Gnome 3.32 Released

The Gnome community has announced (https://www.gnome.org/news/2019/03/gnome-3-32-released/) the release of Gnome 3.32. The release incorporates 26,438 changes (made by approximately 798 contributors), including new features improvements and performance enhancements.

Gnome users will be greeted with a refreshed visual style for the user interface and icons. Gnome 3.32 brings supports for fractional scaling as an experimental option, which will satisfy those users who have HiDPI monitors.

To streamline the user experience across apps, Gnome has removed the Application menu and moved its contents to a primary menu located within the application window.

While there are popular Chromium and Firefox web browsers, Gnome also offers its own web browser called Web. Gnome's browser now comes with an automation mode, which allows users to control web applications using WebDriver. Speaking of control, Gnome has improved Touchpad support. The touchpad support is still not on par with MacOS, but users can swipe left or right to go back or forward through browsing history.

Gnome 3.32 has improved security. The Settings tools feature a new panel called Application that offers permissions control for various applications, including installed Flatpak packages. Gnome Software (applications manager for Gnome) has improved handling for apps available from multiple sources, including distribution repositories and Flatpak.

Arch and Gentoo users can already test Gnome 3.32; openSUSE Tumbleweed is expected to get the update soon.

NSA's Reverse Engineering Tool Released

The National Security Agency (NSA) has released the source code of its software reverse engineering tool, GHIDRA, on GitHub.

GHIDRA is NSA's classified, Java-based reverse engineering framework, which the agency uses to disassemble binaries of software to understand its functionality. It's a critical tool to reverse engineer malicious software such as malware. GHIDRA also features a GUI and can run on Linux, macOS, and Windows.

"With this release, developers will be able to collaborate by creating patches, and extending the tool to fit their cybersecurity needs," said the blog post.

According to NSA, the source code repository includes instructions to build on all supported platforms. GHIDRA source code includes a suite of software analysis tools. Some of its core capabilities include disassembly, assembly, decompilation, graphing, and scripting. It supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes.

Security analysts can use the source code to develop their own GHIDRA plug-in components and/or scripts using the exposed APIs.

The source code is available for download at http://ghidra-sre.org along with the 9.0.2 patch.

New Mirai Botnet Variant Discovered

Cybersecurity experts at Unit 42 (https://unit42.paloaltonetworks.com/mirai-compiled-for-new-processor-surfaces/) have discovered a new variant of the Mirai botnet that targets Linux powered IoT devices. The botnet took a huge chunk of Internet down in 2016, including web hosting provider OVH and DNS provider Dyn.

The new variant targets embedded devices like routers, network storage devices, NVRs, and IP cameras. Unit 42 found this new variant targeting enterprise WePresent WiPG-1000 Wireless Presentation systems and have discovered it in LG Supersign TVs.

"This development indicates to us a potential shift to using Mirai to target enterprises. The previous instance where we observed the botnet targeting enterprise vulnerabilities was with the incorporation of exploits against Apache Struts and SonicWall," wrote Ruchna Nigam of Unit 62 in a blog post, "In addition to this newer targeting, this new variant of Mirai includes new exploits in its multi-exploit battery, as well as new credentials to use in brute force against devices."

This Mirai variant has added 11 new exploits, taking the total exploits to 27.

Enterprise customers need to focus on the security of their network and IoT devices running within their network. They should embrace some best practices, including changing the default password; be aware of what IoT devices are living within their network and also ensure they are fully patched.