Loading...

WordPress promises patch for zero-day “within hours”

LinuxSecurity.com: Shortly after this article was posted, WordPress released version 4.2.1, flagging it as a critical update. Website owners are encouraged to update immediately, and automatic updates have started to roll out. More information is here.

Share

Details on WordPress Zero Day Disclosed

LinuxSecurity.com: WordPress security issues have for the most part involved a vulnerable plug-in, but a Finnish researcher has disclosed some details on a zero-day vulnerability he discovered in the WordPress 4.2 and earlier core engine that could lea…

Share

Google Provides Detailed Analysis of GitHub Attack Traffic

LinuxSecurity.com: The high-profile DDoS attack against GitHub that went on for several days last month was the end result of an operation that included several phases and extensive testing and optimization by the attackers. Researchers at Google analy…

Share

The Further Democratization of Stingray

LinuxSecurity.com: Stingray is the code name for an IMSI-catcher, which is basically a fake cell phone tower sold by Harris Corporation to various law enforcement agencies. (It’s actually just one of a series of devices with fish names — Amberjack is …

Share

Hacking Airplanes

LinuxSecurity.com: Imagine this: A terrorist hacks into a commercial airplane from the ground, takes over the controls from the pilots and flies the plane into the ground. It sounds like the plot of some “Die Hard” reboot, but it’s actually one of the …

Share

House Passes Cybersecurity Bill Despite Privacy Protests

LinuxSecurity.com: Congress is hellbent on passing a cybersecurity bill that can stop the wave of hacker breaches hitting American corporations. And they’re not letting the protests of a few dozen privacy and civil liberties organizations get in their …

Share

6 Most Dangerous New Attack Techniques in 2015

LinuxSecurity.com: Experts with the SANS Institute convened at RSA Conference for their annual threats panel, this time dishing on the six most dangerous new attack techniques. Led by SANS Director John Pescatore, the panel featured Ed Skoudis, SANS fa…

Share

Wi-Fi client vulnerability could expose Android, Linux, BSD, other systems to attacks

LinuxSecurity.com: A serious flaw in a component that’s used to authenticate clients on Wi-Fi networks could expose Android, Linux, BSD, and possibly Windows and Mac OS X systems to attacks. The vulnerability is in wpa_supplicant, an open-source softw…

Share

RSAC 2015: RSA Conference (Day 3)

LinuxSecurity.com: For me – today is part two of running the gauntlet with back-to-back meetings; for everyone else today is day three, easily described as the show’s apex. In other words, there’s a lot going on today at the conference, so we’ll start …

Share

WordPress 4.1.2 Fixes Critical XSS Flaw

LinuxSecurity.com: The maintainers of WordPress announced a new version for the blogging platform, which is considered a critical security release that addresses a highly important cross-site scripting (XSS) vulnerability.

Share

Return of the Mac

In a previous article, I talked about vim macro basics. In that
article, I described how to record a custom macro, assign it to a key and then
use it to make automated edits to a BIND zone. I also teased that I
would cover more advanced uses of macros, like nested macros, in a future
issue. more>>

Share

More eBPF Improvements Heading To Linux 4.1

With the in-development Linux 4.1 kernel one of the new features is for eBPF programs to attach to Kprobes but now there’s more eBPF work headed for this next major kernel version…
Read more at Phoronix

Share