Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
LinuxSecurity.com
Feature Extras:
- Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.
- When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.
| |
(Sep 20) |
| |
Thousands of companies may be susceptible to the same type of hack that recently struck Equifax.The Equifax breach was the result of a vulnerable Apache Struts component.
|
| |
(Sep 19) |
| |
But some of the laws created to protect us have strings attached--and some of these strings could strangle the Internet. That's because laws have many sections with unclear writing that allow for interpretations so broad that not even Dora could explore them. The concern is that these laws could create a chilling effect--that is, when people quell their own speech in fear of litigation or sanctions.
|
| |
(Sep 20) |
| |
Another day, another cloud leak: Kromtech researchers recently came across a misconfigured CouchDB database exposing information on 593,328 Alaskan voters.
|
| |
(Sep 19) |
| |
Wi-Fi is one entry-point hackers can use to get into your network without setting foot inside your building because wireless is much more open to eavesdroppers than wired networks, which means you have to be more diligent about security.
|
| |
(Sep 21) |
| |
Slack is distributing open Linux-based versions of its technology that are not digitally signed, contrary to industry best practice.
|
| |
(Sep 19) |
| |
Bittorrent search engine and mortal enemy of intellectual property lawyers, The Pirate Bay, has upset the one group of people that actually likes it: its users.
|
| |
(Sep 18) |
| |
The domain name system (DNS) is vital to the internet's operations, which makes it an obvious target. The architecture of DNS can even amplify the effect of some distributed denial of service (DDoS) attacks. But a new technique could help change that.
|
| |
(Sep 21) |
| |
Hackers have defeated the Touch ID technology that has been superseded by Face ID. Galloway reckons it's only a matter of time before attacks against Apple's latest authentication technology are successful.
|
| |
(Sep 18) |
| |
For once, the MPAA and RIAA might have been tickled by the famous piracy site The Pirate Bay after TPB ticked off some pirates by hijacking their CPU cycles to secretly mine cryptocurrency.
|
| |
(Sep 20) |
| |
A Chrome browser extension, with over 140,000 users, is gobbling up the resources of users' computers by secretly mining for virtual cash.
|
| |
(Sep 22) |
| |
Joomla has patched a critical bug which could be used to steal account information and fully compromise website domains.This week, the content management system (CMS) provider issued a security advisory detailing the flaw, which is found in the LDAP authentication plugin.
|
| |
(Sep 22) |
| |
The Pirate Bay has come under fire for testing a Monero javascript miner as a possible means for generating new revenue to replace its current model of making money through advertising on the site.
|
Sep 25, 2017
•
Anthony Pell
PREVIOUS
NEXT
