Linux Security Week: March 18th, 2013
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit http://www.foofus.net/jmk/medusa/changelog

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.


  Kali Linux Cracks Passwords and Finds Security Exploits on the Enterprise Level (Mar 13)
 

Popular Wi-Fi password cracking tool Backtrack--used for security testing purposes only, of course--gets a special release today in the form of Kali Linux. This new distribution targets enterprise security, offering a suite of helpful tools for rigorous testing.

  The DDoS attack survival guide, 2013 edition (Mar 12)
 

How botnets and application vulnerabilities have made DDoS attacks more damaging than ever before, and what you can do to fight back.

  Secret Courtroom Audio Gives WikiLeaker Bradley Manning a Voice (Mar 13)
 

It turns out one of the journalists or activists attending Bradley Manning's guilty plea last month was wearing a wire.

  China hacker's angst opens a window onto cyber-espionage (Mar 13)
 

Young man's blog provides a rare glimpse of the secretive hacking establishment of the Chinese military, whose efforts have become a growing concern to the U.S.

  Security Theater on the Wells Fargo Website (Mar 13)
 

Click on the "Establishing secure connection" link at the top of this page. It's a Wells Fargo page that displays a progress bar with a bunch of security phrases -- "Establishing Secure Connection," "Sending credentials," "Building Secure Environment," and so on -- and closes after a few seconds. It's complete security theater; it doesn't actually do anything but make account holders feel better.

  Security will get worse before it gets better (Mar 15)
 

The damage caused by threats and the number of Net-dependent critical systems are on the rise. Yet we still haven't created a safer Internet

  Reuters Employee Charged With Helping Anonymous Hack News Site (Mar 15)
 

An online social media editor for the Reuters news agency has been indicted for allegedly helping members of Anonymous hack another media organization's network.

  Researchers win $100,000 for Chrome hack that leaves Windows vulnerable (Mar 12)
 

Researchers from MWR Labs find a way to exploit a Chrome vulnerability, sidestep Windows 7 safety measures, and do whatever they want on the operating system.

  Chrome OS holds firm against hackers at Pwnium 3 (Mar 12)
 

The Pwn2Own 2013 and Pwnium 3 hacking competitions may have both taken place in the same locale last week--specifically, the CanSecWest security conference in Vancouver, B.C.--but the differences in their outcomes could not have been more striking.

  Don't Download That Bro, You're Going to Get Busted! (Mar 18)
 

One of the most enduring questions in the history of online file-sharing asks whether something bad will come from downloading and/or sharing a particular product. Will the the recording and movie industries come knocking? Will the police or even the FBI take an interest? Are the evil bottom-feeding trolls watching my torrents? It's a complex area, but one that's fairly easily understood.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!