-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Sep 06, 2023
> Linux is a popular operating system for servers and other devices. It is known for its stability, security, and flexibility. However, no operating system is immune to attack. One of the most common types of attacks against Linux servers is a brute-force attack. In this step-by-step guide, we'll show you how to install and configure fail2ban on a Linux system and how to prevent SSH brute force attacks with Fail2ban.
> Interesting research:
> Malicious packages uploaded to PyPI, NPM, and Ruby repositories are targeting macOS users with information stealing malware.
> United Airlines flights were halted nationwide on Sept. 5, because of an “equipment outage,” according to the FAA.
> While Core Desktop has not yet made any public statement about the attacks, the ABC claimed to have seen a letter sent by the company to its clients saying it had become of the intrusion on 22 August.
> The three companies that were attacked are pathology services provider TissuPath, real estate agent Barry Plant and strata management firm Strata Plan.
> Freecycle.org is prompting millions of users to reset their passwords after their credentials were compromised in a data breach.
> Nine vulnerabilities patched in SEL electric power management products, adding to the 19 other flaws fixed earlier this year.
> Norfolk Southern believes a software defect — not a hacker — was the cause of the widespread computer outage that forced the railroad to park all of its trains.
> The U.S. government’s cybersecurity agency CISA on Monday confirmed the addition of Peiter ‘Mudge’ Zatko to its roster of prominent voices preaching the gospel of security-by-design and secure-by-default development principles.
> Zatko, most recently the CISO at Twitter who blew the whistle on the social media giant’s security shortcomings, is joining the agency in a part-time capacity to work on the “security and resilience by design” pillar of the Biden administration’s National Cybersecurity Strategy.
> MITRE and CISA introduce Caldera for OT, a new extension to help security teams emulate attacks targeting operational technology systems.
> Facilities like hospitals, banks, data centers, airports, power and natural gas plants, and government institutions secure their properties with authorization hardware built to use the Open Supervised Device Protocol (OSDP). Unfortunately, there are both design weaknesses and poor practices which can be realistically exploited in the real world. OSDP advertises itself as an encrypted protocol, yet many installations use unencrypted modes. While it has defenses against trivial replay attacks, it has such a small counter inside that with enough samples one could replay communications on the wire. It also uses a truncated Message Authentication Code (MAC), which exposes OSDP systems to brute-force attacks. And lastly, OSDP is by design easy to misuse: installers can leave the controller perpetually in "install" mode which allows any device to ask for secret credentials for another device without any encryption on a shared communication line.
> In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults.
> In September last year, a breach at LastPass’ parent company GoTo (formerly LogMeIn) culminated in attackers siphoning out all data from their servers. The criticism from the security community has been massive. This was not so much because of the breach itself, such things happen, but because of the many obvious ways in which LastPass made matters worse: taking months to notify users, failing to provide useful mitigation instructions, downplaying the severity of the attack, ignoring technical issues which have been publicized years ago and made the attackers’ job much easier. The list goes on.
> Now this has been almost a year ago. LastPass promised to improve, both as far as their communication goes and on the technical side of things. So let’s take a look at whether they managed to deliver.
> TL;DR: They didn’t. So far I failed to find evidence of any improvements whatsoever.
-- Response ended
-- Page fetched on Fri Jun 14 02:11:38 2024