LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: September 19th, 2014
Linux Security Week: September 15th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: May 14th, 2012 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit http://www.foofus.net/jmk/medusa/changelog

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.


  Hacker, rootkit find place in new novel by infosec journalist (May 10)
 

With hacking groups like Anonymous and LulzSec stealing headlines and hackers from China, Brazil and everywhere else stealing secrets and technology, it's only natural that security and hacking are finding their way into movies and books these days.

  Tricks of the hacker (May 8)
 

Lately I have received a couple of suspicious emails that seem innocent and from people I know, mostly consisting of quick get rich schemes. Coming from a trusted friend it can seem genuine. But then the same type of message would come from different people on my contact list. So when I confront these people about the emails, fortunately without opening the links, they would say they didn't send such emails. So who did?

  Twitter breached, 50,000 accounts posted to Internet (May 10)
 

Twitter is investigating an apparent data breach that resulted in more than 50,000 user names and passwords being posted to the Internet. The data was posted across five pages (one, two, three, four, five) on Pastebin, a favorite site for hackers to post their ill-gotten gains. Ordinarily, when large files are involved, data thieves "tease" their exploits at the site and include a link to a site, like BitTorrent, that supports large file downloads. The maximum file size for Pastebin is 512KB.

  Everyone Has Been Hacked. Now What? (May 8)
 

The attackers chose their moment well.On Apr. 7, 2011, five days before Microsoft patched a critical zero-day vulnerability in Internet Explorer that had been publicly disclosed three months earlier on a security mailing list, unknown attackers launched a spear-phishing attack against workers at the Oak Ridge National Laboratory in Tennessee.

  Google Raises Bug Bounties to $20,000 (May 8)
 

Google has dramatically raised the bounties it pays independent researchers for reporting bugs in its websites, services and online apps.

  The Malicious Hacker's Ever-Sharper Eye (May 8)
 

There were an average of 94 targeted cyberattacks per day in November of last year, according to Symantec, and the trend appears to be growing. Targeted attacks are aimed at specific individuals inside an organization based on the information they have access to or the type of work they do. HR professionals, for example, are often targeted since opening email attachments is part of their day-to-day routine.

  Red Hat and IBM Achieve Top Security Certification for KVM Hypervisor (May 11)
 

Red Hat, Inc. RHT +2.03% and IBM IBM +0.49% today announced that Red Hat Enterprise Linux 5 with the KVM hypervisor on IBM Systems has been awarded Common Criteria Certification at Evaluation Assurance Level 4+ (EAL4+). The Common Criteria is an internationally recognized set of standards used by the federal government and other organizations to assess the security and assurance of technology products.

  FBI Wants Backdoors in Facebook, Skype and Instant Messaging (May 6)
 

The FBI has been lobbying top internet companies like Yahoo and Google to support a proposal that would force them to provide backdoors for government surveillance, according to CNET.

  PHP patches critical CGI vulnerability (May 9)
 

The PHP Group released PHP 5.4.3 and PHP 5.3.13 on Tuesday to address two remote code execution vulnerabilities, one of which is being actively exploited by hackers.

  Who's Afraid of a Big, Bad Hacking Story? (May 7)
 

"Security by obscurity does not work, and the more people who know about means of attack/vulnerability, the more secure our IT will be," opined blogger Robert Pogson. "Most people are good and decent and should be empowered to defend their computers and networks. Knowledge is the key."

  'Anonymous' hackers reportedly take down Putin website (May 9)
 

Activists from the hacker group 'Anonymous' blocked access to Russian President Vladimir Putin's website for several minutes on Wednesday, Reuters reports.

  Twitter hack breaches thousands of accounts (May 9)
 

A Twitter hacker on Monday revealed thousands of user names and passwords for the microblogging site, but here's the good news: Most of the compromised accounts appear to be spam.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Google to turn on encryption by default in next Android version
TOR users become FBI's No.1 hacking target after legal power grab
OWASP Releases Latest App Sec Guide
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.