LinuxSecurity.com

Syndikovat obsah
The central voice for Linux and Open Source security news.
Aktualizace: 25 min 47 sek zpět

Researcher calls the fuzz on OpenVPN, uncovers crashy vulns

23 Červen, 2017 - 11:51
LinuxSecurity.com: OpenVPN has patched a bunch of security vulnerabilities that can be exploited to crash the service or, at a pinch, potentially gain remote-code execution. You should update your installations to versions 2.4.3 or 2.3.17 as soon as you can just to be on the safe side.
Kategorie: Hacking & Security

8 Hot Hacking Tools to Come out of Black Hat USA

23 Červen, 2017 - 11:49
LinuxSecurity.com: Late July and early August are a bit like summer camp and Christmas rolled into one for your typical white hat penetration tester. Not only does the yearly Black Hat USA confab in Vegas give them the opportunity to step away from the keyboard to share ideas and socialize with like-minded friends and colleagues, but it also usually provides a cornucopia of new tools for hacking the heck out of enterprise systems.
Kategorie: Hacking & Security

Stack Clash flaws blow local root holes in loads of top Linux programs

22 Červen, 2017 - 12:59
LinuxSecurity.com: Powerful programs run daily by users of Linux and other flavors of Unix are riddled with holes that can be exploited by logged-in miscreants to gain root privileges, researchers at Qualys have warned.
Kategorie: Hacking & Security

OpenVPN taken to task after audit ignores remote code execution flaws

22 Červen, 2017 - 12:47
LinuxSecurity.com: A researcher has revealed four dangerous bugs, among others, in OpenVPN which two recent audits of the virtual private network's code failed to find.
Kategorie: Hacking & Security

Honeypots and the Internet of Things

21 Červen, 2017 - 11:53
LinuxSecurity.com: There were a number of incidents in 2016 that triggered increased interest in the security of so-called IoT or 'smart' devices. They included, among others, the record-breaking DDoS attacks against the French hosting provider OVH and the US DNS provider Dyn. These attacks are known to have been launched with the help of a massive botnet made up of routers, IP cameras, printers and other devices.
Kategorie: Hacking & Security

Ztorg malware hid in Google Play to send premium-rate SMS texts, delete incoming SMS messages

21 Červen, 2017 - 11:44
LinuxSecurity.com: The Ztorg malware hid in apps on Google's Play Store to send premium-rate SMS texts and delete incoming SMS messages on Android devices.
Kategorie: Hacking & Security

Stack Clash vulnerabilities smash Linux defenses in the quest for root access

20 Červen, 2017 - 12:08
LinuxSecurity.com: Severe vulnerabilities have been discovered in popular Linux and Unix systems which can be used to blow apart barriers to root powers, researchers have discovered.
Kategorie: Hacking & Security

pyrasite - Inject Code Into Running Python Processes

20 Červen, 2017 - 12:06
LinuxSecurity.com: pyrasite is a Python-based toolkit to inject code into running Python processes.
Kategorie: Hacking & Security

WikiLeaks emits CIA's Wi-Fi pwnage tool docs

19 Červen, 2017 - 11:49
LinuxSecurity.com: Hundreds of commercial Wi-Fi routers are, or were, easily hackable by the CIA, according to classified files published today by WikiLeaks.
Kategorie: Hacking & Security

Security-Oriented Alpine Linux 3.6.2 OS Adds Linux Kernel 4.9.32 and Tor 0.3.0.8

19 Červen, 2017 - 11:46
LinuxSecurity.com: Alpine Linux, the security-oriented, independently-developed, and lightweight GNU/Linux distribution based on musl libc and BusyBox, was updated today to version 3.6.2.
Kategorie: Hacking & Security

Ubuntu 17.10 to Improve Secure Boot for Booting Windows from GRUB, Enable PIE

19 Červen, 2017 - 11:45
LinuxSecurity.com: Canonical's Steve Langasek presented the first edition of the Ubuntu Foundations Team weekly newsletter with some exciting information about the upcoming Ubuntu 17.10 (Artful Aardvark) operating system.
Kategorie: Hacking & Security

How to install Linux on a Chromebook (and why you should)

19 Červen, 2017 - 11:43
LinuxSecurity.com: Chromebooks are one of the most secure devices you can give a non-technical end user, and at a price point few can argue with, but that security comes with a privacy trade off: you have to trust Google, which is part of the NSA's Prism programme, with your data in the cloud.
Kategorie: Hacking & Security

Brit hacker admits he siphoned info from US military satellite network

16 Červen, 2017 - 13:42
LinuxSecurity.com: A UK-based computer hacker has admitted stealing hundreds of usernames and email addresses from a US military communications system.
Kategorie: Hacking & Security

CIA has been hacking into Wi-Fi routers for years, leaked documents show

16 Červen, 2017 - 13:40
LinuxSecurity.com: Leaked secret documents have revealed that the CIA has been targeting and compromising home, office, and public wireless routers for years in an effort to carry out clandestine surveillance.
Kategorie: Hacking & Security

Cybersecurity labor crunch to hit 3.5 million unfilled jobs by 2021

15 Červen, 2017 - 13:05
LinuxSecurity.com: A new report out from Cybersecurity Ventures estimates there will be 3.5 million unfilled cybersecurity jobs by 2021, up from 1 million openings last year. Employment figures from the U.S. and India highlight the cybersecurity labor crisis.
Kategorie: Hacking & Security

Buggy devices and lazy operators make VoLTE a security nightmare

15 Červen, 2017 - 12:50
LinuxSecurity.com: Voice over LTE leaks like a sieve, because nobody's paying attention to the details. That's the conclusion in a paper (PDF) presented to the Symposium on Information and Communications Technology Security in Rennes, France last week.
Kategorie: Hacking & Security

Parrot Security OS Devs Mock systemd: It's an Immature Init System for GNU/Linux

15 Červen, 2017 - 12:43
LinuxSecurity.com: We reported last week that the developers of the Parrot Security OS ethical hacking and penetration testing GNU/Linux distribution are evaluating a possible migration of their operating system from Debian GNU/Linux to Devuan GNU/Linux.
Kategorie: Hacking & Security

The 15 worst data security breaches of the 21st Century

14 Červen, 2017 - 12:09
LinuxSecurity.com: Data security breaches happen daily, in too many places at once to keep count. But what constitutes a huge breach versus a small one? CSO compiled a list of 15 of the biggest or most significant breaches of the 21st century.
Kategorie: Hacking & Security

DevSecOps is Not a Security Panacea

14 Červen, 2017 - 12:04
LinuxSecurity.com: Many development teams view security as an impediment to agility and innovation, but efforts over the past few years have tried to integrate security controls and testing directly into DevOps workflows without sacrificing development speed and deployment flexibility.
Kategorie: Hacking & Security

BlackArch Linux Ethical Hacking and Pen Testing OS Now Offers over 1,800 Tools

14 Červen, 2017 - 11:59
LinuxSecurity.com: The developers of the BlackArch Linux operating system for ethical hacking and penetration testing purposes have released today a new ISO snapshot that includes many updated components, new ones, and the latest GNU/Linux technologies.
Kategorie: Hacking & Security