Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Latest News
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

TurboTax’s Anti-Fraud Efforts Under Scrutiny  24 February 2015 
Source: Krebs on Security - Posted by Dave Wreski   
Two former security employees at Intuit — the makers of the popular tax preparation software and service TurboTax – allege that the company has made millions of dollars knowingly processing state and federal tax refunds filed by cybercriminals.
WebRTC killing Tor, VPN, IP Masking, Privacy  22 February 2015 
Source: Unhappy Ghost - Posted by Dave Wreski   
A recently discovered security flaw explained by TorrentFreak allows remote sites to take advantage of WebRTC (Web Real Time Communication, a feature built in to most browsers) to reveal a user's true IP address, even if they're connected to a VPN. Most sites aren't taking advantage of the flaw yet, but considering services like Hulu, Spotify, Netflix, and others are taking steps to identify and lock out VPN users, it's not a stretch to assume they'll start.
The Great Bank Heist, or Death by 1,000 Cuts?  17 February 2015 
Source: Krebs on Security - Posted by Dave Wreski   
I received a number of media requests and emails from readers over the weekend to comment on a front-page New York Times story about an organized gang of cybercriminals pulling off “one of the largest bank heists ever.” Turns out, I reported on this gang’s activities in December 2014, although my story ran minus many of the superlatives in the Times piece.
Lack of CSPRNG Threatens WordPress Sites  13 February 2015 
Source: ThreatPost - Posted by Dave Wreski   
WordPress has become a huge target for attackers and vulnerability researchers, and with good reason. The software runs a large fraction of the sites on the Internet and serious vulnerabilities in the platform have not been hard to come by lately. But there’s now a new bug that’s been disclosed in all versions of WordPress that may allow an attacker to take over vulnerable sites.
Facebook builds platform for companies to share cybersecurity threat data  11 February 2015 
Source: Network World - Posted by Dave Wreski   
Facebook has built a platform where organizations can share information about the security threats they face in order to better fend off cyberattacks.
Google Trades Technicality for Brevity With New SSL Warning  04 February 2015 
Source: ThreatPost - Posted by Anthony Pell   
Many users do not understand, let-alone listen to, browser-based SSL warnings. Google wants to change that and its newest browser warnings are based on years of interdisciplinary research about how human beings respond to warning signs.
A Heroin Dealer Tells the Silk Road Jury What It Was Like to Sell Drugs Online  30 January 2015 
Source: Wired - Posted by Dave Wreski   
For its two and a half years online, thousands of drug dealers sold every kind of narcotic imaginable on the anonymous online marketplace known as the Silk Road. But put one of the site’s heroin dealers in a courtroom and ask him questions under oath, and the scale and consequences of that drug empire suddenly seem much more real.
Report: Companies Still Not Patching Security Vulnerabilities  20 January 2015 
Source: ThreatPost - Posted by Dave Wreski   
The Cisco 2015 Annual Security Report is out and the findings are troubling as always: for every positive finding in the report, it seems, there is a negative finding, neutralizing any gains in the network security struggle.
Sony: A Game Changer for Cyber Attribution  12 January 2015 
Source: Security Ledger - Posted by Dave Wreski   
We’ve been writing a lot about the issue of cyber attribution in recent weeks, following the attack on Sony Pictures Entertainment in November. That incident has become something of a Rorschach Test for those in the information security field: revealing as much about the individual attempting to explain the Sony hack as about the attack itself.
2015 to see increased IoT risks, wider security skills gap  06 January 2015 
Source: ZDNet Blogs - Posted by Dave Wreski   
With Internet of Things (IoT) gaining more traction, such devices are expected to gain more attention from malicious hackers this year who will also be resorting back to social engineering tactics.
<< Start < Prev 1 2 3 Next > End >>

Results 11 - 20 of 857


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.