LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: July 25th, 2014
Linux Advisory Watch: July 18th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: June 22nd, 2014 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.


  How to Anonymize Everything You Do Online (Jun 17)
 

One year after the first revelations of Edward Snowden, cryptography has shifted from an obscure branch of computer science to an almost mainstream notion: It's possible, user privacy groups and a growing industry of crypto-focused companies tell us, to encrypt everything from emails to IMs to a gif of a motorcycle jumping over a plane.

  Spamhaus readies new antimalware data feeds (Jun 16)
 

The Spamhaus Project will soon publish two new data feeds intended to prevent people from being lured to malware-infected websites and domains.

  FBI Nabs Alleged NullCrew Hacker (Jun 20)
 

The FBI announced Wednesday the capture of an alleged member of NullCrew, an organization responsible for cyber-attacks against universities, government agencies and corporations. The suspect, Timothy French, was arrested in Tennessee last Wednesday.

  Nowhere to hide: The reign of cyber criminals is coming to an end (Jun 18)
 

During the 1920s and 1930s, a part of the U.S. public rooted for gun-toting, mythologized bank robbers like Bonnie and Clyde, John Dillinger, and Pretty Boy Floyd. But the fantasies were often tempered by reports of guards, police, and innocent bystanders injured and killed in the frequent shoot-outs.

  Possible TrueCrypt Fork in the Works (Jun 19)
 

Although the developers behind the TrueCrypt encryption software have given up the ghost and decided to no longer maintain the application, interest in the project has never been higher. But, one of the developers says that a nascent effort to fork TrueCrypt is unlikely to succeed.

  Stop sneaky hackers from launching DMA attacks (Jun 17)
 

Direct Memory Access (DMA) is a controller feature that has been available at least since the original IBM PC. It can be used by hackers to compromise your otherwise very heavily protected computer. Fortunately, there are steps you can take to minimize DMA-based attacks.

  Hacker puts 'full redundancy' code-hosting firm out of business (Jun 19)
 

A code-hosting and project management services provider was forced to shut down operations indefinitely after a hacker broke into its cloud infrastructure and deleted customer data, including most of the company's backups.

  OpenSSL Patches 7 Security Flaws (Jun 20)
 

If there is any good news from the discovery of the Heartbleed bug that affects OpenSSL, it's this: security Relevant Products/Services analysts are keeping a closer watch on OpenSSL. And their efforts have paid off. The open-source OpenSSL Project today released a security update that fixes seven vulnerabilities, including two that have been rated critical by the SANS Internet Storm Center.

  Telling Folk Heroes From Monsters (Jun 20)
 

Woe to the once-hallowed trickster. In ancient mythologies, the riddler-thief and agent of change held a position of prestige. Now, we don't know what to do with him. In our two Americas, we do black and white, either/or, with us or against us. The trickster is in between, both and neither, a character on the fringes.

  Dyreza Banker Trojan Seen Bypassing SSL (Jun 18)
 

Banker Trojans have proven to be reliable and effective tools for attackers interested in quietly stealing large amounts of money from unwitting victims. Zeus, Carberp and many others have made piles of money for their creators and the attackers who use them, and researchers have been looking at a newer banker Trojan that has the ability to bypass SSL protection for banking sessions by redirecting traffic through the attackers' own domains.

  At least 32,000 servers broadcast admin passwords in the clear, advisory warns (Jun 22)
 

An alarming number of servers containing motherboards manufactured by Supermicro continue to expose administrator passwords despite the release of an update that patches the critical vulnerability, an advisory published Thursday warned.

  Hacker Tactic: Holding Data Hostage (Jun 22)
 

THE perpetual cat-and-mouse game between computer hackers and their targets is getting nastier. Cybercriminals are getting better at circumventing firewalls and antivirus programs. More of them are resorting to ransomware, which encrypts computer data and holds it hostage until a fee is paid.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Four fake Google haxbots hit YOUR WEBSITE every day
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
The Barnaby Jack Few Knew: Celebrated Hacker Saw Spotlight as 'Necessary Evil'
What I Learned from Edward Snowden at the Hacker Conference
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.