Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Stay Ahead With Linux Security News

Filter%20icon Refine news
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security news

We found 26 articles for you...
81

Privacy Threats From Alexa and Google Home: Eavesdropping Risks

Have you heard that Amazon- and Google-approved apps are turning voice-controlled devices into "smart spies"? Learn more about this serious privacy threat: . By now, the privacy threats posed by Amazon Alexa and Google Home are common knowledge. Workers for both companies routinely listen to audio of users—recordings of which can be kept forever —and the sounds the devices capture can be used in criminal trials . Now, there's a new concern: malicious apps developed by third parties and hosted by Amazon or Google. The threat isn't just theoretical. Whitehat hackers at Germany's Security Research Labs developed eight apps—four Alexa "skills" and four Google Home "actions"—that all passed Amazon or Google security-vetting processes. The skills or actions posed as simple apps for checking horoscopes, with the exception of one, which masqueraded as a random-number generator. Behind the scenes, these "smart spies," as the researchers call them, surreptitiously eavesdropped on users and phished for their passwords. . Uncover the security risks associated with smart devices like Alexa and Google Home, which can be exploited by harmful applications that listen in and harvest sensitive information.. Amazon Alexa, Google Home, Smart Devices, Eavesdropping Threats, Privacy Risks. . LinuxSecurity.com Team

Calendar%202 Oct 22, 2019 User Avatar LinuxSecurity.com Team Privacy
81

MikroTik Routers: Unpatched Vulnerability Leads To Eavesdropping Incident

In yet another case of unpatched consumer devices representing a threat to the security and privacy of users, thousands of MikroTik have been uncovered which are eavesdropping on users.. The routers have been hijacked through the CVE-2018-14847 security vulnerability, a known bug which impacts the MikroTik RouterOS operating system. The link for this article located at ZDNet is no longer available. . The routers have been hijacked through the CVE-2018-14847 security vulnerability, a known bug which . another, unpatched, consumer, devices, representing, threat, security, privacy. . LinuxSecurity.com Team

Calendar%202 Sep 05, 2018 User Avatar LinuxSecurity.com Team Privacy
67

GnuTLS Critical Bug: Eavesdropping Risk for Ubuntu, Red Hat, Debian

Hundreds of open source packages, including the Red Hat, Ubuntu, and Debian distributions of Linux, are susceptible to attacks that circumvent the most widely used technology to prevent eavesdropping on the Internet, thanks to an extremely critical vulnerability in a widely used cryptographic code library.. The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn't be surprising if the actual number is much higher. . The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) an. hundreds, source, packages, ubuntu, debian, distributions, linux. . LinuxSecurity.com Team

Calendar%202 Mar 04, 2014 User Avatar LinuxSecurity.com Team Cryptography
83

Cisco 7900 Series Advisory: Eavesdropping Risk via Physical Access

If you work in an office that uses the popular CiscoUnified IP Phone 7900 Series, prepare to feel violated. A couple of security researchers have published details on a security vulnerability that allows a nefarious hacker to turn the phones into eavesdropping devices. The hack allows people to listen in on private phone calls as well as to nearby conversations.. The hack is executed with a small piece of hardware plugged into the local serial port of the Cisco phone. Once the device is connected to the phone, the hacker is able to execute code allowing them to remotely monitor phone calls and turn on the phone The link for this article located at Technabob is no longer available. . The hack is executed with a small piece of hardware plugged into the local serial port of the Cisco . office, popular, ciscounified, phone, series, prepare. . LinuxSecurity.com Team

Calendar%202 Jan 15, 2013 User Avatar LinuxSecurity.com Team Hacks/Cracks
81

Senate Approves FISA Amendments Act: Eavesdropping and Privacy Concerns

The Senate on Friday reauthorized for five years broad electronic eavesdropping powers that legalized and expanded the President George W. Bush administration. The FISA Amendments Act, (.pdf) which was expiring Monday at midnight, allows the government to electronically eavesdrop on Americans The link for this article located at Wired is no longer available. . The FISA Amendments Act, (.pdf) which was expiring Monday at midnight, allows the government to elec. senate, friday, reauthorized, years, broad, electronic, eavesdropping, powers, legalize. . LinuxSecurity.com Team

Calendar%202 Jan 02, 2013 User Avatar LinuxSecurity.com Team Privacy
82

Supreme Court Hearing on Warrantless Surveillance Program Although Secret

The Supreme Court on Monday will hear arguments on whether it should halt a legal challenge to a once-secret warrantless surveillance program targeting Americans. The hearing will mark the first time the Supreme Court has reviewed any case touching on the eavesdropping program that was secretly employed by the George W. Bush administration in the wake of the September 11, 2001 terror attacks, and largely codified into law years later. The link for this article located at Wired is no longer available. . The High Court is preparing to examine a lawsuit concerning a covert monitoring initiative targeting U.S. citizens, marking a crucial juncture.. Warrantless Surveillance, Supreme Court Case, Eavesdropping Law. . Dave Wreski

Calendar%202 Oct 29, 2012 User Avatar Dave Wreski Government
83

GSM Security Risks and Eavesdropping Techniques via Low-Cost Devices

Whatever assurances have been given about the security of GSM cellphone calls, forget about them now. Speaking at the Chaos Computer Club (CCC) Congress here Tuesday, a pair of researchers demonstrated a start-to-finish means of eavesdropping on encrypted GSM cellphone calls and text messages, using only four sub-$15 telephones as network . While such capabilities have long been available to law enforcement with the resources to buy a powerful network-sniffing device for more than $50,000 (remember The Wire?), the pieced-together hack takes advantage of security flaws and shortcuts in the GSM network operators The link for this article located at Wired is no longer available. . Investigations reveal that $15 devices can compromise GSM safety, uncovering flaws that permit simple interception.. GSM Hacking, Cellphone Security, Eavesdropping Techniques, Network Sniffing, Telecom Vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Dec 30, 2010 User Avatar LinuxSecurity.com Team Hacks/Cracks
67

Norwegian Researchers Launch Laser Attack on Quantum Key Exchange

Norwegian computer scientists have perfected a laser-based attack against quantum cryptography systems that allows them to eavesdrop on communications without revealing their presence.. One of the biggest commercial uses for quantum cryptography to date has been to securely exchange keys. Unlike traditional key distribution techniques, using quantum mechanics offers a seemingly foolproof upside: any attempt by an attacker to measure quantum data disturbs it -- per the Heisenberg uncertainty principle -- which a quantum cryptography system can detect, thus ensuring that communications remain secure. Enter the laser. The team of researchers from the Norwegian University of Science and Technology (NTNU), the University of Erlangen-N The link for this article located at Information Week is no longer available. . One of the biggest commercial uses for quantum cryptography to date has been to securely exchange ke. norwegian, computer, scientists, perfected, laser-based, attack, against, quantum, cryptography, syste. . LinuxSecurity.com Team

Calendar%202 Sep 08, 2010 User Avatar LinuxSecurity.com Team Cryptography
News Add Esm H340

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200