Security Leftovers
-
Tuesday's security advisories
-
Best practice - Don't serve writeable PHP files
I deal with compromises often enough of PHP-based websites that I wish to improve hardening.
One obvious way to improve things is to not serve PHP files which are writeable by the webserver-user. This would ensure that things like wp-content/uploads didn't get served as PHP if a compromise wrote valid PHP there.
-
New Cross-Platform Backdoors Go From Linux to Windows
Kaspersky Lab has once again found a nasty little piece of malware that started out in Linux and made the jump to Windows. These cross-platform backdoors spy on the user and are by no means the first backdoor virus of this kind.
-
Obama’s $6bn Security Firewall EINSTEIN Is Not Good Enough To Protect The US Government
The U.S. Department of Homeland Security (DHS) has spent about $6 billion on a firewall named EINSTEIN intrusion detection system. Officially known as the National Cybersecurity Protection System, the firewall is being developed with an intention to protect the U.S. government agencies against the malicious cyber attacks.
-
Another Serious Bug Hits OpenSSL, But this Time, It's No Heartbleed
OpenSSL, the open source encryption toolkit that made headlines in 2014 for the Heartbleed security bug, has been hit by another serious vulnerability. This time, however, the real-world damage seems minimal.
The project disclosed the bug, which results from a new method for generating numbers used for key exchanges, on Jan. 28. It assigned the bug a high severity level, presumably since the flaw could be exploited in order to decrypt data that is encrypted using OpenSSL, the protocol widely used for encrypting information transmitted to and from HTTPS-protected websites.
- Login or register to post comments
- Printer-friendly version
- 1085 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago