Showing headlines posted by abennett

« Previous ( 1 2 3 4 5 6 7 8 ... 10 ) Next »

Physical RAM attack can root Android and possibly other devices

A team of researchers from the VUSec Group at Vrije Universiteit Amsterdam in the Netherlands, the Graz University of Technology in Austria, and the University of California in Santa Barbara has demonstrated not only are Rowhammer attacks possible on ARM, but they're even easier to pull off than on x86.

Easy-to-exploit rooting flaw puts Linux computers at risk

The maintainers of Linux distributions are rushing to patch a privilege escalation vulnerability, tracked as CVE-2016-5195, that has existed in the Linux kernel for the past nine years and is already being exploited in the wild.

Free tool protects PCs from master boot record attacks

Cisco's Talos team has developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks.

Researcher unveils second Samsung Pay vulnerability

The new vulnerability, which will be demonstrated at the Ekoparty security conference in Buenos Aires, Argentina next week, uses the NFC communication standard and can be exploited with no new equipment at all -- just an app.

Critical flaws found in open-source encryption software VeraCrypt

  • CSOonline.com; By Lucian Constantin (Posted by abennett on Oct 18, 2016 3:20 PM EDT)
  • Story Type: Security
Many flaws were located and fixed in VeraCrypt's bootloader for computers and OSes that use the new UEFI (Unified Extensible Firmware Interface) -- the modern BIOS. TrueCrypt, which serves as the base for VeraCrypt, never had support for UEFI, forcing users to disable UEFI boot if they wanted to encrypt the system partition.

Happy 25th once again to Linux, 'the little OS that definitely could'

Aug. 25 may be Linux's official birthday, but Oct. 5 is in many ways the day it began to make a real mark on the world. That's when Linux creator Linus Torvalds officially released the first Linux kernel into the wild.

What CIOs need to know about open source forking

  • CIO.com; By Paul Rubens (Posted by abennett on Oct 4, 2016 4:45 PM EDT)
  • Story Type: Editorial
Forking is a concept that can strike terror into the heart of any CIO that relies on open source software. Here’s how to make sure you’re on the right side of the split.

Android malware that can infiltrate corporate networks is spreading

DressCode, a family of Android malware that has the capability of stealing sensitive files from corporate networks, has been found circulating in at least 3,000 Trojanized apps, security firm Trend Micro said on Friday.

Meet Apache Spot, a new open source project for cybersecurity

Cloudera and Intel on Wednesday announced that they've donated a new open source project to the Apache Software Foundation with a focus on using big data analytics and machine learning for cybersecurity.

Chrome OS gets cryptographically verified enterprise device management

New Verified Access API will allow companies to cryptographically validate the identity of Chrome OS devices connecting to their networks and verify that those devices conform to their security policies.

Pokémon Go guide app with half a million downloads hacks Android devices

Security researchers have found a malicious application on Google Play that had over 500,000 downloads and was designed to gain complete control over Android devices.

What the rise of permissive open source licenses means

  • CIO.com; By Paul Rubens (Posted by abennett on Sep 15, 2016 1:13 PM EDT)
  • Story Type: Editorial
Restrictive licenses such as the GNU GPL are steadily falling out of favor — and lawyers may be to blame.

Xen Project patches serious virtual machine escape flaws

The Xen Project has fixed four vulnerabilities in its widely used virtualization software, two of which could allow malicious virtual machine administrators to take over host servers.

Stealthy, tricky to remove rootkit targets Linux systems on ARM and x86

Called Umbreon, after a Pokémon character that hides in the darkness, the rootkit has been in development since early 2015 and is now being sold on the underground markets. It targets Linux-based systems on the x86, x86-64 and ARM architectures, including many embedded devices such as routers.

Google's 3-level Android patch could cause confusion

Google has released another large monthly batch of security patches for Android, this time fixing 55 vulnerabilities, eight of which are rated critical. The fixes are split into three different "security patch levels," which could make it easier for device manufacturers to integrate patches applicable to their devices, but could also lead to confusion among regular users.

Baidu open sources its deep learning platform PaddlePaddle

  • CIO.com; By John Ribeiro (Posted by abennett on Sep 1, 2016 8:11 PM EDT)
  • Story Type: News Story
Chinese Internet search giant Baidu has decided to open source its deep learning platform. The company will release the software with documentation and specs to GitHub on Sept. 30, under an Apache open source license.

A new OpenSUSE Linux is coming to town, and it's all about stability

The first beta version of OpenSUSE Leap 42.2 is now available, giving enterprises and other stability-minded users the chance to check it out and get a taste of what's coming in the final release, which is due Nov. 16.

New ransomware threat deletes files from Linux web servers

A destructive ransomware program deletes files from web servers and asks administrators for money to return them, though it's not clear if attackers can actually deliver on this promise.

Forget desktop Linux, build your own $40 Android PC

If you have an HDMI-enabled monitor sitting around, spend $30 on Pine 64 board and $10 on Wifi/Bluetooth module and build your own Android PC.

Why private clouds will suffer a long, slow death

  • CIO.com; By Bernard Golden (Posted by abennett on Aug 15, 2016 5:40 PM EDT)
  • Story Type: Editorial; Groups: Cloud
While private cloud proponents have spent the last five years focusing on getting their IaaS offerings working, Amazon, Microsoft and Google have moved way beyond core computing services. And you don’t have to strain to hear the death knell sounding for the private cloud.

« Previous ( 1 2 3 4 5 6 7 8 ... 10 ) Next »