LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 28th, 2014
Linux Advisory Watch: November 21st, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: May 16th, 2011 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

sec-wall: Open Source Security Proxy - sec-wall, a recently released security proxy is a one-stop place for everything related to securing HTTP/HTTPS traffic. Designed as a pragmatic solution to the question of securing servers using SSL/TLS certificates, WS-Security, HTTP Basic/Digest Auth, custom HTTP headers, XPath expressions with an option of modifying HTTP headers and URLs on the fly.

Book Review: Linux Kernel Programming - As Linux is implemented on increasingly wider number of devices, the number of people responsible for developing and maintaining Linux on those platforms have increased. As the level of maturity of the kernel increases, so does the complexity, capabilities, and size. This book provides the Linux programmer the tools necessary to understand the core aspects of the kernel and how to interface with it.


  EnGarde Secure Community 3.0.22 Now Available!
 

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.

  The Linux vs. Windows Security Mystery (May 13)
 

"NSA recommending Vista for home security is merely a reflection of the reality of monopoly in the retail space," said blogger Robert Pogson. "In the USA probably as few as 2 to 3 percent of users use GNU/Linux, so a recommendation is almost useless." Those who are serious about security "are already aware of SELinux, a product of the NSA. The NSA is merely recommending that folks move on from XP, a poor OS poorly supported by M$."

  Everything is Hackable, and Cyber Criminals Can't Be Tracked (May 11)
 

Rarely a day goes by without news emerging about a giant company losing large amounts of sensitive data to a massive hacker attack. It might be Google one day, Sony the next, and a country's government agency the day after. Just replace the names, rinse, and repeat.

  Is Linux Really More Secure than Windows? (May 15)
 

Common wisdom has held for years that Linux is superior to Windows when it comes to security issues. But now that open source is growing in popularity both on the consumer side (think Android phones) and the enterprise side (Linux runs the 10 fastest supercomputers in the world, for example, according to Wikipedia), it's time to push past the adage and look again at the whole "which is safer" issue.

  Apache Web Server Under Stealth Attack (May 9)
 

Online attackers seem to love to exploit Web servers, because they can add scripts that quickly and automatically add malicious links to static HTML pages via an iFrame tag, or code that attempts to exploit website visitors' PCs via drive-by downloads.

  Windows Vista for Better Security? I Don't Think So. (May 10)
 

The National Security Agency (NSA) recently published a report, "Best Practices for Keeping Your Home Network Secure" (PDF) in which it makes numerous recommendations designed to help home computer users avoid malware and other common problems.

  Hackers' website comes under attack (May 11)
 

A website used to co-ordinate computer attacks on Sony and other big companies by members of Anonymous has itself come under assault in what security experts and veterans of the organisation see as evidence of a split within the hacking group.

  What the Sony PlayStation Network Attack Can Teach Us About Database Security (May 12)
 

Sony's PlayStation Network was breached between April 17 and April 19 and was taken offline by Sony on April 20. At the time of this writing, the service is still not available and it might not be available until the end of May. Much speculation has ensued on what has actually happened and the information released by Sony does not always match up with what is published elsewhere in print or on the Internet.

  VoIP hacking on the increase (May 9)
 

Businesses that implement VoIP (voice over IP) telephony systems on their local or wide area networks must ensure that they have effective protection against the growing incidence of VoIP hacking.

  Self-Encrypting Hard Drives Face Perception Challenge (May 10)
 

One-third of security professionals who handle encryption don't understand self-encrypting hard disk drives. In particular, they're unsure whether the drives are better or worse than software-based encryption for preventing tampering, managing encryption, or handling authentication keys.

  Whitehats break out of Google Chrome sandbox (May 10)
 

Researchers say they've developed attack code that pierces key defenses built into Google's Chrome browser, allowing them to reliably execute malware on end user machines.

  The rising use of SSL raises new risks (May 12)
 

As more applications turn to SSL to help keep users secure, they may also be inadvertently hampering the ability of enterprises to ensure malicious code and exploits are not slithering through network traffic from the endpoint.

  Apache HTTP Server update fixes remote DoS issue - Update (May 12)
 

The Apache HTTP Server developers have released version 2.2.18 of the eponymous web server as a bug fix and security fix release. The security fix is needed because of a vulnerability to a Denial of Service (DoS) attack; the vulnerability is rated as moderate.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.