Linux Security Week: December 19th, 2011

Ls Default Copy 1

Anthony Pell

2 - 4 min read Dec 19, 2011

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.

Squid and Digest Authentication - Digest AuthenticationDigest Authentication hashes the password before transmitting over the wire. Essentially it sends a message digest generated from multiple items including username, realm and nonce value. If you want to know more see (RFC 2617).

	Security Issues for Multicore Processors (Dec 14)
	If hackers love one thing, it's a big pool of potential targets, which is why Android and Windows platforms are attacked far more often than BlackBerry and Mac OS X. So, it's no surprise that as the installed base of multicore processors has grown, they've become a potential target.
	Which Browser Is Most Secure? A New Study Reports A Surprise (Dec 12)
	Ask some organizations why they bar users from using open source browsers at work, and the IT administrators running the show will say that they don't consider open source browsers to be secure. It's a common refrain. Lots of large organizations don't develop for Android or let employees use the platform for security reasons too.
	New study claims that Chrome is the most secure browser (Dec 13)
	Which is the most secure browser around?According to a newly released study by Accuvant, that's Google's Chrome.
	(Dec 12)
	As more organizations act to protect data at its most fundamental state, within the database, one of the biggest challenges that they run into is a people problem. In order to truly mitigate data risks, security teams need to learn to not only play nice with their database administrators, but to make them meaningful stakeholders in securing the databases they're entrusted to manage.
	(Dec 13)
	As few as 12 different Chinese groups, largely backed or directed by the government there, commit the bulk of the China-based cyber attacks stealing critical data from US companies and government agencies, according to US cybersecurity analysts and experts.
	(Dec 16)
	Identity fraud is one of the biggest threats to unwary web users today. It can come in a variety of forms but is often the result of an online account being hacked or details phished via social engineering.
	DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit (Dec 14)
	Attackers have been going after various pieces of the DNS infrastructure for a long time now, and it's not unusual for there to be somewhat organized campaigns that target certain vertical industries or geographic regions. But researchers lately have been seeing an interesting pattern of compromises in which attackers somehow add new names to existing domains and use those sub-domains to piggyback on the good reputation of the sites and push counterfeit goods, pills and other junk.
	(Dec 14)
	COMODO internet security reviews from real world computer users colletion by Amplicate. Anti virus and Internet security rating and comparison by Amplicate social media report.
	(Dec 12)
	Four Romanians have been charged over a multi-million dollar scheme to hack more than 50 US-based merchants - including Subway - and steal credit card data.
	(Dec 12)
	As few as 12 different Chinese groups, largely backed or directed by the government there, commit the bulk of the China-based cyberattacks stealing critical data from U.S. companies and government agencies, according to U.S. cybersecurity analysts and experts.
	(Dec 15)
	Multiple media outlets including Wired reported, have reported that criminals have tampered with the credit and debit card readers at self check-outs in more than 20 supermarkets operated by California-based Lucky Supermarkets.
	Jailbreakers use Apple crash reports to 'free' iPhones (Dec 16)
	Thousands of iPhone owners have joined forces with a team of hackers to help them find new ways to jailbreak Apple's phone software.

LinuxSecurity Poll

Which open source security automation tool do you use to protect against vulnerabilities?

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

News

Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Advisories

Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
HOWTOs

Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Features

Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
About Us

Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Powered By

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

© 2024 Guardian Digital, Inc All Rights Reserved