LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: September 19th, 2014
Linux Security Week: September 15th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: September 19th, 2014  19 September 2014 
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system.
 
OWASP Releases Latest App Sec Guide  19 September 2014 
Source: ThreatPost - Posted by Dave Wreski   
Security Projects Advocates with the web application security consortium OWASP published the latest iteration of its Testing Guide this week. The guide, celebrating its 10th anniversary this year, is an informational manual designed to teach developers how to build and maintain secure applications in the face of ongoing threats.
 
TOR users become FBI's No.1 hacking target after legal power grab  19 September 2014 
Source: The Register UK - Posted by Dave Wreski   
Privacy The FBI wants greater authority to hack overseas computers, according to a law professor. A Department of Justice proposal to amend Rule 41 of the Federal Rules of Criminal Procedure would make it easier for domestic law enforcement to hack into the computers of people attempting to protect their anonymity on the internet.
 
Google to turn on encryption by default in next Android version  19 September 2014 
Source: CSO Online - Posted by Anthony Pell   
Cryptography Google is turning on data encryption by default in the next version of Android, a step that mirrors broad moves in the technology industry to ensure better data security.
 
Qubes: The Open Source OS Built for Security  18 September 2014 
Source: Linux.com - Posted by Dave Wreski   
Security Projects This is why she and her team built Qubes OS, a security-focused open source operating system based on Fedora that, in essence, assumes that bugs are everywhere. Instead of running one kernel, Qubes isolates all functions into separate virtual machines using the Xen hypervisor.
 
Encryption goof fixed in TorrentLocker file-locking malware  18 September 2014 
Source: TechWorld - Posted by Anthony Pell   
Cryptography The developers of a type of malicious software that encrypts a computer's files and demands a ransom have fixed an error security experts said allowed files to be recovered without paying.
 
Rogue cell towers discovered in Washington, D.C.  17 September 2014 
Source: CSO Online - Posted by Anthony Pell   
Latest News Towards the end of July, ESD America, the makers of the ultra-secure CryptoPhone, said that their engineers and customers had discovered more than a dozen rogue cell towers (also known as interceptors or IMSI catchers) around the U.S.
 
FreeBSD Patches DoS Vulnerability  17 September 2014 
Source: Network World - Posted by Dave Wreski   
Intrusion Detection FreeBSD has patched a denial-of-service vulnerability that could affect a host of third-party packages built atop the UNIX-like operating system.
 
Middle-School Dropout Codes Clever Chat Program That Foils NSA Spying  17 September 2014 
Source: ThreatPost - Posted by Alex   
Network Security The National Security Agency has some of the brightest minds working on its sophisticated surveillance programs, including its metadata collection efforts. But a new chat program designed by a middle-school dropout in his spare time may turn out to be one of the best solutions to thwart those efforts.
 
SNMP DDoS Scans Spoof Google Public DNS Server  16 September 2014 
Source: ThreatPost - Posted by Dave Wreski   
Intrusion Detection The SANS Internet Storm Center this afternoon reported SNMP scans spoofed from Google’s public recursive DNS server seeking to overwhelm vulnerable routers and other devices that support the protocol with DDoS traffic.
 
How Boston Children's Hospital Hit Back at Anonymous  16 September 2014 
Source: Network World - Posted by Anthony Pell   
Latest News Hackers purportedly representing Anonymous hit Boston Children's Hospital with phishing and DDoS attacks this spring. The hospital fought back with vigilance, internal transparency and some old-fashioned sneakernet. That – and a little bit of luck – kept patient data safe.
 
Today's Security Hacks Are After More Than Bank Info  16 September 2014 
Source: Network World - Posted by Anthony Pell   
Privacy Customers cringe every time they hear about a bank, retail or healthcare hack that puts personal or financial data at risk. Today's hackers are after much more that credit card numbers, though -- and most firms are powerless to stop them.
 
Linux Security Week: September 15th, 2014  15 September 2014 
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
 
Here's What Hackers Can Do With Your CRM Data  15 September 2014 
Source: Forbes - Posted by Alex   
Hacks/Cracks It is clear why malware writers target TGT -0.1% such retailers as Home Depot HD -0.43% and Target. It is obvious, if not pathetic, why hackers break into the cloud to find and publish private nude photos of celebrities. But a company’s customer relationship management data? Well, yes.
 
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Sponsor:

 

Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.