Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
LinuxSecurity.com Feature Extras:
- Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.
- When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.
| |
(Jun 6) |
| |
If you want your Linux server to be really secure, you defend it with SELinux. Many sysadmins don't bother because SELinux can be difficult to set up. But, if you really want to nail down your server, you use SELinux. This makes the newly discovered Linux security hole -- with the sudo command that only hits SELinux-protected systems -- all the more annoying.
|
| |
(Jun 5) |
| |
WikiLeaks is still dumping CIA cyberweapons on the Internet. Its latest dump is something called "Pandemic": The Pandemic leak does not explain what the CIA's initial infection vector is, but does describe it as a persistent implant.
|
| |
(Jun 7) |
| |
Former Director of National Intelligence James Clapper has said there needs to be a form of encryption developed that protects privacy, but one that authorities can access.
|
| |
(Jun 7) |
| |
Studies conducted by Google show that for many developers finding code online consumes a large portion of the day. Finding a simple function, a library, a useful package, a reusbale component or a useful "how to" blog tutorial isn't always simple. Knowing if you can trust and use the code you found can be even more tricky.
|
| |
(Jun 7) |
| |
It can be days before vulnerabilities shared on the Dark Web are being published made public through the NVD and advisories, researchers have discovered.
|
| |
(Jun 5) |
| |
The Dark Overlord, the hacking group which released 10 of 13 new Orange Is the New Black episodes in late April after Netflix refused to pay a ransom, has now leaked nearly the entire first season of ABC's upcoming Steve Harvey's Funderdome.
|
| |
(Jun 8) |
| |
The Tor Browser Team is proud to announce the first stable release in the 7.0 series. This release is available from the Tor Browser Project page and also from our distribution directory.
|
| |
(Jun 9) |
| |
EtherApe is a graphical network monitor for Unix modelled after etherman. Featuring link layer, IP and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Colour coded protocols display.
|
| |
(Jun 9) |
| |
Porn bots are as much a part of Twitter as subtweets. Now, a leaky server provides a glimpse of what happens behind the scenes.
|
| |
(Jun 12) |
| |
Did you ever want to be at two different places at the same time? While performing penetration tests there are often problems caused by security devices that block the "attacking" IP. With a large number of IP addresses performing the attacks, better results are guaranteed - especially when attempting attacks to bypass Web Application Firewalls, Brute-Force type attacks and many more.
|
| |
(Jun 12) |
| |
Container vendor Docker is aiming to improve Linux kernel security by incubating several nascent Linux security projects within its LinuxKit community. LinuxKit is an open-source effort that Docker officially announced on April 18 as a toolkit to build container-optimized Linux distributions.
|
Jun 12, 2017
•
Anthony Pell
PREVIOUS
NEXT
