LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 15th, 2014
Linux Advisory Watch: August 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: July 11th, 2011 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Using the sec-wall Security Proxy - This article full of examples will show you various ways to test services secured using sec-wall, a feature-packed high performance security proxy. We'll be using cURL, a popular Linux command line tool and PycURL - a Python interface to cURL. As of version 1.0, sec-wall supports HTTP Basic auth, digest auth, custom HTTP headers, XPath-based authentication, WS-Security & SSL/TLS client certificates and each of the options is being shown below.

sec-wall: Open Source Security Proxy - sec-wall, a recently released security proxy is a one-stop place for everything related to securing HTTP/HTTPS traffic. Designed as a pragmatic solution to the question of securing servers using SSL/TLS certificates, WS-Security, HTTP Basic/Digest Auth, custom HTTP headers, XPath expressions with an option of modifying HTTP headers and URLs on the fly.


  Kevin Mitnick shows how easy it is to hack a phone (Jul 8)
 

British tabloid News of the World said today it is closing down over a phone hacking scandal in which workers for the Rupert Murdoch-owned newspaper allegedly snooped on voice mail messages left on the mobile phones of murder victims, as well as celebrities, politicians, and the British royal family.

  Vsftpd backdoor discovered in source code - update (Jul 5)
 

Chris Evans, aka Scary Beasts, has confirmed that version 2.3.4 of vsftpd's downloadable source code was compromised and a backdoor added to the code. Evans, the author of vsftpd which is described on its web site as "probably the most secure and fastest FTP server for Unix-like systems" was alerted on Sunday to the fact that a bad tarball had been downloaded from the vsftpd master site with an invalid GPG signature. It is not known how long the bad code had been online.

  Crytographer Len Sassaman, RIP (Jul 6)
 

Obituary Len Sassaman, a cryptographer and security researcher of high repute, has died aged 31. Sassaman maintained the Mixmaster remailer and he contributed to various other privacy projects, including OpenPGP. He also co-founded the annual CodeCon conference with Bram Cohen. He was security researcher and doctoral student at the Katholieke Universiteit in Leuven.

  Hackers target Apple server (Jul 5)
 

Hackers have posted a document that allegedly has user names and passwords for an Apple server. The find, posted via the AntiSec hacking campaign, appears to be a warning that Apple "could be a target too."

  Apple server gets hacked by group that steals ID information (Jul 6)
 

Apple is the latest company to come under cyber attack - by the same hackers blamed for infiltrating Sony's Playstation Network.

  iPhone hacked with zero-day font vulnerability (Jul 7)
 

Apple's newest iPhone devices have been hacked with a zero-day font vulnerability in the latest iteration of the JailbreakMe.com project.

  Hackers Select a New Target: Other Hackers (Jul 5)
 

The hackers, calling themselves the A-Team, assembled a trove of private information and put it online for all to see: names, aliases, addresses, phone numbers, even details about family members and girlfriends.

  10 Largest Hacker Attacks (Jul 7)
 

We have entered a golden age for the nefarious world of hackers. According to a recent study published by Verizon and the U.S. Secret Service, incidents of data compromise climbed more than 400 percent in 2010 from the previous year to 761 breaches.

  DDoS attack in March likely N.Korean work, says McAfee (Jul 6)
 

The cyber attacks that paralyzed a handful of major South Korean websites earlier this year were almost certainly carried out by North Korea or parties allied with the country, computer security company McAfee said Tuesday in a report.

  Update for BIND DNS server reduces crash risk (Jul 6)
 

Two vulnerabilities in the popular BIND 9 DNS server jeopardise the server's stability and can cause the service to crash. One of the flaws can be exploited remotely via specially crafted UPDATE requests and affects both recursive and authoritative servers. The developers say that the nature of the defect makes it impossible to prevent potential attacks using Access Control Lists (ACLs).

  Malicious activity alert: Anonymous hack-school grads come online in 30 days (Jul 8)
 

In about a month the first graduates of the new Anonymous hacking school could start having an impact on the frequency of cybercrime.

  Judge rules against Google in Street View 'Wi-Spy' lawsuit (Jul 5)
 

A federal judge has declined to dismiss charges against Google that it allegedly violated the Federal Wiretap Act when it collected personal data from Wi-Fi networks.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
State-of-the-art spear phishing and defenses
Linux kernel source code repositories get better security
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.