Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 23rd, 2015
Linux Advisory Watch: March 20th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Host Security
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Remotely Viewing A User’s Web History With CSS  07 December 2009 
Source: The Coffee Desk - Posted by Alex   
Throughout the years, there have been several JavaScript/CSS/VBScript exploits in various browsers (and by “various”, I mean mostly Internet Explorer) that allow a remote site to view a user’s complete web history.
Linux and the sheer utter misery of viruses  03 December 2009 
Source: ComputerWorld UK - Posted by Anthony Pell   
In our cosy *nix world we don't suffer from viruses, or rather we didn't. But thanks to an amazing piece of reverse engineering we have SAMBA, and SAMBA allows Windows machines to talk to Linux (and Solaris) networks and store files on them.
Web VPN solutions circumvent browser security model  02 December 2009 
Source: H Security - Posted by Alex   
US-CERT has stated that clientless SSL VPN products from various vendors' tear a hole in browser security mechanisms, allowing theft of cookies and access data. Clientless SSL VPNs rely on a secure internet connection between a user's web browser and a company web server serving various applications for out-of-office staff and providing access to additional intranet services. The solutions are known as 'clientless' because they do not require a dedicated VPN client.
Heap Spraying: Attackers' Latest Weapon Of Choice  01 December 2009 
Source: Dark Reading - Posted by Alex   
Difficult to detect reliably, heap spraying was behind an exploit of IE and Adobe Reader. Computer security has been described as a game of one-upmanship, an ongoing escalation of techniques as both sides attempt to find new ways to assault and protect system vulnerabilities. The most prevalent forms of incursion over the last decade have been aimed at computer memory -- and of these, the newest, most popular weapon of choice for attackers is a technique known as "heap spraying."
Rootkit Hunter v1.3.6 Available  30 November 2009 
Source: rkh Project - Posted by Dave Wreski   
The Rootkit Hunter project team is pleased to announce the release of version 1.3.6. This release offers more ease of use and improved rootkit and malware checks.
Chrome OS Security Overview  25 November 2009 
Source: OS News - Posted by Alex   
Google has put up a very interesting document explaining the security features underlying its Chrome OS. The document also details the underlying guiding principles of Chrome OS' security features. In short, it comes down to process isolation, secure auto-update, verified boot, encryption, and more.
Where Google Chrome security fails: the password  24 November 2009 
Source: IT World - Posted by Anthony Pell   
A lot of people, including me, are excited about Chrome OS, Google's forthcoming desktop operating system. One of the things that has people worked up is Chrome OS' improved security over Windows. That's true. It should be better, and I'll talk more about that tomorrow, but before you get too excited about that you should know that Chrome has its elephant sized security problem.
Pros and Cons of Windows 7 Security  24 November 2009 
Source: CIO Magazine - Posted by Anthony Pell   
The recently released Microsoft Security Intelligence Report highlights the vast improvements in security from Windows XP to Windows 7. Even so, no operating system is perfect. I asked security experts what they think about Windows 7 security and came up with a list of what Microsoft got right and where Microsoft is still missing the mark.
Zero-day Flaws in Firefox Extensions Found  23 November 2009 
Source: OS News - Posted by Alex   
One of the main reasons why Firefox has become so successful is its extension framework, and the large community of extensions developers that has grown around it. What many users are not aware of, however, is that extensions are a bit of a security nightmare.
Fedora 12 lets unprivileged users install packages  19 November 2009 
Source: LWN - Posted by Anthony Pell   
Fedora bug #534047 contains an interesting Fedora 12 surprise: "PackageKit allows you to install signed content from signed repositories without a password by default. It only asks you to authenticate if anything is unsigned or the signatures are wrong." So any user can install any package found in the official repository. Some Fedora developers, at least, seem to see this as a feature; see this rapidly-growing thread for the discussion.
<< Start < Prev 4 5 6 Next > End >>

Results 51 - 60 of 816


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
OpenSSL Mystery Patch is No Heartbleed
Study: One-third of top websites vulnerable or hacked
Threat-sharing cybersecurity bill unveiled
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.