(get it in RSS or Atom)

Monday review - the hot 24 stories of the week

Monday review

Missed anything last week? Catch up with everything we talked about with our weekly roundup.

Rudest man in Linuxdom rants about randomness - "We actually know what we are doing. You don't."


Yet more "NSA cracked my crypto" conspiracy, and this time, the rudest man in Linuxdom is in the thick of it!

Ubuntu users, relax: the gun-toting penguin says s/he means no harm

Ubuntu users, relax: the gun-toting penguin says s/he means no harm

Someone claiming to be behind the weekend's Ubuntu Forums gun-toting-penguin takeover has told users to "stop worrying about your passwords", it's just not worth the effort of unencrypting them.

Lifting the lid on the Redkit exploit kit

In the first of a two part series, Fraser Howard takes a closer look at the Redkit exploit kit.

Learn more about how this kit works and the compromised web servers that are being used to host it.

Anatomy of a bug - the five minute insecurity window in the sudo command

An authentication-related bug was patched recently in the Unix sudo command.

Ironically, the bug was more likely to affect those users who were more security-conscious.

Paul Ducklin explains...

FLAMING RETORT: Linux rootkit news "provides some comic relief"

About two weeks ago, a posting on the Full Disclosure Mailing List announced a new Linux rootkit.

Indeed, the posting didn't just announce the malware, but included a fully-working sample...

Sophos Techknow - All about Java


Java brings with it some significant risks, yet for many people, it's "just there on my computer."

In this episode, Duck and Chet tell you All about Java, and help you to make an informed decision in balancing its risks and rewards at work and at home.

Multi-platform backdoor malware targets Windows, Mac and Linux users

Multi-platform backdoor malware targets Windows, Mac and Linux users

A web-based malware attack has been discovered, targeting users of Windows, Mac and Linux.

Although the amount of malware written for different operating systems can vary, it's becoming increasingly hard to argue that it's safe to surf the web on any OS without anti-virus protection.

FLAMING RETORT: All this new Mac malware - whose fault is it?

FLAMING RETORT: It's all your fault!

Flaming Retort is back, this time trying to Coole and Explayne the flames we've had from some Mac users in the past few days.

In a back-to-front way of making Mac fans feel better, I'll start by making everyone feel slightly worse, taking a small potshot at Windows, OS X and Linux fans alike.

Welcome back, Linux kernel!

Welcome back, Linux kernel!

Just under a month ago, the official distribution site for the Linux kernel was taken offline following an embarrasing malware incident.

The good news is that is back online. It's not all roses, though.

Apple fakery, DNS hack, DigiNotar, Linux, Wikileaks - 60 Sec Security


Lots of readers said they'd like to see our 'news-with-a-conscience' videos more than once a month.

So here you go. 60 Second Security, once every two weeks.

Security breach: and Linux Foundation remain "temporarily unavailable"

Linux world in security spinout as Linux Foundation and remain "temporarily unavailable"

The Linux world is in a bit of a security spinout at the moment.

Could this be the moment that you finally decide to try OpenBSD?

IT security - what you must know in the mobile era

IT security - what you must know in the mobile era

Worried about the cloud? Data breaches? Mobile devices? Identity theft?

Join presenter James Kirby and experts Stephen Wilson, Charis Palmer and (ahem) me as we talk on the subject of IT security - what you must know in the mobile era.

Skype protocol cracked - what happens next?


A chap by the name of Efim Bushmanov has just published a claim that he has reverse-engineered the Skype protocol.

But how did he do it? And will the lawyers take it from here?

FLAMING RETORT: Cooling the friction when Linux meets anti-virus


Welcome to the first installment of a brand new Naked Security column, Flaming Retort!

This week, Sophos Voice of Reason Paul Ducklin soothes the friction which seems to warm things up whenever Linux meets anti-virus.

New variant of cross-platform Boonana malware discovered

Cross-platform malware attack strikes again

Mac user? Windows user? It doesn't really matter when it comes to cross-platform malware. A new version of the Boonana Trojan horse has been discovered.

VIDEO: Cross-platform malware runs on Windows, Mac and Linux


Watch a video of the Boonana malware as it infects on Windows, Mac and Ubuntu Linux via a malicious Java applet.

Cross-platform Boonana Trojan targets Facebook users

Cross-platform malware spreads via Facebook

The Boonana malware targets Mac OS X, Linux and Windows, and is being spread via Facebook. Don't think you're immune from attacks just because you don't run Windows..

PerlBot: A reason to run anti-virus on Linux?

PerlBot: A reason to run anti-virus on Linux?

This morning I noticed that SANS were talking about a Perl bot that has been reported on various Unix systems. I went looking for this file and noticed that a colleague had already updated the identity for Mal/PerlBot-A to detect Read more…

Linux Trojan rears its ugly head

UnrealIRCd logo

Next to OS X users, Linux users are the most arrogant in their perception that they are immune to malware infections. Unfortunately for them, this morning the administrators of had to post that their Unix/Linux source code had been Read more…