MORE attacks were directed at Linux systems in the Philippines during the first quarter of 2006, a report from a local security research group revealed.
The results of a Homeland Security Department-funded bug hunt spanning 40 popular open-source programs has thus far met ambivalence from the open-source community. While many projects are using the results to improve their software, others are bemoaning the high number of false positives.
Rootkits are becoming more prevalent and difficult to detect, and security vendor McAfee says the blame falls squarely on the open source community.
Kaspersky Lab today reported a new proof-of-concept (PoC) cross-platform virus that creates malicious code to infect both Linux and Microsoft Windows operating systems.
The Electronic Frontier Foundation (EFF) on Wednesday filed the legal briefs and evidence supporting its motion for a preliminary injunction in its class-action lawsuit against AT&T. The evidence that we are filing supports our claim that AT&T is diverting Internet traffic into the hands of the NSA wholesale, in violation of federal wiretapping laws and the Fourth Amendment.
A vulnerability has been reported in Linux Kernel 2.6.x, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The new 188.8.131.52 Linux kernel point release follows the 2.6.16 release by a week and includes various bug fixes, as well as a fix for a potential security vulnerability.
RealNetworks on Wednesday disclosed four critical bugs in a large number of its media products, then rolled out new, patched versions for Windows, Mac OS X, and Linux.
A serious flaw exists in certain versions of the popular Sendmail open-source and commercial e-mail software, but fixes are available, researchers said Wednesday.
Two vulnerabilities have been identified in Linux Kernel, which could be exploited by attackers to execute arbitrary commands or cause a denial of service in Kernel versions prior to 2.6.16.
A shattering new form of the "denial-of-service" computer attack could be on the rise, according to a company that controls some of the internet's core infrastructure.
Many, many innovations come from the Linux and Unix world. Few are more intriguing to me than port knocking. Port knocking works on the concept that users wishing to attach to a network service must initiate a predetermined sequence of port connections or send a unique string of bytes before the remote client can connect to the eventual service.
Here's a list of the 10 best security Live CD Distros. It's a nice compilation with brief descriptions of tools and such with handy download links.
Hackers are actively seeking out unpatched versions of the Mambo content management system, which recently repaired a serious security hole. Sites running on Mambo should upgrade to the latest version as soon as possible.
This week, Coverity announced the initial results of its code scans, churning out numbers for 32 open source projects. Somewhat tellingly, the average defect density of just the LAMP (Linux, Apache, MySQL, and Perl/PHP) stack was .290. These numbers are all well and good, but what are open source developers supposed to do with them now?
A test has revealed that a Linux server is far less likely to be compromised than a Windows one. In fact, unpatched Red Hat and SuSE servers were not breached at all during a six-week trial, while the equivalent Windows systems were compromised within hours.
The Globus Consortium Journal (http://www.globusconsortium.org/journal) this month features Grid security perspectives from a range of experts from both the open source and vendor community. Highlights include: