LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 7th, 2014
Linux Advisory Watch: April 4th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: February 20th, 2012 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit http://www.foofus.net/jmk/medusa/changelog

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.


  Passwords Suck: Learn About and Use Multi-Factor Authentication (Feb 14)
 

They are long, hard to remember (even if you have easier-to-remember phrases), moreso when new, and are largely a difficulty for users to user properly. Combined with the fact that many users choose easy-to-guess or easy-to-ascertain passwords based off of commonly-known facts about themselves and that they will try all of their passwords when told one isn't working…the list goes on.

  How to Become an Ethical Hacker (Feb 16)
 

Do viruses, DDoS attacks, or buffer overflows tickle your fancy? If so, you might consider becoming a legal hacker, aka an ethical hacker, "white hat" hacker, or penetration tester.

  RSA security flawed say researchers after collecting duplicate public keys (Feb 15)
 

Cryptography researchers collected millions of X.509 public key certificates that are publicly available over the web and found what they say is a shockingly high frequency of duplicate RSA-moduli keys.

  DDoS attackers start targeting IPv6 networks (Feb 17)
 

It had to happen: Criminals are trying to find holds in the IPv6 protocol by launching denial of service attacks. Cybercriminals have started launching distributed denial-of-service (DDoS) attacks against networks that transmit data over IPv6, according to a report published recently by DDoS mitigation vendor Arbor Networks.

  Google Wallet is Easy to Hack and Exploit (Feb 14)
 

Google Wallet, which initially launched in September of 2011, has decided to temporarily suspend its provisioning of prepaid cards as a result of two newly discovered security vulnerabilities. Recently, a security research team uncovered a potential threat to the overall security of the Google Wallet.

  Microsoft's struggle against bugs (Feb 15)
 

It has been ten years since Bill Gates famously emailed all Microsoft's employees declaring that data protection and system security should be the company's top priorities. Uli Ries describes the subsequent progress Microsoft has achieved in making its software more secure.

  StopTheHacker Helps Website Owners Combat Malware, Raises $1.1 Million (Feb 13)
 

StopTheHacker, an aptly named provider of SaaS-based website security services, has secured $1.1 million in first-round funding from public and private investors, including Runa Capital and former Bluecoat chief executive Brian NeSmith.

  The Pirate Bay's Peter Sunde: It's Evolution, Stupid (Feb 14)
 

In the case of The Pirate Bay, it's been particularly obvious. My fellow co-founders -- Fredrik Neij and Gottfrid Svartholm -- and I were convicted in 2009 of contributory copyright infringement. Last week the Supreme Court of Sweden refused to hear our appeal. We each face between four months and one year in prison. My sentence was eight months.

  Security Manager's Journal: Hackers phone home -- on our dime (Feb 13)
 

It's been a while since we've had a security breach worth mentioning (that we know of). Last week we had one, and it was an eye-opener.

  Privacy Tool Lets Users Quickly Rank Websites on Privacy Policies (Feb 15)
 

Website privacy policies, like end-user agreements, have become a morass of confusion that offer little in the way of clarity about what sites are and aren't tracking.A new tool and website launched today purports to clear some of the fog around this issue.

  Your address book is mine: Many iPhone apps take your data (Feb 14)
 

Last week, Path iPhone app users were surprised (and quite disgruntled) to learn that the innards of their address books contacts email addresses and phone numbers had been uploaded to and stored on Paths servers. After a public outcry, Path immediately amended its practice to request user permission, and deleted its records.

  New Waledac Variant Goes Rogue (Feb 16)
 

Remember the infamous Storm spamming botnet that later re-emerged as Waledac and was later silenced in a high-profile takedown led by Microsoft? It's baaaack -- and this time it's performing more malicious activity than sending annoying spam messages.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
'Snowden effect' has changed cloud data security assumption, survey claims
Galaxy S5 fingerprint scanner hacked with glue mould
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.