Language Selection

English French German Italian Portuguese Spanish

Security: Updates, NewEgg Breach, "Master Password" and CLIP OS

Filed under
Security
  • Security updates for Thursday
  • NewEgg cracked in breach, hosted card-stealing code within its own checkout

    The popular computer and electronics Web retailer NewEgg has apparently been hit by the same payment-data-stealing attackers who targeted TicketMaster UK and British Airways. The attackers, referred to by researchers as Magecart, managed to inject 15 lines of JavaScript into NewEgg's webstore checkout that forwarded credit card and other data to a server with a domain name that made it look like part of NewEgg's Web infrastructure. It appears that all Web transactions over the past month were affected by the breach.

  • "Master Password" Is A Password Manager Alternative That Doesn't Store Passwords

    Master Password is a different way of using passwords. Instead of the "know one password, save all others somewhere" way of managing passwords used by regular password managers, Master Password's approach is "know one password, generate all the others".

  • French cyber-security agency open-sources CLIP OS, a security hardened OS

    The National Cybersecurity Agency of France, also known as ANSSI (Agence Nationale de la Sécurité des Systèmes d'Information), has open-sourced CLIP OS, an in-house operating system its engineers had developed to address the needs of the French government administration.

    In a press release, ANSSI described CLIP OS as a "Linux-based operating system [that] incorporates a set of security mechanisms that give it a very high level of resistance to malicious code and allow it to protect sensitive information."

More on CLIP OS

  • French Government Open Sources Secure Operating System

    The French government’s national cybersecurity agency has released an operating system built using open source components internally over the course of more than 10 years for use by the French administration.

    Dubbed CLIP OS, the operating system is based on the open source Linux kernel, but focuses on security hardening and provides partitioning mechanisms that allow the processing of both public and sensitive information in isolation on the same computer.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Red Hat on Middleware, RHEL AUDITD, and More Security Issues

  • Open Outlook: Middleware (part 1)
    Middleware, both as a term and as a concept, has been around for decades. As a term, like other terms in the Darwinian world of IT jargon, it has followed a typical fashion lifecycle and is perhaps somewhat past its apogee of vogue. As a concept, however, middleware is more relevant than ever, and while a memetic new label hasn't quite displaced the traditional term, the capabilities themselves are still very much at the heart of enterprise application development. Middleware is about making both developers and operators more productive. Analogous to standardized, widely-used, proven subassemblies in the manufacture of physical goods such as cars, middleware relieves developers from "reinventing the wheel" so that they can compose and innovate at higher levels of abstraction. For the staff responsible for operating applications in production, at scale, with high reliability and performance, the more such applications use standardized middleware components and services, the more efficient and reliable the running of the application can be.
  • RHEL AUDITD
  • Security updates for Tuesday

Vulkan/DXVK and More GNU/Linux Games (Native)

Software and HowTos: Organizer, Handbrake, Logical & in Bash and Python

Android Leftovers