Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
LinuxSecurity.com Feature Extras:
- Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.
- When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.
| |
(Jul 3) |
| |
We present the password reset MitM (PRMitM) attack and show how it can be used to take over user accounts. The PRMitM attack exploits the similarity of the registration and password reset processes to launch a man in the middle (MitM) attack at the application level.
|
| |
(Jul 4) |
| |
Linux users need to check out their distributions to see if a nasty bug in libgcrypt20 has been patched.The patch, which has landed in Debian and Ubuntu, is to address a side-channel attack published last week.
|
| |
(Jul 5) |
| |
One of the world's largest cryptocurrency exchanges has fallen victim to hackers, who were able to use information they stole to plunder users' accounts.
|
| |
(Jul 5) |
| |
WikiLeaks' latest Vault7 release of leaked CIA documents detailing its hacking tools reveals malware called OutlawCountry that targets Linux systems.
|
| |
(Jul 4) |
| |
Tor Browser 7.0.2 is now available from the Tor Browser Project page and also from our distribution directory.This release features an important security update to Tor.
|
| |
(Jul 6) |
| |
As businesses get more serious about using cloud computing they're also getting more concerned about security.
|
| |
(Jul 6) |
| |
The perfect IT security solution is one that makes an enterprise completely secure and "unhackable," where no unauthorized parties can get onto the network, access confidential data, deny service to legitimate users, or otherwise carry out any malicious or unwanted activities.
|
| |
(Jul 7) |
| |
A major compromise of U.S. critical infrastructure will occur in the next couple of years, according to a majority of IT security professionals -- and most expect breaches of their own enterprise networks to occur even sooner.
|
| |
(Jul 3) |
| |
We have a little problem on the web right now and I can only see it becoming a larger concern as time goes by: more and more sites are obtaining certificates, vitally important documents needed to deploy HTTPS, but we have no way of protecting ourselves when things go wrong.
|
| |
(Jul 3) |
| |
US authorities intercepted and recorded millions of phone calls last year under a single wiretap order, authorized as part of a narcotics investigation.
|
| |
(Jul 10) |
| |
The last several years have seen a slew of reports coming out lamenting the typical enterprise's ability to recruit and retain quality cybersecurity talent.
|
Jul 10, 2017
•
Anthony Pell
PREVIOUS
NEXT
