Subscribe: - Latest News
Preview: - Latest News - Latest News

The central voice for Linux and Open Source security news.


Democracy-minded DEF CON hackers promise punishing probe on US election computers

Fri, 26 May 2017 08:44:19 +0000 Organizers at the DEF CON hacking conference in July are planning a mass cracking of US electronic election machines. The event, which for over 20 years has attracted the best and the brightest in the hacking community, will see a group hackathon against the voting machines that are used in every US election these days. The purpose is to check whether the machinery that underpins the electoral system is up to scratch.

Samba exploit - not quite WannaCry for Linux, but patch anyway!

Fri, 26 May 2017 08:36:29 +0000 Samba is an open source project that is widely used on Linux and Unix computers so they can work with Windows file and print services. Samba can work as a client that lets you connect to Windows servers, and as a server that can accept connections from Windows clients.

A wormable code-execution bug has lurked in Samba for 7 years. Patch now!

Thu, 25 May 2017 10:10:26 +0000 Maintainers of the Samba networking utility just patched a critical code-execution vulnerability that could pose a severe threat to users until the fix is widely installed. The seven-year-old flaw, indexed as CVE-2017-7494, can be reliably exploited with just one line of code to execute malicious code, as long as a few conditions are met.

4 Reasons the Vulnerability Disclosure Process Stalls

Wed, 24 May 2017 10:17:20 +0000 The relationship between a manufacturer or vendor and security researchers can be filled with tension and unease, and it's most often put to the test during the vulnerability disclosure process. Although their intentions are pure, researchers often feel they are being shut out of the process, while vendors may see disclosure deadlines as a threat from researchers looking to produce headlines.

Sn1per - Penetration Testing Automation Scanner

Tue, 23 May 2017 10:45:07 +0000 Sn1per is a penetration testing automation scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.

Hackers Unlock Samsung Galaxy S8 With Fake Iris

Tue, 23 May 2017 10:40:57 +0000 Biometric locks for phones are just getting more and more elaborate. Not content with fingerprints, some devices now offer facial recognition tech for accessing a device, and in the Samsung Galaxy S8's case, an iris scanner too.

Yahoo retires ImageMagick library after 18-byte exploit leaks user email content

Mon, 22 May 2017 11:00:17 +0000 Yahoo has decided to retire the use of the ImageMagick library following a researcher's disclosure of a simple way to break the system to cause email information leaks.

Proposed PATCH Act forces US snoops to quit hoarding code exploits

Fri, 19 May 2017 10:00:08 +0000 Two US senators have proposed a law limiting American intelligence agencies' secret stockpiles of vulnerabilities found in products.

Twitter abandons 'Do Not Track' privacy protection

Fri, 19 May 2017 09:54:55 +0000 Twitter was one of the first companies to support Do Not Track (DNT), the website privacy policy. Now, Twitter is abandoning DNT and its mission to protect people from being tracked as they wander over the web.

Good news, OpenVPN fans: Your software's only a little bit buggy

Thu, 18 May 2017 11:24:37 +0000 The venerable OpenVPN client has been given a mostly clean bill of health. Between December and February, a team led by Johns Hopkins University crypto-boffin Dr Matthew Green has been auditing OpenVPN 2.4's code.

Will Linux protect you from ransomware attacks?

Thu, 18 May 2017 11:23:10 +0000 Ransomware attacks are all the rage these days among hackers, and many people are worried about becoming victims. Are Linux users secure against such attacks?

The Ransomware Meltdown Experts Warned About Is Here

Tue, 16 May 2017 11:20:01 +0000 A new strain of ransomware has spread quickly all over the world, causing crises in National Health Service hospitals and facilities around England, and gaining particular traction in Spain, where it has hobbled the large telecom company Telefonica, the natural gas company Gas Natural, and the electrical company Iberdrola.