LinuxSecurity.com

Syndikovat obsah
The central voice for Linux and Open Source security news.
Aktualizace: 50 min 1 sek zpět

What Are Linux Logs? How to View Them, Most Important Directories, and More

10 hodin 11 min zpět
LinuxSecurity.com: Logs on your Linux server are crucial to monitoring and troubleshooting. Take a look at what they actually are and how to make the most of them.
Kategorie: Hacking & Security

New Research Shows Cybersecurity Battleground Shifting to Linux and Web Servers

10 hodin 14 min zpět
LinuxSecurity.com: WatchGuard©'s latest quarterly Internet Security Report reveals that despite an overall drop in malware detection, Linux malware made up more than 36 percent of the top threats identified in Q1 2017. The increased presence of Linux/Exploit, Linux/Downloader and Linux/Flooder attacks highlights the need to protect Linux-based IoT devices and Linux servers from the internet with layered defences.
Kategorie: Hacking & Security

Idea to encrypt Web traffic at rest hits the IETF's Standard Track

27 Červen, 2017 - 10:43
LinuxSecurity.com: In spite of the rise of HTTPS, there are still spots where content originating on the Web can remain unencrypted, so a Mozilla engineer wants to close one of those gaps.
Kategorie: Hacking & Security

How to secure your CMS with out patching

27 Červen, 2017 - 10:40
LinuxSecurity.com: In as little as four hours, the bad guys can reverse engineer a software patch for an open-source content management system (CMS) and build an exploit capable of turning millions of websites into spammers, malware hosts or DDoS attackers.
Kategorie: Hacking & Security

Even weak hackers can pull off a password reset MitM attack via account registration

27 Červen, 2017 - 10:37
LinuxSecurity.com: At the IEEE Symposium on Security and Privacy 2017, researchers from the College of Management Academic Studies in Israel presented an interesting paper on bad password reset processes, "The Password Reset MitM Attack" (pdf). It explains how a weak attacker could take over accounts by exploiting vulnerabilities in password reset procedures.
Kategorie: Hacking & Security

Basic Security Testing with Kali Linux

26 Červen, 2017 - 14:02
LinuxSecurity.com: With computer hacking attacks making headline news on a frequent occasion, it is time for companies and individuals to take a more active stance in securing their computer systems.
Kategorie: Hacking & Security

3 security tips for software developers

26 Červen, 2017 - 13:10
LinuxSecurity.com: Every developer knows the importance of following best security practices. But too often we cut corners, maybe because we have to work hard until those security practices sink in. Unfortunately, that usually takes something like seeing a security malpractice that's so bad it gets marked in indelible ink in our brains.
Kategorie: Hacking & Security

Researcher calls the fuzz on OpenVPN, uncovers crashy vulns

23 Červen, 2017 - 11:51
LinuxSecurity.com: OpenVPN has patched a bunch of security vulnerabilities that can be exploited to crash the service or, at a pinch, potentially gain remote-code execution. You should update your installations to versions 2.4.3 or 2.3.17 as soon as you can just to be on the safe side.
Kategorie: Hacking & Security

8 Hot Hacking Tools to Come out of Black Hat USA

23 Červen, 2017 - 11:49
LinuxSecurity.com: Late July and early August are a bit like summer camp and Christmas rolled into one for your typical white hat penetration tester. Not only does the yearly Black Hat USA confab in Vegas give them the opportunity to step away from the keyboard to share ideas and socialize with like-minded friends and colleagues, but it also usually provides a cornucopia of new tools for hacking the heck out of enterprise systems.
Kategorie: Hacking & Security

Stack Clash flaws blow local root holes in loads of top Linux programs

22 Červen, 2017 - 12:59
LinuxSecurity.com: Powerful programs run daily by users of Linux and other flavors of Unix are riddled with holes that can be exploited by logged-in miscreants to gain root privileges, researchers at Qualys have warned.
Kategorie: Hacking & Security

OpenVPN taken to task after audit ignores remote code execution flaws

22 Červen, 2017 - 12:47
LinuxSecurity.com: A researcher has revealed four dangerous bugs, among others, in OpenVPN which two recent audits of the virtual private network's code failed to find.
Kategorie: Hacking & Security

Honeypots and the Internet of Things

21 Červen, 2017 - 11:53
LinuxSecurity.com: There were a number of incidents in 2016 that triggered increased interest in the security of so-called IoT or 'smart' devices. They included, among others, the record-breaking DDoS attacks against the French hosting provider OVH and the US DNS provider Dyn. These attacks are known to have been launched with the help of a massive botnet made up of routers, IP cameras, printers and other devices.
Kategorie: Hacking & Security

Ztorg malware hid in Google Play to send premium-rate SMS texts, delete incoming SMS messages

21 Červen, 2017 - 11:44
LinuxSecurity.com: The Ztorg malware hid in apps on Google's Play Store to send premium-rate SMS texts and delete incoming SMS messages on Android devices.
Kategorie: Hacking & Security

Stack Clash vulnerabilities smash Linux defenses in the quest for root access

20 Červen, 2017 - 12:08
LinuxSecurity.com: Severe vulnerabilities have been discovered in popular Linux and Unix systems which can be used to blow apart barriers to root powers, researchers have discovered.
Kategorie: Hacking & Security

pyrasite - Inject Code Into Running Python Processes

20 Červen, 2017 - 12:06
LinuxSecurity.com: pyrasite is a Python-based toolkit to inject code into running Python processes.
Kategorie: Hacking & Security

WikiLeaks emits CIA's Wi-Fi pwnage tool docs

19 Červen, 2017 - 11:49
LinuxSecurity.com: Hundreds of commercial Wi-Fi routers are, or were, easily hackable by the CIA, according to classified files published today by WikiLeaks.
Kategorie: Hacking & Security

Security-Oriented Alpine Linux 3.6.2 OS Adds Linux Kernel 4.9.32 and Tor 0.3.0.8

19 Červen, 2017 - 11:46
LinuxSecurity.com: Alpine Linux, the security-oriented, independently-developed, and lightweight GNU/Linux distribution based on musl libc and BusyBox, was updated today to version 3.6.2.
Kategorie: Hacking & Security

Ubuntu 17.10 to Improve Secure Boot for Booting Windows from GRUB, Enable PIE

19 Červen, 2017 - 11:45
LinuxSecurity.com: Canonical's Steve Langasek presented the first edition of the Ubuntu Foundations Team weekly newsletter with some exciting information about the upcoming Ubuntu 17.10 (Artful Aardvark) operating system.
Kategorie: Hacking & Security

How to install Linux on a Chromebook (and why you should)

19 Červen, 2017 - 11:43
LinuxSecurity.com: Chromebooks are one of the most secure devices you can give a non-technical end user, and at a price point few can argue with, but that security comes with a privacy trade off: you have to trust Google, which is part of the NSA's Prism programme, with your data in the cloud.
Kategorie: Hacking & Security

Brit hacker admits he siphoned info from US military satellite network

16 Červen, 2017 - 13:42
LinuxSecurity.com: A UK-based computer hacker has admitted stealing hundreds of usernames and email addresses from a US military communications system.
Kategorie: Hacking & Security