Linux News | Breaking Cybersecurity News | The Hacker News

As expected, Canonical has released a third alpha for Ubuntu 11.04, code named "Natty Narwhal". This development milestone is the last of three planned alpha releases, which will be followed by two betas – as previously previously reported, there will be no release candidate for Ubuntu 11.04. Natty Narwhal Alpha 3 is based on the 2.6.38-rc2 Linux kernel and features indicator improvements, as well a new look for the Unity Dash and a resize function. Ubuntu 11.04 sees Unity, as the distribution's new default desktop developed in-house by the Ubuntu developers, replacing the GNOME Shell and, as previously announced, the replacement of Oracle's open source OpenOffice.org office suite with the LibreOffice community fork. Package updates in the development preview include version 3.3.1 of LibreOffice, Firefox 4.0 Beta 12, version 2.13 of the Transmission BitTorrent client and Upstart 0.9.0 – version 1.0 of Upstart was released on 2 March. Other changes include updates

GnackTrackR6 Released , available for Download ! GnackTrack is a Live (and installable) Linux distribution designed for Penetration Testing and is based on Ubuntu. Although this sounds like BackTrack, it is most certainly not; it's very similar but based on the much loved GNOME! GnackTrackR6 has just been released. This version has many wireless patches precompiled in and also has the latest version of kismet, wireshark, xplico, metasploit, nmap, beef, w3af, aircrack, armitage and much more. R6 also sees the adoption of a social engineering mode which will quickly theme the distro to look like WindowsXP. Video Demo : GnackTrackR6 can be run live from DVD or USB and can also be installed natively. There is also a VMWare image available for those that test from within a virtual machine. The Developers are constantly taking new requests for tools and adding them pretty quickly. To get your copy just go to : Click Here

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

An attacker who had credentials and the use of taxpayer Fedora Fedora server, but the project leaders say the assailants apparently managed to compromise any software or servers. An attacker has attempted to compromise the servers for the Fedora Project, the community version of Red Hat Enterprise Linux, but no damage or code servers, according to an e-mail sent to the Fedora mailing list on January 25 . In the statement, "a security incident on Fedora infrastructure" right Fedora Project manager Jared Smith revealed that the login and password Fedora contributor was stolen and used to access systems on January 22. It was a factor against those who had the right to run the code packages for Fedora SCM, build and manage to make updates to the Fedora packages, according to Smith. Donor had no sysadmin or Release Engineering teams, and had only limited rights fedorapeople.org wrote. Fedora Infrastructure team is investigating the incident and was unable to conclude that

ddosim is a tool that can be used in a laboratory environment to simulate a distributed denial of service (DDOS) attack against a target server. The test will show the capacity of the server to handle application specific DDOS attacks. ddosim simulates several zombie hosts (having random IP addresses) which create full TCP connections to the target server. After completing the connection, ddosim starts the conversation with the listening application (e.g. HTTP server). ddosim is written in C++ and runs on Linux. Its current functionalities include: HTTP DDoS with valid requests HTTP DDoS with invalid requests (similar to a DC++ attack) SMTP DDoS TCP connection flood on random port In order to simulate such an attack in a lab environment we need to setup a network like this: Download :   ddosim-0.2.tar.gz More Info : 1)   DDOSIM at Sourceforge

The Blackbuntu Community Edition is a Linux Live-CD based on Ubuntu 10.10 which was specially designed for security training students and practitioners of information security.  Another tool for penetration testers collection that could be considered as a competition for  Pentoo . It supports the following list penetration testing methodologies: Information Gathering Network Mapping Vulnerability Assessment Privilege Escalation Maintaining Access Intrusion Detection and Prevention Digital Forensics Web Application Analysis Reverse Engineering Wireless Analysis Security Distributions Malicious Code Analysis AntiSpyware & AntiVirus Tools Password Recovery & Managers To be precise, it contains the following tools: Information Gathering : DNS DnsEnum Dnsmap Dnsrecon DnsTracer Dns-Walk Fierce FindDomains HostMap Lynis Email Harvesting theHarvester Routing 0trace Itrace Lanmap2 Nat Probe Netenum Netmask NMBscan Protos Tctrace TCPtraceroute Search

Wow ! Backtrack Official Website's Server Hacked By Team Injector ! Attack on backtrack-linux.org From 1337 Team Injector   .    .--.   .--.   .---.      .           .'|        )      )      /      |             |     --:    --:      /    .-.| .-.  .  .   |        )      )    /    (   |(   ) |  | '---'  `--'   `--'    '      `-'`-`-'`-`--|                                           ;                                        `-'  Since we already tapped into exploit-db and their server lies  in  the same subnet  with  backtrack,  we  decided  to  check  out  their  mad security. Backtrack is run by muts, the same guy who also  administers exploit-db, so no wonder why it was super easy to get a shell...       $ uname -a Linux backtrack-linux.org 2.6.32.26-175.fc12.x86_64 #1 SMP Wed Dec 1 21:39:34 UTC 2010 x86_64 x86_64 x86_64 GNU/Linux $ id uid=48(apache) gid=494(apache) groups=494(apache) context=unconfined_u:system