Subscribe: LinuxSecurity.com
http://www.linuxsecurity.com/static-content/linuxsecurity_hybrid.rss
Preview: LinuxSecurity.com

LinuxSecurity.com



The central voice for Linux and Open Source security news.



 



Linus Torvalds: 'I don't trust security people to do sane things'

Mon, 20 Nov 2017 10:48:42 +0000

LinuxSecurity.com: Linus Torvalds has offered his thoughts on Linux security approaches, branding some security professionals as "f*cking morons" for focusing on process-killing rather than debugging.



White House Releases New Charter for Using, Disclosing Security Vulnerabilities

Mon, 20 Nov 2017 10:47:38 +0000

LinuxSecurity.com: Updated Vulnerability Equities Process provides transparency into how government will handle new vulnerabilities that it discovers in vendor products and services.



Captain Crunch aka John Draper banned from DefCon for sexual misconduct

Mon, 20 Nov 2017 10:46:22 +0000

LinuxSecurity.com: Due to accusations of sexual misconduct, legendary hacker John Draper, aka Captain Crunch, has been banned from attending several hacker conferences.



DNS resolver 9.9.9.9 will check requests against IBM threat database

Mon, 20 Nov 2017 10:44:36 +0000

LinuxSecurity.com: The Global Cyber Alliance has given the world a new free Domain Name Service resolver, and advanced it as offering unusually strong security and privacy features.



Let's enable AppArmor by default (why not?)

Sun, 19 Nov 2017 10:09:40 +0000

LinuxSecurity.com: Done ⇒ AppArmor is now enabled by default in sid. Let the experiment begin!



DJI bug bounty NDA is 'not signable', say irate infosec researchers

Fri, 17 Nov 2017 10:12:26 +0000

LinuxSecurity.com: Chinese drone maker DJI faces questions from infosec researchers about its bug bounty programme. Sources have told The Register that a non-disclosure agreement (NDA) they were invited to sign would result in the company "owning their actions".



Fedora 25: python-copr Security Update

Wed, 22 Nov 2017 05:09:00 +0000

LinuxSecurity.com: Change default COPR URL route from http://copr.fedoraproject.org to https://copr.fedorainfracloud.org



Fedora 25: perl-Net-Ping-External Security Update

Wed, 22 Nov 2017 05:09:00 +0000

LinuxSecurity.com: Fixes a command injection vulnerability (CVE-2008-7319)



Fedora 25: thunderbird Security Update

Wed, 22 Nov 2017 05:09:00 +0000

LinuxSecurity.com: For changes see: https://www.mozilla.org/en-US/thunderbird/52.4.0/releasenotes/



Fedora 25: memcached Security Update

Wed, 22 Nov 2017 05:09:00 +0000

LinuxSecurity.com: Update to 1.4.39, which includes a security fix for CVE-2017-9951



Fedora 25: python-XStatic-jquery-ui Security Update

Wed, 22 Nov 2017 05:09:00 +0000

LinuxSecurity.com: Security fix for `CVE-2016-7103 `



Fedora 26: compat-openssl10 Security Update

Wed, 22 Nov 2017 02:35:00 +0000

LinuxSecurity.com: Minor update release 1.0.2m from upstream.



Social Engineering Methods for Penetration Testing

Fri, 21 Oct 2016 10:18:59 +0000

LinuxSecurity.com: Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.



Putting Infosec Principles into Practice

Fri, 23 Sep 2016 10:53:29 +0000

LinuxSecurity.com: When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.