Security and the Net

News and opinions about security, the internet and more

Entries Tagged ‘Security’

Another example of why you shouldn’t use the same password for every website

Most of us are aware that it’s not a very good idea to use the same password on multiple websites; there was a very good example of why this is such a bad practice. Users registered at the website of popular CMS Typo3 might have had their accounts compromised: As far as we could find [...]

Leave a Comment

In the UK, forgetting your encryption key might lead to jailtime

A ruling in the UK means that UK citizens can be forced to hand over their encryption keys to the police. But what happens if you can’t remember the correct key?

Leave a Comment

Rumor confirmed: both Fedora and Redhat servers hacked

Recent rumors were confirmed today by a post to the Fedora Infrastructure mailinglist: some of Fedora’s core servers were hacked.  One of the compromised Fedora servers was a system used for signing Fedora packages. However, based on our efforts, we have high confidence that the intruder was not able to capture the passphrase used to [...]

Leave a Comment

Core Fedora servers hacked?

According to a mailing list post on the 14th, there are infrastructure problems with the Fedora network, and users are advised not to download and/or install updates. ZDNet’s Zero Day blog suggests this might be security-related.  While I’d normally think this is just a rumor and leave it at that until more information is available, [...]

Leave a Comment

Free Nessus alternative

Ever since the source code for Nessus was pulled from the net, I’ve been looking for a good alternative, I believe I’ve finally stumbled upon a good successor: OpenVAS.  OpenVAS consists of three parts:   A server that holds a database of tests and performs these on command A client that requests scans and runs [...]

Leave a Comment

Dutch hacker arrested, botnet prices plummetting

A Dutch hacker was arrested today when he was trying to sell a botnet of about 100.000 PC’s. The real shocker? The real shock to me came from the price: according to the DA (translation), the botnet was to be sold for only 25.000 euro’s. That means the price of a rooted PC has fallen from [...]

Leave a Comment

New DNS exploit in active use

I’ve been meaning to write a short summary about the DNS vulnerability that’s been hot news for the past few weeks. While preparing that I stumbled upon this report about a new attack that is being used. It appears that this is subtly different than the attack that was released earlier: Moore said he and others [...]

Leave a Comment