Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.

Firefox gets an all-new private browsing mode (Dec 14)

It was just a few weeks ago that Firefox got a fresh security boost on the eve of its eighth birthday, but this week Mozilla gave users of its popular browser a better way to protect their privacy as well.
(Dec 10)

A surge in cloud and mobile options and shifts in who pays for tech present a fresh set of challenges for IT. Tell us about your biggest choices for the coming year
Samsung TV vulnerability could let a hacker change the channel (Dec 12)

f you're watching TV and the channel suddenly changes, you may not have sat on the remote control by accident.
Feds Charge Anonymous Spokesperson for Sharing Hacked Stratfor Credit Cards (Dec 10)

A Dallas grand jury has brought charges against Anonymous spokesman Barrett Brown stemming from the 2011 hack of intelligence vendor Stratfor Global Intelligence.
Feds Charge Anonymous Spokesperson for Sharing Hacked Stratfor Credit Cards (Dec 10)

A Dallas grand jury has brought charges against Anonymous spokesman Barrett Brown stemming from the 2011 hack of intelligence vendor Stratfor Global Intelligence.
(Dec 10)

Onity, the hotel security company, is replacing or repairing its Onity locks for free after design flaws left the locks vulnerable to being compromised with a $50 device, according to a report in Forbes.
ADFA hack a national security failure, expert finds (Dec 12)

A hacker has accessed personal details on thousands of Australia's future military leaders, a situation one expert has described as a national security failure.
Attorney General Secretly Granted Gov. Ability to Develop and Store Dossiers on Innocent Americans (Dec 14)

In a secret government agreement granted without approval or debate from lawmakers, the U.S. attorney general recently gave the National Counterterrorism Center sweeping new powers to store dossiers on U.S. citizens, even if they are not suspected of a crime, according to a news report.
(Dec 14)

Some of the distributed denial-of-service (DDoS) attacks that targeted the websites of U.S. financial institutions this week have peaked at 60 Gbps, according to researchers from DDoS mitigation provider Arbor Networks.
(Dec 14)

The internet infrastructure of 50Hertz, a power grid operator that runs 220 and 380 kilovolt transmission networks in Northern and Eastern Germany, was attacked by unidentified criminals on 20 November. The EurActiv European news portal reports that the CEO of 50Hertz, Boris Schucht, announced at an event in Brussels that a botnet had hit the high voltage power grid operator's web pages and email infrastructure with a DDoS attack.
Hacker nabs Yahoo! site backups (Dec 17)

A penetration tester has reportedly hacked Yahoo!, claiming to have gained access to website backup and database files for a dozen databases.
NASA hacker won't face prosecution in U.K. (Dec 17)

Self-confessed hacker Gary McKinnon will not now face legal action in the U.K. following a decision by the Crown Prosecution Service, but the U.S. extradition warrant remains open.