LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: September 19th, 2014
Linux Security Week: September 15th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: August 4th, 2014 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.


  Hackers seed Amazon cloud with potent denial-of-service bots (Jul 28)
 

Attackers have figured out a new way to get Amazon's cloud service to wage potent denial-of-service attacks on third-party websites--by exploiting security vulnerabilities in an open source search and analytics application known as Elasticsearch.

  Insecure Connections: Enterprises hacked after neglecting third-party risks (Jul 29)
 

It is said that an enterprise is only as secure as its weakest link. Today, that weak link often turns out to be partners, suppliers, and others with persistent network and application access.

  Boffins build FREE SUPERCOMPUTER from free cloud server trials (Jul 29)
 

Researchers Rob Ragan and Oscar Salazar have built a free LiteCoin-mining botnet that generates $US1750 a week using free cloud signup promotions.

  Hackers Plundered Israeli Defense Firms that Built ‘Iron Dome' Missile Defense System (Jul 29)
 

Three Israeli defense contractors responsible for building the "Iron Dome" missile shield currently protecting Israel from a barrage of rocket attacks were compromised by hackers and robbed of huge quantities of sensitive documents pertaining to the shield technology, KrebsOnSecurity has learned.

  Internet of things big security worry, says HP (Jul 29)
 

About 70 percent of Internet of things devices---including sensors and connected infrastructure---have vulnerabilities that could be exploited, according to Hewlett-Packard.

  More Details of Onion/Critroni Crypto Ransomware Emerge (Jul 30)
 

More details about a new family of encryption ransomware that uses the anonymous network Tor and requires users pay by Bitcoin have emerged.

  NSA Playset, 911 hacked and war cats: A wild ride at DEF CON 22 (Jul 30)
 

Next week America's biggest hacker conference starts its yearly reign of controversy, and we've got a hotlist of DEF CON 22's most incendiary talks.DEF CON returns to Las Vegas at the ripe age of 22 with four packed days of talks, expo, 303 Skytalks, panels, lockpicking, Queercon, social engineering sport, the Tamper Evident Village, Defcon Kids, and much more from August 7-10 at the Rio Hotel and Casino.

  Black Hat 2014: How to crack just about everything (Jul 30)
 

As the world's best security experts prepare to descend on Black Hat USA 2014 next month, they must be rubbing their hands in anticipation of colleague's upcoming revelations about the latest means to crack a range of devices and flaws they've found in trusted protocols.

  Is there Another NSA Leaker? Updated (Jul 30)
 

This morning a partial analysis of the NSA's XKEYSCORE code was published in Germany. Jacob Applebaum, an evangelist for the The Onion Project (TOR), was one of the authors.The report details specific rules written for one of the NSA's data collection tools, XKEYSCORE, which collects the IP addresses of TOR bridges, and users of the TOR network.

  Ottawa Linux Symposium: May get by with a little help from its friends (Jul 30)
 

I do not often do this, but old friend is in trouble. Please stay with me as I tell this story. It was around the year 2002, and I was in Brazil. I met two young college students who were very interested in Linux, and who impressed me with their enthusiasm and willingness to help others.

  NSA keeps low profile at hacker conventions despite past appearances (Jul 31)
 

As hackers prepare to gather in Las Vegas for a pair of annual conventions, the leadership of the National Security Agency won't make the trek.

  Hacker Gary McKinnon turns into a search expert (Jul 28)
 

Gary McKinnon, the computer hacker who was the subject of a 10-year legal battle over US extradition, has reinvented himself as a search expert.Mr McKinnon launched Small SEO, a site where he charges £40 an hour to help businesses get mentioned in search results.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.