LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: May 31st, 2011 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

sec-wall: Open Source Security Proxy - sec-wall, a recently released security proxy is a one-stop place for everything related to securing HTTP/HTTPS traffic. Designed as a pragmatic solution to the question of securing servers using SSL/TLS certificates, WS-Security, HTTP Basic/Digest Auth, custom HTTP headers, XPath expressions with an option of modifying HTTP headers and URLs on the fly.

Book Review: Linux Kernel Programming - As Linux is implemented on increasingly wider number of devices, the number of people responsible for developing and maintaining Linux on those platforms have increased. As the level of maturity of the kernel increases, so does the complexity, capabilities, and size. This book provides the Linux programmer the tools necessary to understand the core aspects of the kernel and how to interface with it.


  EnGarde Secure Community 3.0.22 Now Available!
 

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.

  Email accounts hacked in 15 minutes (May 27)
 

A recently posted video on YouTube teaches viewer's how to hack into someone's email account in just 15 minutes. The video showed a group of volunteers follow an online "man in the middle technique" tutorial. It showed them learn in just fifteen minutes how to hack into a computer network. It went on to show them using the technique to obtain each other's login details and passwords.

  Make your mark by stopping hackers (May 24)
 

I remember being excited when I was asked to use a sledgehammer to tear down a covered garage that wasn't approved by the city. It had been standing beside my girlfriend's house for years. You could tell it was built intelligently and with love. The supporting beams were twice as thick as required by code, and every nail and screw was driven straight. The lumber itself was top shelf, not a knot or bend in it.

  Apache Updates HTTP Web Server for Security and the Future (May 25)
 

The Apache HTTP Server powers the majority of web servers around the world. As such, when there is a security flaw, it's critical to fix it as quickly as possible.

  Fedora 15 Boosts Linux Security (May 25)
 

As the starting point for many IT perimeter defense architectures, the firewall is a critical piece of security technology. In the upcoming, Fedora 15 Linux distribution release, a new dynamic firewall technology will help to improve the critical cornerstone technology for server and desktop users.

  Apple standard procedures won't work with security (May 27)
 

On May 24, Apple posted a support forum entry on how to avoid or remove the MacDefender malware that's been plaguing an unknown number of users since early May. And I'm glad they did. But the support forum is way overdue, and Apple's standard method of responding to user issues--ignore them until they won't go away and then issue a response when the outcry gets too loud--simply won't fly where user security is at stake.

  Student collects 15 million Gmail addresses (May 27)
 

In his blog, a student from the University of Amsterdam reports that he gathered around 15 million Gmail addresses from Google user profiles within a month. Matthijs Koot analysed just under 35 million profile links from Google's profile site map, which is easily accessible on the company's servers.

  Black Hole Exploit Kit Available for Free (May 24)
 

Just a couple of weeks after the source code for the Zeus crimeware kit turned up on the Web, the Black Hole exploit kit now appears to be available for download for free, as well. Black Hole normally sells for $1,500 for an annual license, and is one of the more powerful attack toolkits on the market right now.

  Linkedin SSL vulnerability leaves accounts open to hacking (May 23)
 

AN INDEPENDENT insecurity researcher says there are multiple security vulnerabilities in the business social network Linkedin, due to the way it handles and transmits cookies over SSL.

  Red Hat Enterprise Linux 5.7 adds OpenSCAP (May 27)
 

From the 'You Can Teach an Old Dog New Tricks' files: With all the excitementaround Red Hat Enterprise Linux 6.1 last week, it's important to remember that most RHEL users are still likely on RHEL 5.

  Linguists use sounds to bypass Skype crypto (May 27)
 

Decryption is difficult and computationally expensive. So what if, instead of decrypting the content of a message, you found a correlation between the encrypted data and its meaning without having to crack the code itself?

  Timing attack threatens private keys on SSL servers (May 26)
 

Security researchers have discovered a "timing attack" that creates a possible mechanism for a hacker to extract the secret key of a TLS/SSL server that uses elliptic curve cryptography (ECC).

  Hacker Liability: How at Risk is Your Company? (May 24)
 

From MasterCard and Twitter to TJMaxx and Sony, companies of all sizes are under attack from hackers. The threat of these attacks has escalated to such a degree that many cybersecurity professionals will admit it is almost impossible to prevent them 100% of the time.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
DARPA-derived secure microkernel goes open source tomorrow
Hacker Gary McKinnon turns into a search expert
Hackers seed Amazon cloud with potent denial-of-service bots
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.