Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Security BSides Sofia 2022 - Sergey Kostov's 'How To Collect Linux Malware' →

May 19, 2022 by Marc Handelman in Republic of Bulgaria, NATO Member State, United States Allies, Education, Security, Cybersecurity Education, Security Education, Linux Security

Our thanks to Security BSides Sofia for publishing their Presenter’s Security BSides Sofia 2022 superb security videos on the organization’s’ YouTube channel.

May 19, 2022 /Marc Handelman
Republic of Bulgaria, NATO Member State, United States Allies, Education, Security, Cybersecurity Education, Security Education, Linux Security

DEF CON 29 Main Stage - PatH's 'Warping Reality: Creating And Countering The Next Generation Of Linux Rootkits' →

August 18, 2021 by Marc Handelman in DEF CON, DEF CON 29, Security Conferences, Conferences, Security Education, Privacy Education, Infosec Education, Education, Information Security, Cyber Security, Application Security, Linux Security

Our thanks to DEFCON for publishing their outstanding DEFCON Conference Main Stage Videos on the groups' YouTube channel.

August 18, 2021 /Marc Handelman
DEF CON, DEF CON 29, Security Conferences, Conferences, Security Education, Privacy Education, Infosec Education, Education, Information Security, Cyber Security, Application Security, Linux Security

Join The Club

October 27, 2018 by Marc Handelman in Linux Security, OpenBSD, Operating System Security, Information Security

Via Dan Goodin, Security Editor at Ars Technica, comes news of OpenBSD, Debian, CentOS, Ubuntu and Red Hat Linux flaws - in existence for an estimated 23-months (and just discovered).

'An advisory X.org developers published Thursday disclosed the 23-month-old bug that, depending on how OS developers configure it, lets hackers or untrusted users elevate very limited system rights to unfettered root.' - via Dan Goodin, Security Editor at Ars Technica

October 27, 2018 /Marc Handelman
Linux Security, OpenBSD, Operating System Security, Information Security

Ubuntu, The Collector →

February 17, 2018 by Marc Handelman in Data Leakage, Linux, Linux Security, Must Read, Information Security, Demise of Privacy, Privacy

Martin Brinkmann, writing at gHacks, illuminates the questionable data gathering efforts by Canonical, producers of Ubuntu Linux. Read Martin's concise examination of the issue, of which - most certainly - is Today's Must Read.

February 17, 2018 /Marc Handelman
Data Leakage, Linux, Linux Security, Must Read, Information Security, Demise of Privacy, Privacy

Linux Security, The Litany of Failure →

December 16, 2016 by Marc Handelman in Accountability, All is Information, Information Security, Operating System Security, Linux Security, Linux

Well-wrought thought piece on the failure of Red Hat and Ubuntu to secure their respective distros utilizing standardization in the form of reproducible builds (and other means).

Damn kids apparently have forgotten their lessons whilst in kindergarten regarding safe and fair play. In this case, however, we have the added component of organizations, companies and individuals suffering due to the ineptitude of the big names in Linux... Astounding.

h/t

December 16, 2016 /Marc Handelman
Accountability, All is Information, Information Security, Operating System Security, Linux Security, Linux

Rooted →

October 27, 2016 by Marc Handelman in Android, Linux, All is Information, Linux Security, Root

Via the eponymous Dan Goodin, writing at ArsTechnica, comes news of the latest flaw in Android,  this time, based on DirtyCow code. Our take? Be prepared to mitigate this flaw ASAP.  The timeline for exploit mitigation on Android? Unknown, due to the lack of established patch management planning by the major manufacturers.... Astonishing.

"Now that the Dirty Cow hole has been patched in the Linux kernel, it's only a matter of time until the fix makes its way into Android, too...." "Of course, that's not available for a large number of devices, mostly because of limitations set by manufacturers and carriers." - via ArsTechnica's Dan Goodin
October 27, 2016 /Marc Handelman
Android, Linux, All is Information, Linux Security, Root

Found Wanting... →

October 09, 2016 by Marc Handelman in Kernel Cracks, Security Flaws, Operating System Security, Operating Systems, Unix-like OS, Linux, Android, Linux Security, Kernel Security

J.M. Porup -  an Ars Technica UK writer - examines the security posture of the Linux kernel, and finds it somewhat wanting...

October 09, 2016 /Marc Handelman
Kernel Cracks, Security Flaws, Operating System Security, Operating Systems, Unix-like OS, Linux, Android, Linux Security, Kernel Security