Wed, 22 Feb 2017 11:45:50 +0000LinuxSecurity.com: Someone calling themselves "Pro_Mast3r" managed to deface a server associated with President Donald Trump's presidential campaign fundraising on Sunday, The server, secure2.donaldjtrump.com, is behind Cloudflare's content management and security platform, and does not appear to be directly linked from the Trump Pence campaign's home page.
Wed, 22 Feb 2017 11:36:07 +0000LinuxSecurity.com: The Java and Python runtimes fail to properly validate FTP URLs, which can potentially allow attackers to punch holes through firewalls to access local networks.
Wed, 22 Feb 2017 11:34:18 +0000LinuxSecurity.com: Open source is a wonderful thing. A significant chunk of today's enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, that's changing.
Wed, 22 Feb 2017 11:32:10 +0000LinuxSecurity.com: One of the world's oldest programming styles, the ladder logic that runs on industrial programmable logic controllers, remains dangerously vulnerable to attack, according to boffins from Singapore and India.
Tue, 21 Feb 2017 12:32:59 +0000LinuxSecurity.com: Eugene Kaspersky, CEO of Kaspersky Lab, says its new KasperskyOS for securing industrial IoT devices does not contain "even the slightest smell of Linux", differentiating it from many other IoT products that have the open-source OS at the core.
Tue, 21 Feb 2017 12:31:56 +0000LinuxSecurity.com: It isn't a buzzphrase on par with "artificial intelligence" yet, but intent-based security has been gathering steam, as evidenced at this week's RSA Conference.
Wed, 22 Feb 2017 11:22:00 +0000LinuxSecurity.com: Security Report Summary
Wed, 22 Feb 2017 11:16:00 +0000LinuxSecurity.com: Security Report Summary
Wed, 22 Feb 2017 06:25:00 +0000LinuxSecurity.com: Ruby Archive::Tar::Minitar is vulnerable to a directory traversal attack.
Wed, 22 Feb 2017 06:20:00 +0000LinuxSecurity.com: Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which may allow execution of arbitrary code.
Wed, 22 Feb 2017 03:16:00 +0000LinuxSecurity.com: Several security issues were fixed in the kernel.
Wed, 22 Feb 2017 03:08:00 +0000LinuxSecurity.com: Several security issues were fixed in the kernel.
Fri, 21 Oct 2016 10:18:59 +0000LinuxSecurity.com: Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.
Fri, 23 Sep 2016 10:53:29 +0000LinuxSecurity.com: When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.