Press "Enter" to skip to content

Posts published in “Security”

Six WordPress Plugins Vulnerable

By Christine Hall on November 12, 2015 |

News, Security and Web Apps

Six WordPress Plugins VulnerableWordPress logo

In the same week that we learned from W3Techs that the popular open source content management system (CMS) WordPress now powers a full 25 percent of all sites on the web, we learn that six popular WordPress plugins contain serious security vulnerabilities. The later news comes to us by way of security firm Wordfence, which specializes in WordPress security and develops the Wordfence security plugin for the platform.

WordPress logoThis news isn’t surprising, nor is it cause for alarm. Because WordPress is by far the most popular content management platform on the web, it’s an obvious target for hackers, and third party plugins are the most obvious way inside. However, the folks at Automattic, which develops the platform, have proven themselves to be diligent at finding vulnerabilities and keeping them patched.

Continue readingSix WordPress Plugins Vulnerable
Online Vigilantes: Hacking Sony for a Cause?hacked site

Online Vigilantes: Hacking Sony for a Cause?

By Ken Starks on November 3, 2015 |

Community and Security

It would seem the day of website defacements just for the heck of it are long past. I mean, that was so 1990s, right? Today’s hacker, the ones who have meaningful targets, are having a field day. Even the huge guard at the gate, Linux server space, has been knocked aside in order to gain passage.

hacked site

Ken Starks

Ken Starks is the founder of the Helios Project and Reglue, which for 20 years provided refurbished older computers running Linux to disadvantaged school kids, as well as providing digital help for senior citizens, in the Austin, Texas area. He was a columnist for FOSS Force from 2013-2016, and remains part of our family. Follow him on Twitter: @Reglue

linuxlock.blogspot.com/
Continue readingOnline Vigilantes: Hacking Sony for a Cause?

Microsoft Infects Windows Computers With Malvertising

By Christine Hall on October 15, 2015 |

News and Security

I thought about ignoring this one and letting it slide, but it’s too priceless, too typically Microsoft, not to pass on. It seems that Redmond has been inadvertently infecting Windows computers with ransomware through its MSN website. Not to worry, however. The company is happy to hand you a tool to remove the malware, which is akin to locking the door after the horse is gone, as your files will by then be locked up tighter than a waterproof safe.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingMicrosoft Infects Windows Computers With Malvertising
The Elderly & the Scam Mastershappy couple

The Elderly & the Scam Masters

By Ken Starks on July 28, 2015 |

Community and Security

It always happens to someone else. Right? I mean, what are the chances it will happen to me? Or you? Be it winning the lottery or developing a debilitating disease. We all know someone who knows someone who…well, you know how it goes. It will happen to someone else.

And it did, two days ago. Across the street from me.

scammerClaude and Jane are good folks. Both in their mid 70s. They live on their combined retirement funds and spend their time keeping busy with kids, grandkids, and from what I hear, a great-grandchild in a matter of months. They come over for coffee or tea at times, and we always see them at community center events. They are not well off by any standard, but they do okay…until last Saturday.

Ken Starks

Ken Starks is the founder of the Helios Project and Reglue, which for 20 years provided refurbished older computers running Linux to disadvantaged school kids, as well as providing digital help for senior citizens, in the Austin, Texas area. He was a columnist for FOSS Force from 2013-2016, and remains part of our family. Follow him on Twitter: @Reglue

linuxlock.blogspot.com/
Continue readingThe Elderly & the Scam Masters
OSCON: Purism Respects Your Rights & FreedomLibrem 13 & Librem 15

OSCON: Purism Respects Your Rights & Freedom

By Larry Cafiero on July 23, 2015 |

Hardware, News, Security and Software

Your digital rights — do both your hardware and software respect them?

Because if they don’t, Purism might have the answer to this shortcoming.

At OSCON, Purism has on hand the Librem 13 and Librem 15 laptops – the numbers designating the screen size (13-inch and 15-inch, respectively) — which are both designed, chip-by-chip and line-by-line to respect your rights to privacy, security and freedom, which is Purism’s philosophy.

Purism logo“We developed Purism so that users can have access to the highest quality computers without compromising these beliefs,” the Purism website states. “The founder of Purism developed the Philosophical Contract, that we all abide by, which was adopted from the Free Software Foundation, and expanded to include hardware manufacturing as it relates to software.”

Larry Cafiero

Larry Cafiero is a journalist and a Free/Open Source Software advocate and is involved in several FOSS projects. Follow him on Twitter: @lcafiero

Continue readingOSCON: Purism Respects Your Rights & Freedom

Wetware: The Most Important Trend in Malware

By Don Parris on July 7, 2015 |

Internet and Security

Blaster worm screenshot
Hex dump of 2003’s Blaster worm, that left a message for Microsoft CEO Bill Gates.
On Thursday, Christine Hall looked at the economy of cybercrime. I also took a peek at the Symantec report, and indeed, the statistics are sobering. There is one statistic, however, that Symantec has ommitted from its report. They did not report – at least not numerically – on the trend of growing wetware vulnerabilities that take advantage of users’ bad habits.

Don Parris

Don Parris wears a Facility Services cape by day, and transforms into LibreMan at night. He has written numerous articles about free tech, and hangs out with the Cha-Ha crowd, learning about computer security. He also enjoys making ceviche with his wife, and writing about his travels in Perú.

Continue readingWetware: The Most Important Trend in Malware

Yet Another Windows Security Fail

By Christine Hall on July 6, 2015 |

Admin, News, Operating Systems and Security

Windows logoWe might as well start with the moral of this story: Don’t protect Windows with Windows.

For at least a decade, Microsoft has been chanting the mantra, “at Microsoft security is job one,” over and over and over. During this time, it’s repeated this mantra often enough to convince a lot of people that Windows is much safer than it once was, which I suppose is true since it couldn’t have gotten much worse. However, a new report from AV-Test proves the company isn’t yet ready to move up to the next mantra level and begin chanting, “at Microsoft we do security right,” because clearly it doesn’t.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingYet Another Windows Security Fail
Looking at the Cracker Hacker EconomySymantec logo

Looking at the Cracker Hacker Economy

By Christine Hall on July 2, 2015 |

Security

Today I spent some time looking at a white paper issued by the security firm Symantec called Website Security Threat Report, which is basically a catalog of malware threats for the non-techie suits who control the purse strings for web facing server deployments — sort of a “here boss, this is why we have to spend so much money on security” type of thing. Most of it’s old news to those of us who, for whatever reason, follow tech news, but some of the trends noted by the folks at Symantec are interesting enough.

As a matter of fact, there’s a bit of sobering news for sites like FOSS Force, as again in 2014, technology sites top the list of the type of sites most likely to be exploited by cracker hackers, with the number on the rise. According to Symantec, last year tech sites represented 21.5 percent of sites infected by malware, up from 9.9 percent in 2013. Even more disturbing is that number two on this list are hosting sites, up from the number three position in 2013, with 7.3 percent of malware infected sites.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingLooking at the Cracker Hacker Economy
Limit Your Linux Super Powers With su & sudosudo password prompt

Limit Your Linux Super Powers With su & sudo

By Don Parris on June 30, 2015 |

Admin, Security and Tutorial

I recently offered some security tips aimed at new system administrators. And hey, the home users among you should take note, after all, you’re the administrator of your home system! One of the tips was “Don’t run as root.” Today I would like to expand on that a bit. First, we’ll take a look at why you should limit the use of your super powers. Then we’ll look at the best ways to use su and sudo to help you limit your risks.

Don Parris

Don Parris wears a Facility Services cape by day, and transforms into LibreMan at night. He has written numerous articles about free tech, and hangs out with the Cha-Ha crowd, learning about computer security. He also enjoys making ceviche with his wife, and writing about his travels in Perú.

Continue readingLimit Your Linux Super Powers With su & sudo
The NSA, Windows & AntivirusBoris and Natasha

The NSA, Windows & Antivirus

By Christine Hall on June 25, 2015 |

Admin, News, Operating Systems and Security

Poor Microsoft. The beleaguered company just can’t catch a break. We’ve already told you about how Snowden’s revelations have forced the pride of Redmond to spend who knows how many millions opening two “transparency centers” to allow government IT experts to pore through source code to prove there’s no back doors baked into Windows or other Microsoft products. Trouble is, while its engineers have been busy plastering over all traces of old back doors, they’ve left a side door standing wide open, waiting to be exploited.

Boris and NatashaIronically, this side door is intended to be a security door for third party add-ons that every Windows machine needs to keep it safe from cracker hackers — if that’s indeed possible. And this security tool is usually more trusted by Microsoft system admins, especially those outside the U.S., than Windows itself.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingThe NSA, Windows & Antivirus