Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.

HijackThis now open source (Feb 20)

Trend Micro has published the source code of its free anti-malware tool, HijackThis (HJT), on Sourceforge under a GPLv2 licence. Trend Micro says it will be maintaining the original source code but also incorporating modifications from the community.
(Feb 21)

The director of the National Security Agency says the hacktivist group is growing more powerful and could eventually attack our power grid. So beware.
(Feb 20)

An upcoming campaign announced by the hacking group Anonymous directed against the Internet's core address lookup system is unlikely to cause much damage, according to one security expert.
Hacker steals one million user logins from YouPorn website (Feb 23)

A million logins for the hugely popular YouPorn sex site appear to have been leaked after a hacker chanced upon a URL linking to a user list apparently left exposed for several years.
Hackers Were Scary in 1990 (Feb 20)

"Laughing at people talking about the internet decades ago" is one of our favorite video subgenres here at Gizmodo, and this specimen doesn't disappoint: a fatherly AT&T narrator explains the dangers of hackers. Look out! Your modem is under attack!
Hacking Quantum Cryptography Just Got Harder (Feb 22)

No matter how complex they are, most secret codes turn out to be breakable. Producing the ultimate secure code may require encoding a secret message inside the quantum relationship between atoms, scientists say.
(Feb 25)

For online security professionals, 2012 is turning out to be a banner year. Prominent hacks are taking place nearly every week. Credit card fraud and piracy on the Internet are booming. Hacktivist attacks against government computers and private companies are occurring almost daily.
Google says IE privacy policy is impractical in modern Web (Feb 21)

Microsoft's privacy protection feature in Internet Explorer, known as P3P, is impractical to comply with while providing modern web functionality such as cookie-based features, Google said Monday in response to an accusation from Microsoft that Google had bypassed privacy protections in Internet Explorer.
British Facebook hacker sentenced to eight months in prison (Feb 22)

We all know crime doesn't pay, but sometimes hacking does pay. More than a few so-called ethical (or White Hat) hackers have discovered a security vulnerability only to end up with a new job or hefty bounty.
(Feb 22)

Group claims to have found objectionable photos of children in officer's e-mails after breaking into police Web site and stealing passwords and other data.
Google also bypassed cookie settings in Internet Explorer (Feb 21)

Following the revelation that Google and other online marketing companies have been bypassing the mechanism for blocking third-party cookies in Safari, the Internet Explorer development team asked themselves whether Google might be doing the same thing in IE.
(Feb 24)

Much to the disappointment of the cyber security boffins who dedicate their professional lives to making the internet a safer place for us to enjoy, awareness of online security threats amongst the average computer user is extremely low.