Security

ID theft, vulnerabilities, privacy issues, etc

Coverity Catches Biggest X Window Security Hole Since 2000

Filed under
Security

Coverity, Inc., makers of the world’s most advanced and scalable source code analysis solution, today announced that as a result of their contract with US Department of Homeland Security (DHS), the biggest X Window System security vulnerability of the last six years was identified and fixed.

Linux Kernel CIFS chroot Directory Traversal Vulnerability

Filed under
Security

Marcel Holtmann has reported a vulnerability in the Linux Kernel, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability has been reported in versions prior to 2.6.16.11.

Public sector security put to test

Filed under
Security

The government announced yesterday (Wednesday) that it is testing a security architecture intended to bolster protection of public sector IT systems from hackers and security breaches.

Theoretical Hacking for IT Managers

Filed under
Security

Not everyone has "l33t skilz" or mass amounts of hardened TCP/IP stack programming experience. When I'm at work, I don't look at logs all day long, nor do I run security audits every five minutes. I do my job, which takes all of my time. This is the situation for most small to medium sized companies that have only a few IT guys. So how does an everyday IT guy handle the constant threat of impending attack?

How do I scan my Linux system for rootkits, worms, trojans, etc.?

Filed under
Security
HowTos

How do I scan my Linux system for rootkits, worms, trojans, etc.?

Either with ckrootkit or with rkhunter.

n/a

More attacks directed at Linux systems in RP in first 3 month

Filed under
Security

MORE attacks were directed at Linux systems in the Philippines during the first quarter of 2006, a report from a local security research group revealed.

DHS Bug Hunt Returns Mixed Reaction

Filed under
Security

The results of a Homeland Security Department-funded bug hunt spanning 40 popular open-source programs has thus far met ambivalence from the open-source community. While many projects are using the results to improve their software, others are bemoaning the high number of false positives.

Does open source encourage rootkits?

Filed under
Security

Rootkits are becoming more prevalent and difficult to detect, and security vendor McAfee says the blame falls squarely on the open source community.

n/a

New PoC malware can infect both Windows and Linux

Filed under
Security

Kaspersky Lab today reported a new proof-of-concept (PoC) cross-platform virus that creates malicious code to infect both Linux and Microsoft Windows operating systems.

AT&T Forwards ALL Internet Traffic Into NSA Says EFF

Filed under
Security

The Electronic Frontier Foundation (EFF) on Wednesday filed the legal briefs and evidence supporting its motion for a preliminary injunction in its class-action lawsuit against AT&T. The evidence that we are filing supports our claim that AT&T is diverting Internet traffic into the hands of the NSA wholesale, in violation of federal wiretapping laws and the Fourth Amendment.

Linux Kernel Sysfs Local Denial of Service Vulnerability

Filed under
Security

A vulnerability has been reported in Linux Kernel 2.6.x, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

n/a
n/a

Linux Kernel Point Release Fixes Flaws

Filed under
Security

The new 2.6.16.1 Linux kernel point release follows the 2.6.16 release by a week and includes various bug fixes, as well as a fix for a potential security vulnerability.

Four New RealPlayer Bugs Squashed

Filed under
Security

RealNetworks on Wednesday disclosed four critical bugs in a large number of its media products, then rolled out new, patched versions for Windows, Mac OS X, and Linux.

Sendmail flaw opens door to intruders

Filed under
Security

A serious flaw exists in certain versions of the popular Sendmail open-source and commercial e-mail software, but fixes are available, researchers said Wednesday.

Linux Kernel "do_replace" and "NDIS" Response Buffer Overflow Vulnerabilities

Filed under
Security

Two vulnerabilities have been identified in Linux Kernel, which could be exploited by attackers to execute arbitrary commands or cause a denial of service in Kernel versions prior to 2.6.16.

Ultra-fierce DoS computer attacks on the rise

Filed under
Security

A shattering new form of the "denial-of-service" computer attack could be on the rise, according to a company that controls some of the internet's core infrastructure.

Syndicate content