We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
A security flaw in Adobe Systems' popular Acrobat and Reader applications could be used to shut down or hijack vulnerable PCs. By crafting a malicious PDF file, a remote attacker could cause the applications to crash or possibly commandeer the target computer, Adobe said in a security advisory published on Tuesday. The San Jose, Calif.-based software maker has updates available to fix the problem.
Comodo owned Trustix, developers of the world’s most secure Linux and inventors of the world’s first WYSIWYG firewall, today announced that the latest version of Trustix Enterprise Firewall will be available at no charge. The decision enables administrators to protect their networks for free with a firewall developed and maintained by Trustix’s highly skilled firewall developers
Companies that sell software and hardware around the Linux open-source operating system have known for some time that they've tapped into a gold mine, an area of the IT market with plenty of customer interest and enormous growth potential. The growth will continue as long as Linux and other open-source software are considered secure and are sold and serviced as bundles rather than as individual products.
Red Hat has unveiled an initiative dubbed 'Security in a Networked World' at the LinuxWorld tradeshow in San Francisco. As part of the programme, the Linux vendor showcased its Red Hat Certificate System that allows organisations to manage security certificates used to sign emails, or authenticate users for online banking applications. It also supports authentication through the use of smartcards. Red Hat has been working with the Apache Foundation to add support for the Firefox browser and Thunderbird email client through the use of Apache's open source Network Security Service Libraries.
Flaws have been found in MySQL Eventum 1.5.5 and prior that allow malicious users to conduct cross-site scripting and SQL injection attacks.
A bug discovered in an operating system that runs the majority of the world's computer networks would, if exploited, allow an attacker to bring down the nation's critical infrastructure, a computer security researcher said Wednesday against threat of a lawsuit. Michael Lynn, a former research analyst with Internet Security Solutions, quit his job at ISS Tuesday morning before disclosing the flaw at Black Hat Briefings, a conference for computer security professionals held annually here.
3Com this week is expected to launch a program that offers cash to members of the security community in return for information on potentially damaging Internet-based security threats. Its Zero Day Initiative is an attempt to prompt the disclosure of security vulnerabilities quicker by giving independent security researchers incentive for pointing out holes in software and hardware products that could lead to network attacks. Some observers call the program a positive step toward making networks safer, while others question how such a payoff system would work, or whether third-party vendors -- including 3Com competitors -- would react negatively to a system under which 3Com gives money to individuals for information about product vulnerability before the affected vendors know about them.
Sun Microsystems plans to open-source its Web site authentication and single sign-on technology. Eric Leach, director of product management at Sun, said the Santa Clara, Calif.-based company will open-source the technology through the Open Source Web Single Sign-On, or OpenSSO project. That effort includes technology related to authentication, single domain, single sign-on, Web agents and J2EE agents, he said.
John Leyden from The Register writes: "Net infrastructure firm VeriSign has bought security intelligence firm iDefense for $40m in cash. iDefense's 45 employees will join VeriSign in a move designed to bolster its managed security services offering with proactive threat warning and security remediation advice."
Popular Linux distributor Debian has moved quickly to address concerns it was falling behind on security. The organisation's security team has issued a host of announcements and informed the community it has resolved problems with the infrastructure governing security updates.
A security flaw in the popular document-sharing software, Adobe Reader, could be exploited to seize control of a computer system, according to the software's maker. Adobe Systems Inc. issued a warning on its Web site Tuesday saying that the flaw affects only the Adobe Reader versions 5.0.9, 5.0.10, which were written for the Unix computer operating system.
Well... I'm 32 years old, and it's been nearly 7 years since I launched the first Mandrake Linux distribution - so my professional life has been totally focusing on Mandrkesoft/Mandriva for 7 years! I started as a technical director for the distribution, then I retired a bit in 2000/2001 by just focusing on our community website. Then I started to manage all the communication of Mandriva. And it's possible that I will soon stop that and focus on something else. At the same time, I always had a look at our products, sent suggestions, launched new projects such as the redesign of our desktop and the MandrakeMove concept, our very own liveCD. My spare time mostly consists of spending time with my wife and my little daughter, who was born 4 months ago! I also spend a little time recording music, which was my big hobby for years. Read At TuxJournal.net
Sun Microsystems has fixed a pair of security bugs in Java that could be exploited by attackers to take over computers running Windows, Linux and Solaris. The flaws are "highly critical," security monitoring company Secunia said in an advisory posted Tuesday. Flaws that get that ranking--one notch below Secunia's most severe "extremely critical" rating--are typically remotely exploitable and can lead to full system compromise.
Everybody know that you're the OpenBSD and OpenSSH GURU and creator, one of most famous and used secure operating system nowaday. Why you created them? What did you need many years ago from os world when you created OpenBSD? What inspired you to write from scratch OpenBSD and OpenSSH? Read Full Text
One of the oldest Unix-like operating systems, FreeBSD, continues its advancement with the sixth release in the FreeBSD-5 series. Its developers have added nothing major, but have made many modifications, fixing a number of problems introduced in previous releases. FreeBSD 5.4 is the best release since 5.1, but it still may not be ready for prime time.
In Paris, Ontario, there’s a large plaza sign advertising both The Paris Sleep Laboratory and the Canadian Post Office. The synergy there, of course, should be obvious –at least from the point of view of the humorist. Recent revivals of the idea that Microsoft might want to take over Red Hat have a similar quality to them.
While networking giant Cisco has advantages most competitors don't - dominant market share, a multi-billion-dollar R&D budget, thousands of engineers - the vendor is also taking advantage and making the most of resources that are open to everyone: Linux and open source software.
Linux vendor Novell Inc. has acquired Immunix Inc., a security software vendor in Portland, Ore. The 15-person company was bought last week, but terms of the deal aren't being released, according to Novell. Immunix was founded in 1998, in part with money from the Defense Advanced Research Projects Agency, to develop security software for Linux. It's best known for developing much of the Linux Security Modules software that's used in the Linux 2.6 kernel, a key component of the Linux operating system.
Networks, Inc., a leading provider of simple, secure and affordable network security appliances, today announced that it is previewing Proteus, its new enterprise class Internet protocol (IP) Address Management (IPAM) system at Networld+Interop in booth # 1124. Proteus, the first dedicated IPAM appliance of its kind, is a self-managed, turnkey design and management tool created to help enterprises design, deploy and manage their IP-based networks. Its unique design combines the features of an enterprise class IPAM software application with the security and manageability of a network appliance.
The UK subsidiary of security software firm Fortinet has settled an action brought against it because it was allegedly not complying with the terms of the General Public Licence (GPL), which underpins the distribution of most open source software. Harald Welte, founder of the gpl-violations.org project, announced earlier this month that a German District Court had granted a preliminary injunction against Fortinet UK Ltd after the project sued, alleging that the security software firm had used GPL software in certain products and then used encryption technologies to hide the software.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
