Monthly Archives: May 2015

CentOS

Release of CentOS-7 (alpha candidate) for AArch64platforms

We are pleased to announce the public alpha release of CentOS Linux 7
for AArch64 compatible hardware.

This is the initial alpha release based on CentOS Linux  7 1503 (
Rebuilt from Red Hat Enterprise Linux 7.1 sources ), with architecture
and modifications patching as necessary. Because this hardware is very
new and support for it is still evolving, there is no expectation for
kernel ABI compatibility.
Additionally, until the alpha period ends both the OS repository and the
Updates repository are subject to change.

This release was built on an X-Gene system from Applied Micro. We are
working to test against other platforms to ensure broad compatibility.

========
Download

You can find the install tree and repositories at
http://buildlogs.centos.org/centos/7/os/aarch64/

While the build is in alpha, we are not releasing full isos as you would
traditionally find with the x86_64 builds. Please use the boot.iso which
has been pre-configured for a network install, or pxe from a locally
hosted mirror of the installation tree.

We plan to make disk images available soon to help vendors bootstrap
their platforms.

============
Installation


Installation guides and documentation will be provided via the CentOS
wiki, at http://wiki.centos.org/SpecialInterestGroup/AltArch/AArch64
Because several packages are not yet available, the group information
has been reduced and the only available installation option is
'minimal'. If you perform kickstart based installs, please note the only
available group is currently 'Core'. We will improve upon this
throughout the alpha process.


============
Contributing

The AArch64 effort is meant to be a community effort as part of the
AltArch SIG (http://wiki.centos.org/SpecialInterestGroup/AltArch), and
we welcome enthusiasts and vendors to contribute patches, fixes,
documentation, etc. In the AArch64 Extras repository, we have provided
the mock package and dependencies so that community members can more
easily contribute, as well as testing their own builds locally. Please
submit patches, fixes, etc to the Arm-Dev list
(http://lists.centos.org/mailman/listinfo/arm-dev) for discussion and
acceptance.

We encourage vendors to come and join this effort, we have a lose
organization focused on the alternative architectures build process and
welcome interaction at the group level. Please get in touch with me
(jperrin< at >centos.org)  or K Singh ( kbsingh< at >centos.org ) to find out more
details.

The wider CentOS Ecosystem is also welcome to engage with us, both at
the project and code level. If you are working with a project that
interfaces, manages or develops on top
of CentOS, specially in the virtualization, cloud, container and
infrastructure management areas - we would love to have you guys get
involved. While we don't have a lot of resources, we are working with
a few vendors to build up a community resource pool that we would
encourage other projects to share their development, testing and
delivery around CentOS Linux for aarch64.


In the next few days, we'll be adding a branch to git for modified
packages so that patches are available to the community, as well as
providing a repository for the debug-info packages.


==================================
Coming Soon // Future Improvements


* Rebase to 4.1rc kernel
* Improve package and group availability
* Add additional hardware support
* Disk images to support install via dd
Avira

New Linux Rootkit Exploits Graphics Cards

A rootkit PoC for Linux systems that runs on the processors and RAM of the graphics cards, Jellyfish is able to access the computer’s memory without having to route through the computer’s CPU. As CPUs are slower than GPUs for making calculations, GPUs are already used partially by some cryptocurrency-mining malware (e.g. to steal Bitcoins). But Jellyfish is the first malware to run entirely via the GPU, and works with Nvidia, AMD, and even Intel, if the latter is “supported through the AMD APP SDK, a software development kit that allows GPUs to be used for accelerating applications,” says Constantin.

As graphics-card-only malware has never been an exploitable area before, security software developers like Avira would need to engineer security efforts in yet another new direction. Although early reports indicate that Jellyfish is in a beta stage, unfinished, with some bugs, and currently requires OpenCL drivers installed on the targeted system in order to work, it could inspire future variants by those looking to exploit such vulnerabilities for personal gain (AKA cybercriminals).

After a 2013 research paper (pdf) titled “You Can Type, but You Can’t Hide: A Stealthy GPU-based Keylogger,” the same research team behind Jellyfish has also developed a keylogger called ‘Demon’, which also works via the GPU.

Security firms may definitely have our hands full in coming months, it seems.

The post New Linux Rootkit Exploits Graphics Cards appeared first on Avira Blog.

Security

Court’s Ruling a ‘Clear Signal’ About Mass Surveillance Programs, Experts Say

The ruling last week by the Second Circuit Court of Appeals that the NSA’s years-long bulk collection of phone metadata is illegal is a “clear signal” that courts are moving in the direction of striking down some mass surveillance programs, experts say. The decision, issued Thursday, is among the first major rulings to go against […]

Avira

WordPress: Compromised Sites Leaking User Credentials

Only recently there were several reports of WordPress plugins and themes with vulnerabilities:  Last week’s XSS vulnerability, multiple ones in the eCommerce shopping card plugin The CardPress, and a Zero Day exploit in WordPress 4.2.1.

This week it seems like there is yet another one. According to researchers at Zscaler there are a couple of compromised WordPress pages out there that are all leaking credentials. “The compromised sites run backdoor code, which activates when the user submits login credentials. The credentials are encoded and sent to an attacker website in the form of a GET request. Till now, we have identified only one domain “conyouse.com” which is collecting all the credentials from these compromised sites”, the page reads.

They conclude that WordPress, as one of the most popular Content Management Systems and blogging platforms, remains an attractive target for cybercriminals – especially due to the huge user base. Administrators should always keep their WordPress installations (including addons and themes) updated and patch as soon as there are security updates available.

If you want to find out more about the dangers you could face as a blog administrator and get some advice which might help you to protect your page, take a look at Ange Albertini’s blog article concerning the topic.

The post WordPress: Compromised Sites Leaking User Credentials appeared first on Avira Blog.

Panda Security

Panda Security audits the risk level of applications and users

Panda Security today announced the launch of Panda Audit Service, a new audit service to detect vulnerable applications, users and computers at risk, Advanced Persistent Threats (APTs) and targeted attacks. The service is deployed across the network in a matter of minutes, with no need for configuration changes, additional server infrastructure or databases to start the audit.

In short, Panda Audit Service provides real-time monitoring of all applications running on endpoints, performing analyses in cloud and Big Data environments to detect and neutralize any type of threat.

audit service, threat

Complete visibility into all running applications

Panda Security’s new solution provides complete visibility into the applications running on the network, showing the origin and location of any running process. This way, users will know at all times who and when accesses their computers’ files and folders.

“Panda Audit Service tracks and monitors all applications running in an organization. It provides granular control and monitoring of all applications running on endpoints, ensuring customers’ security and peace of mind”, said Josu Franco, VP Business Development at Panda Security.

Additionally, Panda Audit Service generates real-time comprehensive reports on network activity, offering specific recommendations to take preventive action.

Identification of advanced threats and system vulnerabilities

Data theft has become the number one objective of targeted attacks and advanced threats to the point that any company may fall victim to a data breach. Modern-day attacks are increasingly complex and sophisticated, and in some cases traditional antivirus solutions are unable to even detect them.

“Panda Audit Service sees what others do not. It detects any attempt to access data and performs forensic analyses of the actions taken by malware.  Thanks to its continuous monitoring of the network, the service detects threats and identifies system vulnerabilities immediately”, explained Franco.

The post Panda Security audits the risk level of applications and users appeared first on MediaCenter Panda Security.

Panda Security

Fusion: Cloud Security, Management and Support for your IT network

You know Fusion is an integrated solution that provides security, management and remote support for all devices on your IT network.

Why Fusion?

  • Because you will not require any additional infrastructure to centrally manage all your customers end points, smartphones and tablets. The solution is 100% cloud hosted.
  • Because it offers maximum protection against malware thanks to Collective Intelligence and anti-exploit technologies against unknown threats.
  • Because it reduces costs through optimization of your IT infrastructure, automation of management tasks and centralized control.
  • Because it provides an optimal support experience to your end users, through proactive problem resolution and remote, non-disruptive access to their devices, wherever they are.

Try Fusion! The global solution to manage your company’s security and IT infrastructure!

The post Fusion: Cloud Security, Management and Support for your IT network appeared first on MediaCenter Panda Security.

CentOS

CEBA-2015:0953 CentOS 6 selinux-policy BugFixUpdate

CentOS Errata and Bugfix Advisory 2015:0953 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0953.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
ea0e04af5af5e4af501093e8586d0ca8ffbb531de3b6d1e251560a3f556ffdd8  selinux-policy-3.7.19-260.el6_6.3.noarch.rpm
0784b46d3de9e8e42c7b7539455076a2b1dfccb0a8d419b4dc609add8c644510  selinux-policy-doc-3.7.19-260.el6_6.3.noarch.rpm
564126802acea0b84d0fd67af43862609775211b9e4f3a603914a337bc6cdf22  selinux-policy-minimum-3.7.19-260.el6_6.3.noarch.rpm
87c46a3b820833b70c62f7547566b0ba7a44bd7fc326ebd905e177fc3b19c484  selinux-policy-mls-3.7.19-260.el6_6.3.noarch.rpm
c65fbd3c2d5d33e980ec01493fe90c98c4d1a1c1d01fa1867126af5820893f5f  selinux-policy-targeted-3.7.19-260.el6_6.3.noarch.rpm

x86_64:
ea0e04af5af5e4af501093e8586d0ca8ffbb531de3b6d1e251560a3f556ffdd8  selinux-policy-3.7.19-260.el6_6.3.noarch.rpm
0784b46d3de9e8e42c7b7539455076a2b1dfccb0a8d419b4dc609add8c644510  selinux-policy-doc-3.7.19-260.el6_6.3.noarch.rpm
564126802acea0b84d0fd67af43862609775211b9e4f3a603914a337bc6cdf22  selinux-policy-minimum-3.7.19-260.el6_6.3.noarch.rpm
87c46a3b820833b70c62f7547566b0ba7a44bd7fc326ebd905e177fc3b19c484  selinux-policy-mls-3.7.19-260.el6_6.3.noarch.rpm
c65fbd3c2d5d33e980ec01493fe90c98c4d1a1c1d01fa1867126af5820893f5f  selinux-policy-targeted-3.7.19-260.el6_6.3.noarch.rpm

Source:
3eb0e19cf99a7e1e493fc9e26612adb785b6bb004e6fb3a2b90403dfe2bf233f  selinux-policy-3.7.19-260.el6_6.3.src.rpm