News Category: Security

New Strain of Linux Malware Could Get Serious

A new strain of malware targeting Linux systems, dubbed "Linux/Shishiga," could morph into a dangerous security threat. Eset on Tuesday disclosed the threat, which represents a new Lua family unrelated to previously seen LuaBot malware. Linux/Shishiga uses four different protocols -- SSH, Telnet,...
Read 0 Comments

workstation-security.jpg

Backup and storage
Safe and reliable backups are a must for all system administrators. Here are some guidelines to consider for your own peace of mind.

How to Safely and Securely Back Up Your Linux Workstation

Even seasoned system administrators can overlook Linux workstation backups or do them in a haphazard, unsafe manner. At a minimum, you should set up encrypted workstation backups to external storage. But it’s also nice to use zero-knowledge backup tools for off-site/cloud backups for more peace...
Read 0 Comments

Google Zero-Trust Security Framework Goes Beyond Passwords

With a sprawling workforce, a wide range of devices running on multiple platforms, and a growing reliance on cloud infrastructure and applications, the idea of the corporate network as the castle and security defenses as walls and moats protecting the perimeter doesn’t really work anymore. Which is...
Read 0 Comments

The Story of Getting SSH Port 22

The SSH (Secure Shell) port is 22. It is not a co-incidence. This is a story I (Tatu Ylonen) haven't told before. I wrote the initial version of SSH in Spring 1995. It was a time when telnet and FTP were widely used. Anyway, I designed SSH to replace both telnet (port 23) and ftp (port 21). Port 22...
Read 0 Comments

Protect Your Management Interfaces

When it comes to architecture design, one area that is often not given due consideration is the protection of the management interfaces used by administrators or operators to configure their infrastructure. These are the interfaces used to perform privileged actions on systems, and as such they're...
Read 0 Comments

How to Manage the Computer Security Threat

It is tempting to believe that the security problem can be solved with yet more technical wizardry and a call for heightened vigilance. And it is certainly true that many firms still fail to take security seriously enough. That requires a kind of cultivated paranoia which does not come naturally to...
Read 0 Comments

apachecon-fortress.jpg

ApacheCon
Shawn McKinney, Software Architect at Symas Corporation, will present “The Anatomy of a Secure Web Application Using Java EE, Spring Security, and Apache Fortress” at ApacheCon in May.

Secure Web Apps with JavaEE and Apache Fortress

ApacheCon is just a couple weeks away -- coming up May 16-18 in Miami. We asked Shawn McKinney, Software Architect at Symas Corporation,  to share some details about his talk at ApacheCon. His presentation, “The Anatomy of a Secure Web Application Using Java EE, Spring Security, and Apache Fortress...
Read 2 Comments

9 Superheroes for Crack Security Teams

Every great computer security team has a synergistic collection of skilled professionals who work well together to meet common goals. The team may debate a solution, but once a decision is made, everyone works hard to execute with no hard feelings. Good teams expect constant change and disruption....
Read 0 Comments

Why You Shouldn't Use ENV Variables for Secret Data

The twelve-factor app manifesto recommends that you pass application configs as ENV variables. However, if your application requires a password, SSH private key, TLS Certificate, or any other kind of sensitive data, you shouldn't pass it alongside your configs. When you store your secret keys in an...
Read 0 Comments

DNS Record Will Help Prevent Unauthorized SSL Certificates

In a few months, publicly trusted certificate authorities will have to start honoring a special Domain Name System (DNS) record that allows domain owners to specify who is allowed to issue SSL certificates for their domains. The record allows a domain owner to list the CAs that are allowed to issue...
Read 0 Comments

Pages

Click Here!