LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 20th, 2014
Linux Advisory Watch: October 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: April 18th, 2011 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

sec-wall: Open Source Security Proxy - sec-wall, a recently released security proxy is a one-stop place for everything related to securing HTTP/HTTPS traffic. Designed as a pragmatic solution to the question of securing servers using SSL/TLS certificates, WS-Security, HTTP Basic/Digest Auth, custom HTTP headers, XPath expressions with an option of modifying HTTP headers and URLs on the fly.

Book Review: Linux Kernel Programming - As Linux is implemented on increasingly wider number of devices, the number of people responsible for developing and maintaining Linux on those platforms have increased. As the level of maturity of the kernel increases, so does the complexity, capabilities, and size. This book provides the Linux programmer the tools necessary to understand the core aspects of the kernel and how to interface with it.


  EnGarde Secure Community 3.0.22 Now Available!
 

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.

  59 Open Source Tools That Can Replace Popular Security Software (Apr 13)
 

It's been about a year since we last updated our list of open source tools that can replace popular security software. This year's list includes many old favorites, but we also found some that we had previously overlooked.

  7 free security tools for Linux (Apr 13)
 

One of the big advantages of using Linux is that its security tends to be so much better than that of the competing alternatives. That's due in large part to the way Linux assigns permissions, but it's also certainly true that the open source operating system is targeted by malware writers far less frequently than Windows is, in particular, simply because it's less widely used and so much more diverse.

  Hacker 'Handshake' Hole Found In Common Firewalls (Apr 13)
 

Some of the most commonly-used firewalls are subject to a hacker exploit that lets an attacker trick a firewall and get into an internal network as a trusted IP connection.

  How is SSL hopelessly broken? Let us count the ways (Apr 11)
 

Every year or so, a crisis or three exposes deep fractures in the system that's supposed to serve as the internet's foundation of trust. In 2008, it was the devastating weakness in SSL, or secure sockets layer, certificates issued by a subsidiary of VeriSign.

  The encryption keys used to secure data have become the keys to the kingdom The encryption keys used (Apr 14)
 

Back in the mid 70s, the use of encryption in enterprises was pretty much unheard of. Soon companies started to introduce some encryption in limited instances, such as encoders on communication lines to encrypt financial transactions.

  If you can't beat 'em, hack 'em (Apr 15)
 

The phone rang at the branch of an American car dealership. On the line were employees of another branch, in need of urgent assistance: Their computer had frozen. They couldn't enter the information system of the sales network because their user name and password had been "locked," and they immediately needed new ones to continue working.

  US Postal Service Website Hit With 'Blackhole' Exploit (Apr 11)
 

The US Postal Service website received an unwelcome delivery this week of a new attack rapidly spreading among legitimate websites. USPS became the latest victim of the so-called "Blackhole" toolkit, a wildly popular website attack kit that's easy to use and provides obfuscation features that help it evade antivirus detection.

  Security firm Barracuda hit by cyberattack (Apr 12)
 

Security company Barracuda Networks was itself hit by a security breach over the weekend that exposed certain information from its databases. An unknown hacker, who apparently took credit for the break-in, launched an attack that exposed a list of Barracuda databases along with the names, phone numbers, and e-mail address of various Barracuda partners.

  Security researcher warns over Dropbox authentication security flaw (Apr 12)
 

Attackers able to get their hands on a Dropbox configuration file would be able to access and download any files a user synchronises through the service without betraying any signs of compromise, a security researcher has discovered.

  Can IPS appliances remain useful in a virtual-machine world? (Apr 13)
 

Intrusion-prevention system (IPS) vendors have not found it easy to recast their appliances for use in the virtual-machine (VM) environment. But now McAfee and Sourcefire claim to have overcome some hurdles, at least with VMware's VM.

  Facebook to share server secrets as part of "Open Compute Project" (Apr 11)
 

FACEBOOK said it would share details for its new server systems and computer rooms with other companies, hoping to set off what it characterised as an open movement for hardware design.

  U.S. shutters botnet, can disable malware remotely (Apr 14)
 

By seizing servers and domain names and getting permission to remotely turn off malware on compromised PCs, U.S. officials have disabled a botnet that steals data from infected computers.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
The Hacktivist as Angry Young Man
The Hacker Wars Hits NYC
CAINE Linux Distribution Helps Investigators With Forensic Analysis
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.