Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.

(Nov 20)

Linus Torvalds created Linux, which now runs vast swathes of the internet, including Google and Facebook. And he invented Git, software that's now used by developers across the net to build new applications of all kinds. But that's not all Torvalds has given the internet.
Red Hat Enterprise Linux 6 Secure-Ready for Government Cloud (Nov 20)

Red Hat Enterprise Linux 6, including the KVM hypervisor, has been awarded a major security certification used by IT in government, financial and other mission-critical verticals. By receiving the Common Criteria Certification at Evaluation Assurance Level (EAL) 4+, which is the highest level of assurance for an unmodified commercial operating system, Red Hat can assure public sector customers looking at cloud and virtualization will meet a range of important security assurance requirements.
Researchers Raving Over Remarkable Rootkit (Nov 20)

One of the more advanced rootkits to have hit town in recent memory has got security researchers across the globe in a tizz, even though it hasn't even been finished.
Hacker found guilty of AT&T data breach (Nov 21)

A hacker has been convicted of the AT&T security breach in 2010 in which 120,000 iPad owners' email addresses were leaked. Andrew 'Weev' Auernheimer, 26, has been found guilty in the District Court in New Jersey of conspiracy to access a computer without authorization and fraud in connection with personal information. He'll be sentenced in February, and faces up to five years in prison on each count.
Feds increasingly see hacker conferences as key learning ground to keep systems safe, documents sugg (Nov 23)

It was August 2011, and a lone Public Safety Canada cyber-security official wanted to take a trip to Las Vegas to meet with the experts on cracking into government systems: hackers.
(Nov 23)

The hacker known as "Weev" doesn't make a convenient cause c