LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 1st, 2014
Linux Security Week: July 28th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: January 16th, 2012 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit http://www.foofus.net/jmk/medusa/changelog

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.


  Linux Takes on a Bigger Role at This Year's CES (Jan 11)
 

The annual Consumer Electronics Show (CES) event is always a fun place to learn about the latest new gadgets coming down the pike, but--aside from Google's ubiquitous Android platform--Linux has not typically played a starring role.

  How To Prevent An Illicit Data Dump (Jan 11)
 

The headline occurs almost every day lately -- a large enterprise or government agency loses a huge cache of data through the actions of an employee. Whether it's a malicious theft and posting, a la WikiLeaks, or an unintentional compromise of sensitive business information, the affected organization is put in a position of serious risk.

  Wireshark 1.4.x and 1.6.x updates close security holes (Jan 12)
 

Versions 1.4.11 and 1.6.5 of the open source Wireshark network protocol analyser have been released, fixing bugs and closing holes found in the previous builds. The maintenance and security updates to the cross-platform tool fix several vulnerabilities that could be exploited by an attacker to cause a denial-of-service (DoS) or compromise a victim's system.

  Hackers hit Stratfor again, but this time just for laughs (Jan 9)
 

The hackers behind the year-end attack on the security consulting firm Stratfor have struck again, although this time it appears they are just out for a few laughs.

  Use An iPhone? Yup, The Government Tracks That (Jan 10)
 

Last week, an Indian hacker crew successfully broke into a secured Indian military government network. The group, the Lords of Dharmaraja, posted documents that infer Apple, Nokia, and Research In Motion gave the Indian government backdoor access to their devices in exchange for mobile phone market rights.

  Reddit Founder, DNS Hacker And Other SOPA Critics Will Address Congress In Hearing (Jan 10)
 

Opponents of the Stop Online Piracy Act, the bill that threatens to block large swathes of foreign websites for alleged copyright infringement, have complained that Congress has yet to hear their voice. In the initial hearing and markup of the bill in Congress, the only outside critic of the bill invited as a witness was Google, whose opposition to the act was largely dismissed as an isolated exception.

  Passwords aren't dead, though maybe yours should be (Jan 9)
 

It's 2012. The password is dead. Long live the password. Perhaps the division in the IT world is not quite that stark, but there is indeed division. Some think it is past time to retire passwords, for what they say is the obvious reason: They don't protect users, since they are so easily hacked.

  Symantec Source Code Scattered to the Winds (Jan 9)
 

Hackers have posted the source code for two Symantec security products, claiming they obtained the information from systems belonging to Indian military intelligence. The products affected are four and five years old, Symantec said. "If the source code from product released in the past three or four years was compromised, I'd be pretty concerned," said security consultant Randy Abrams.

  German cops hacked in revenge for dad spying on daughter (Jan 10)
 

An infiltration of a German federal security system last year has been traced back to a botched attempt by an unnamed security official to use a Trojan to monitor his daughter's internet usage, Der Spiegel reports.

  Pirate Bay block prompts Anonymous to launch DDOS (Jan 11)
 

Anonymous has struck the websites of two anti-piracy organizations, a day after Finnish ISP Elisa blocked access to The Pirate Bay search engine in response to an injunction requested by one of the organizations.

  Judge bans stolen student sex pics sharing on BitTorrent (Jan 12)
 

Conservative MP Louise Mensch has welcomed a landmark ruling in an internet bullying case as an advance for individual liberty. The case involved an anonymous student, known for the purposes of the case as "AMP", whose photographs were distributed by P2P software after her mobile phone was lost or stolen.

  Top SMB Security Worries: Intellectual Property, Mobile (Jan 12)
 

The more things change, the more they stay the same. That pretty much sums up the information security landscape for small and midsize businesses (SMBs) in the year ahead, according to the head of Blue Coat Security's research lab.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Attackers can easily create dangerous file-encrypting malware, new threat suggests
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.