Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

SNMP DDoS Scans Spoof Google Public DNS Server  16 September 2014 
Source: ThreatPost - Posted by Dave Wreski   
Intrusion Detection The SANS Internet Storm Center this afternoon reported SNMP scans spoofed from Google’s public recursive DNS server seeking to overwhelm vulnerable routers and other devices that support the protocol with DDoS traffic.
How Boston Children's Hospital Hit Back at Anonymous  16 September 2014 
Source: Network World - Posted by Anthony Pell   
Latest News Hackers purportedly representing Anonymous hit Boston Children's Hospital with phishing and DDoS attacks this spring. The hospital fought back with vigilance, internal transparency and some old-fashioned sneakernet. That – and a little bit of luck – kept patient data safe.
Today's Security Hacks Are After More Than Bank Info  16 September 2014 
Source: Network World - Posted by Anthony Pell   
Privacy Customers cringe every time they hear about a bank, retail or healthcare hack that puts personal or financial data at risk. Today's hackers are after much more that credit card numbers, though -- and most firms are powerless to stop them.
Linux Security Week: September 15th, 2014  15 September 2014 
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
Here's What Hackers Can Do With Your CRM Data  15 September 2014 
Source: Forbes - Posted by Alex   
Hacks/Cracks It is clear why malware writers target TGT -0.1% such retailers as Home Depot HD -0.43% and Target. It is obvious, if not pathetic, why hackers break into the cloud to find and publish private nude photos of celebrities. But a company’s customer relationship management data? Well, yes.
How network virtualization is used as a security tool  15 September 2014 
Source: Network World - Posted by Dave Wreski   
Latest News When people think of network virtualization, the advantages that come to mind typically include faster provisioning of networks, easier management of networks and more efficient use of resources. But network virtualization can have another major benefit as well: security.
Infosec geniuses hack a Canon PRINTER and install DOOM  15 September 2014 
Source: The Register UK - Posted by Dave Wreski   
Security Projects Security researchers have demonstrated a hack that allowed them to get into the web interface of a Canon Pixma printer before modifying its firmware to run the classic 90s computer game Doom.
Cloud security: We're asking the wrong questions  12 September 2014 
Source: InfoWorld - Posted by Alex   
Network Security In the wake of the celebrity photo breach, the media is humming with stories disparaging the safety of the cloud. Many longtime cloud critics are crowing, "I told you so!" and waiting for the world to go back to on-premises solutions only.
Apache Warns of Tomcat Remote Code Execution Vulnerability  12 September 2014 
Source: ThreatPost - Posted by Dave Wreski   
Hacks/Cracks Some older versions of the open source Apache Tomcat web server and servlet container, are vulnerable to remote code execution.
How Google's tiff with certificate authorities can impact you  11 September 2014 
Source: CSO Online - Posted by Anthony Pell   
Cryptography Miffed certificate authorities are calling on Google to give websites more time to upgrade the security used in browser-to-server communications before displaying warnings in Chrome.
Leak of '5 MEELLLION Gmail passwords' creates security flap  11 September 2014 
Source: The Register UK - Posted by Dave Wreski   
Hacks/Cracks Plain-text passwords and account names linked to five million Gmail accounts have been leaked onto several Russian forums. Security experts had already confirmed the data seemed legit, albeit approximately three years old, before Google put up its blog post on the subject.
Hacked Celeb Pics Made Reddit Enough Cash to Run Its Servers for a Month  11 September 2014 
Source: Wired - Posted by Dave Wreski   
Latest News If you saw Kate Upton or Jennifer Lawrence naked last week, there’s a good chance you saw them on the social news site Reddit. The self-proclaimed “front page of the Internet” was one of the main outlets linking to the celebrity nude photographs hacked from Apple’s iCloud accounts and leaked across the web.
OpenSSL warns vendors against using vulnerability info for marketing  09 September 2014 
Source: CSO Online - Posted by Dave Wreski   
Cryptography Security advisories for OpenSSL should not be used for competitive advantage, according to the development project behind the widely used cryptography component.
Google ‘Sunsetting’ Weak SHA-1 Crypto Algorithm  09 September 2014 
Source: ThreatPost - Posted by Dave Wreski   
Latest News Google announced Friday it will begin the process of phasing out the obsolete SHA-1 cryptographic hash algorithm with the upcoming release of version 39 of the company’s Chrome browser in November.


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition


Yesterday's Edition
Today's Security Hacks Are After More Than Bank Info
How Boston Children's Hospital Hit Back at Anonymous
SNMP DDoS Scans Spoof Google Public DNS Server
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.