LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: April 21st, 2014 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.


  Open source trounces proprietary software for code defects, Coverity analysis finds (Apr 18)
 

Forget bad headlines generated by the Heartbleed flaw, when it comes to code defects open source is still well ahead of proprietary software, generating fewer coding defects for every size of project, according to a new analysis by scanning service Coverity.

  Why a hacker got paid for finding the Heartbleed bug (Apr 15)
 

Thank the hackers. This week's Heartbleed vulnerability has everyone running scared (see box below to read what you might do to protect yourself). The serious crack in the foundations of the supposedly secure internet was revealed earlier this week by a software engineer probing website security in his spare time.

  Galaxy S5 fingerprint scanner hacked with glue mould (Apr 16)
 

The researchers fooled the new handset using a mould made out of glue. The fingerprint sensor on Samsung's Galaxy S5 handset has been hacked less than a week after the device went on sale.

  'Snowden effect' has changed cloud data security assumption, survey claims (Apr 16)
 

Edward Snowden's revelations of sophisticated NSA spying has made many senior IT staff distinctly edgy about their use of the cloud with nine out of teen paying closer attention to where data is stored, a survey of global attitudes has found.

  Andrew Auernheimer's computer hacking conviction is overturned by appeals court (Apr 14)
 

A federal appeals court on Friday overturned the conviction of a prominent computer hacker whose imprisonment had highlighted a growing debate over whether the government is overreaching in its campaign against cybercrime.

  Canadians arrest a Heartbleed hacker (Apr 17)
 

Canadian mounties have arrested a teenager who, they say, used the Heartbleed Internet bug to hack into the country's tax agency.

  Hackers From China Waste Little Time in Exploiting Heartbleed (Apr 15)
 

For those who don't feel the urgency to install the latest security fixes for their computers, take note: Just a day after Heartbleed was revealed, attacks from a computer in China were launched.

  Tests confirm Heartbleed bug can expose server's private key (Apr 14)
 

Four researchers working separately have demonstrated a server's private encryption key can be obtained using the Heartbleed bug, an attack thought possible but unconfirmed.

  Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker (Apr 15)
 

Twee UK parenting website Mumsnet is the second high-profile organisation to claim it has fallen victim to the infamous Heartbleed OpenSSL vulnerability.

  Heartbleed: Security experts reality-check the 3 most hysterical fears (Apr 18)
 

Heartbleed has dominated tech headlines for a week now. News outlets, citizen bloggers, and even late-night TV hosts have jumped on the story, each amping up the alarm a little more than the last one. But while it's true Heartbleed is a critical flaw with widespread implications, several security experts we've spoken with believe the sky-is-falling tone of the reporting is a bit melodramatic.

  Safety you can bank on: Chromebook, Linux, phone (Apr 21)
 

Q: I'm nervous about keeping my online banking safe on my regular PC. Should I buy a Chromebook and use it just for that?A: Cheap laptops running Google's Chrome OS have a lot going for them as long as you don't need conventional, disk-based apps and rarely lack for bandwidth.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Ottawa Linux Symposium: May get by with a little help from its friends
Black Hat 2014: How to crack just about everything
NSA Playset, 911 hacked and war cats: A wild ride at DEF CON 22
More Details of Onion/Critroni Crypto Ransomware Emerge
Is there Another NSA Leaker? Updated
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.