LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 21st, 2014
Linux Security Week: April 7th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
F.B.I. Informant Is Tied to Cyberattacks Abroad  24 April 2014 
Source: NY Times - Posted by Alex   
Government An informant working for the F.B.I. coordinated a 2012 campaign of hundreds of cyberattacks on foreign websites, including some operated by the governments of Iran, Syria, Brazil and Pakistan, according to documents and interviews with people involved in the attacks.
 
Heartbleed prompts joint vendor effort to boost OpenSSL, security  24 April 2014 
Source: TechWorld AU - Posted by Dave Wreski   
Security Projects Reeling from the Heartbleed security fiasco, major IT vendors including Microsoft, IBM, Intel, Google and Cisco are backing a Linux Foundation initiative designed to boost open source projects considered critical to the industry.
 
Linux Foundation enlists Microsoft, Google to prevent the next Heartbleed  24 April 2014 
Source: InfoWorld - Posted by Dave Wreski   
Security Projects If we've learned one lesson from the Heartbleed fisaco, it's this: It should never happen again. But just patching or upgrading a project as crucial as OpenSSL won't be enough in the long run. When the Internet's stability and security rest on a project, that project must be given solid material support that ensures both growth and dependibility.
 
Targeted Attack Uses Heartbleed to Hijack VPN Sessions  22 April 2014 
Source: ThreatPost - Posted by Alex   
Cryptography A targeted attack against an unnamed organization exploited the Heartbleed OpenSSL vulnerability to hijack web sessions conducted over a virtual private network connection.
 
Even the most secure cloud storage may not be so secure, study finds  22 April 2014 
Source: TechWorld - Posted by Dave Wreski   
Intrusion Detection Some cloud storage providers who hope to be on the leading edge of cloud security adopt a "zero-knowledge" policy in which says it is impossible for customer data to be snooped on. But a recent study by computer scientists at Johns Hopkins University is questioning just how secure those zero knowledge tactics are.
 
Fixing OpenSSL's Heartbleed flaw will take MONTHS, warns Secunia  22 April 2014 
Source: The Register UK - Posted by Dave Wreski   
Cryptography Expunging the Heartbleed bug from vulnerable computers and gadgets is likely to take months, according to a leading vuln research firm. The cautionary assessment by Secunia comes as more and more products are judged to be vulnerable to the infamous OpenSSL security flaw.
 
Linux Security Week: April 21st, 2014  21 April 2014 
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
 
Safety you can bank on: Chromebook, Linux, phone  21 April 2014 
Source: USA Today - Posted by Dave Wreski   
Security Q: I'm nervous about keeping my online banking safe on my regular PC. Should I buy a Chromebook and use it just for that? A: Cheap laptops running Google's Chrome OS have a lot going for them as long as you don't need conventional, disk-based apps and rarely lack for bandwidth.
 
Open source trounces proprietary software for code defects, Coverity analysis finds  18 April 2014 
Source: Network World - Posted by Dave Wreski   
Security Projects Forget bad headlines generated by the Heartbleed flaw, when it comes to code defects open source is still well ahead of proprietary software, generating fewer coding defects for every size of project, according to a new analysis by scanning service Coverity.
 
Heartbleed: Security experts reality-check the 3 most hysterical fears  18 April 2014 
Source: Network World - Posted by Dave Wreski   
Intrusion Detection Heartbleed has dominated tech headlines for a week now. News outlets, citizen bloggers, and even late-night TV hosts have jumped on the story, each amping up the alarm a little more than the last one. But while it's true Heartbleed is a critical flaw with widespread implications, several security experts we've spoken with believe the sky-is-falling tone of the reporting is a bit melodramatic.
 
Canadians arrest a Heartbleed hacker  17 April 2014 
Source: CNN Money - Posted by Dave Wreski   
Latest News Canadian mounties have arrested a teenager who, they say, used the Heartbleed Internet bug to hack into the country's tax agency.
 
Galaxy S5 fingerprint scanner hacked with glue mould  16 April 2014 
Source: BBC - Posted by Dave Wreski   
Hacks/Cracks The researchers fooled the new handset using a mould made out of glue. The fingerprint sensor on Samsung's Galaxy S5 handset has been hacked less than a week after the device went on sale.
 
'Snowden effect' has changed cloud data security assumption, survey claims  16 April 2014 
Source: TechWorld - Posted by Dave Wreski   
Network Security Edward Snowden’s revelations of sophisticated NSA spying has made many senior IT staff distinctly edgy about their use of the cloud with nine out of teen paying closer attention to where data is stored, a survey of global attitudes has found.
 
Why a hacker got paid for finding the Heartbleed bug  15 April 2014 
Source: New Scientist - Posted by Alex   
Security Projects Thank the hackers. This week's Heartbleed vulnerability has everyone running scared (see box below to read what you might do to protect yourself). The serious crack in the foundations of the supposedly secure internet was revealed earlier this week by a software engineer probing website security in his spare time.
 
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Sponsor:

 

Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.