LinuxSecurity.com

Syndikovat obsah
The central voice for Linux and Open Source security news.
Aktualizace: 1 min 43 sek zpět

Report Shows Ransomware is the New Normal

2 Duben, 2018 - 20:21
LinuxSecurity.com: A new report says that ransomware attacks are the new normal for IT and for the most part, attacks are coming from criminals in the same country as the victim. There are many more numbers to chew on in the report, but the sheer enormity of the problem may be the most surprising result.
Kategorie: Hacking & Security

Football team pays $2.5 million to criminals in transfer fee scam

2 Duben, 2018 - 20:16
LinuxSecurity.com: Italian football team Lazio paid $2.5 million for Dutch player Stefan de Vrij to the wrong bank account, after being convinced to switch account numbers by an email scammer. Business email compromise is becoming increasingly common. In addition to sending out phishing emails from compromised accounts, crooks can view email history, copy invoices and documents, and delete incoming emails that could reveal the scam.
Kategorie: Hacking & Security

Deconstructing a Business Email Compromise Attack

2 Duben, 2018 - 20:10
LinuxSecurity.com: Phishing attacks are becoming more prevalent and harder to detect. Scammers are developing highly sophisticated methods to target both businesses and individuals. If undetected, these attacks can have devastating results.
Kategorie: Hacking & Security

150 million MyFitnessPal accounts compromised - here's what to do

2 Duben, 2018 - 17:22
LinuxSecurity.com: MyfitnessPal has been hacked! Because email addresses were among the information stolen, criminals have been able to send MyfitnessPal spear phishing emails for the past month. These spear phishing attacks are especially dangerous because stolen personal information that users had logged in the app can be used to make phishing emails very convincing and difficult to detect.
Kategorie: Hacking & Security

A New Backdoor Around the Fourth Amendment: The CLOUD Act

2 Duben, 2018 - 14:57
LinuxSecurity.com: There's a new, proposed backdoor to our data, which would bypass our Fourth Amendment protections to communications privacy. It is built into a dangerous bill called the CLOUD Act, which would allow police at home and abroad to seize cross-border data without following the privacy rules where the data is stored.
Kategorie: Hacking & Security

Saks, Lord & Taylor hacked; 5 million payment cards compromised

2 Duben, 2018 - 14:43
LinuxSecurity.com: Hackers made off with a whopping five million credit and debit card numbers from Saks Fifth Avenue, Saks Off 5th and Lord & Taylor, placing it "among the most significant credit card heists in modern history."
Kategorie: Hacking & Security

Beyond Implementation: Policy Considerations for Secure Messengers

2 Duben, 2018 - 13:02
LinuxSecurity.com: One of EFF's strengths is that we bring together technologists, lawyers, activists, and policy wonks. And we've been around long enough to know that while good technology is necessary for success, it is rarely sufficient. Good policy and people who will adhere to it are also crucial.
Kategorie: Hacking & Security

Purism Librem 13: A Security-Focused Powerhouse of a Linux Laptop

30 Březen, 2018 - 11:35
LinuxSecurity.com: he company in question is Purism. Does the name sound familiar? It should. This is the same company behind the Librem 5 phone, a mobile device that promises to bring Linux to mobility, on a level that might lend a modicum of relevancy to Linux in the smartphone landscape (and not just as a kernel on the world's most popular platform).
Kategorie: Hacking & Security

How to configure multiple websites with Apache web server

30 Březen, 2018 - 11:31
LinuxSecurity.com: In my last post, I explained how to configure an Apache web server for a single website. It turned out to be very easy. In this post, I will show you how to serve multiple websites using a single instance of Apache.
Kategorie: Hacking & Security

Lizard Squad member jailed after offering DDoS-for-hire attack service

29 Březen, 2018 - 14:00
LinuxSecurity.com: "Hacker-for-hire" service launched distributed denial-of-service (DDoS) attacks against websites and phone-bombed its victims.
Kategorie: Hacking & Security

Update Drupal ASAP: Over a million sites can be easily hacked by any visitor

29 Březen, 2018 - 13:50
LinuxSecurity.com: Developers of popular open-source CMS Drupal are warning admins to immediately patch a flaw that an attacker can exploit just by visiting a vulnerable site.
Kategorie: Hacking & Security

Cisco critical flaw: At least 8.5 million switches open to attack, so patch now

29 Březen, 2018 - 13:48
LinuxSecurity.com: Cisco has released patches for 34 vulnerabilities mostly affecting its IOS and IOS XE networking software, including three critical remote code execution security bugs. Perhaps the most serious issue Cisco has released a patch for is critical bug CVE-2018-0171 affecting Smart Install, a Cisco client for quickly deploying new switches for Cisco IOS Software and Cisco IOS XE Software.
Kategorie: Hacking & Security

GoScanSSH Malware Targets Linux Servers

28 Březen, 2018 - 17:35
LinuxSecurity.com: A recently discovered malware family written using the Golang (Go) programming language is targeting Linux servers and using a different binary for each attack, Talos warns.
Kategorie: Hacking & Security

Cyberattack disrupted Baltimore emergency responders

28 Březen, 2018 - 14:36
LinuxSecurity.com: There appears to be no honor among thieves. Threat actors have been cashing in on hacking and cyberattacks for years. Pillaging bank accounts, stealing identities, selling access to botnets to disrupt websites -- the possibilities are endless.
Kategorie: Hacking & Security

As predicted, more branch prediction processor attacks are discovered

27 Březen, 2018 - 10:33
LinuxSecurity.com: Researchers from the College of William and Mary, Carnegie Mellon, the University of California Riverside, and Binghamton University have described a security attack that uses the speculative execution features of modern processors to leak sensitive information and undermine the security boundaries that operating systems and software erect to protect important data.
Kategorie: Hacking & Security

Craigslist personals, some subreddits yanked after passage of FOSTA

26 Březen, 2018 - 12:46
LinuxSecurity.com: Craigslist shut down its personals section on Friday in response to the passage of H.R. 1865, the Fight Online Sex Trafficking Act (FOSTA) bill, in both houses of Congress on Wednesday.
Kategorie: Hacking & Security

Thousands of etcd installs are leaking secret server keys online

26 Březen, 2018 - 12:44
LinuxSecurity.com: Thousands of servers running etcd are exposing user credentials publicly on the Internet. According to security researcher Giovanni Collazo, a quick query made through the Shodan search engine revealed a total of 2,284 etcd servers which are leaking credentials, including the passwords and keys required for cms_admin, mysql_root, and postgres server infrastructure.
Kategorie: Hacking & Security

Snooping on HTTPS is about to get harder: TLS 1.3 internet encryption wins approval

26 Březen, 2018 - 12:17
LinuxSecurity.com: The Internet Engineering Task Force (IETF) has approved version 1.3 of the Transport Layer Security (TLS), the key protocol that enables HTTPS on the web.
Kategorie: Hacking & Security