0

SMLR Epsisode 282 3rd Time is the Charm

Posted by Tom Lawrence on August 13, 2018 in Show-mp3, Show-ogg |
Play

Podcast: Play in new window

Subscribe: Apple Podcasts | RSS

http://smlr.us

Downloads:

Show 279

Contact Us:

show (at) smlr.us or the Contact us page

Intro:

Tony Bemus, Tom Lawrence, Phil Porada and Mary Tomich

Sound bites by Mike Tanner

Phils GitHub

https://github.com/pgporada

The LawrenceSystems YouTube Channel Where videos
https://www.youtube.com/user/TheTecknowledge

Tech News:

Deploy SpaceForce to Reboot Satellites

 

Elon Musk says he will open source Tesla vehicle security software

https://twitter.com/elonmusk/status/1028351047478042624

 

Related https://jalopnik.com/volvo-gave-away-their-most-important-invention-to-save-1069825878

 

LibreOffice 6.1 Released with ‘Major Changes’

https://www.omgubuntu.co.uk/2018/08/libreoffice-6-1-release-download

 

An Open Letter to Microsoft About Poor Windows 10 Update Experiences

https://www.bleepingcomputer.com/news/microsoft/an-open-letter-to-microsoft-about-poor-windows-10-update-experiences/

 

Mass MikroTik Router Infection – First we cryptojack Brazil, then we take the World?

https://www.trustwave.com/Resources/SpiderLabs-Blog/Mass-MikroTik-Router-Infection-%E2%80%93-First-we-cryptojack-Brazil,-then-we-take-the-World-/

Reddit Security Incident

https://www.reddit.com/r/announcements/comments/93qnm5/we_had_a_security_incident_heres_what_you_need_to/

 

New Report on Police Digital Forensics Techniques

https://www.schneier.com/blog/archives/2018/07/new_report_on_p.html

 

BGP / DNS Hijacks Target Payment Systems

https://blogs.oracle.com/internetintelligence/bgp-dns-hijacks-target-payment-systems

The BGP hijacks enabled imposter DNS servers to return

forged DNS responses, misdirecting unsuspecting users to malicious sites. By using long TTL

values in the forged responses, recursive DNS servers held these bogus DNS entries in their

caches long after the BGP hijack had disappeared — maximizing the duration of the attack.

 

G Suite Can Now Alert You of Government-Backed Attacks

https://www.bleepingcomputer.com/news/security/g-suite-can-now-alert-you-of-government-backed-attacks/

 

SamSam: The (Almost) Six Million Dollar Ransomware

https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/SamSam-The-Almost-Six-Million-Dollar-Ransomware.pdf

 

https://medium.com/@adam.toscher/new-attack-on-wpa-wpa2-using-pmkid-96c3119f7f99

 

Samsung Not So Smart Things..

https://blog.talosintelligence.com/2018/07/samsung-smartthings-vulns.html

Cisco SSL Expired

https://www.theregister.co.uk/2018/08/07/cisco_vpn_certificate_expiry/

 

Burnout

Burnout is a psychological term referring to long-term exhaustion and diminished interest in work

 

Signs that you or someone you know may be burning out:

 

general fatigue / lack of energy

irritability

mood changes

depression

being disengaged

general unhappiness

problems sleeping

 

SimCity 2000 satellite power misfires and GDI ION Cannons oh my

https://fossbytes.com/black-hat-talk-satellite-communication-systems-hackable/

https://www.blackhat.com/us-18/briefings.html#last-call-for-satcom-security

Black Hat USA 2018 conference

 

Research presented has revealed that the satellite communication system or SATCOM is susceptible to cyber attack. SATCOM is used by ships, airplanes, and military units all over the world.

Some things cannot be fixed easily.

 

In 2014, we took to the stage and presented “A Wake-up Call for SATCOM Security,” during which we described several theoretical scenarios that could result from the disturbingly weak security posture of multiple SATCOM products. Four years later, we are back at Black Hat to prove those scenarios are real.

 

Some of the largest airlines in the US and Europe had their entire fleets accessible from the Internet, exposing hundreds of in-flight aircraft. Sensitive NATO military bases in conflict zones were discovered through vulnerable SATCOM infrastructure. Vessels around the world are at risk as attackers can use their own SATCOM antennas to expose the crew to RF radiation.

 

SegmentSmack https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=1a4f14bab1868b443f0dd3c55b689a478f82e72e

https://www.securityweek.com/segmentsmack-flaw-linux-kernel-allows-remote-dos-attacks

The vulnerability exists due to the way versions 4.9 and later of the Linux kernel handle specially crafted TCP packets. Linux kernel developers have released a patch that should address the problem.

 

Red Hat says all its products with moderately new Linux kernel versions are affected. The company has not identified any workarounds or mitigations besides the kernel patches.

Academy Software Foundation (ASWF) https://www.linuxfoundation.org/press-release/2018/08/academy-of-motion-picture-arts-and-sciences-and-the-linux-foundation-launch-the-academy-software-foundation/

Was created to provide a neutral forum for open source software developers in the motion picture and broader media industries to share resources and collaborate on technologies for image creation, visual effects, animation and sound.

 

84% of Hollywood studios use open source soft

 

“With the Academy Software Foundation, open source developers in the motion picture and media space will now be able to join their efforts and bring the next wave of innovation through interoperability.”

 

This Week Music

 

 

This content is published under the Attribution-Noncommercial-Share Alike 3.0 Unported license.

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2011-2023 Sunday Morning Linux Review All rights reserved.
This site is using the Desk Mess Mirrored theme, v2.5, from BuyNowShop.com.