Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Linux Advisory Watch: August 29th, 2014  29 August 2014 
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system.
DQ Breach? HQ Says No, But Would it Know?  29 August 2014 
Source: Krebs on Security - Posted by Dave Wreski   
Hacks/Cracks Sources in the financial industry say they’re seeing signs that Dairy Queen may be the latest retail chain to be victimized by cybercrooks bent on stealing credit and debit card data.
Why Russian hackers are beating us  29 August 2014 
Source: CSO Online - Posted by Dave Wreski   
Latest News Russian hackers like the ones who breached the computer systems of JP Morgan Chase and at least four other banks win because they think strategically like the best chess players, an expert says.
How Cops and Hackers Could Abuse California’s New Phone Kill-Switch Law  29 August 2014 
Source: Wired - Posted by Dave Wreski   
Government Beginning next year, if you buy a cell phone in California that gets lost or stolen, you’ll have a built-in ability to remotely deactivate the phone under a new “kill switch” feature being mandated by California law—but the feature will make it easier for police and others to disable the phone as well, raising concerns among civil liberties groups about possible abuse.
These 3-D Printed Skeleton Keys Can Pick High-Security Locks in Seconds  28 August 2014 
Source: ThreatPost - Posted by Dave Wreski   
Intrusion Detection One of the hairier unintended consequences of cheap 3-D printing is that any troublemaker can duplicate a key without setting foot in a hardware store. But clever lockpickers like Jos Weyers and Christian Holler already are taking that DIY key-making trick a step further: They can 3-D print a slice of plastic or metal that opens even high-security locks in seconds, without even seeing the original key.
Mozilla reports user data leak from Bugzilla project  28 August 2014 
Source: TechWorld - Posted by Dave Wreski   
Hacks/Cracks Email addresses and encrypted passwords of around 97,000 users who tested early builds of the Bugzilla bug tracking software were left exposed for three months following a server migration.
Linux Security Week: August 25th, 2014  25 August 2014 
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
The hacker revealed  25 August 2014 
Source: Stuff NZ - Posted by Dave Wreski   
Security It's a story of hackers and attack bloggers, privacy and paranoia, bombshells and duds. It's rapidly become the story of the election. Rawshark, a self-styled information vigilante, has derailed National's political campaign with his hack of Whale Oil blogger Cameron Slater's private communications and now threatens to up- end the seedier part of corporate public relations.
Hackers Ground Sony Executive's Flight With Bomb-Threat Tweet  25 August 2014 
Source: Forbes - Posted by Dave Wreski   
Hacks/Cracks Gamers have been annoyed all day today as a hacker collective (or individual) known as the “Lizard Squad” succeeded in taking offline many gaming services including Blizzard’s and Sony PSN. But things took a turn from irritating DDoS attacks to another level of harassment earlier this afternoon when the group took to Twitter to announce publicly that it believed the flight carrying Sony Online Entertainment President John Smedley had explosives on board.
Playstation Network and Blizzard hit with massive DDoS attack  24 August 2014 
Source: The Daily Dot - Posted by Dave Wreski   
Intrusion Detection A massive cyberattack is currently crippling some of the most prominent gaming services in existence. A group known as Lizard Squad has claimed responsibility for attacks on the PlayStation Network (PSN), Blizzard’s, Riot’s League of Legends, and Grinding Gear Games’ Path of Exile, according to a report by Shack News.
Google Fixes 12 Vulnerabilities in Chrome 36  22 August 2014 
Source: ThreatPost - Posted by Dave Wreski   
Vendors/Products Google patched its Chrome browser this week, fixing 12 vulnerabilities, including both a serious information disclosure bug and a use-after-free vulnerability that could let users obtain potentially sensitive information and execute arbitrary code.
Stealthy, Razor Thin ATM Insert Skimmers  21 August 2014 
Source: Krebs on Security - Posted by Dave Wreski   
Hacks/Cracks An increasing number of ATM skimmers targeting banks and consumers appear to be of the razor-thin insert variety. These card-skimming devices are made to fit snugly and invisibly inside the throat of the card acceptance slot. Here’s a look at a stealthy new model of insert skimmer pulled from a cash machine in southern Europe just this past week.
Moving toward smart and secure continuous software delivery  21 August 2014 
Source: CSO Online - Posted by Dave Wreski   
Network Security It’s no surprise that security and application development teams often find themselves locking horns. One wants applications and new features to roll out – and swiftly – and the other is often more concerned with keeping systems and data snug. At some organizations, as they embrace more agile development and continuous integration/delivery methods, the tension runs even higher.
Hacking cars and traffic lights at Def Con  20 August 2014 
Source: BBC - Posted by Alex   
One of the biggest hacking conferences in the world, Def Con, took place earlier this month. Cybersecurity talks included hacking cars, traffic lights and social engineering - where actors tried to get real companies to reveal compromising information.


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition


Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.