Linux Security Week: November 26th, 2012
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.

  The Legacy of Linus Torvalds: Linux, Git, and One Giant Flamethrower (Nov 20)

Linus Torvalds created Linux, which now runs vast swathes of the internet, including Google and Facebook. And he invented Git, software that's now used by developers across the net to build new applications of all kinds. But that's not all Torvalds has given the internet.

  Red Hat Enterprise Linux 6 Secure-Ready for Government Cloud (Nov 20)

Red Hat Enterprise Linux 6, including the KVM hypervisor, has been awarded a major security certification used by IT in government, financial and other mission-critical verticals. By receiving the Common Criteria Certification at Evaluation Assurance Level (EAL) 4+, which is the highest level of assurance for an unmodified commercial operating system, Red Hat can assure public sector customers looking at cloud and virtualization will meet a range of important security assurance requirements.

  Researchers Raving Over Remarkable Rootkit (Nov 20)

One of the more advanced rootkits to have hit town in recent memory has got security researchers across the globe in a tizz, even though it hasn't even been finished.

  Hacker found guilty of AT&T data breach (Nov 21)

A hacker has been convicted of the AT&T security breach in 2010 in which 120,000 iPad owners' email addresses were leaked. Andrew 'Weev' Auernheimer, 26, has been found guilty in the District Court in New Jersey of conspiracy to access a computer without authorization and fraud in connection with personal information. He'll be sentenced in February, and faces up to five years in prison on each count.

  Feds increasingly see hacker conferences as key learning ground to keep systems safe, documents sugg (Nov 23)

It was August 2011, and a lone Public Safety Canada cyber-security official wanted to take a trip to Las Vegas to meet with the experts on cracking into government systems: hackers.

  Security Researchers Cry Foul Over Conviction Of AT&T iPad Hacker (Nov 23)

The hacker known as "Weev" doesn't make a convenient cause célèbre. He's known to spew anti-semitic rants in interviews. He's the former president of an association whose mere name is too racist and homophobic to print here. And he once boasted to the New York Times that he "makes people afraid for their lives."

  Piracy raid nabs Winnie the Pooh, Linux's Secure Boot stand-off, Facebook's new ToS (Nov 26)

Police investigating a request from an anti-piracy group in Finland have hit a new low in the fight against copyright infringement, confiscating the Winnie the Pooh laptop of a nine-year-old girl. Torrent Freak reports that Finnish anti-piracy group CIAPC sent the web account holder a letter requesting €600 and a non-disclosure signature to make the problem go away.

  Newly Discovered Linux Rootkit Not Sophisticated But Effective (Nov 26)

Researchers are analyzing a new rootkit for 64-bit Linux systems that injects iFrames onto websites and redirects traffic to malicious sites that install additional malware. It also accesses the system's memory and leverages the kernel to help conceal itself.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!