Language Selection

English French German Italian Portuguese Spanish

Security

SquirrelMail open source project's web server hacked

Filed under
Security
Web

h-online.com: It has just become apparent that, on June 16, attackers hacked into the web server of the SquirrelMail open source project. The operators have suspended all accounts and reset all crucial passwords.

Stop illegal Steganography

Filed under
Security

Some of the more nefarious Steganography tactics include hiding information for illegal reasons. Learn whats at stake and how to detect and thwart Steganography techniques and blunt its effectiveness.

SELinux vs AppArmor vs Grsecurity

Filed under
Linux
Security
HowTos

cyberciti.biz: Linux kernel is the central component of Linux operating systems. It is responsible for managing the system's resources, the communication between hardware and software and security. Unfortunately, stock kernel is not secured out of box. There are some important Linux kernel patches to secure your box. They differ significantly.

Evolution vs sha256, or why my new key is useless

Filed under
Software
Security

ubuntu-nl.org/dennis: There’s one problem though: even when you generate a new gpg key that supports better hashing, your applications will still need to support the better hashing for it to be effective.

They Came a Knockin and Webmin Let Them In

Filed under
Software
Security

thelinuxlink.net: Today was a sad day. I found out my streaming mirror/microblog server had been cracked. They exploited webmin and set up shop. Alas, there is no one to blame but myself. This is how I believe it went down.

10 Steps for Basic Linux Desktop Security

Filed under
Linux
Security
HowTos

linuxsysconfig.com: I agree that Linux is less vulnerable than Windows, but that doesn’t make it immune to attackers. It’s not always about security flaws, buffer overflows or denial of service attacks. I came up with a list of 10 basic rules that should reduce the security risk.

Do you need to worry about the new /dev/mem rootkit problem?

Filed under
Security

blog.ibeentoubuntu.com: A new paper was presented in late March about using /dev/mem to inject and hide a rootkit (PDF), and the method has been getting some press, leading to a little concern.

Synchronizing UNIX files with optimized security

Filed under
Security

This article covers cp, tar, and rsync, that can aid with the security of the synchronization of UNIX files

How To Chroot Apache 2 Web Server Under Red Hat / CentOS Linux

Filed under
Linux
Software
Security

A chroot on Red Hat / CentOS / Fedora Linux operating changes the apparent disk root directory for the Apache process and its children. Once this is done attacker or other php / perl / python scripts cannot access or name files outside that directory. This is called a "chroot jail" for Apache. You should never ever run a web server without jail. There should be privilege separation between web server and rest of the system.

Newly Discovered Kernel Vulnerabilities Affect All Ubuntu Users

Filed under
Security

news.softpedia.com: Yesterday, November 27th, the Ubuntu developers discovered yet another security issue (actually, more than one) in the Linux kernel packages. These vulnerabilities affect the following Ubuntu distributions: 6.06 LTS, 7.10, 8.04 LTS and 8.10 (also applies to Kubuntu, Edubuntu and Xubuntu).

Syndicate content

More in Tux Machines

Tiny $26 WiFi-ready IoT SBC runs OpenWRT Linux

Smart Electronics is prepping a tiny $26 open-source “Black Swift” SBC that runs OpenWRT on an Atheros AR9331 and offers WiFi, dual micro-USB, and header I/O. The Black Swift, which is set to launch on Kickstarter on Jan. 27, comes from Russian firm Smart Electronics LLC, the new name for Virt2real Ltd. This is the same company that brought us the Linux-based Virt2real WiFi controller board and robotic “Bond Car,” which is controlled by the board. Read more

Dell updates Linux-powered Developer Edition portables with M3800 monster

This morning, Dell has announced that their Developer Edition line of Linux-powered laptops is getting a pretty significant revamp. In addition to an upgraded XPS-13 Developer Edition based on Dell’s 2015 XPS-13 refresh, the line is adding a piece of workstation-class hardware: the Dell Precision M3800 mobile workstation, Developer Edition. Read more

China-Based Android Developer APUS Lands $100M For New Services And Global Focus

APUS Group, a seven-month-old Chinese company that develops Android utility apps for the global market, has confirmed that it has raised $100 million in new funding. The company’s Series B round, word of which got out in China earlier this month, will be used to develop new services and grow its reach in global markets like the U.S., Brazil, India and Russia. The round was led by Chengwei Capital, SIG and Qiming Venture Partners, with participation from existing investors Redpoint Ventures and Northern Light Venture. This new funding takes APUS — which is not yet monetizing its services — to $116 million in venture money so far. Read more