Explore top 10 tips to secure your open-source projects now. Read More
×GNOME is planning to protect insecure hardware by notifying users more about their firmware security status. . When you install Linux on your UEFI-enabled computer, you have to disable Secure Boot because the live USB will refuse to boot with the option enabled. Some mainstream Linux distributions support Secure Boot, but it is still challenging to set up for many other distributions (and with Nvidia hardware onboard). While things may not have improved over the years, Secure Boot is an essential protection feature in general. . Explore GNOME's initiatives aimed at alerting users about their firmware security conditions in relation to Secure Boot vulnerabilities.. Secure Boot, GNOME Notifications, UEFI Security, Firmware Status, Linux Hardware Risks. . Brittany Day
Despite recent takedown efforts, persistent Trickbot operators are back with a new module call "Trickboot" that detects UEFI/BIOS firmware vulnerabilities. The Trickbot malware is no longer only at threat to Windows users - it is now targeting Linux systems as well. . Security researchers have discovered the notorious Trickbot malware has changed and is now targeting firmware. The malware, often used by threat actors to drop ransomware, has garnered much attention over the past few months with multiple takedown attempts, including a technical disruption reportedly led by U.S. Cyber Command. Microsoft led a legal takedown in October, which offered a temporary pause in activity. Despite those efforts, Trickbot operators have updated the malware with new capabilities. . The Trickbot malware adapts to exploit vulnerabilities within the firmware of Linux systems, leading to heightened anxieties.. Trickbot Malware, Firmware Security, Linux Threats, Ransomware Risks. . LinuxSecurity.com Team
Interested in using hardware security keys to log into online services more securely? Well, now you can make your own from scratch, thanks to an open-source project that Google announced last week. . Google has released an open-source implementation called OpenSK . It’s a piece of firmware that you can install on a USB dongle of your own, turning it into a usable FIDO or U2F key. FIDO is a standard for secure online access via a browser that goes beyond passwords. There are three modern flavours of it: Universal Second Factor (U2F), Universal Authentication Factor (UAF), and FIDO2. UAF handles biometric authentication, while U2F lets people authenticate themselves using hardware keys that you can plug into a USB port or tap on a reader. That works as an extra layer on top of your regular password. The link for this article located at Naked Security is no longer available. . Google hasreleasedan open-source implementation calledOpenSK. It’s a piece of firmware that you ca. interested, using, hardware, security, online, services, securely. . LinuxSecurity.com Team
A NSA open-source security project will increase security in machines by essentially placing a machine's firmware in a container to isolate it from threat actors. Learn more in an interesting CyberScoop article: . A years-long project from researchers at the National Security Agency that could better protect machines from firmware attacks will soon be available to the public, thelead NSA researcher on the project tells CyberScoop. The project will increase security in machines essentially by placing a machine’s firmwarein a container to isolate it from would-be attackers. A layer of protection is being added to the System Management Interrupt (SMI) handler—code that allows a machine to make adjustments on the hardware level —as part of the open source firmware platform Coreboot. The link for this article located at CyberScoop is no longer available. . An extensive initiative by the NSA is focused on bolstering hardware safety from firmware vulnerabilities through the segregation of firmware from potential risks.. Firmware Security, Open Source Project, Cybersecurity Research, Threat Isolation. . LinuxSecurity.com Team
After a pair of very public disclosures in the last two weeks, Netgear published new firmware for vulnerabilities in its routers that have been publicly exploited. . Researchers discovered as many as 10,000 routers had been taken over, according to data lifted from one of the command and control servers involved in an attack against a victim investigated by Compass Security Schweiz Ltd., of Switzerland. . A significant number of 10,000 Netgear routers experienced a security breach; firmware updates have been released to bolster these devices against potential threats.. Netgear Firmware Update, Router Security Patch, Public Exploit Fix. . LinuxSecurity.com Team
A design flaw in the x86 processor architecture dating back almost two decades could allow attackers to install a rootkit in the low-level firmware of computers, a security researcher said Thursday. Such malware could be undetectable by security products.. The vulnerability stems from a feature first added to the x86 architecture in 1997. It was disclosed Thursday at the Black Hat security conference by Christopher Domas, a security researcher with the Battelle Memorial Institute. The link for this article located at CSO Online is no longer available. . An architectural vulnerability in ARM chips might allow malware to embed itself in hardware, escaping the scrutiny of antivirus programs.. x86 Architecture, Rootkit Risk, Malware Threats. . LinuxSecurity.com Team
Researchers sponsored by the U.S. government have reportedly tried to defeat the encryption and security of Apple devices for years. . Several presentations given between 2010 and 2012 at a conference sponsored by the U.S. Central Intelligence Agency described attempts to decrypt the firmware in Apple mobile devices or to backdoor Mac OS X and iOS applications by poisoning developer tools.. NSA's efforts to undermine Google security exposed in analysis documents from 2011-2013.. Apple Device Security, CIA Research, Encryption Attempts. . LinuxSecurity.com Team
A pair of security researchers have found a buffer overflow vulnerability within the implementation of the unified extensible firmware interface (UEFI) within the EDK1 project used in firmware development.. Bromium researcher Rafal Wojtczuk and MITRE Corp's Corey Kallenberg said the bug in the FSVariable.c source file was linked to a variable used to reclaim empty space on SPI flash chips. The link for this article located at The Register UK is no longer available. . Bromium researcher Rafal Wojtczuk and MITRE Corp's Corey Kallenberg said the bug in the FSVariable.c. security, researchers, found, buffer, overflow, vulnerability, within. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.