Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Linux Security Week: June 27th, 2011 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. Feature Extras:

Using the sec-wall Security Proxy - This article full of examples will show you various ways to test services secured using sec-wall, a feature-packed high performance security proxy. We'll be using cURL, a popular Linux command line tool and PycURL - a Python interface to cURL. As of version 1.0, sec-wall supports HTTP Basic auth, digest auth, custom HTTP headers, XPath-based authentication, WS-Security & SSL/TLS client certificates and each of the options is being shown below.

sec-wall: Open Source Security Proxy - sec-wall, a recently released security proxy is a one-stop place for everything related to securing HTTP/HTTPS traffic. Designed as a pragmatic solution to the question of securing servers using SSL/TLS certificates, WS-Security, HTTP Basic/Digest Auth, custom HTTP headers, XPath expressions with an option of modifying HTTP headers and URLs on the fly.

  LulzSec Leak Reveals iPhone Apps That Worry Police (Jun 24)

Hacker group LulzSec has struck again, this time targeting Arizona law enforcement by releasing thousands of pages of confidential documents and communications presumably acquired in a security breach. Among those documents are several that show law enforcement's special interest in the iPhone and other smart phones.

  Suspected LulzSec player arrested, in custody in London (Jun 21)

The day the authorities have been waiting for is finally here: A possible LulzSec leader has been arrested. He is 19-years-old and was arrested in Essex, England thanks to a cooperative effort between FBI and Scotland Yard.

  Lulz hackers on cyber attack chaos: 'It's funny' (Jun 20)

Computer hackers who have hit the websites of the CIA, US Senate, Sony and others during a month-long rampage said that they were staging the attacks for their own entertainment.

  Storing passwords in uncrackable form (Jun 21)

News about intrusions into the servers of online stores, games vendors and other internet services can now be read on an almost daily basis. Often, the intruders obtain customers' login data including their passwords. As many people use the same password in multiple places, criminals can use the passwords to obtain unauthorised access to further services.

  Ubuntu Linux, Day 21: Enough Already With the Updates! (Jun 23)

We are heading into the home stretch on the 30 Days With Ubuntu Linux series. If I were to score Ubuntu Linux today, it would get generally high marks, but there is one thing that has really been annoying me--the updates.

  Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges (Jun 22)

Former Department of Homeland Security chief Michael Chertoff said combating groups like LulzSec and Anonymous pose a unique problem for law enforcement because "the big challenge is attribution." However, it's possible that the U.S. government could find itself in a cyberwar with a network.

  LulzSec members to be outed by Netherlands hacking group (Jun 23)

A hacking group in the Netherlands promises to publish photos, phone numbers and addresses of LulzSec members in response to similar treatment by LulzSec.

  Essex 'hacker' Ryan Cleary's mother tells of 'suicide' threat (Jun 23)

Ryan Cleary, the Essex teenager accused of a string of hacking attacks, threatened to commit suicide if his computer was taken away, his mother has disclosed.

  Bitcoin Prices Plummet on Hacked Exchange (Jun 20)

The Bitcoin community faced another crisis on Sunday afternoon as the price of the currency on the most popular exchange, Mt.Gox, fell from $17 to pennies in a matter of minutes. Trading was quickly suspended and visitors to the home page were redirected to a statement blaming the crash on a compromised user account. Mt.Gox's Mark Karpeles said that the exchange would be taken offline to give administrators time to roll back the suspect transactions.

  Hack Attack (Jun 23)

So who would you like to hack today? A bank, a website, a corporation or perhaps a government agency that's rubbing you the wrong way? The hacktivist group LulzSec is taking requests. Or maybe you'd like to get your hands on some stolen credit-card accounts to boost your personal spending level or purchase some malware that will divert a business's payments from its vendors to you.

  Dropbox left document storage accounts open for four hours (Jun 21)

Online storage service Dropbox accidentally turned off password authentication for its 25 million users for four hours on Monday -- although "much less than 1 percent" of those accounts were accessed during the period, the company said. It is still investigating whether any of those accounts were improperly accessed.

  LulzSec disbands: Final cache includes AT&T internal data and 750,000 user accounts (Jun 26)

After fifty days of releasing vast caches of confidential data, from police units through to government departments, LulzSec announced on its Twitter feed this evening that it is to disband. But it seems that LulzSec wasn't in it for the ‘lulz' after all.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.