Security Lessons: Signing Code Insecure updates are the rule, not the exceptionMay 31, 2013
Kurt looks at the practice of code signing and examines why so few upstream open source projects actually do it.more »
Stopping Drive-By Attacks Tools to prevent drive-by attacksMay 31, 2013
You won't find a perfect solution to the growing problem of drive-by attacks, but many tools are available to help you keep malicious code off your network.more »
Table of Contents: 152 What's inside the July 2013 issueMay 20, 2013
We look at SharePoint integration and show you how to manage Active Directory from Linux. But first, a special story on a dangerous new class of intrusion tools.more »
- US gov embraces open data
- Apache Cdorked.A exploit discovered
- News Bites
New Intel CEO
- FSF scolds W3C
- Torvalds releases Kernel 3.9
- Xen new LF collaboration project
- Debian 7.0“wheezy” debuts
- Windows XP most likely to be victim of attack.
Security Lessons – Ruby Tools Ruby, Rails, and Gems developer toolsApr 30, 2013
Great tools and resources are available to help you write secure Ruby on Rails code. Kurt examines some tools and offers some tips.more »
Security Lessons – XML Security It’s time to take XML out back and shoot itMar 15, 2013
XML security problems are numerous, but you can take steps to limit your exposure – or you can use a different standard.more »
Table of Contents: 150 What's inside the May 2013 issueMar 15, 2013
This month, Rasp Pi becomes a multimedia system, then we look at three great tools to create, manage, and monitor your virtual environments.more »
Kernel Rootkit Tricks The Spy WithinMar 11, 2013
Rootkits allow attackers to take complete control of a computer. We describe the tricks intruders use to gain access to the Linux kernel and provide guidelines on hardening the kernel against such attacks.more »
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.