blogs.zdnet: The U.S. Computer Emergency Readiness Team (CERT) has issued a warning for what it calls “active attacks” against Linux-based computing infrastructures using compromised SSH keys.
itwire.com: A week or so ago, end users of the Linux-based Red Hat Fedora OS were warned to avoid downloading packages due to an "issue in the infrastructure systems" which waved big red flags suggesting a security breach to many industry observers.
redhat.com: Last week we discovered that some Fedora servers were illegally
accessed. The intrusion into the servers was quickly discovered, and the
servers were taken offline.
linuxmint.com/blog: Our server was hacked and code was injected into it to make connections on our behalf to pinoc.org and download a trojan called JS/Tenia.d
Examples of "shred" usage on a fresh install of Ubuntu 8.04.1
blog.wired.com: The Massachusetts Bay Transportation Authority filed a suit in federal court on Friday seeking a temporary restraining order to prevent three undergraduate students from the Massachusetts Institute of Technology from presenting a talk at the DefCon hacker conference this weekend about security vulnerabilities in payment systems used in the Massachusetts mass transit system.
A tutorial on howto setup Metasploit, a tool for exploit testing, IDS, and pen testing.
How A rootkit Exactly Works — Explaination and dissection of the dica rootkit (a variant of the t0rn rootkit).
mylro.org: Linux and UNIX-like operating systems in general are regarded as being more secure for the common user, in contrast with operating systems that have "Windows" as part of their name. Why is that?
[M]alware includes not just virii, but worms, trojans and root-kits. These known and widely available tools are not the only options available to intruders either. GNU/Linux users should not have any false sense of security just based on the fact that viruses designed for exclusively for windows won't run on GNU/Linux.
Whether you are online or offline, freedom matters. Like good health you never think about it or miss it until it is under threat or actually gone. If you love freedom, you probably love free software and it has given us some terrific tools with which to defend freedom. In this article I will give an overview of some of the available resources (Freenet, Wikileaks and Tor) to protect dissident opinion, facilitate whistle blowing and promote the safe and anonymous development of free software.
blog.wired.com: In passing the FISA Amendments Act, US Congress gave the executive branch the power to order Google, AT&T and Yahoo to forward to the government all e-mails, phone calls and text messages where one party to the conversation is thought to be overseas.
cnet.com: Less than one day after its launch, Firefox 3 has a vulnerability. According to Tipping Point's Zero Day Initiative, the vulnerability, which it rates as critical, was reported within the first five hours of Firefox 3's release.
In recent history, journaling file systems were viewed as an oddity and thought of primarily in terms of research. But today, a journaling file system (ext3) is the default in Linux®. Discover the ideas behind journaling file systems, and learn how they provide better integrity in the face of a power failure or system crash. Learn about the various journaling file systems in use today, and peek into the next generation of journaling file systems.
Over the last few years there has been a lot of fanfare around open source companies and their liquidation events. Most of the news has been around Sun’s billion dollar acquisition of MySQL or the Citrix acquisition of Xen and even Yahoo’s acquisition of Zimbra. Recently, SourceFire has been in the news a bit lately as Barracuda Networks has made a bid for their open source competitor.
raiden.net: One of the most prized rights of any American is the right to privacy and security. It's something people in some countries would kill for. Yet now there appears to be a very frightening trend growing. Your privacy and security are being thrown out the window wholesale in favor of easier access by law enforcement.
blogs.zdnet.com: Not to defend Microsoft, as kernel exploits that provide privileged access are terrible flaws, but we had an interesting discussion in the talkbacks where several people acted as if Microsoft was the only place that could’ve made such mistakes. Well, this is a common flaw across operating systems that is difficult to catch due to the complexities of kernel code.
maketecheasier.com: When a seasoned Windows user first migrates to Linux, the first question is always “where is the anti-virus?” I have been asked this question countless time and were always given the “you are lying to me” kind of look when I told them that they don’t need anti-virus software in Linux.
linuxworld.com (IDG): It's the most anticipated matchup in the hacker world: Linux versus Mac OS X versus Vista. Who will get hacked first? That's what organizers of the CanSecWest security conference hope to discover this week.
linux.com: Given all the fuss in the news recently about compromised Linux/Apache servers being responsible for infecting Windows users with malware when they visit those compromised sites, we thought it would be a good time to take a look at three of the best rootkit/malware detection tools available for Linux desktop and SOHO users.