LinuxSecurity.com

Syndikovat obsah
The central voice for Linux and Open Source security news.
Aktualizace: 7 min 48 sek zpět

Skilled bad actors use new pulse wave DDoS attacks to hit multiple targets

9 hodin 15 min zpět
LinuxSecurity.com: In a new report, Incapsula warns about a new type of ferocious DDoS attack that uses "pulse waves" to hit multiple targets. Pulse wave DDoS is a new attack tactic designed by skilled bad actors "to double the botnet's output and exploit soft spots in 'appliance first cloud second' hybrid mitigation solutions."
Kategorie: Hacking & Security

A Deep Flaw in Your Car Lets Hackers Shut Down Safety Features

11 hodin 2 min zpět
LinuxSecurity.com: Since two security researchers showed they could hijack a moving Jeep on a highway three years ago, both automakers and the cybersecurity industry have accepted that connected cars are as vulnerable to hacking as anything else linked to the internet.
Kategorie: Hacking & Security

Take Part in a Study to Help Improve Onion Services

16 Srpen, 2017 - 16:06
LinuxSecurity.com: I am a postdoc at Princeton University studying computer security and human-computer interaction. My colleagues and I want to understand how Tor users interact with onion services (formerly known as hidden services). The goal of our study is to understand your expectations, assumptions, and habits when browsing onion services. For example, we are wondering: How do you keep track of onion domains?
Kategorie: Hacking & Security

Google awards student $10k for discovery of App Engine data leak flaw

16 Srpen, 2017 - 16:04
LinuxSecurity.com: Google has awarded $10,000 to a high school student for the discovery of a bug in Google's App Engine server which could lead to information disclosure.
Kategorie: Hacking & Security

Top 10 Enterprise Encryption Products

16 Srpen, 2017 - 15:59
LinuxSecurity.com: A decade ago, encryption was hot enterprise security news. As a measure of its effectiveness as a technology, it has been incorporated as a key feature in many security suites since. But that doesn't mean it has faded in importance. With so many incidents of ransomware, fraud and data breaches in the news, encrypting sensitive data remains a vital necessity.
Kategorie: Hacking & Security

Schoolboy bags $10,000 reward from Google with easy HTTP Host bypass

14 Srpen, 2017 - 15:13
LinuxSecurity.com: A teenager in Uruguay has scored big after finding and reporting a bug in Google's App Engine to view confidential internal Google documents.
Kategorie: Hacking & Security

Those Free Stingray-Detector Apps? Yeah, Spies Could Outsmart Them

14 Srpen, 2017 - 15:12
LinuxSecurity.com: As smartphone users have become more aware that fake cell phone towers, known as IMSI catchers or stingrays, can spy on them, developers have rushed to offer apps that detect when your phone connects to one. Unfortunately, it seems, those tools aren't as effective as they claim. Watching the watchers turns out to be a complicated business.
Kategorie: Hacking & Security

Git, SVN and Mercurial Open-Source Version Control Systems Update for Critical Security Vulnerabilit

11 Srpen, 2017 - 12:43
LinuxSecurity.com: Developers around the world take note - you must update your version control systems now, or face the possibility of being exploited due to a known flaw.
Kategorie: Hacking & Security

The DDoS Threat: Ukraine's Postal Service Hit by Two-Day Attack

11 Srpen, 2017 - 12:42
LinuxSecurity.com: The website for Ukraine's national postal service Ukrposhta was recently taken down by DDoS attacks for two days in a row, Interfax reports.
Kategorie: Hacking & Security

Hackers are now using the exploit behind WannaCry to snoop on hotel Wi-Fi

11 Srpen, 2017 - 12:14
LinuxSecurity.com: A hacking group accused of linked meddling in the run up to the US presidential election is harnessing the Windows exploit which made WannaCry ransomware and Petya so powerful -- and using it to perform cyberattacks against hotels in Europe.
Kategorie: Hacking & Security

World's first hack using DNA? Malware in genetic code could wreck police CSI work

10 Srpen, 2017 - 13:40
LinuxSecurity.com: Scientists have successfully encoded a software exploit in a gene to remotely hack a computer. But why would anyone want to hack a computer with a malicious DNA strand? The researchers who developed it argue an attacker could use it to hack any computer in the DNA sequencing pipeline.
Kategorie: Hacking & Security

So you're thinking about becoming an illegal hacker - what's your business plan?

10 Srpen, 2017 - 12:03
LinuxSecurity.com: It's something every aspiring crook needs to consider before they attempt to break into the world of cyber-crime: what's the business plan?
Kategorie: Hacking & Security

More on the Vulnerabilities Equities Process

9 Srpen, 2017 - 12:03
LinuxSecurity.com: Richard Ledgett -- a former Deputy Director of the NSA -- argues against the US government disclosing all vulnerabilities: Proponents argue that this would allow patches to be developed, which in turn would help ensure that networks are secure. On its face, this argument might seem to make sense -- but it is a gross oversimplification of the problem, one that not only would not have the desired effect but that also would be dangerous.
Kategorie: Hacking & Security

Engineer gets 18 months in the clink for looting ex-bosses' FTP server

9 Srpen, 2017 - 12:00
LinuxSecurity.com: An engineer has been jailed for 18 months after admitting to stealing blueprints from his former employer's FTP server.
Kategorie: Hacking & Security

The Man Who Wrote Those Password Rules Has a New Tip: N3v$r M1^d!

8 Srpen, 2017 - 11:47
LinuxSecurity.com: The man who wrote the book on password management has a confession to make: He blew it. Back in 2003, as a midlevel manager at the National Institute of Standards and Technology, Bill Burr was the author of "NIST Special Publication 800-63. Appendix A." The 8-page primer advised people to protect their accounts by inventing awkward new words rife with obscure characters, capital letters and numbers-and to change them regularly.
Kategorie: Hacking & Security

Send mixed messages: Mozilla wants you to try its encrypted file sharing

8 Srpen, 2017 - 11:42
LinuxSecurity.com: Mozilla has just rolled out an experimental service called Send that allows users to make an encrypted copy of a local file, store it on a remote server, and share it with a single recipient. And once shared, the encrypted data gets deleted from the server.
Kategorie: Hacking & Security

Protect the White Hat Hackers Who Are Just Doing Their Jobs

7 Srpen, 2017 - 12:42
LinuxSecurity.com: The great irony of defending the world against malware is it requires security researchers to, well, mess with malware. This often leads them into gray areas, where something they might consider legitimate investigation or essential software development could, in the eyes of the law, be seen as criminal behavior.
Kategorie: Hacking & Security

To truly stay anonymous online, make sure your writing is as dull as the dullest conference call you

7 Srpen, 2017 - 12:37
LinuxSecurity.com: To publish online and remain anonymous, boffins from Bulgaria and Qatar advise being mediocre. And if you can't manage that on your own, they have a technique to make your prose less scintillating.
Kategorie: Hacking & Security

Steganography in contemporary cyberattacks

7 Srpen, 2017 - 12:34
LinuxSecurity.com: Steganography is the practice of sending data in a concealed format so the very fact of sending the data is disguised. The word steganography is a combination of the Greek words στεγανός (steganos), meaning "covered, concealed, or protected", and γράφειν (graphein) meaning "writing".
Kategorie: Hacking & Security

How DEF CON Securely Streams Video to Hackers

7 Srpen, 2017 - 12:32
LinuxSecurity.com: The DEF CON security conference is famous for its wide variety and number of security sessions and events. Not everyone can be in every session and some even choose to watch remotely, which is where DEF CON TV (DCTV) comes into play.
Kategorie: Hacking & Security