Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.

(Mar 5)

Hackers have duped supporters of the Anonymous group into installing the Zeus botnet, which steals confidential information from PCs, including banking usernames and passwords, security researchers said last week.
The one tiny slip that put LulzSec chief Sabu in the FBI's pocket (Mar 8)

The man named by the FBI as infamous hacktivist Sabu was undone by an embarrassing security blunder, it has emerged.
(Mar 9)

Linux creator Linus Torvalds has posted a vitriolic rant on Google+ hammering the developers of OpenSUSE for "mentally diseased" security measures.
(Mar 7)

Hackers seeking to breach security are ahead of most would-be business implementers when it comes to figuring out the detail of IPv6 and are more motivated, a Wellington seminar has heard.
(Mar 6)

Hackers have been having a field day with NASA systems, the space agency's inspector general has confessed. The problem may be due in part to underfunding, but security experts some relatively simple and inexpensive measures could significantly improve the situation. "The major, major problem hurting NASA is they don't have a strong IT governance approach," said John Pescatore, security analyst with Gartner Research.
Hackers Reeling After FBI Takedown Led By 'Mole' (Mar 7)

Even as he urged tens of thousands of Twitter followers to rise up and attack government and law enforcement, the most wanted hacker on the planet was working for the FBI.
NASA lost 'full control' to hackers, pwned 13 times last year (Mar 5)

Cybercrooks broke into NASA's computer systems 13 times last year gaining "full functional control" of important systems in the worse cases, according to the testimony before the US Congress by the space agency's inspector general.
Solving The SSL Certificate-Revocation Checking Shortfall (Mar 5)

The way that browsers perform SSL certificate-revocation checking is so fundamentally flawed that some browser vendors have turned it off altogether, according to browser vendor representatives in a panel at RSA last week.
LulzSec Hacking Suspects Are Arrested (Mar 6)

An outspoken member of a loosely knit group of hackers that calls itself Lulz Security pleaded guilty to breaking into the computer systems of several prominent American companies, according to federal court papers unsealed Tuesday morning in New York.
Anonymous Hacks Vatican Website (Mar 7)

A group of Italian hackers who claim to be members of the loose-knit international gang of cyber criminals known as "Anonymous" took down the Vatican's website for a number of hours Wednesday, the Chicago Tribune reports.
Securing Facebook: With a little help from his 800 million friends (Mar 5)

The eyes of the online world are on Joe Sullivan. As the CSO of Facebook, Sullivan is without a doubt one of the most visible security chiefs in the business. He must mitigate myriad security and privacy risks not only for Facebook's employees and corporate systems, but also for the social network's 800 million members.
(Mar 7)

As alleged hackers from LulzSec and Anonymous contemplate the possibility of a life behind bars, other hackers are limbering up in Canada this week to vie for more than $1 million in prize money for their hacking prowess.