Linux Security Week: December 4th, 2017

Anthony Pell

Anthony Pell

2 - 4 min read Dec 04, 2017

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

- Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.

- When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.

	(Nov 29)
	Organizations know they need to get serious about threat intelligence, but it's not always clear where to find credible information. While just about every security industry vendor website offers up information on the latest threats, some are better than others. Here, we 'll point out the sites that are the most informative and useful.
	(Nov 29)
	The Department of Justice charged three Chinese nationals working for an internet security firm in China with hacking three companies and stealing hundreds of gigabytes of data and trade secrets from Siemens AG, Moody's Analytics and GPS maker Trimble between early 2011 and May 2017.
	(Nov 30)
	Net neutrality is on its death bed. With it gone, ISPs will be able to strip-data-mine your every move on the web. There are answers. One is Tenta's new secure Domain Name System (DNS) resolver, Tenta DNS. This receives and sends the directions to the websites you visit using the secure Transport Layer Security (TLS) protocol
	(Nov 28)
	Facebook, Google, IBM, and Red Hat today announced they're going to provide greater legal protection for some of the open source code they license. The companies committed to extend more rights to cure open source license compliance errors.
	(Nov 28)
	Open source DNS software vendor PowerDNS has advised users to patch its "Authoritative" and "Recursor" products, to squish five bugs disclosed today.
	(Nov 30)
	INSECURITY CONFERENCE 2017 - Washington, DC - Defending the enterprise is increasingly getting complex, with cloud, mobile, and IoT services expanding the potential attack surface and yet IT security budgets may remain constrained to address new threats, Arun DeSouza, CISO and privacy officer with Nexteer Automotive, said in a presentation here today.
	(Dec 1)
	In many parts of the world, like North America, using Wikipedia is taken for granted; hell, there are even Twitter accounts to track government employees editing the internet's free encyclopedia while on the clock. But in other places, like Turkey or Syria, using Wikipedia can be difficult, and even dangerous.
	(Nov 27)
	Linus Torvalds, creator of Linux, has never suffered fools gladly. In particular, he really dislikes people who make improving security in Linux more trouble than it needs to be. Most recently, in his own inestimable style, he called some security developers "f*cking morons". But, Torvalds, while often colorful, also gave direction to security programmers.
	(Nov 27)
	Attempting to scare people by telling them their password choices are stupid or easily guessable is counterproductive: because it serves only to reassure them that they are just like everyone else.
	(Dec 1)
	In a slap to Intel, custom Linux computer seller System76 has said it will be disabling the Intel Management Engine in its laptops.
	(Dec 4)
	Deception -- isn't that a honeypot? That's a frequently asked question when the topic of deception technology arises. This two-part post will trace the origins of honeypots, the rationale behind them, and what factors ultimately hampered their wide-scale adoption.
	(Dec 4)
	Linus Torvalds last week rushed a patch into the Linux kernel, after researchers discovered the patch for 2016's Dirty COW bug had a bug of its own.

LinuxSecurity Poll

Which open source security automation tool do you use to protect against vulnerabilities?

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

News

Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Advisories

Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
HOWTOs

Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Features

Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
About Us

Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Powered By

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

© 2024 Guardian Digital, Inc All Rights Reserved