LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
5 keys to hiring security talent  01 April 2015 
Source: CSO Online - Posted by Anthony Pell   
Latest News Hiring (and retaining) data security talent is one of the toughest jobs today, especially after a slew of high-profile data breaches that have driven demand and salaries sky-high. Robert S. Allen, chief security officer at CNA, a major commercial insurance carrier, is tackling that challenge by making sure his company has an attractive story to tell job candidates.
 
DDoS Attack Against GitHub Continues After More Than Four Days  01 April 2015 
Source: ThreatPost - Posted by Alex   
Intrusion Detection More than four days after it began, the massive DDoS attack on GitHub is still ongoing. The attack has evolved significantly since it started and GitHub officials said they believe that the goal of the operation is to force the site to remove some specific content.
 
MongoDB Patches Remote Denial-of-Service Vulnerability  01 April 2015 
Source: ThreatPost - Posted by Dave Wreski   
Vendors/Products MongoDB, a popular NoSQL database used in big data and heavy analytics environments, has patched a serious denial-of-service vulnerability that is remotely exploitable.
 
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks  31 March 2015 
Source: Dark Reading - Posted by Alex   
Wireless Security News this week that guests at hotels around the world were exposed to malicious attacks from a gaping vulnerability in a popular network routing product is a reminder of the inherent risks business travelers face in connecting to the Internet from unfamiliar Wi-Fi access points.
 
EFF questions US government's software flaw disclosure policy  31 March 2015 
Source: Network World - Posted by Anthony Pell   
Government Itís not clear if the U.S. government is living up to its promise to disclose serious software flaws to technology companies, a policy it put in place five years ago, according to the Electronic Frontier Foundation.
 
Feds Charged With Stealing Money During Silk Road Investigation  31 March 2015 
Source: gizmodo - Posted by Dave Wreski   
Government Two former federal agents who investigated the Silk Road, the infamous online drug marketplace seized by the FBI in 2013, have been charged for their own outrageous digital crimes, including stealing money they acquired on their druggie undercover assignment.
 
Linux Security Week: March 30th, 2015  30 March 2015 
Source: LinuxSecurity Contributors - Posted by Anthony Pell   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
 
Linux Advisory Watch: March 27th, 2015  27 March 2015 
Source: LinuxSecurity Contributors - Posted by Anthony Pell   
Linux Advisory Watch Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system.
 
And the prize for LEAST SECURE BROWSER goes to ... Chrome!  27 March 2015 
Source: The Register UK - Posted by Alex   
Vendors/Products More vulnerabilities were discovered in Google Chrome last year than any other piece of core internet software Ė that's according to research that also found 2014 clocked record numbers of zero-day flaws.
 
FBI Quietly Removes Recommendation To Encrypt Your Phone  27 March 2015 
Source: TechDirt - Posted by Dave Wreski   
Privacy Back in October, we highlighted the contradiction of FBI Director James Comey raging against encryption and demanding backdoors, while at the very same time the FBI's own website was suggesting mobile encryption as a way to stay safe. Sometime after that post went online, all of the information on that page about staying safe magically disappeared, though thankfully I screenshotted it at the time:
 
How Kevin Mitnick hacked the audience at CeBIT 2015  26 March 2015 
Source: PC Pro UK - Posted by Dave Wreski   
CeBIT attendees on Thursday fell victims to a series of well-executed hacks. Thankfully, they werenít malicious in origin; instead, they were live demonstrations by notorious ex-hacker Kevin Mitnick.
 
Google warns of unauthorized TLS certificates trusted by almost all OSes  26 March 2015 
Source: Security Ledger - Posted by Alex   
Latest News Google is warning its users that unauthorized digital certificates have been issued for several of its domains. The certificates, issued by an intermediary certificate authority for the China Internet Network Information Center (CNNIC) may be used to impersonate official Google sites and other, as-yet unnamed Internet destinations.
 
Tech Companies, Privacy Advocates Call for NSA Reform  26 March 2015 
Source: ThreatPost - Posted by Dave Wreski   
Privacy A group of technology companies, non-profits and privacy and human rights organizations have sent a letter to President Barack Obama, the director of national intelligence and a wide range of Congressional leaders, calling for an end to the bulk collection of phone metadata under Section 215 of the USA PATRIOT Act.
 
Threat-sharing cybersecurity bill unveiled  25 March 2015 
Source: ZDNet Blogs - Posted by Dave Wreski   
Government The House of Representatives Intelligence Committee has introduced a bill which will make sharing cybersecurity data easier for companies by removing the prospect of being sued.
 
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Sponsor:

 

Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.