LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: July 25th, 2014
Linux Advisory Watch: July 18th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: July 25th, 2014  25 July 2014 
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system.
 
What I Learned from Edward Snowden at the Hacker Conference  25 July 2014 
Source: Motherboard - Posted by Anthony Pell   
Privacy It was 1 PM last Saturday and Edward Snowden was about to be televised. His audience was the crowd at the Hackers On Planet Earth conference, a group of people no one would ever mistake for attendees at a political convention. Amid the sea of black clothing were many unconventional fashion statements: purple bandanas and balloon pants, and tartan kilts, and white robes, and green hair.
 
The Barnaby Jack Few Knew: Celebrated Hacker Saw Spotlight as 'Necessary Evil'  25 July 2014 
Source: Bloomberg BusinessWeek - Posted by Dave Wreski   
Latest News When celebrated computer hacker Barnaby Jack died suddenly a year ago at the age of 35, headlines around the world touted the Steve Jobs-style pizazz he brought to cyber-security conferences and his show-stopping stunts such as breaking into ATMs and pacemakers. In hacker circles, he was known as the life of the party.
 
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade  25 July 2014 
Source: The Register UK - Posted by Dave Wreski   
Vendors/Products Mozilla has released a bug-and-security update for Firefox, with 11 security fixes, three of them critical. Chief among the security patches is a use-after-free bug the organisation says was discovered by one James Kitchener.
 
Four fake Google haxbots hit YOUR WEBSITE every day  25 July 2014 
Source: The Register UK - Posted by Dave Wreski   
Hacks/Cracks One in every 24 Googlebots is a imitation spam-flinging denial of service villain that masquerades as Mountain View to sneak past web perimeter defences, according to security chaps at Incapsula. Villains spawn the "evil twins" to hack and crack legitimate websites and form what amounted to the third most-popular type of DDoS attack to scourge the internet.
 
Homeland Security gets into software security  24 July 2014 
Source: ZDNet Blogs - Posted by Dave Wreski   
Latest News No, I am not making this up. At OSCon, The Department of Homeland Security (DHS), best known to you as the people checking up on you between the airport parking lot and your flight, quietly announced that they're now offering a service for checking out your open-source code for security holes and bugs: the Software Assurance Marketplace (SWAMP).
 
How Hackers Hid a Money-Mining Botnet in Amazon’s Cloud  24 July 2014 
Source: Wired - Posted by Dave Wreski   
Intrusion Detection Hackers have long used malware to enslave armies of unwitting PCs, but security researchers Rob Ragan and Oscar Salazar had a different thought: Why steal computing power from innocent victims when there’s so much free processing power out there for the taking?
 
Black Hat presentation on TOR suddenly cancelled  23 July 2014 
Source: CSO Online - Posted by Dave Wreski   
A presentation on a low-budget method to unmask users of a popular online privacy tool, TOR, will no longer go ahead at the Black Hat security conference early next month.
 
A Convicted Hacker and an Internet Icon Join Forces to Thwart NSA Spying  23 July 2014 
Source: Wired - Posted by Dave Wreski   
Server Security The internet is littered with burgeoning email encryption schemes aimed at thwarting NSA spying. Many of them are focused on solving the usability issues that have plagued complicated encryption schemes like PGP for years. But a new project called Dark Mail plans to go further: to hide your metadata.
 
Attackers raid SWISS BANKS with DNS and malware bombs  23 July 2014 
Source: The Register UK - Posted by Dave Wreski   
Network Security Attackers suspected of residing in Russia are raiding Swiss bank accounts with a multi-faceted attack that intercepts SMS tokens and changes domain name system settings, researchers have warned.
 
Anti-surveillance advocates want you to run an open, secure WiFi router  23 July 2014 
Source: Engadget - Posted by Alex   
Wireless Security Plenty of WiFi routers have guest modes for visitors; some companies base their entire business models around them. Many of these devices are full of security holes, however, and the Electronic Frontier Foundation doesn't see that as acceptable in an era where widespread government surveillance is a fact of life.
 
Hackers Could Take Control of Your Car. This Device Can Stop Them  22 July 2014 
Source: Wired - Posted by Dave Wreski   
Hacks/Cracks Hackers Charlie Miller and Chris Valasek have proven more clearly than anyone in the world how vulnerable cars are to digital attack. Now they’re proposing the first step towards a solution.
 
EFF wants hackers to help build an open, secure router  22 July 2014 
Source: The Inquirer - Posted by Dave Wreski   
Server Security DIGITAL RIGHTS GROUP the Electronic Frontier Foundation (EFF) is asking hackers to help it with its plans to build a secure but open router.
 
Router hacking competition announced for Defcon  22 July 2014 
Source: IT News AU - Posted by Dave Wreski   
Intrusion Detection Well-known manufacturers of residential and SME wireless routers will have reason to feel nervous as hackers at the annual DefCon security conference aim to break into their products to find undocumented vulnerabilities or so-called zero days.
 
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Sponsor:

 

Weekend Edition
Four fake Google haxbots hit YOUR WEBSITE every day
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
The Barnaby Jack Few Knew: Celebrated Hacker Saw Spotlight as 'Necessary Evil'
What I Learned from Edward Snowden at the Hacker Conference
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.