|
Source: ZDNet Security - Posted by Alex
|
Technology and cloud giant Accenture has confirmed it inadvertently left a massive store of private data across four unsecured cloud servers, exposing highly sensitive passwords and secret decryption keys that could have inflicted considerable damage on the company and its customers. |
|
|
Source: Dan Walsh - Posted by Alex
|
The kernel has a feature where it will load certain kernel modules for a process, when certain syscalls are made. For example, loading a kernel module when a process attempts to create a different network socket.
|
|
|
Source: LinuxSecurity Contributors - Posted by Anthony Pell
|
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. |
|
|
Source: The Register UK - Posted by Alex
|
Virtual private network provider PureVPN helped the FBI track down an Internet stalker, by combing its logs to reveal his IP address. |
|
|
Source: ZDNet Security - Posted by Alex
|
Mozilla has launched a pilot program using Cliqz technology to pull user browsing data in Firefox. |
|
|
Source: ZDNet Security - Posted by Dave Wreski
|
Defending against cyber-attacks is as big a challenge for the UK as protecting against terrorism, according to the director of GCHQ. |
|
|
Source: LinuxSecurity Contributors - Posted by Anthony Pell
|
Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. |
|
|
Source: ZDNet Security - Posted by Anthony Pell
|
Is encryption a threat to law and order, or an essential tool for staying secure online? Two events this week show how much disagreement there still is about it. |
|
|
Source: CSO Online - Posted by Alex
|
Google researchers disclosed seven serious flaws in an open-source DNS software package Dnsmasq, which is is commonly preinstalled on routers, servers, smartphones, IoT devices and operating systems such the Linux distributions Ubuntu and Debian. The most severe of the vulnerabilities could be remotely exploited to run malicious code and hijack the device.
|
|
|
Source: The Register UK - Posted by Alex
|
Yet another W3C API can be turned against the user, privacy boffin Lukasz Olejnik has warned – this time, it's in how browsers store and check credit card data. |
|
|
Source: ComputerWorld - Posted by Alex
|
Windows has long been the world’s biggest malware draw, exploited for decades by attackers. It continues today: The Carbon Black security firm analyzed 1,000 ransomware samples over the last six months and found that nearly 99% of them targeted Windows.
|
|
|
Source: Arbor Networks - Posted by Alex
|
Since 2015, ASERT has observed and followed a DDoS Botnet named Flusihoc. To date very little has been published about this family, despite numerous anti-virus and intrusion detection signatures created by various vendors. Flusihoc has remained persistent with multiple variants, over 500 unique samples in our malware zoo, and continued development. |
|
|
Source: ZDNet Security - Posted by Alex
|
A password leak vulnerability in a popular broadcast platform could allow hackers to hijack online radio stations.
The security flaw allows anyone to reveal the plaintext admin account and password for almost any radio station hosted on SoniXCast, a New York-based online broadcast site, boasting over 50,000 terrestrial and internet radio stations on its network. |
|
|
Posted by Dave Wreski
|
Keybase has launched a new service to encrypt git repositories for free.
Keybase, the provider of the Keybase security app for mobile phones and PCs, offers an open-source system supported by public-key cryptography to implement end-to-end encryption across your devices and communication. |
|