LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 27th, 2014
Linux Advisory Watch: October 24th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Advisory says to assume all Drupal 7 websites are compromised  30 October 2014 
Source: CSO Online - Posted by Anthony Pell   
Hacks/Cracks If your organization uses Drupal, you might have a serious problem on your hands. On October 15, Drupal urged users to apply an update that fixed a SQL Injection flaw. However, unless that patch was installed within seven hours, Drupal now says it's best to assume the website was completely compromised.
 
Parallels CTO: Linux container security is not the problem  30 October 2014 
Source: InfoWorld - Posted by Dave Wreski   
Security Projects Containerization technology has been a game-changer, powering Docker and other transformative software solutions. It's also garnered its share of criticisms about performance, security, and resiliency.
 
Pirate Bay founder guilty in historic hacker case  30 October 2014 
Source: The Local DK - Posted by Dave Wreski   
Latest News Pirate Bay founder Gottrid Svartholm Warg and his 21-year-old Danish co-defendant JLT have been found guilty by a Danish court of mounting the most serious computer hack in the country’s history.
 
BYOD: Why the biggest security worry is the fool within rather than the enemy without  29 October 2014 
Source: ZDNet Blogs - Posted by Alex   
Security The vast majority – 95 percent – of IT managers are prepared to admit that they are struggling to tackle all the potential security threats they face and 87 percent believe that the biggest threats came from mobile devices in the hands of careless employees, according to a new survey.
 
Hackers target unclassified White House network  29 October 2014 
Source: Network World - Posted by Alex   
Latest News Hackers targeted an unclassified White House network but did not damage any systems, a White House official said Tuesday.
 
Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data  29 October 2014 
Source: Wired - Posted by Dave Wreski   
Hacks/Cracks In his career-ending extramarital affair that came to light in 2012, General David Petraeus used a stealthy technique to communicate with his lover Paula Broadwell: the pair left messages for each other in the drafts folder of a shared Gmail account. Now hackers have learned the same trick. Only instead of a mistress, they’re sharing their love letters with data-stealing malware buried deep on a victim’s computer.
 
Linux botnet 'Mayhem' spreads through Shellshock exploits  28 October 2014 
Source: Network World - Posted by Alex   
Hacks/Cracks Shellshock continues to reverberate: Attackers are exploiting recently discovered vulnerabilities in the Bash command-line interpreter in order to infect Linux servers with a sophisticated malware program known as Mayhem.
 
Vulnerability in widely used 'strings' utility could spell trouble for malware analysts  28 October 2014 
Source: Network World - Posted by Dave Wreski   
Hacks/Cracks One of the first things a malware analyst does when encountering a suspicious executable file is to extract the text strings found inside it, because they can provide immediate clues about its purpose. This operation has long been considered safe, but it can actually lead to a system compromise, a security researcher found.
 
How To Hack Your Own Network And Beef Up Its Security With Kali Linux  28 October 2014 
Source: lifehacker - Posted by Dave Wreski   
Security Projects Kali Linux is a security-focused operating system you can run off a CD or USB drive, anywhere. With its security toolkit you can crack Wi-Fi passwords, create fake networks, and test other vulnerabilities. Here’s how to use it to give your own a network a security checkup.
 
NoMachine and Babylon Cloud Partner to Deliver Centralized ICT Resources  27 October 2014 
Source: LinuxSecurity Contributors - Posted by Administrator   
Latest News NoMachine technology features as part of Italian Babylon's cloud-based infrastructure-as-a-service offering
 
Linux Security Week: October 27th, 2014  27 October 2014 
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
 
Tor exit node mashes malware into downloads  27 October 2014 
Source: The Register UK - Posted by Alex   
Intrusion Detection A Tor exit node has been found slapping malware onto downloads as users exit the hidden network and enter the public web. Leviathan Security Group researcher Josh Pitts found the operator of the Russia-based node compromising binaries only a month after raising concerns of the possible attack.
 
Verizon’s ‘Perma-Cookie’ Is a Privacy-Killing Machine  27 October 2014 
Source: Wired - Posted by Dave Wreski   
Privacy Verizon Wireless has been subtly altering the web traffic of its wireless customers for the past two years, inserting a string of about 50 letters, numbers, and characters into data flowing between these customers and the websites they visit.
 
Linux Advisory Watch: October 24th, 2014  24 October 2014 
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system.
 
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Sponsor:

 

Yesterday's Edition
Pirate Bay founder guilty in historic hacker case
Parallels CTO: Linux container security is not the problem
Advisory says to assume all Drupal 7 websites are compromised
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.