LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: April 16th, 2012 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit http://www.foofus.net/jmk/medusa/changelog

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.


  Automating data encryption for new cloud architectures (Apr 9)
 

Cloud computing is the ideal environment for processing big data. For databases that scale horizontally, sometimes with a million or more fields and reaching multiple petabytes in size, it's possible to chunk up the data and spread it across hundreds or thousands of servers for parallel processing and analytics. It's an efficient and effective use of cloud technology.

  How to Hack Like a Pro: Getting Started with Metasploit (Apr 10)
 

This is my first contribution in an ongoing series on detailing the best free, open source hacking and penetration tools available. My goal is to show you some of the quality tools that IT security experts are using every day in their jobs as network security and pen-testing professionals. There are hundreds of tools out there, but I will focus and those that meet four key criteria

  How to secure your BIOS (Apr 9)
 

You probably don't interact with your PC's BIOS (Basic Input/Output Operating System) much, but it occupies a unique and highly privileged position in your computer's architecture.

  Why Not Use Port Knocking? (Apr 13)
 

The robots currently at work knocking around for your guessable password could easily be repurposed to guess your Unicode password currently known as your port knocking sequence, and quite likely have been already. Plus, we already have authpf(8) for network-level restrictions on access.

  Hackers claim they've snared Tunisian leader's emails (Apr 9)
 

A group claiming affiliation with activist hacker collective Anonymous says it has hacked 2,725 emails belonging to Tunisia's ruling Ennahda party, including those of the prime minister, in the latest challenge to the Islamist-led government.

  Megaupload User Demands Return of Seized Content (Apr 9)
 

An Ohio man is asking a federal judge to preserve data of the 66.6 million users of Megaupload, the file-sharing service that was shuttered in January following federal criminal copyright-infringement indictments that targeted its operators.

  Disguising Tor Traffic as Skype Video Calls (Apr 13)
 

To prevent the Tor traffic from being recognized by anyone analyzing the network flow, SkypeMorph uses what's known as traffic shaping to convert Tor packets into User Datagram Protocol packets, as used by Skype. The traffic shaping also mimics the sizes and timings of packets produced by normal Skype video conversations. As a result, outsiders observing the traffic between the end user and the bridge see data that looks identical to a Skype video conversation.

  Meet The 'Place Hacker' Who Trespassed And Scaled Europe's Tallest Building (Apr 10)
 

Very few people have taken in the magnificent view at the top of the Shard, the modern new tower that will be the tallest in Western Europe when it is finished in about a month's time. But last February, and in the dead of night, PhD graduate Bradley Garrett got together with two friends from London's urban exploration community to trespass the building and "place hack" it.

  Apple Delays, Hackers Play (Apr 13)
 

Jeroen Frijters describes himself as an "accidental" hacker, a guy who trips over security holes the way a pedestrian stumbles over a sidewalk crack. In July the Dutch software engineer discovered the Grand Canyon of sidewalk cracks: a serious vulnerability in Java, one of the most widely used programming languages and a building block of many websites. He reported the flaw to Oracle (ORCL), which oversees Java.

  Anonymous targets UK Government sites with DDoS - Update (Apr 9)
 

The hacktivist collective Anonymous are staging a distributed denial of service attack on the UK Government's Home Office, the Prime Minister's Number 10 and the Ministry of Justice web sites. The attacks began on the evening of Saturday 7 April and were claimed as the work of Anonymous in three tweets (1, 2, 3) by @YourAnonNews, the first of which read "TANGO DOWN - http://www.homeoffice.gov.uk/ (via @AnonymouSpoon) For your draconian surveillance proposals! Told you to #ExpectUs! #ANONYMOUS #AnonUK".

  Financial services industry sees DDOS attacks triple, says Prolexic (Apr 12)
 

The financial services industry saw nearly triple the number of distributed denial-of-service (DDOS) attacks during the first three months of this year compared to the same period last year, according to a report released Wednesday.

  Banks on the business end of DDoS attack surge - report (Apr 12)
 

Financial firms were in the crosshairs of cyber-attackers during the first three months of 2012, while a threefold increase in DDoS attacks was recorded.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Apache Warns of Tomcat Remote Code Execution Vulnerability
Cloud security: We're asking the wrong questions
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.