LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 21st, 2014
Linux Security Week: April 7th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: January 21st, 2013 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit http://www.foofus.net/jmk/medusa/changelog

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.


  Hackers claim new air traffic system can be hijacked (Jan 14)
 

The Federal Aviation Administration is in the midst of upgrading its air traffic control system at a cost of tens of billions of dollars. A big price might not fix an even bigger problem, though, as hackers suggest that system could be compromised.

  The Importance of Securing a Linux Web Server (Jan 15)
 

With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise.

  Fedora still has issues with secure boot (Jan 15)
 

Three days before its scheduled release, Fedora 18 still has some issues when confronted with a computer that is running Windows 8 with secure boot enabled, if one goes by the latest testing image available online.

  Java Security Vulnerability – How To Disable Java In Linux Browsers (Jan 14)
 

When the Homeland Security folks get into the mix and urge all computer users to disable Java in their browsers, you know it's serious. Indeed, the exploit announced yesterday seems to affect all operating systems, including Linux, and it's already being exploited. According to Trend Micro the flaw is already being used by blackhat toolkits mainly to distribute ransomware. In a blog posted yesterday, the company advises all users to disable or uninstall Java:

  Aaron Swartz, Coder and Activist, Dead at 26 (Jan 14)
 

We often say, upon the passing of a friend or loved one, that the world is a poorer place for the loss. But with the untimely death of programmer and activist Aaron Swartz, this isn't just a sentiment; it's literally true. Worthy, important causes will surface without a champion equal to their measure.

  Firefox getting built-in HTML5-based PDF viewer to improve security (Jan 14)
 

A built-in PDF viewer component based on JavaScript and HTML5 Web technologies has been added to the beta version of Firefox 19, Mozilla said Friday.

  Mozilla develops Minion security testing framework (Jan 18)
 

The Mozilla Foundation is developing an open source security framework called Minion and plans to release a beta version in the first quarter of 2013. Minion will allow developers to subject their web applications to a security check.

  Security Flaw Allows Hackers to Take over Cisco IP Phones (Jan 15)
 

If you work in an office that uses the popular CiscoUnified IP Phone 7900 Series, prepare to feel violated. A couple of security researchers have published details on a security vulnerability that allows a nefarious hacker to turn the phones into eavesdropping devices. The hack allows people to listen in on private phone calls as well as to nearby conversations.

  Should 'good' hackers be protected by law? (Jan 17)
 

A Dutch MP who brought to light a security gap on a medical site is himself being accused of hacking crimes, pulling him into an ongoing debate in the Netherlands over 'ethical hacking.'

  Beware: Hackers in your car, TV and light-bulbs? (Jan 17)
 

We all know we should be careful transacting online, but are you thinking about cyber-security when you're watching TV or driving your car?

  Oracle releases emergency Java update (Jan 14)
 

Oracle Corp. released an emergency update to its Java software for surfing the Web on Sunday, but security experts said the update fails to protect PCs from attack by hackers intent on committing cyber crimes.

  U.S. Attorney Says Aaron Swartz Prosecution ‘Was Appropriate' (Jan 18)
 

Carmen Ortiz, the U.S. attorney in Massachusetts, said Thursday the government's "conduct was appropriate" in its handling of the Aaron Swartz prosecution.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Fixing OpenSSL's Heartbleed flaw will take MONTHS, warns Secunia
Even the most secure cloud storage may not be so secure, study finds
Targeted Attack Uses Heartbleed to Hijack VPN Sessions
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.