Samstag, 22. Oktober 2016

Distribution Release: SalentOS 1.0

Gabriele Martina has announced the release of SalentOS 1.0, a new line of the desktop-oriented distribution featuring a customised desktop based on the Openbox window manager. Code-named "Luppìu", this is the project's first release based on Debian's stable branch, rather than Ubuntu as was the case with the....

from DistroWatch News

Mirai and Bashlight Join Forces Against DNS Provider Dyn

from Slashdot: Linux

Marai and Bashlight Join Forces Against DNS Provider Dyn

from Slashdot: Linux

Linux Foundation Spurs JavaScript Development

The Linux Foundation earlier this week announced the addition of the JS Foundation as a Linux Foundation project. The move is an effort to inject new energy into the JavaScript developer community.

Linux Foundation Spurs JavaScript Development

By rebranding the former JQuery foundation as the JS Foundation and bringing it under the Linux umbrella, officials hope to create some stability and build critical mass. The goal is to spark greater interest in pursuing open source collaboration by intermingling some promising new players with some venerable stalwarts.

"What we hear is a need for a center of gravity in the JavaScript ecosystem and that's what we're hoping to create via the JS Foundation," said Kris Borchers, executive director of the JS Foundation.

"We want to drive the adoption and development of JavaScript technologies, and provide an environment that facilitates collaboration and encourages community for any project that drives innovation forward," he told LinuxInsider.

Joining Forces

A number of initial projects will participate in a new mentorship program that is designed to encourage a level of collaboration and sustainability heretofore lacking. They include Appium, Interledger.js, JerryScript, Mocha, Moment.js, Node-RED and webpack.

Founding members of the JS Foundation include Bocoup, IBM, Ripple, Samsung, Sauce Labs, Sense Technic Systems, SitePen, Stackpath, University of Westminster and WebsiteStartup.

Although the communities are very different, they have a mutual interest in boosting support for their respective technologies.

"Javascript has suffered from a reduced interest of late, and they likely couldn't sustain by themselves anymore," suggested Rob Enderle, principal analyst at the Enderle Group.

That is likely what drove the consolidation, he said.

"A large number of folks in both camps are volunteers, and with a severe shortage of programming talent in paid jobs in the industry, I suspect both thought they could better sustain critical mass together rather than separately," Enderle told LinuxInsider.

One of the things Javascript users want is for the projects they're using to be dependable, said Jonathan Lipps, director of open source at Sauce Labs.

Everyone loves to hate "javascript fatigue," he told LinuxInsider.

"How much worse does that fatigue become when a project which has a lot of adoption all of a sudden loses its contributors, and all of the users are forced to migrate to something else?" Lipps asked.

One of the goals of the JS Foundation is to create a level of stability in the ecosystem that heads off that scenario.

"I think we'll also see as a result a counterforce to the fragmentation trend." said Lipps. "If we can get projects working together and collaborating under a nonprofit umbrella, maybe we'll see more of them joining forces and providing the users with fewer, more sustainable choices."

More Exposure, More Adoption

A new level of cooperation could pay dividends for Sauce Labs by encouraging wider adoption of its Appium platform. The company's goal is for Appium to become the industry's most popular mobile automation tool.

"Donating Appium to the JS Foundation is a great way to shove Appium even further into view for more developers," Lipps said.

"From a development standpoint, specifically, we hope that giving up Appium's copyright to a nonprofit will encourage other companies who make money off of Appium to be less shy about contributing code to it," he explained.

Another of the initial projects in the program is JerryScript, a lightweight JavaScript engine first developed by Samsung. It can enable smartwatches, wearables and other small devices to operate across an IoT environment, noted Youngyoon Kim, vice president of the Software R&D Center at Samsung.

IBM's Node-RED, another participant, has achieved widespread adoption in the IoT community, noted Angel Diaz, vice president of cloud technology and architecture, allowing users to innovate IoT applications more rapidly and with greater agility.

David Jones is a freelance writer based in Essex County, New Jersey. He has written for Reuters, Bloomberg, Crain's New York Business and The New York Times.

from LinuxInsider

Freitag, 21. Oktober 2016

Distribution Release: Slackel 4.14.21 "KDE Live"

Dimitris Tzemos has announced a new release of the Slackware-based Slackel distribution. The new version, Slackel 4.14.21 "KDE Live", is available in 32-bit and 64-bit builds with the 64-bit media supporting UEFI. The 32-bit builds will boot on machines with or without PAE-enabled processors. The new release includes....

from DistroWatch News

'Most Serious' Linux Privilege-Escalation Bug Ever Is Under Active Exploit

from Slashdot: Linux

Dirty Cow: Linux-Rechteausweitung wird für Angriffe missbraucht

Die Lücke im Linux-Kernel, die Entwickler auf Grund ihrer Brisanz als "eklig" bezeichnen, wurde durch einen Angriff auf einen Webserver entdeckt. Da sie offensichtlich schon länger für Angriffe missbraucht wird, sollten Anwender jetzt schnell patchen.

from News von

Source Seattle 2016 Conference

SOURCE Conference Seattle

On October 12th and 13th I was given the opportunity to share some of my Domain Generation Algorithm (DGA) research to another SOURCE Conference audience, this time in Seattle, Washington.


Snow-capped Mount Saint Helens on the flight in to Seattle

Day 1

Richard Thieme kicked off the conference with his talk entitled “Play Through the Pain? – The Impact of Forbidden Knowledge on Security and Intelligence Professionals” touching on the stresses associated with working in a field where you cannot discuss the details of your day’s work to anyone. I have had the pleasure of hearing Richard speak on this subject before at SOURCE Boston, and have only begun to understand the wealth of information he has on this topic. I look forward to hearing more from him in the future.

Next up was “DGA Antivenom: Stopping New Configurations before Analysis” by myself on track one. For a few details on my presentation, take a look at my writeup from SOURCE Boston. I focused more heavily on some aspects for this audience and was able to answer a few questions with discussion at the end. Bryan Brake of the “Brakeing Down Security podcast” captured a photo of my presentation in progress.

I was followed by “Adversary Analysis and Defenses Using Domain and DNS OSINT” by Tim Helming of Domain Tools. It was a great pairing to be able to shift from one aspect of using DNS in my presentation, then to their use of pivoting off different information within DNS records, including historical information, to hunt and gain intelligence on threat actors.

The last presentation before lunch was from Shane MacAuley of IOActive. Shane’s talk focused mainly on memory forensics of cloud instances and some of the tools and techniques he uses to analyze them. For myself, once the tools come out, everything else fades into the background. He has an impressive set of tools that are available on hit github pages K2 and ShaneK2.

Now let me take a moment to acknowledge and thank the food trucks of Seattle.  Mmmmmmmm.

Following a satisfying lunch, was a satisfying keynote from Masha Sedova of Salesforce, entitled “Expanding the Blue Team by Building a Security Culture Program.” I have firsthand experience of the SalesForce security culture as a guest, and three things are very clear when you visit. The security culture there is different, it is real, and it works. The magic behind it is the brainchild of Masha, a culture of security that is rewarding and fun to those who involve themselves in it.

If the keynotes and talks are the meat, the career development tracks are the potatoes of SOURCE Conference. The first potato was the Speed Networking session. Rob Cheyne, the conference organizer, leads a sort of mixer, where you break off in randomly chosen pairs and answer some icebreaker questions. I enjoyed this before in Boston, I was glad to see it again in Seattle. It turns a “recognizable conference attendee number one” into that person who would travel remote regions of the world if they had unlimited resources and time. It adds a character to the conference that I am very fond of.

The final keynote of the day was from Diedre Diamond, the founder of Cyber Security Network (CyberSN), on “Words to Stop Using Now.” The meta overview of this is that there are certain words used commonly that disempower the people you are communicating with whether you intend to or not. Sometimes it is the word itself, and sometimes using a synonym in the same context only softens the blow. It is difficult to avoid them, and in writing this particular paragraph, I am making an effort to do so. Doing so does not come easily and the effort must be made in order to succeed. The overall goal, is to speak to enable, or empower others.

The last talks of the day were lightning talks, given by anyone who volunteered to do so. Short, five minute talks on any subject. To quote Bill Nye, “Everyone you will ever meet knows something you don’t.” These lightning talks can attest to that. Knowing you are surrounded by security professionals you already expect talks on security and business, but to hear talks on topics like bonsai and free climbing helps to loosen up the atmosphere a little and have something else to talk about to break the ice.

Space Needle

It was also my first time in Seattle, and this is as close as I got to the Space Needle

Day 2

I started day two off by joining the “Brakeing Down Security podcast” with host Bryan Brake by giving a small overview of my presentation, and talking a little about the conference itself.

Following opening remarks, was the first keynote of the day from Michael Roytman of Kenna Security. Michael went over a new project he had been working on related to Common Vulnerabilities and Exposures (CVE). He was able to map CVEs that exist to those seen being used by adversaries and malware in the wild. After removing the CVEs that had been patched, he found that many of the CVEs being exploited today were first identified between 1996 and 2014. This revealed that, although we are very good at patch management now, the old vulnerabilities still exist and are still being exploited today.

Next up was “At the Dawn of CET: Hunting Valid Gadget with Big Data” by Ke Sun, Ya Ou, Yanhui Zhao, and Xiaoning Li. In this talk, we learned about Control-flow Enforcement Technology (CET) from Intel and Control Flow Guard (CFG). CET is designed to stop certain types of exploits utilized by malware where the “return to” address of the function being executed gets replaced with some other address while its running so it can take over the process. CET does this by keeping its own copy of “return to” addresses (Shadow Stack) and verifying it later. GFC is something that must be enabled by the developer of a piece of software, and works by keeping track of valid addresses that a program can jump to and does not allow any invalid addresses to be jumped to. CET validates each jump it takes using CFG. Their research was focused on finding valid gadgets (pieces of code) that could be exploited using any of the above mentioned techniques.

Mike Shema of followed up with a presentation on “Evolving a Bug Bounty Program.” He touched on things like consistency in the rewards given and being firm about what differentiates how critical a bug is to you and your company. One thing I had never considered was that sometimes a bug that is identified may be less critical than it seems to the person who found it, but you need to be able to acknowledge that they found it and still not give away your infrastructure in explaining why it is not as critical to you as they may think.

Then we had Sean Malone of FusionX presenting “Using and Expanded Cyber Kill Chain Model to Increase Attack Resiliency.” Sean’s work focused on taking the Cyber Kill Chain® and extending it where it was often misunderstood as the end of the line. Once an adversary reaches the internal network, there are many different strategies to utilize to minimize damage, not to mention, not all attacks originate from the outside. This expansion added a tree model, which illustrated the different attack vectors used, and lateral movement between them to the next target showing a full overview of an attack.

Speaking of lateral movement, following another food truck lunch (Mmmmm), we had another session in the career development track. This session was the Personal Development Panel, featuring Rob Cheyne (Big Brain Security), Richard Thieme (Thiemeworks), Masha Sedova (Salesforce), and James Wann (TUNE). The lateral movement here I speak of, is that everyone on the panel started somewhere other than where they are now. Stories of personal experiences were shared along with some other helpful tips.

Following the Personal Development Panel, we had a talk from Rob Fuller of R5 Industries entitled “Attacker Ghost Stories – Revisited.” This was a themed presentation, that always went back to a campfire slide, which I thought was great. Rob spoke on various security subjects which are things that should be common knowledge in the security world, but are often overlooked and ignored.

The last presentation was from Rob Cheyne of Big Brain Security. Rob taught us, how he teaches security to others. Although I am a visual learner and teacher myself, his use of analogs to describe principals of security intrigues me. I always enjoy being able to teach concepts to others and finding acceptable analogs, that everyone understands, may help in that.

Overall, SOURCE Seattle was a great conference for myself, and I’m sure it was for everyone else. I look forward to other SOURCE Conferences in my future.

The post Source Seattle 2016 Conference appeared first on OpenDNS Umbrella Blog.

from OpenDNS Blog