LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 20th, 2014
Linux Advisory Watch: October 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
iPhone Encryption and the Return of the Crypto Wars  22 October 2014 
Source: Schneier on Security - Posted by Dave Wreski   
Cryptography Last week, Apple announced that it is closing a serious security vulnerability in the iPhone. It used to be that the phone's encryption only protected a small amount of the data, and Apple had the ability to bypass security on the rest of it.
 
USB is now UEC (use with extreme caution)  22 October 2014 
Source: Network World - Posted by Dave Wreski   
Hacks/Cracks USB is an acronym for Universal Serial Bus; at least that is what it has stood for since 1999 when it was patented. But now it may take on a new meaning and instead stand for Ultimate Security Breakdown.
 
Finding a Video Poker Bug Made These Guys Rich—Then Vegas Made Them Pay  21 October 2014 
Source: Wired - Posted by Dave Wreski   
Intrusion Detection John Kane was on a hell of a winning streak. On July 3, 2009, he walked alone into the high-limit room at the Silverton Casino in Las Vegas and sat down at a video poker machine called the Game King. Six minutes later the purple light on the top of the machine flashed, signaling a $4,300 jackpot.
 
RIPS – Static Source Code Analysis For PHP Vulnerabilities  21 October 2014 
Source: Darknet - Posted by Dave Wreski   
Vendors/Products RIPS is a tool written in PHP to find vulnerabilities using static source code analysis for PHP web applications. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by user input (influenced by a malicious user) during the program flow.
 
Hacker Halted 2014: Johnny Long Calls for Hackers for Charity Volunteers  21 October 2014 
Source: InfoSecurity Magazine - Posted by Dave Wreski   
The irony was not lost on Johnny Long. On the silver screen, both hackers and zombies are typically associated with disaster, so the fact that he was at a zombie-themed security conference to speak about hackers making a positive difference in the world seemed satirical.
 
Linux Security Week: October 20th, 2014  20 October 2014 
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
 
What a hacker can learn about your life from the coffee shop’s Wi-Fi network  20 October 2014 
Source: Quartz - Posted by Alex   
Wireless Security We often shift between a phone signal, private internet connections, and public Wi-Fi networks. You pass by your local Starbucks, for example, and the phone remembers you’ve been there in the past and latches on to its signal—without you thinking too much about it.
 
Mobile Device Encryption Could Lead to a ‘Very, Very Dark Place’, FBI Director Says  20 October 2014 
Source: ThreatPost - Posted by Dave Wreski   
Cryptography FBI Director James Comey said Thursday that the recent movement toward default encryption of smartphones and other devices could “lead us to a very, very dark place.” Echoing comments made by law enforcement officials for the last several decades, Comey said that the advanced cryptosystems available today threaten to cripple the ability of intelligence and law enforcement agencies to gather vital information on criminals.
 
Linux Advisory Watch: October 17th, 2014  17 October 2014 
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system.
 
CAINE Linux Distribution Helps Investigators With Forensic Analysis  17 October 2014 
Source: eWeek - Posted by Alex   
Security Projects There is no shortage of Linux distributions to serve specific markets and use cases. In the security market, a number of Linux distributions are widely used, including Kali Linux, which is popular with security penetration testers. There's also CAINE Linux, which is focused on another area of security. CAINE, an acronym for Computer Aided INvestigative Environment, is a Linux distribution for forensic investigators.
 
The Hacker Wars Hits NYC  17 October 2014 
Source: Huffington Post - Posted by Dave Wreski   
Latest News Hackers are big news! On October 2, a New York Times headline trumpeted: "JP Morgan Chase Hacking Affects 76 Million Households." Recently retailers like Home Depot and Target were hit as well -- data banks reportedly hacked, personal information potentially compromised.
 
The Hacktivist as Angry Young Man  17 October 2014 
Source: NY Times - Posted by Dave Wreski   
Latest News Making no pretense of balance or objectivity, Vivien Lesnik Weisman’s excitable documentary “The Hacker Wars” is a forceful indictment of the United States government’s surveillance and prosecution of computer hackers and journalists.
 
What you need to know about the SSLv3 “POODLE” flaw  15 October 2014 
Source: Fedora Magazine - Posted by Dave Wreski   
Cryptography Another security vulnerability is hitting the tech (and mainstream!) press, and we want to make Fedora users get straight, simple information. This one is CVE-2014-3466, and the cute nickname of the day is “POODLE”.
 
Laura Poitras on the Crypto Tools That Made Her Snowden Film Possible  15 October 2014 
Source: Wired - Posted by Dave Wreski   
Cryptography As a journalist, Laura Poitras was the quiet mastermind behind the publication of Edward Snowden’s unprecedented NSA leak. As a filmmaker, her new movie Citizenfour makes clear she’s one of the most important directors working in documentary today. And when it comes to security technology, she’s a serious geek.
 
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Sponsor:

 

Yesterday's Edition
USB is now UEC (use with extreme caution)
iPhone Encryption and the Return of the Crypto Wars
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.