0 التعليقات
0 المشاركات
8 مشاهدة
الدليل
الدليل
-
الرجاء تسجيل الدخول , للأعجاب والمشاركة والتعليق على هذا!
-
WWW.TECHSPOT.COMResearchers discover "Bootkitty," the first UEFI bootkit for LinuxIn a nutshell: A serendipitous discovery led to a new warning of threats against Linux. The open-source platform is becoming an increasingly tasty target for cyber-criminals, and malware writers are now looking to get to the lowest levels of the kernel as they already have on Windows. "Bootkitty" is a new and concerning malware that targets Linux systems. Eset analysts recently discovered the bootkit in a previously unknown UEFI application (bootkit.efi) that someone uploaded to VirusTotal. While not yet complete, Bootkitty is described as the first UEFI bootkit for Linux that researchers have found.Bootkits like BlackLotus are a particular kind of malware designed to infect the startup phase of the operating system. They conceal their presence and essentially obtain total control of the OS and user applications by replacing, compromising, or significantly changing the original boot loader or boot process.The European researchers confirmed that Bootkitty targets Linux, although it only works against specific Ubuntu distros. The sample uploaded on VirusTotal uses a self-signed security certificate, which means it will not run on UEFI systems protected by the controversial Secure Boot feature. However, there is nothing to stop determined hackers from refining the malware.Bootkitty includes specific routines to subvert many functions in the UEFI firmware, the Linux kernel, and the GRUB boot loader. Bootkitty can theoretically boot the Linux kernel "seamlessly," even with Secure Boot activated, after which it injects itself into program processes upon system launch.However, Bootkitty doesn't work as intended despite its apparent complexity. Eset said that the bootkit contains many artifacts and rough features, which suggests the malware authors are still working on its code. The researchers also discovered a possibly related kernel module named BCDropper, designed to deploy ELF (Linux) programs useful for loading additional kernel modules. // Related StoriesEven though it is still in its proof-of-concept stage, Bootkitty is an interesting development in the UEFI threat landscape. Bootkits and UEFI rootkits have traditionally targeted only Windows systems, but Linux platforms are now widespread enough to become an enticing target. The security community should prepare for future threats, Eset warns.0 التعليقات 0 المشاركات 8 مشاهدة
-
WWW.DIGITALTRENDS.COMIt lives! 47-year-old Voyager 1 is back in actionAt 47 years old, the pair of Voyager probes are the oldest currently operational deep space mission, and in their time they have traveled all the way through our solar system and out into the interstellar space that lies beyond the influence of our sun. At a distance of around 15.4 billion miles away from Earth, and with hardware constructed in the 1970s, the pair have faced their share of technical difficulties.Voyager 1 in particular had a serious issue with its communications system this year that prevented it from transmitting science data for months. But now, following some very careful fixes, Voyager 1 is back online again, having resumed its science operations and continuing its long, lonely mission.Recommended VideosThe communication problem was announced in December last year, when a system called the telemetry modulation unit stopped communicating with the probes computer system, called the flight data system. That issue was fixed in April this year, by engineers cleverly divvying up the work of a broken chip and distributing it throughout the functioning computer system. In June, Voyager 1 could power its science instruments back on and return to its observations.RelatedThat wasnt the end of the probes problems though. In October, the spacecraft turned off one of its radio transmitters for no obvious reason, in what seemed to be an automatic response when the spacecraft detects a fault. Non-essential systems are designed to turn themselves off when an anomalous events occurs to prevent damage, such as from drawing too much power. But this meant that part of the communications system called the X-band radio transmitter was no longer working properly, and the spacecraft could only communicate using a weaker transmission system called the S-band.It wasnt clear if the S-band signal would even be strong enough to be picked up from Earth, but engineers were able to locate the signal and keep in touch with the spacecraft. This meant they werent able to get science data though, due to communication limitations.Before they could turn the X-band transmitter back on, engineers had to figure out what had triggered the fault detection in the first place. It turns out to have been turning on a radiator that caused the fault, as the spacecraft is operating on such a tiny amount of power. Though its power generators output around 470 watts on launch, the spacecraft loses 4 watts of power each year, so power is a constant concern. The spacecraft currently uses four of its 10 original science instruments.Engineers reactivated the X-band transmitter earlier this month, and has been collecting data again since last week. With a few final tasks like resetting a system that synchronizes the spacecrafts three onboard computers, it will be back to full operations once again.Editors Recommendations0 التعليقات 0 المشاركات 9 مشاهدة
-
WWW.DIGITALTRENDS.COMEcho Show 21 vs. Echo Show 10: Is the bigger smart display better?AmazonTable of ContentsTable of ContentsPricing and designDisplay and qualityFeatures and smart home connectivityIs the Echo Show 21 better than the Echo Show 10?The Echo Show 21 is the newest member of the Echo Show family, offering a massive 21-inch display and a powerful audio system to match. But how does it stack up to the existing Echo Show 10? Aside from its large touchscreen, is there a big difference between these two smart displays? More importantly, which one is better for your smart home?From pricing and design to display and available features, heres a closer look at the new Echo Show 21 and Echo Show 10 to help you decide which to purchase.Recommended VideosAmazonAs the largest member of the Echo Show lineup, it should come as no surprise that the Echo Show 21 is also the most expensive. Itll cost you $400, compared to $250 for the Echo Show 10. Both are stylish products built to the high standards of Amazon, and if youre only worried about aesthetics, you cant go wrong with either.RelatedThe Echo Show 10 is designed as a tabletop device, with a built-in stand holding the 10.1-inch display. The Echo Show 21 can be mounted on a wall or placed on a table (though to do the latter, youll need to buy a separate stand).Winner: TieAmazonAmazon outfitted the Echo Show 21 with an expansive 21-inch touchscreen display and 1080p resolution. The Echo Show 10 features a 10.1-inch display and a slightly lower 1280 x 800 resolution. That resolution still looks great on the smaller display, but no doubt watching TV shows is better on the big Echo Show 21. As for overall build quality? The Echo Show 10 has earned stellar reviews over the years, and were expecting the Echo Show 21 to hold up just as well though only time will tell if its reliability is on par with the rest of the Echo Show family.Winner: Echo Show 21AmazonAside from a larger screen, the Echo Show 21 has a few other advantages over the Echo Show 10. Heres a quick roundup of the main differences when it comes to available features.The Echo Show 21 uses a 13MP wide-angle webcam with auto-framing, whereas the Echo Show 10 uses a 13MP with auto-framing.The Echo Show 21 uses two 2-inch woofers and two 0.6-inch tweeters for its sound system. The Echo Show 10 uses two 1-inch tweeters and a 3-inch woofer.The Echo Show 21 comes with Fire TV built-in.Many folks are finding the Echo Show 10 to offer slightly better audio performance, thanks to enhanced low-frequency notes. Both smart displays also use auto-focusing to keep you in the frame while video chatting, though the Echo Show 21 offers a wider viewing angle (despite the Echo Show 10 also using a 13MP camera).That means the only significant advantages the Echo Show 21 brings to the table are a larger screen, a wide-angle camera, and Fire TV built-in.Winner: TieThe Echo Show 21 isnt necessarily better than the Echo Show 10. While its certainly bigger and better for watching TV shows, the large size might not be ideal for all households. Amazon built a great device with the existing Echo Show 10 and if you need something that wont consume much countertop space, the Echo Show 10 might be the better choice. Its also much more affordable and provides great audio, making it the better choice for most families.And since there are really only a few distinct advantages to owning the Echo Show 21, it might be hard to justify its price tag.However, if you plan on using your smart display as a second entertainment center, then the Echo Show 21 is the obvious choice. Its essentially a tiny TV at 21 inches, and if you want to easily watch your favorite shows while doing the dishes or cooking dinner, its a pretty enticing option.Editors Recommendations0 التعليقات 0 المشاركات 8 مشاهدة
-
WWW.WSJ.COMThe Case for and Against Creating a Military Cyber ForceSome experts are pushing for a separate branch of the armed forces, dedicated to thwarting hackers.0 التعليقات 0 المشاركات 8 مشاهدة
-
WWW.WSJ.COM13 Books We Read This WeekThe scientist Founding Father, rockabillys pioneer, a dissident in Hong Kong and more.0 التعليقات 0 المشاركات 9 مشاهدة
-
WWW.WSJ.COM9 Books to Read: The Best Reviews of NovemberA journey down the hatch, the life of a misunderstood philosopher, a memoir of saving art in World War II and more books highlighted by our reviewers.0 التعليقات 0 المشاركات 9 مشاهدة
-
ARSTECHNICA.COMCode found online exploits LogoFAIL to install Bootkitty Linux backdoorLOGOFAIL UNDER ATTACK Code found online exploits LogoFAIL to install Bootkitty Linux backdoor Unearthed sample likely works against Linux devices from Acer, HP, Fujitsu, and Lenovo. Dan Goodin Nov 29, 2024 4:37 pm | 0 A back door is a means of access to a computer program that bypasses security mechanisms. A programmer may sometimes install a back door so that the program can be accessed for troubleshooting or other purposes. However, attackers often use back doors that they detect or install themselves as part of an exploit. Credit: Getty Images A back door is a means of access to a computer program that bypasses security mechanisms. A programmer may sometimes install a back door so that the program can be accessed for troubleshooting or other purposes. However, attackers often use back doors that they detect or install themselves as part of an exploit. Credit: Getty Images Story textSizeSmallStandardLargeWidth *StandardWideLinksStandardOrange* Subscribers only Learn moreResearchers have discovered malicious code circulating in the wild that hijacks the earliest stage boot process of Linux devices by exploiting a year-old firmware vulnerability when it remains unpatched on affected models.The critical vulnerability is one of a constellation of exploitable flaws discovered last year and given the name LogoFAIL. These exploits are able to override an industry-standard defense known as Secure Boot and execute malicious firmware early in the boot process. Until now, there were no public indications that LogoFAIL exploits were circulating in the wild.The discovery of code downloaded from an Internet-connected web server changes all that. While there are no indications the public exploit is actively being used, it is reliable and polished enough to be production-ready and could pose a threat in the real world in the coming weeks or months. Both the LogoFAIL vulnerabilities and the exploit found on-line were discovered by Binarly, a firm that helps customers identify and secure vulnerable firmware.Theoretical no moreLogoFAIL was a theoretical vulnerability, and the PoCwas not weaponized, Binarly founder and CEO Alex Matrosov wrote in an interview, referring to the proof-of-concept code released by Binarly as part of the company's earlier disclosure. This discovery shows the issues, which are hard to fix around the ecosystem, could be exploited in the wild and weaponized. The funny part is it's almost a year since we disclosed it publicly, and this happens now when threat actors have adopted it.The ultimate objective of the exploit, which Binarly disclosed Friday, is to install Bootkitty, a bootkit for Linux that was found and reported on Wednesday by researchers from security firm ESET. Binarly said the exploit the company uncovered injects code into the UEFI, the firmware responsible for booting modern devices that run Windows or Linux. It does this by exploiting one of about a dozen critical image-parsing bugs that comprise the LogoFAIL constellation.Normally, Secure Boot prevents the UEFI from running all subsequent files unless they bear a digital signature certifying those files are trusted by the device maker. The exploit bypasses this protection by injecting shell code stashed in a malicious bitmap image displayed by the UEFIduring the boot-up process. The injected code installs a cryptographic key that digitally signs a malicious GRUB file along with a backdoored image of the Linux kernel, both of which run during later stages of the boot process on Linux machines.The silent installation of this key induces the UEFI to treat the malicious GRUB and kernel image as trusted components, and thereby bypass Secure Boot protections. The final result is a backdoor slipped into the Linux kernel before any other security defenses are loaded. Diagram illustrating the execution flow of the LogoFAIL exploit Binarly found in the wild. Credit: Binarly In an online interview, HD Moore, CTO and co-founder at runZero and an expert in firmware-based malware, explained the Binarly report this way:The Binarly paper points to someone using the LogoFAIL bug to configure a UEFI payload that bypasses secure boot (firmware) by tricking the firmware into accepting their self-signed key (which is then stored in the firmware as the MOK variable). The evil code is still limited to the user-side of UEFI, but the LogoFAIL exploit does let them add their own signing key to the firmware's allow list (but does not infect the firmware in any way otherwise).It's still effectively a GRUB-based kernel backdoor versus a firmware backdoor, but it does abuse a firmware bug (LogoFAIL) to allow installation without user interaction (enrolling, rebooting, then accepting the new MOK signing key).In a normal secure boot setup, the admin generates a local key, uses this to sign their updated kernel/GRUB packages, tells the firmware to enroll the key they made, then after reboot, the admin has to accept this new key via the console (or remotely via bmc/ipmi/ilo/drac/etc bios console).In this setup, the attacker can replace the known-good GRUB + kernel with a backdoored version by enrolling their own signing key without user interaction via the LogoFAIL exploit, but its still effectively a GRUB-based bootkit, and doesn't get hardcoded into the BIOS firmware or anything.Machines vulnerable to the exploit include some models sold by Acer, HP, Fujitsu, and Lenovo when they ship with a UEFI developed by manufacturer Insyde and run Linux. Evidence found in the exploit code indicates the exploit may be tailored for specific hardware configurations of such machines. Insyde issued a patch earlier this year that prevents the exploit from working. Unpatched devices remain vulnerable. Devices from these manufacturers that use non-Insyde UEFIs aren't affected.Binarly tracks the Insyde vulnerability under exploitation as BRLY-2023-006. The industry-wide tracking designations are CVE-2023-40238 and CVE-2023-39538. Insyde has published an advisory for CVE-2023-40238 here. People should ensure all devices containing an Insyde UEFI have been patched.One reason for the suspicion isn't being actively used is the logo displayed during the infection. LogoFAIL works by exploiting vulnerabilities image-parsing components of the UEFI. These images typically display logos belonging to the device makers. By swapping out the benign image provided by the device maker with an identical one containing malicious exploit code, there would be no reason to detect anything amiss. The malicious image swapped out by the exploit displays an image of a cute cat. The logo that will be replaced by the bootkit and displayed on infected machines. Credit: Binarly For me, it looks more like a demo or showcase to find potential buyer, Matrosov wrote. I dont have any evidence besides ESET's original discovery being uploaded to VirusTotal [indicate anything] else. But the LogoFAIL exploit part looks solid, which is quite interesting to see together with other data points.Dan GoodinSenior Security EditorDan GoodinSenior Security Editor Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. In his spare time, he enjoys gardening, cooking, and following the independent music scene. Dan is based in San Francisco. Follow him at here on Mastodon and here on Bluesky. Contact him on Signal at DanArs.82. 0 Comments Prev story0 التعليقات 0 المشاركات 9 مشاهدة
-
ARSTECHNICA.COMIts Black Friday, and here are the best shopping deals we could findThe leaves have turned, the turkey has been eaten, the parades are over, and the football has been watchedthe only thing left to do is to try to hide from increasingly uncomfortable family conversations by going out and shopping for things! It's the holiday tradition that not only makes us feel good, but also (apocryphally) drags the balance sheets of businesses the world over into profitabilityhence "Black Friday!"Our partners in the e-commerce side of the business have spent days assembling massive lists for you all to peruselists of home deals and video game deals and all kinds of other things. Does that special someone in your life need, like, a security camera? Or a tablet? Or, uh(checks list)some board games? We've got all those things and more!A couple of quick notes: First, we're going to be updating this list throughout the weekend as things change, so if you don't see anything that tickles your fancy right now, check back in a few hours! Additionally, although we're making every effort to keep our prices accurate, deals are constantly shifting around, and an item's actual price might have drifted from what we list. Caveat emptor and all that.Read full articleComments0 التعليقات 0 المشاركات 10 مشاهدة
-
WWW.INFORMATIONWEEK.COMHow to Build a Strong and Resilient IT BenchWhen they refer to bench strength in sports, theyre talking about the ability of a less skilled player to step in and play a big role if a main performer is unavailable. For years, IT leaders have wanted bench strength. However, those leaders found that achieving bench strength has been an elusive goal in tight job markets.Is there a way you can develop a bench? Yes, IT can develop bench strength.The first step is to identify the talent shortfalls in IT, where most CIOs will find the following gaps:Talent shortages in new technologies such as artificial intelligence (AI), automation, database architecture, information management, cloud management, and edge ITShortages of talent in the bread-and-butter infrastructure stalwarts, such as network architecture and systems softwareIn the infrastructure category, one cause of declining bench strength is baby boomer retirements. Computer skillsets have systematically been abstracted from newer IT workers, who now work through point and click GUIs (graphical user interfaces) to provision, monitor and manage infrastructure resources. Unfortunately, the more highly abstracted IT tools that newer workers use dont always get to the bottom of a bug in system infrastructure software. That bug could bog down a hotel reservation system resulting in loss of hundreds of thousands of dollars in bookings per hour. For this, you need down to the metal skills, which boomers have excelled at.Related:The net result for IT managers and CIOs is that they find themselves short in new skill areas such as AI, but also in the older IT disciplines that their shops must continue to support, and that younger ITers arent exposed to.Setting Your Bench Strength TargetsSince talent is likely to be short in new technology areas and in older tech areas that must still be supported, CIOs should consider a two-pronged approach that develops bench strength talent for new technologies while also ensuring that older infrastructure technologies have talent waiting in the wings.Here are five talent development strategies that can strengthen your bench:Partnering with schools that teach the skills you want. Companies that partner with universities and community colleges in their local areas have found a natural synergy with these institutions, which want to ensure that what they teach is relevant to the workplace.This synergy consists of companies offering input for computer science and IT courses and also providing guest lecturers for classes. Those companies bring real world IT problems into student labs and offer internships for course credit that enable students to work in company IT departments with an IT staff mentor.Related:The internships enable companies to audition student talent and to hire the best candidates. In this way, IT can sidestep a challenging job market and bring new skills in areas like AI and edge computing to the IT bench.There are even universities that teach down to the metal skills at the behest of their corporate partners. The IBM Academic Initiative, which teaches students mainframe software skills, is one example.Using internal mentors. I once hired a gentleman who was two years away from retirement because he 1) had invaluable infrastructure skills that we needed; and 2) he had expressed a desire to give back to younger IT employees he was willing to mentor. He assigned and supervised progressively more difficult real world projects to staff. By the time he left, we had a bench of three or four persons who could step in.Not every company is this fortunate, but most have experienced personnel who are willing to do some mentoring. This can help build a bench.Use consultants and learn from them. At times in my CIO career, I hired consultants who possessed specialized technology skills where we lacked experience. When my staff and I evaluated consultants for these assignments, we graded them on three parameters:Related:1) Their depth and relevance of knowledge for the project we wanted done;2) Their ability to document their work so that someone could take over when their work was complete; and3) Their ability and willingness to train an IT staff member. Getting the project done was a foremost goal, but so was gaining bench strength.Give people meaningful project experience.Its great to send people to seminars and certification programs, but unless they immediately apply what they learned to an IT project, theyll soon forget it.Mindful of this, we immediately placed newly trained staff on actual IT projects so they could apply what they learned. Sometimes a more experienced staff member had to mentor them, but it was worth it. Confidence and competence built quickly.Retain the employees you develop. CIOs lament about employees leaving a company after the company has invested in training them. In fact, the issue became so prominent at one company that the firm created a training vesting plan whereby the employee had to reimburse the company for a portion of training expenses if they left the company before a certain prescribed time.A better way to retain employees is by regularly communicating with them, giving them a sense of belonging that makes them feel part of the team, assigning them to meaningful work, and rewarding them with paths to advancement and salary increases.Summary RemarksCompanies (and employees) continuously change, and there is no guarantee that IT departments will always be able to retain their most competent performers. Consequently, its critical to develop employees, to actively and continuously engage with them, and to foster an open and pleasant working experience.By doing so, CIOs can improve staff skill agilities in their organizations and be ready for the next tech breakthrough.0 التعليقات 0 المشاركات 8 مشاهدة