Security

ID theft, vulnerabilities, privacy issues, etc

Back door in ProFTPD FTP server

Filed under
Software
Security

h-online.com: Unknown attackers penetrated the server hosting the open source ProFTPD FTP server project and concealed a back door in the source code.

A history of viruses on Linux

Filed under
Linux
Software
Security

neowin.net: As requested by a user we wanted to give you a history of viruses on Linux. Given the tight security integrated into Linux, it is difficult to take advantage of a vulnerability on the computer, but some programmers have found ways around the security measures.

Android vulnerability permits data theft

Filed under
Security

h-online.com: Security expert Thomas Cannon has discovered a security vulnerability in the Android browser which can be exploited by attackers to read local files when a smartphone user visits a crafted web site.

EFF Tool Offers New Protection Against 'Firesheep'

Filed under
Security

eff.org: The Electronic Frontier Foundation (EFF) has launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection for Firefox browser users against "Firesheep" and other exploits of webpage security flaws.

OpenSSL Issues Fix

Filed under
Software
Security

crn.com: The OpenSSL server has been patched to repair a critical security glitch that could be exploited in remote code execution attacks.

Another Flash update patches multiple vulnerabilities

Filed under
Software
Security

itwire.com: Adobe has released an update for Flash Player to address 18 vulnerabilities, some of which are regarded as critical.

Linux Java-Based Trojan Might Have Been an Accident

Filed under
Security

softpedia.com: A more detailed analysis of the recently discovered cross-platform social networking trojan, suggests that the Linux infection vector might have been an unintended side effect.

New Koobface Variant Infects Linux Systems

Filed under
Linux
Security

softpedia.com: Security researchers warn that a new drive-by download attack is capable of infecting Windows, Mac OS X and Linux systems with a new variant of the notorious Koobface worm.

Two Vulnerabilities Provide Root Access on Linux

Filed under
Linux
Security

pcworld.com: Two new vulnerabilities affecting Linux were uncovered this week that could potentially be used by malicious hackers to gain root privileges.

The Sheer Hypocrisy of Redmond's Stab at Internet Health

Filed under
Microsoft
Security
Web

linuxinsider.com: "Forcing every device to issue a 'health certificate' before being allowed to connect anywhere will restrict the OS market to corporate-backed players only," explained Montreal consultant Gerhard Mack. "No more Linux, *BSD or any experimental OS because they won't be able to generate the certificate."

Thank you, Linux! My Windows computer is infected

Filed under
Linux
Microsoft
Security
Humor

mandrivachronicles.blogspot: That's right. My desktop, which runs Windows, is infected and I blame Linux.

Some Android apps caught covertly sending GPS data to advertisers

Filed under
Security

arstechnica.com: The results of a study conducted by researchers from Duke University, Penn State University, and Intel Labs have revealed that a significant number of popular Android applications transmit private user data to advertising networks without explicitly asking or informing the user.

A Tale of Two Root Exploits, and Why We Shouldn't Panic

Filed under
Security

linuxinsider.com: "The article is alarmist," said Slashdot blogger Barbara Hudson, referring to a warning about a kernel bug. "It was ONE shared-hosting public-facing server at iWeb.com, among their tens of thousands of servers. "Are you running a publicly-facing shared-host server? No? Then don't worry about it."

SCAP: computer security for the rest of us

Filed under
Security

opensource.com: I'm setting up a new computer. I get through the registration screens, install my software, change my wallpaper, and everything's working fine. I'm left, though, with a lingering, uneasy feeling: I don't know if this machine is secure.

FOSS Security Updates vs Microsoft Patch Day

Filed under
OSS
Security

blog.eracc.com: It is almost that time again. The ritual of installing Microsoft patches released on the second Tuesday of each month to fix security problems. It is an ironic coincidence that I have received update notices from Mandriva for software installed on my Linux PC systems as well this weekend.

Linux distributions update for Web flaw

Filed under
Linux
Security

itworld.com (IDG): A number of Linux distributors have issued patches for fixing a widely used program that fetches Web pages, called Wget, so it can not be misused by attackers.

LinuxCon: Exploits Show Why Linux Is Vulnerable

Filed under
Linux
Security

esecurityplanet.com: There is a widely held belief that Linux is a completely secure operating system. But to Brad Spengler of the grsecurity project, the belief is far from accurate. And he has the kernel exploits to prove it.

Unix How-To: Give Me That Old-Time Security!

Filed under
Security
HowTos

itworld.com: Even in the wild frontiers of today's Internet, good basic Unix system security provides extremely valuable protection against security breaches. In today's column, I'm going to rant about some basic security rules of thumb that every Unix sysadmin ought to consider.

Security vs. Convenience

Filed under
Security

linuxjournal.com: Although my intent is not to start the next GNOME/KDE-level war, it seems there must be a happy medium between total desktop insecurity and total desktop unusability.

Syndicate content