LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 2nd, 2014
Linux Advisory Watch: August 29th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: December 3rd, 2012 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit http://www.foofus.net/jmk/medusa/changelog

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.


  Piracy raid nabs Winnie the Pooh, Linux's Secure Boot stand-off, Facebook's new ToS (Nov 26)
 

Police investigating a request from an anti-piracy group in Finland have hit a new low in the fight against copyright infringement, confiscating the Winnie the Pooh laptop of a nine-year-old girl. Torrent Freak reports that Finnish anti-piracy group CIAPC sent the web account holder a letter requesting 600 and a non-disclosure signature to make the problem go away.

  Newly Discovered Linux Rootkit Not Sophisticated But Effective (Nov 26)
 

Researchers are analyzing a new rootkit for 64-bit Linux systems that injects iFrames onto websites and redirects traffic to malicious sites that install additional malware. It also accesses the system's memory and leverages the kernel to help conceal itself.

  Yahoo Mail hijacking exploit selling for $700 (Nov 27)
 

An exploit selling for $700 may put millions of Yahoo Mail users at risk of having their e-mail account hijacked and their browsers redirected to malicious sites.

  Known keycard hack suspected in hotel room burglary (Nov 27)
 

A known hack of a popular hotel keycard reader was allegedly employed in the burglary of a woman's hotel room in Texas.

  LulzSec hacker faces 30 years to life (Nov 28)
 

Jeremy Hammond is in really big trouble. Or, perhaps, the government is just trying to "scare the (expletive) out of him," in the words of Kevin Mitnick, formerly known as the world's "most-wanted hacker" and now a security consultant.

  Hackers steal experts' email addresses from International Atomic Energy Agency server (Nov 28)
 

A group of hackers leaked email contact information of experts working with the International Atomic Energy Agency (IAEA) after breaking into one of the agency's servers.

  Antivirus biz's founder unmasked as noted Chinese hacker (Nov 29)
 

Antivirus startup Anvisoft was founded by an infamous Chinese hacker who allegedly cut his teeth exploiting Microsoft Office security holes to hack US defence contractors, it has emerged.

  Email hacks router (Nov 30)
 

A whole range of Arcor, Asus and TP-Link routers are vulnerable to being reconfigured remotely without authorisation. On his blog, security researcher Bogdan Calin demonstrates that just displaying an email within the router's own network can have far-reaching consequences: when opened, his specially crafted test email reconfigures the wireless router so that it redirects the user's internet data traffic.

  Linux rootkit news "provides some comic relief" (Nov 27)
 

About two weeks ago, a posting on the Full Disclosure Mailing List announced a new Linux rootkit.Indeed, the posting didn't just announce the malware, but included a fully-working sample.

  Forget Disclosure -- Hackers Should Keep Security Holes to Themselves (Nov 30)
 

The author of this opinion piece, aka "weev," was found guilty last week of computer intrusion for obtaining the unprotected e-mail addresses of more than 100,000 iPad owners from AT&T's website, and passing them to a journalist. His sentencing is set for February 25, 2013.

  Security Experts Blast iPad Hacker's 'Chilling' Conviction (Nov 29)
 

Computer-security experts worldwide took to Twitter and the Web last night (Nov. 20) to denounce the conviction of famed troll and hacker Andrew "Weev" Auernheimer.

  Local hotel thefts may involve security flaw (Nov 29)
 

Did a Houston man accused of breaking into Galleria-area hotels use a device that targets a security flaw present in millions of hotel rooms worldwide?

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.