LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: January 2nd, 2018
Linux Advisory Watch: December 29th, 2017
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Researchers Discover Two Major Flaws in the World’s Computers  04 January 2018 
Source: NY Times - Posted by Dave Wreski   
Security Projects Computer security experts have discovered two major security flaws in the microprocessors inside nearly all of the world’s computers. The two problems, called Meltdown and Spectre, could allow hackers to steal the entire memory contents of computers, including mobile devices, personal computers and servers running in so-called cloud computer networks.
 
Today's CPU vulnerability: what you need to know  03 January 2018 
Source: Google Security Blog - Posted by Dave Wreski   
Vendors/Products Last year, Google’s Project Zero team discovered serious security flaws caused by “speculative execution,” a technique used by most modern processors (CPUs) to optimize performance.
 
'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign  03 January 2018 
Source: The Register UK - Posted by Anthony Pell   
Latest News A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.
 
Cryptojacking Has Gotten Out of Control  03 January 2018 
Source: Wired - Posted by Alex   
Cryptography Cryptojacking, which exploded in popularity this fall, has an ostensibly worthy goal: Use an untapped resource to create an alternative revenue stream for games or media sites, and reduce reliance on ads.
 
Linode and Vultr no longer disables SELinux by default in Fedora Server 27  02 January 2018 
Source: Ctrl Blog - Posted by Dave Wreski   
Server Security Thanks to Daniel Aleksandersen for sending this in. “One of Fedora’s differentiating features compared to other Linux distributions is its well-maintained and low-friction default SELinux policy set. The two virtual private server (VPS) hosting providers Linode and Vultr have been offering server instances of Fedora Server with Security-Enhanced Linux (SELinux) enforcement disabled by default."
 
The mysterious case of the Linux Page Table Isolation patches  02 January 2018 
Source: python sweetness - Posted by Dave Wreski   
Server Security Thanks to Daniel Aleksandersen for sending this in. "tl;dr: there is presently an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve. Urgent development of a software mitigation is being done in the open and recently landed in the Linux kernel, and a similar mitigation began appearing in NT kernels in November. In the worst case the software fix causes huge slowdowns in typical workloads.
 
Linux Security Week: January 2nd, 2018  02 January 2018 
Source: LinuxSecurity Contributors - Posted by Anthony Pell   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
 
Ransomware to hit cloud computing in 2018, predicts MIT  02 January 2018 
Source: Computer Weekly - Posted by Alex   
Intrusion Detection Ransomware targeting cloud services is one of the six biggest cyber threats likely to face organisations in 2018, according to the Massachusetts Institute of Technology
 
Critical Flaw Reported In phpMyAdmin Lets Attackers Damage Databases  02 January 2018 
Source: Hacker News - Posted by Anthony Pell   
Hacks/Cracks A critical security vulnerability has been reported in phpMyAdmin—one of the most popular applications for managing the MySQL database—which could allow remote attackers to perform dangerous database operations just by tricking administrators into clicking a link.
 
Driving Open Standards in a Fragmented Networking Landscape  02 January 2018 
Source: SDX Central - Posted by Alex   
Network Security Once upon a time, standards were our friends. They provided industry-accepted blueprints for building homogeneous infrastructures that were reliably interoperable. Company A could confidently build an application and — because of standards — know that it would perform as expected on infrastructure run by Company B.
 
Linux Advisory Watch: December 29th, 2017  29 December 2017 
Source: LinuxSecurity Contributors - Posted by Anthony Pell   
Linux Advisory Watch Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.
 
How Classical Cryptography Will Survive Quantum Computers  29 December 2017 
Source: Nautilus - Posted by Alex   
Cryptography Justin Trudeau, the Canadian prime minister, certainly raised the profile of quantum computing a few notches last year, when he gamely—if vaguely1—described it for a press conference. But we’ve heard a lot about quantum computers in the past few years, as Google, I.B.M., and N.A.S.A., as well as many, many universities, have all been working on, or putting money into, quantum computers for various ends.
 
2018 Security Predictions – Double Up on Linux Attacks  28 December 2017 
Source: Secplicity - Posted by Anthony Pell   
Security Projects With IoT botnets added to their roadmap, the hackers are now looking to supercharge it by exploiting Linux. Many IoT devices use inexpensive embedded Linux systems, which are notorious for having insecure defaults. By creating just a little malware code, these hackers think they can double their botnet power.
 
New ibm linux-only mainframe delivers breakthrough security for next-gen applications  28 December 2017 
Posted by Alex   
Server Security A key feature of the new LinuxONE Emperor II, IBM Secure Service Container is an exclusive LinuxONE technology that represents a significant leap forward in data privacy and security capabilities. Last year, more than four billion data records were lost or stolen, a 556 percent increase over 2015 1.
 
    
Partner

 

Latest Features
Social Engineering Methods for Penetration Testing
Putting Infosec Principles into Practice
Installing an Apache Web Server with TLS
Essential tools for hardening and securing Unix based Environments
Securing a Linux Web Server
Peter Smith Releases Linux Network Security Online
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Sponsor:

 

Yesterday's Edition
Researchers Discover Two Major Flaws in the World’s Computers
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2018 Guardian Digital, Inc. All rights reserved.