Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
LinuxSecurity.com
Feature Extras:
- Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.
- When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.
| |
(Oct 10) |
| |
Technology and cloud giant Accenture has confirmed it inadvertently left a massive store of private data across four unsecured cloud servers, exposing highly sensitive passwords and secret decryption keys that could have inflicted considerable damage on the company and its customers.
|
| |
(Oct 9) |
| |
Virtual private network provider PureVPN helped the FBI track down an Internet stalker, by combing its logs to reveal his IP address.
|
| |
(Oct 9) |
| |
Mozilla has launched a pilot program using Cliqz technology to pull user browsing data in Firefox.
|
| |
(Oct 10) |
| |
The kernel has a feature where it will load certain kernel modules for a process, when certain syscalls are made. For example, loading a kernel module when a process attempts to create a different network socket.
|
| |
(Oct 9) |
| |
Defending against cyber-attacks is as big a challenge for the UK as protecting against terrorism, according to the director of GCHQ.
|
| |
(Oct 12) |
| |
Containers provide an easy way to package applications and deliver them seamlessly from development to test to production. This helps ensure consistency across a variety of environments, including physical servers, virtual machines (VMs), or private or public clouds.
|
| |
(Oct 12) |
| |
The Apache HTTP Web Server (commonly simply referred to as 'Apache') is the most widely deployed web server in the world, and until last week, it was at risk from a security vulnerability known as Optionsbleed.
|
| |
(Oct 13) |
| |
Network-based firewalls have become almost ubiquitous across US enterprises for their proven defense against an ever-increasing array of threats.
|
| |
(Oct 13) |
| |
A new report suggests hundreds of websites have taken The Pirate Bay's lead and are now using visitor PCs to mine cryptocurrency without the consent of users.
|
| |
(Oct 12) |
| |
This post explores how Tor onion services can be integrated into existing web services, making them more secure. This integration will use the "publish / subscribe" pattern over Tor to trigger re-builds of the txtorcon documentation (which is hosted on an onion service). We will use Tor to transport the published messages so the network-location of the machine hosting the onion service remains hidden.
|
| |
(Oct 16) |
| |
An air of unease set into the security circles on Sunday as they prepared for the disclosure of high-severity vulnerabilities in the Wi-Fi Protected Access II protocol that make it possible for attackers to eavesdrop Wi-Fi traffic passing between computers and access points.
|
| |
(Oct 16) |
| |
An advisory from Cisco issued last Friday, October 13th, gave us the heads-up on a local privilege escalation vulnerability in the Advanced Linux Sound Architecture (ALSA).
|
Oct 17, 2017
•
Anthony Pell
PREVIOUS
NEXT
