vulnerable operating system of year 2014. MOST VULNERABLE OPERATING SYSTEM  Windows, which is often referred to as the most vulnerable operating system in the world and also an easy pie for hackers, is not even listed on the top three vulnerable OS. According to an analysis by the network and security solutions provider GFI, the top three most vulnerable operating system are: Apple's Mac OS X Apple iOS Linux kernel GFI analysis is based on the data from the US National Vulnerability Database (NVD ), which shows that in 2014, the top three most vulnerable operating systems took owner by the following number of vulnerabilities reported in their software: Mac OS X - Total 147 vulnerabilities were reported, 64 of which were rated as high-severity Apple's iOS - Total 127 vulnerabilities were reported,

A critical vulnerability has been fixed in Samba — Open Source standard Windows interoperability suite of programs for Linux and Unix, that could have allowed hackers to remotely execute an arbitrary code in the Samba daemon ( smbd ). Samba is an open source implementation of the SMB/CIFS network file sharing protocol that works on the majority of operating systems available today, which allows a non-Windows server to communicate with the same networking protocol as the Windows products. Samba is supported by many operating systems including Windows 95/98/NT, OS/2, and Linux. smbd is the server daemon of Samba which provides file sharing and printing services to clients using the SMB/CIFS protocol. Samba is also sometimes installed as a component of *BSD and OS X systems. The vulnerability, designated as CVE-2015-0240 , actually resides in this smbd file server daemon. The bug can be exploited by hackers to potentially execute code remotely with root privileges, the

Werner Koch , the man who authored the free email encryption software , is running out of funding to continue the development of his crucial open-source GNU Privacy Guard (GnuPG) encryption tools.The code works on plenty of operating systems from Linux and FreeBSD to Windows and OS X. The popular Gnu Privacy Guard (GnuPG or GPG) email encryption software is the same used by the former United States National Security Agency (NSA) contractor and whistleblower Edward Snowden to keep his communication secure from law enforcement authorities. GPG uses the OpenPGP standard to safeguard the communications of millions of people, including journalists, dissidents and security-minded people, around the world from eavesdroppers and other miscreants. GPG EMAIL ENCRYPTION RELIES ON THIS GUY ONLY Werner Koch has been maintaining and improving the code of his own secure email software since its initial development in 1997, and since then he has worked at very low wages, but is now

A highly critical vulnerability has been unearthed in the GNU C Library (glibc) , a widely used component of most Linux distributions, that could allow attackers to execute malicious code on servers and remotely gain control of Linux machines. The vulnerability, dubbed " GHOST " and assigned CVE-2015-0235 , was discovered and disclosed by the security researchers from Redwood Shores, California-based security firm Qualys on Tuesday. CRITICAL AS HEARTBLEED AND SHELLSHOCK GHOST is considered to be critical because hackers could exploit it to silently gain complete control of a targeted Linux system without having any prior knowledge of system credentials (i.e. administrative passwords). Also Read:  Top Best Password Managers . The flaw represents an immense Internet threat, in some ways similar to the Heartbleed ,   Shellshock   and Poodle   bugs that came to light last year. WHY GHOST ? The vulnerability in the GNU C Library (glibc) is dubbed GHOST b

From last week, Google began paving the way to run Android apps on Chrome Operating System through the project named " App Runtime for Chrome ", but the release came with a lot of limitations – it only supported certain Android apps and on Chrome OS only. At the launch, initially only 4 Android apps – Vine, Evernote, Duolingo and Sight Words – were added to the Chrome Web Store. That was pretty exciting, but it merely whet the appetite of users hungry for more functionality. So, what if you could run more than just 4 Android apps on Chrome OS? And Also could run them on other operating systems as well? A developer by the name of " Vlad Filippov " began working on it to stripped away the limits Google has imposed. He successfully figured out a way to bring more Android apps to Chrome , instead of just the four that are officially supported by Google. The bigger success was that when Filippov got Android apps to work on any desktop Operating System tha

Good news for Firefox lovers! The Mozilla Foundation has introduced a bunch of new features in Firefox to improve browser security with the launch of Firefox 32, now available for Windows, Mac, Linux, and Android platforms. The new version of Firefox makes the browser even more competitive among others. Firefox version 32 has some notable security improvements, including a new HTTP cache for improved performance, public key pinning - a defense that would help protect its users from man-in-the-middle and other attacks, and easy language switching on Android. PUBLIC KEY PINNING ENABLED BY-DEFAULT In the latest Firefox version 32, Mozilla has enabled Public Key Pinning support by default that will protect its users from man-in-the-middle-attacks and rogue certificate authorities. Public key pinning is a security measure that ensures people that they are connecting to the websites they intend to. Pinning allows users to keep track of certificates in order to specify wh