Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
LinuxSecurity.com Feature Extras:
- Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.
- When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.
| |
(Jun 21) |
| |
The Ztorg malware hid in apps on Google's Play Store to send premium-rate SMS texts and delete incoming SMS messages on Android devices.
|
| |
(Jun 21) |
| |
There were a number of incidents in 2016 that triggered increased interest in the security of so-called IoT or ‘smart' devices. They included, among others, the record-breaking DDoS attacks against the French hosting provider OVH and the US DNS provider Dyn. These attacks are known to have been launched with the help of a massive botnet made up of routers, IP cameras, printers and other devices.
|
| |
(Jun 19) |
| |
Hundreds of commercial Wi-Fi routers are, or were, easily hackable by the CIA, according to classified files published today by WikiLeaks.
|
| |
(Jun 20) |
| |
Severe vulnerabilities have been discovered in popular Linux and Unix systems which can be used to blow apart barriers to root powers, researchers have discovered.
|
| |
(Jun 22) |
| |
Powerful programs run daily by users of Linux and other flavors of Unix are riddled with holes that can be exploited by logged-in miscreants to gain root privileges, researchers at Qualys have warned.
|
| |
(Jun 19) |
| |
Alpine Linux, the security-oriented, independently-developed, and lightweight GNU/Linux distribution based on musl libc and BusyBox, was updated today to version 3.6.2.
|
| |
(Jun 20) |
| |
pyrasite is a Python-based toolkit to inject code into running Python processes.
|
| |
(Jun 23) |
| |
Late July and early August are a bit like summer camp and Christmas rolled into one for your typical white hat penetration tester. Not only does the yearly Black Hat USA confab in Vegas give them the opportunity to step away from the keyboard to share ideas and socialize with like-minded friends and colleagues, but it also usually provides a cornucopia of new tools for hacking the heck out of enterprise systems.
|
| |
(Jun 19) |
| |
Chromebooks are one of the most secure devices you can give a non-technical end user, and at a price point few can argue with, but that security comes with a privacy trade off: you have to trust Google, which is part of the NSA's Prism programme, with your data in the cloud.
|
| |
(Jun 22) |
| |
A researcher has revealed four dangerous bugs, among others, in OpenVPN which two recent audits of the virtual private network's code failed to find.
|
| |
(Jun 23) |
| |
OpenVPN has patched a bunch of security vulnerabilities that can be exploited to crash the service or, at a pinch, potentially gain remote-code execution.You should update your installations to versions 2.4.3 or 2.3.17 as soon as you can just to be on the safe side.
|
| |
(Jun 19) |
| |
Canonical's Steve Langasek presented the first edition of the Ubuntu Foundations Team weekly newsletter with some exciting information about the upcoming Ubuntu 17.10 (Artful Aardvark) operating system.
|
Jun 26, 2017
•
Anthony Pell
PREVIOUS
NEXT
