Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.

(Mar 19)

While you were waiting in line for the new iPad on Friday, or avoiding the mad-dash-gadget-grab altogether, hackers had already found several ways to jailbreak the coveted Apple device.
Chinese hack Microsoft (Mar 20)

Chinese hackers apparently have gained access to Microsoft problem details even before a company patch was released and security researchers are worried the leak came directly from Microsoft's secured website.
(Mar 22)

As the digital world becomes more and more complex, the need for deliberate, thorough security grows. Yes, we know, you've got everything "password protected." And yes, not every hacker is like the guys in the movies who are able to keyboard their way through complicated layers of encrypted, password-protected security faster than a gamer boots up a new version of Call of Duty.
How To Secure DNS with DNSCrypt (Mar 20)

This open-source software for Mac and Linux does for DNS what SSL does for HTTP: It encrypts DNS traffic to prevent spoofing, snooping, and man-in-the-middle attacks.
Stolen encryption key the source of compromised certificate problem (Mar 19)

When Kaspersky Lab last week spotted code-signed Trojan malware dubbed Mediyes that had been signed with a digital certificate owned by Swiss firm Conpavi AG and issued by Symantec, it touched off a hunt to determine the source of the problem.
(Mar 22)

The world of online security is frenetically paced, with a constant, ongoing battle between software companies and hackers.
(Mar 19)

WikiLeaks founder Julian Assange, a thorn in the side of the U.S. government thanks to his posting of classified information, will run for a seat in the Australian Senate in spite of being held in the United Kingdom on house arrest. His organization posted the development on Twitter.
(Mar 22)

No one who has seen it forgets the "Twilight Zone" episode about a town in Ohio that lives in terror of a 6-year-old born with godlike powers. One man who opposes the boy finds himself turned into a jack-in-a-box for thinking "bad thoughts." If the "hacktivist" collective known as Anonymous has something in common with a willful, dangerous child, then Aaron Barr is the adult who got in trouble for thinking bad thoughts.
(Mar 23)

Activists such as "Anonymous" who hack into government and corporate computer networks and then release files to embarrass those organisations were responsible for more than half of all known data thefts last year, according to a new survey.
IBM Says Security Threats Mount Despite More Awareness (Mar 22)

Nick Bradley, senior manager for IBM (NYSE: IBM) global security operations, said despite more awareness, computer center managers need to be vigilant against cyberattacks.
The Zero-Day Salesmen (Mar 23)

At a Google-Run competition in Vancouver last month the search giant's famously secure Chrome Web browser fell to hackers twice. Both of the new methods used a rigged