HP LaserJet Advisory: Critical Threat from Malicious Firmware Exploits
Hewlett-Packard has shot down claims that a vulnerability in some of its printers could be used to set the devices on fire.
Vendors/Products - Page 26
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Risks of GitHub Repo Breach on Linux Supply Chain Security
A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security.
Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for yea...
MXDR Provider Selection for Linux Environments and Security Services
Managed Extended Detection and Response (MXDR) has beco...
What Is ClamAV? A Linux Admin’s Guide to Risk, Monitoring, and Real-World Use
If you’ve worked with Linux long enough, ClamAV has p...
Discover Vendors/Products News
Control Unauthorized Apps And Hardware On BlackBerry PlayBook
Three hackers say they have "jailbroken" the BlackBerry PlayBook tablet, allowing them to run unauthorized applications and control hardware components that users can't normally access.
Ruby on Rails: 3.0.11 Critical XSS Issue Resolved in Update
The Ruby on Rails open source web framework has been updated to close a security hole in the translate helper method. According to the developers, a cross-site scripting (XSS) vulnerability in the helper method for i18n translations could be exploited by an attacker to insert arbitrary code into a page.
Chrome 15: High Severity Memory Flaw Fix And Remote Code Execution Threat
Google has released an update for Chrome 15 which addresses a high-risk vulnerability. The security issue is the result of an out-of-bounds memory write in the browser's JavaScript engine.
openSUSE 12.1 with GNOME 3.2 Features, Oyranos Color System & Snapper
The openSUSE project this week reached its version 12.1 release. This latest version of the Linux-based operating system has shipped with the GNOME 3.2 desktop shell, which is distinguished by its use of integrated messaging, a new document manager and a general all round squishing of bugs since the last release.
Google Provides Opt-Out For Wi-Fi Geolocation Mapping Following Regulations
Google is offering wireless network owners worldwide the possibility of opting out from its Wi-Fi geolocation mapping efforts, in the wake of a decision by the Dutch Data Protection Authority (DPA) that this process is in violation of legislation in the Netherlands.
ISC Advisory: BIND DNS Server Crash Critical: Unidentified Flaw
The Internet Systems Consortium (ISC) today issued a temporary patch for an as-yet unidentified flaw in the DNS BIND 9 platform that is causing servers around the Internet to crash.
Apple OS X Sandboxing: Security Risk and Application Impact
Researchers claim to have discovered a vulnerability with the sandbox security mechanism used by Apple. The sandbox, which is baked into the kernel of Mac OS X, is designed to apply application restrictions, so that code that has no reason to access a network isn't able to access a corporate LAN or the internet, for example.
Insights on Sony PlayStation Hacking from CEO Howard Stringer Revealed
Sony has bounced back from a wave of hacking attacks on its PlayStation business earlier this year, according to CEO Sir Howard Stringer, who says that digital assaults are an occupational hazard for major firms.
Linux Advocates Raise Concerns Over Windows 8 Security Features
The drumbeat from Linux advocates about a key security feature in Microsoft
Browser Security Examination of Microsoft's Internet Explorer Claims
Microsoft is trying again to con people into thinking that Internet Explorer is the safest browser around. It
Chrome Version 14.0.835.202: Important Updates and Resolved Issues
Summary: The new Google Chrome version 14.0.835.202 also contains Adobe Flash Player 11, a software update that includes several security and privacy goodies.
MySQL Security Advisory: Drive-By Download Infection Risk Alert
A security firm warned Monday that the website for downloading the popular MySQL open source relational database was infecting PCs via drive-by downloads.
Apache 2.2.21 Released: Addressed Range Header DoS Vulnerability Issue
Two weeks after releasing a fix for the range-header denial-of-service flaw that was much-discussed on security forums and mailing lists, the Apache Software Foundation has pushed out another version of its popular Web server that includes a further fix for the same flaw.
Mozilla: Enhance Security Audits After Diginotar Breach Alert
FOLLOWING THE RECENT SECURITY BREACH at Dutch certificate authority (CA) Diginotar that resulted in hundreds of rogue certificates being issued by a hacker, Mozilla has instructed all CAs to review the security of their processes and report back on their findings.
Snort 2.9.1 Network Protocol Update: Enhanced Handling Features
The Snort network intrusion detection system has been updated with HTTP and DCE/RPC protocol aware flushing and improved SIP, POP and IMAP3 preprocessors. Updates to the HTTP and DCE/RPC preprocessors now allow Snort to reassemble requests and responses, even when spread over many packets, and to intelligently flush the results.
Chrome Version 13.0.782.215 Exposes Critical Code Execution Risk
Google pays $8,500 in bounties for information on serious security vulnerabilities in the Chrome browser. Google has shelled out another $8,500 to purchase information on serious security vulnerabilities affecting its Chrome browser.
Twitter Collaborates on Initiatives for Enhanced SSL Security Measures
I was sitting in a local coffee shop recently and, since I was bored, I kicked on a Windows instance in VirtualBox on my Mint Linux-powered laptop so I could run Firesheep. Firesheep was, and is, a hacking program meant to frighten people into being serious about their Wi-Fi security. It didn
PHP 5.3.8 Security Advisory: Critical Bug Fixes For SSL And Cryptography
As expected, the PHP developers have issued version 5.3.8 of the PHP scripting language to address a serious bug found in the previous release. PHP 5.3.8 fixes a bug introduced by the 5.3.7 security update that caused the crypt() function to fail if an MD5 salt was given as an argument. The function is used to hash a string, typically a password, but instead of returning the hashed string, the function merely returned the salt itself.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!