Loading...

Category: LinuxSecurity

Freelance hacking site vows to clean up dodgy listings

LinuxSecurity.com: Charles Tendell is trying to repair a reputation problem for his website, Hacker’s List. The site debuted in November and quickly drew high-profile attention, including a front-page story in the New York Times. It’s an online market…

Share

Google Reveals the Problem With Password Security Questions

LinuxSecurity.com: Using one guess, an attacker has a 19.7 percent chance of guessing an English speaking user loves pizza, according to Google’s findings, which looked at hundreds of millions of questions and answers for account recovery claims.

Share

How I Got Here: Marcus Ranum

LinuxSecurity.com: Dennis Fisher talks with security pioneer Marcus Ranum about writing an early Internet firewall at DEC, the security gold-rush era of the 1990s and early 2000s, why he never patented most of the ideas he has come up with and how he f…

Share

eNom discloses DNS attack to customers

LinuxSecurity.com: On Thursday, Taryn Naidu, the CEO of domain registrar eNom, sent a letter to customers disclosing a “very sophisticated attack” that targeted the DNS settings on four domains.

Share

Tech companies ask Senate to pass NSA reform bill

LinuxSecurity.com: Reform Government Surveillance, an organization that represents large technology companies like Google, Apple and Microsoft, on Tuesday pressed the U.S. Senate not to delay reform of National Security Agency surveillance by extending…

Share

DDoS reflection attacks are back – and this time, it’s personal

LinuxSecurity.com: At the start of 2014, attackers’ favorite distributed denial of service attack strategy was to send messages to misconfigured servers with a spoofed return address – the servers would keep trying to reply to those messages, allowing …

Share

Top security tools in the fight against cybercrime

LinuxSecurity.com: Cybercrime is a massive global threat, and U.S. businesses are the No.1 target. For tips and advice about how best to defend against cyberattacks, Network World asked security pros to name their No.1, most valuable security tool.

Share

Researchers, IEEE Release Medical Device Security Guidelines

LinuxSecurity.com: A collection of research scientists, with help from the IEEE Cybersecurity Initiative, have released a new set of guidelines for developers to take into account to ensure security figures into how medical devices are coded.

Share

High-level, state-sponsored Naikon hackers exposed

LinuxSecurity.com: The activities of yet another long-running apparently state-sponsored hacking crew have finally been exposed. The Naikon cyber-espionage group has been targeting government, military and civil organisations around the South China Se…

Share

The Untold Story of Silk Road Part, Part 1

LinuxSecurity.com: The fact was, Green wasn’t just your average Mormon grandpa. Over the past few months he had been handling customer service for the massive online enterprise called Silk Road. It was like a clandestine eBay, a digital marketplace for…

Share

10 Security Questions To Ask A Cloud Service Provider

LinuxSecurity.com: As security teams try to help line-of-business users and other IT practitioners take advantage of cloud benefits as safely as possible, they’re increasingly stepping into the role of trusted advisor. The scalability, flexibility, and…

Share

Dan Kaminsky on VENOM

LinuxSecurity.com: Dennis Fisher talks with Dan Kaminsky about the VENOM bug, the value of virtual machine escapes, why everyone wants to make every bug the worst one of all time or just a bunch of hype and what the Avengers have to do with vulnerabil…

Share

Tor Cloud Shut Down Amid Lack of Support

LinuxSecurity.com: The Tor Project has shuttered its cloud proxy service citing security vulnerabilities, usability bugs and a lack of resources. Tor offers its users the capacity to surf the Web anonymously, bouncing traffic through a series of relay…

Share

Amateurs Produce Amateur Cryptography

LinuxSecurity.com: Anyone can design a cipher that he himself cannot break. This is why you should uniformly distrust amateur cryptography, and why you should only use published algorithms that have withstood broad cryptanalysis. All cryptographers kno…

Share