Subscribe: LinuxSecurity.com
http://www.linuxsecurity.com/linuxsecurity_hybrid.rdf
Added By: Feedage Forager Feedage Grade A rated
Language: English
Tags:
code execution  code  cve  fedora  linux  linuxsecurity  python  root  security update  security  sms  update linuxsecurity  update  vulnerabilities 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: LinuxSecurity.com

LinuxSecurity.com



The central voice for Linux and Open Source security news.



 



Stack Clash flaws blow local root holes in loads of top Linux programs

Thu, 22 Jun 2017 10:59:29 +0000

LinuxSecurity.com: Powerful programs run daily by users of Linux and other flavors of Unix are riddled with holes that can be exploited by logged-in miscreants to gain root privileges, researchers at Qualys have warned.



OpenVPN taken to task after audit ignores remote code execution flaws

Thu, 22 Jun 2017 10:47:43 +0000

LinuxSecurity.com: A researcher has revealed four dangerous bugs, among others, in OpenVPN which two recent audits of the virtual private network's code failed to find.



Honeypots and the Internet of Things

Wed, 21 Jun 2017 09:53:10 +0000

LinuxSecurity.com: There were a number of incidents in 2016 that triggered increased interest in the security of so-called IoT or 'smart' devices. They included, among others, the record-breaking DDoS attacks against the French hosting provider OVH and the US DNS provider Dyn. These attacks are known to have been launched with the help of a massive botnet made up of routers, IP cameras, printers and other devices.



Ztorg malware hid in Google Play to send premium-rate SMS texts, delete incoming SMS messages

Wed, 21 Jun 2017 09:44:00 +0000

LinuxSecurity.com: The Ztorg malware hid in apps on Google's Play Store to send premium-rate SMS texts and delete incoming SMS messages on Android devices.



Stack Clash vulnerabilities smash Linux defenses in the quest for root access

Tue, 20 Jun 2017 10:08:21 +0000

LinuxSecurity.com: Severe vulnerabilities have been discovered in popular Linux and Unix systems which can be used to blow apart barriers to root powers, researchers have discovered.



pyrasite - Inject Code Into Running Python Processes

Tue, 20 Jun 2017 10:06:48 +0000

LinuxSecurity.com: pyrasite is a Python-based toolkit to inject code into running Python processes.



Fedora 26: libffi Security Update

Thu, 22 Jun 2017 10:02:00 +0000

LinuxSecurity.com: Disable executable stack for aarch64 builds.



Fedora 26: c-ares Security Update

Thu, 22 Jun 2017 09:59:00 +0000

LinuxSecurity.com: CVE-2017-1000381: c-ares NAPTR parser out of bounds access



Fedora 26: glibc Security Update

Thu, 22 Jun 2017 09:59:00 +0000

LinuxSecurity.com: This update addresses CVE-2017-1000366, a vulnerability in the dynamic linker allowing local privilege escalation.



Fedora 26: chromium Security Update

Thu, 22 Jun 2017 09:53:00 +0000

LinuxSecurity.com: Update to .104. Fix mp3 playback. Security fix for CVE-2017-5087, CVE-2017-5088, CVE-2017-5089



Fedora 26: love Security Update

Thu, 22 Jun 2017 09:51:00 +0000

LinuxSecurity.com: Rebuild for new luajit



Debian: DSA-3893-1: jython security update

Thu, 22 Jun 2017 08:45:00 +0000

LinuxSecurity.com: Alvaro Munoz and Christian Schneider discovered that jython, an implementation of the Python language seamlessly integrated with Java, is prone to arbitrary code execution triggered when sending a serialized function to the deserializer.



Social Engineering Methods for Penetration Testing

Fri, 21 Oct 2016 10:18:59 +0000

LinuxSecurity.com: Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.



Putting Infosec Principles into Practice

Fri, 23 Sep 2016 10:53:29 +0000

LinuxSecurity.com: When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.