Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.

Mozilla knew of Pwn2Own bug before CanSecWest (Mar 14)

The vulnerability was described as a "memory safety problem in the array.join function" and was bundled into a security advisory that carries a critical rating.
(Mar 14)

During the five-month period between October and February, there were 86 reported attacks on computer systems in the United States that control critical infrastructure, factories and databases, according to the Department of Homeland Security, compared with 11 over the same period a year ago.
Anti-Anonymous hacker threatens to expose them (Mar 13)

As if things couldn't get any worse for the hacktivists of Anonymous, the self-described patriotic hacker who calls himself The Jester has struck another blow.
Microsoft: Critical worm hole could be exploited within 30 days (Mar 14)

Listen up, this one is serious. There is a critical vulnerability in many versions of Windows, which could be exploited to spread a worm automatically between vulnerable computers.
LinkedIn is a hacker's dream tool (Mar 12)

If you use LinkedIn, you've probably told the site where you work, what you do and who you work with. That's a gold mine for hackers, who are increasingly savvy in using that kind of public -- but personal -- information for pinpoint attacks.
Porn site breached in hack attack (Mar 12)

Hackers claim to have stolen the details of more than 73,000 subscribers to porn site Digital Playground.
(Mar 16)

Live presentation of bug discovery in Citrix ICA binary
(Mar 12)

Skilled, profane and bombastic, the hacker who called himself Sabu had loyalists and critics. He also had admirers who marveled at his antics from afar, even as they disdained his tactics. That admiration helped explain the attraction of the Anonymous movement that Sabu came to represent.
Got Privacy? Ubuntu Linux 12.04 Will Help Ensure It. (Mar 11)

Say the word "privacy," and most of us think of online privacy--along with the never-ending battle against spyware, tracking, and other opponents of the cause.
Accused Irish LulzSec hacker worked in security (Mar 12)

One of the people accused by U.S. authorities of being at the core of Lulz Security, perhaps the most feared hacking group on the planet, led a nonprofit group in Galway, Ireland, dedicated to making websites more secure.
'Anonymous operating system' prompts security warnings (Mar 16)

Warnings have been issued to internet users who have downloaded an operating system purportedly created by members of the Anonymous hacker group.
Annual Hacker Competition sees researchers target Chrome (Mar 12)

It's that time again folks, the hosting of the Pwn2Own hacking contest. This year has, for the first time, seen Google's Chrome browser fall almost immediately to two zero-day exploits, which had avoided discovery for the past three years.