Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.

(Jan 21)

A former "white hat" hacker hired by banks to test their computer security has been able to discover the names of individuals who volunteered to take part in genome studies on the condition of anonymity.
IMAGiNE BitTorrent Group Sysop Speaks Out as He Heads to Prison (Jan 22)

A convicted member of the now-defunct online movie piracy group IMAGiNE has left a public statement before starting his 40-month prison term. Last Friday 53-year-old sysop Gregory Cherwonik of New York was transferred to a detention facility to serve his sentence. In his first public words on the case he criticizes the MPAA and the U.S. Department of Justice, among others.
(Jan 24)

After pointing out that the data of 250,000 students across Quebec was exposed, Ahmed Al-Khabaz was kicked out of college.
School Kicks Out Sophomore in RFID Student-ID Flap (Jan 22)

A Texas high school on Friday barred a girl from attending class as part of the fallout from a legal flap that began when the sophomore refused to wear around her neck an RFID-chip student ID she claims is the "Mark of the Beast," lawyers connected to the brouhaha said.
(Jan 23)

Global spam levels continued to fall in 2012 and even the number of malicious attachments was on the wane, new figures from Kaspersky Lab have suggested.
UNSW confirms hacking breach (Jan 21)

The University of NSW has been the target of a "concerted effort" to hack its systems in December and January forcing the shutdown of 25 of its servers, a spokesman confirmed.
(Jan 22)

Critics say MIT's snaring of hacker Aaron Swartz contradicts its former freewheeling attitude to tech-savvy renegades.In the early days of 2011, the Massachusetts Institute of Technology learned that it had an intruder. Worse, it believed the intruder had been there before.
(Jan 23)

It's tough not to feel pangs of sympathy for Hamed Al-Khabaz, the 20-year-old aspiring computer scientist who was expelled from Dawson College after exposing a security flaw in the school's academic portal. Whether Al-Khabaz deserved his punishment is certainly worth questioning, though it's also worthwhile to ask why the college hadn't bothered to fix a flaw in its public-facing Web server 16 months after it had first been reported.
Java hacker boasts of finding two more unpatched holes (Jan 21)

Serial Java fault-finder Adam Gowdiak has embarrassed Oracle yet again.Gowdiak hit the headlines last year when he reported a vulnerability, waited for Oracle's response, and then upped the ante with a comeback vuln.
Facebook's Graph Search worries security experts (Jan 25)

Facebook's new Graph Search has security experts warning people who use the social network to raise their privacy settings in order to avoid embarrassment or becoming victims of cybercriminals.
Feds Pile On More Charges Against Anonymous Agitator Barrett Brown (Jan 25)

Barrett Brown, a self-proclaimed spokesman for Anonymous, has been hit with new charges by authorities in Texas for concealing evidence.
Mixing crowdsourcing and security to help hack for good: Bugcrowd (Jan 24)

In a world where online attackers laugh in the face of legislation and jurisdiction, the best way to protect yourself might be to hire someone to identify your problems first. But why hire a single hacker when you can hire a team of them?