LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Hacks/Cracks
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



Study: One-third of top websites vulnerable or hacked  25 March 2015 
Source: CSO Online - Posted by Alex   
According to a new report from Menlo Security, one out of three of the top million websites are either vulnerable to hacking or already hacked. For example, attackers used the Forbes.com website last month for a quick watering hole attack.
 
Drupal SQL injection vulnerability attacks persist, despite patch release  23 March 2015 
Source: SC Magazine - Posted by Alex   
Nearly six months have passed since a major Drupal SQL injection vulnerability was disclosed, and yet attackers are continuing to try, sometimes successfully, to exploit websites that have failed to update their systems.
 
HTTPS Opens Door to Paid Pinterest Bug Bounty  18 March 2015 
Source: ThreatPost - Posted by Alex   
Pinterestís journey toward becoming a fully HTTPS website opened a lot of doors, including a potentially profitable one for hackers.
 
One of the Darknetís Biggest Markets May Have Just Stolen All Its Users' Bitcoin  18 March 2015 
Source: motherboard - Posted by Dave Wreski   
The administrators of one of the darknetís most popular markets for drugs and bespoke carjacking services may have just scammed its customers out of untold sums of money.
 
HTTPS-crippling FREAK attacks become cheaper and easier to carry out  17 March 2015 
Source: arsTechnica - Posted by Alex   
There's more bad news surrounding the HTTPS-crippling FREAK vulnerability that came to light two weeks ago. A recently completed scan of the Internet revealed 10 percent of servers that support the underlying transport layer security protocol remain susceptible.
 
CryptoLocker Variant Coming After Gamers  13 March 2015 
Source: ThreatPost - Posted by Dave Wreski   
Gamers may soon be feeling the pain of crypto-ransomware. A variant of CryptoLocker is in the wild that goes after data files associated with 20 different online games, locking downloadable content in an attempt to target younger computer users.
 
Dridex Banking Trojan Spreading Via Macros in XML Files  10 March 2015 
Source: ThreatPost - Posted by Dave Wreski   
Not long ago, criminals pushing the Dridex banking Trojan were using Microsoft Excel documents spiked with a malicious macro as a phishing lure to entice victims to load the malware onto their machines.
 
IoT's dark side: Hundreds of unsecured devices open to attack  09 March 2015 
Source: CSO Online - Posted by Alex   
A self-described security "amateur" discovered hundreds of Internet-connected devices ranging from cameras to industrial control systems that were connected to the Internet without even basic password protection -- meaning they could be easily turned on and off or otherwise manipulated with a single click of a mouse.
 
D-Link Routers Haunted by Remote Command Injection Bug -  03 March 2015 
Source: ThreatPost - Posted by Alex   
Some D-Link routers contain a vulnerability that leaves them open to remote attacks that can give an attacker root access, allow DNS hijacking and other attacks.
 
Bad movie: Hackers can raid networks with burnt Blu-Rays  02 March 2015 
Source: The Register UK - Posted by Alex   
British hacker Stephen Tomkinson has found two Blu-Ray-borne attacks. His first exploit relies on a poor Java implementation in a product called PowerDVD from CyberLink. PowerDVD plays DVDs on PCs and creates menus using Java, but the way Oracle's code has been used allows naughty folk to circumvent Windows security controls.
 
<< Start < Prev 1 2 3 Next > End >>

Results 1 - 10 of 2230
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.