Linux Security Week: October 12th, 2015

    Date12 Oct 2015
    CategoryNewsletters
    451
    Posted ByAnthony Pell

    Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.


    LinuxSecurity.com Feature Extras:

    Essential tools for hardening and securing Unix based Environments - System administrators are aware as how important their systems security is, not just the runtime of their servers. Intruders, spammers, DDOS attack, crackers, are all out there trying to get into people's computers, servers and everywhere they can lay hands on and interrupt the normal runtime of services.

    Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.


     Automatic Face Recognition and Surveillance (Oct 5)
     

    ID checks were a common response to the terrorist attacks of 9/11, but they'll soon be obsolete. You won't have to show your ID, because you'll be identified automatically. A security camera will capture your face, and it'll be matched with your name and a whole lot of other information besides.

     This vigilante virus protects you against malware attacks, quotes Richard Stallman (Oct 5)
     

    Forget about traditional PC malware: Infecting routers and other Internet-connected devices is the new hotness among malicious actors, given its effectiveness and relative ease. But there's a new sort of malware swirling across the web--vigilante code that infiltrates your router and Internet of Things devices and then actually hardens them against traditional attacks, leaving helpful messages and homages to free software activist Richard Stallman in its wake.

     Incompetence, not Linux, is behind the XOR DDoS botnet (Oct 6)
     

    I get really, really tired of stories that make it sound like Linux has become more insecure.No, it hasn't.Here are some simple security truths.First, no operating system or program is secure. Some are more secure than others. So sure, Linux is inherently more secure than Windows. But a badly managed Linux server will still be more insecure than a well-administered Windows system.

     Hacking Wireless Printers With Phones on Drones (Oct 6)
     

    You might think that working on a secured floor in a 30-story office tower puts you out of reach of Wi-Fi hackers out to steal your confidential documents.

     Turnbull: Don't assume government email is more secure than private email (Oct 9)
     

    Concerns over Malcolm Turnbull using his own private email server have been rebuked by the Australian Prime Minister, who said that all parliamentarians use insecure communication methods all the time, most notably, SMS messaging.

     Fretting about Stagefright on Galaxy S5? CyanogenMod's stable release has a fix (Oct 8)
     

    CyanogenMod has rolled out stable builds for about 50 handsets and is including the October security fixes that Google released this week for Nexus devices.For Android users concerned about easily exploited bugs like Stagefright 1.0 and 2.0, it seems that the fastest way to get critical security updates is to replace the device's existing firmware with CyanogenMod.

     Who will take the fall for Pirate Bay piracy? Case heads back to court (Oct 7)
     

    The Swedish government is having another crack at pinning responsibility for piracy on Sweden's top-level domain registry for .se, IIS.This spring a Swedish district court ordered two Pirate Bay domains at .se addresses to be handed over to the state, marking a major victory for long-time pirate-hunting prosecutor Fredrik Inblad.

     25-GPU cluster cracks every standard Windows password in (Oct 9)
     

    A password-cracking expert has unveiled a computer cluster that can cycle through as many as 350 billion guesses per second. It's an almost unprecedented speed that can try every possible Windows passcode in the typical enterprise in less than six hours.

     Journalist convicted of helping Anonymous hack the LA Times (Oct 8)
     

    A journalist accused of helping a rogue hacking group briefly take control of the LA Times' website was convicted by a federal jury in California on Wednesday.Matthew Keys, 28, of Vacaville, California, was convicted of conspiracy to make unauthorized changes to a computer, transmitting malicious code and attempted transmission of malicious code, according to the Department of Justice.

     Quarter of firms can't tell how hackers get in (Oct 9)
     

    The majority of large companies have experienced a breach over the past twelve months, but almost a quarter, 23 percent, of firms do not know how the hackers got in, according to a new survey.

      Matthew Garrett is not forking Linux (Oct 9)
     

    When Matthew Garrett, well-known Linux kernel developer and ‎CoreOS principal security engineer, announced he was releasing a [Linux] kernel tree with patches that implement a BSD-style securelevel interface, I predicted people would say Garrett was forking Linux. I was right. They have. But, that's not what Garrett is doing.

     China Cyberspying on U.S.--After No-Hacking Deal (Oct 8)
     

    Three days after Obama and Xi Jinping signed a historic agreement to curb online economic espionage, the FBI issued a fresh warning about Chinese spies in U.S. corporate networks.

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"82","type":"x","order":"1","pct":56.16,"resources":[]},{"id":"88","title":"Should be more technical","votes":"22","type":"x","order":"2","pct":15.07,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"42","type":"x","order":"3","pct":28.77,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.