Linux News | Breaking Cybersecurity News | The Hacker News

Linux kernel 3.0 - 343 changes made by Microsoft developer K. Y. Srinivasan Linux Kernal Change Logs figures were published on Thursday in an LWN.net article : 343 Changes made by Microsoft developer K. Y. Srinivasan 1,085 change provided by independent developers Red Hat provided 1,000 Changes in Kernal 3.0 Intel provide 839 changes Srinivasan comes in at the top because he made a lot of minor changes. Srinivasan and Microsoft are therefore nearer the bottom of the list. LWN.net found that Microsoft developers changed 11,564 lines of code (1.3 per cent) – compared to Intel's 163,232 (18.1 per cent).

Songs.pk hacked by Indishell Against Mumbai blasts Patriotic Indian Hackers " Indishell " / Indian Cyber Army finally Strike to the Biggest Pirated Music Download Website of Bollywood Albums run by Pakistan crew. The hack is perform against the  Mumbai blasts - Wednesday 13 July 2011. Pakistan issues a condemnation after three attacks blamed on terrorists strike Mumbai, targeting the city's Opera House district, its Zaveri bazaar and the central Dadar area. Indian hackers Hack the Songs.pk and add there deface page with a message at  https://songs.pk/usersonline/usersonline.php  . Message By Indishell " Pray for all the innocent victims of Mumbai attack ..This is a small answer from All Indians.. Remember we are Together..You can just kill innocent people .. Women & Childrens..But There is no Future for you.. We are coming with huge speed..Corruption will be under control.. Every Indian will have Money n Power..Then there will be no one to Save you..You

The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcing security and compliance leadership to a vCISO, these organizations can more easily obtain cybersecurity expertise specialized for their industry and strengthen their cybersecurity posture. MSPs and MSSPs looking to meet this growing vCISO demand are often faced with the same challenge. The demand for cybersecurity talent far exceeds the supply. This has led to a competitive market where the costs of hiring and retaining skilled professionals can be prohibitive for MSSPs/MSPs as well. The need to maintain expertise of both security and compliance further exacerbates this challenge. Cynomi, the first AI-driven vCISO platform , can help. Cynomi enables you - MSPs, MSSPs and consulting firms

Samurai Web Testing Framework LiveCD The Samurai Web Testing Framework is a LiveCD focused on web application testing. We have collected the top testing tools and pre-installed them to build the perfect environment for testing applications. Download

Fedora 15 "Lovelock" released - Download Now ! This is the latest version of the Fedora Linux operating system's Desktop Edition. It's everything you need to try out Fedora — you don't have to erase anything on your current system to try it out, and it won't put your files at risk. Take Fedora for a test drive, and if you like it, you can install Fedora directly to your hard drive straight from the Live Media desktop if you like. Features :  https://fedoraproject.org/wiki/Releases/15/FeatureList FEDORA 15 DESKTOP EDITION Download Now

Red Hat Enterprise Linux 6.1 is now available at https://www.redhat.com/rhel/ . Enhancements provide improvements in system reliability, scalability and performance, coupled with support for upcoming system hardware. This release also delivers patches and security updates, while maintaining application compatibility and OEM/ISV certifications. In addition to performance improvements, Red Hat Enterprise Linux 6.1 also provides numerous technology updates, including: Additional configuration options for advanced storage configurations with improvements in FCoE, Datacenter Bridging and iSCSI offload, which allow networked storage to deliver the quality of service commonly associated with directly connected storage Enhancements in virtualization, file systems, scheduler, resource management and high availability New technologies that enable smoother enterprise deployments and tighter integration with heterogeneous systems A technology preview of Red Hat Enterprise Identity (IPA) se

Linux kernel 2.6.39 released - Update Now ! After just 65 days of development, Linus Torvalds has  released  version 2.6.39 of the Linux kernel. The new release includes support for  ipset  which simplified firewall configuration and deployment by allowing updatable and quickly searchable external tables to be used by the network filtering. Interrupt handling can now be handled almost entirely by kernel threads, the ext4 file system and block layers are now able to scale better and show better performance and the kernel now includes a network backend for Xen virtualisation. As always, the new kernel brings hundreds of new or enhanced drivers. For example, support for AMD's current "Cayman" family of high end graphics cards and GPUs arrived with a simple DRM/KMS driver. Also new in this release are drivers for the function keys of Samsung notebooks and the Realtek RTL8192CU and RTL8188CU Wi-Fi chips. Whats News in  Linux kernel 2.6.39 The latest Linux kernel offers dr

Linux kernel 2.6.38.6 ( stable) has been released ! The latest -Stable kernel has been raised again after Greg released a new version : 2.6.38.6. This is a maintenance update, so no new feature are included, only bug fixes and minor changes. Even though Greg urges users to upgrade to this version, it's wiser to look at the  ChangeLog  to decide whether you really need to upgrade to this version or not. Personally, i don't really see any important updates in this release, so if you have no problem with your current kernel (2.6.38.x series), you can stay with it until 2.6.39 comes up in probably a week or two. Download :  https://www.kernel.org/

Live Hacking DVD v1.3 Beta - Download ! Live Hacking DVD is a new Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this 'Live CD" runs directly from the DVD and doesn't require installation on your hard-drive. Once booted you can use the included tools to test, check, ethically hack and perform penetration tests on your own network to make sure that it is secure from outside intruders. As well as the standard Linux networking tools like ping, wget, curl, telnet and ssh, the Live Hacking DVD has tools for DNS enumeration and reconnaissance as well as utilities for foot-printing, password cracking and network sniffing. It also has programs for spoofing and a set of wireless networking utilities. The Live Hacking DVD is designed for ethical computer hacking, meaning that it contains the tools and utilities you need to test and hack your own network but using the tools and techniques that mor

Ubuntu 11.04 Released ! For those of you watching Ubuntu's website recently, you may have noticed a new version of the popular and easy to use variant of Linux has been surfaced - Natty Narwal. It can be downloaded from the previously linked site free of charge. Among the various new features, the Unity interface is set as the default UI, and includes the launcher (an OS X like dock), the dash (a popup menu with user defined shortcuts), and workspaces (a virtual desktop manager). According to the Ubuntu website, the OS can boot in as little as 7 seconds (following POST). Driving all of this eye candy is Gnome 2.32.1 (according to Ubuntu Vibes). If your current equipment is not capable of Unity, the classic desktop experience will kick in as to keep you moving along with minimal lag. Those of you wanting to experiment with Gnome 3, it cannot be installed via the Ubuntu repositories, and there have been reports of system instabilities post installation, though there is a workaroun

Mageia 1 Beta 2 released [ Testing Edition ] Three weeks after the first beta arrived, the Mageia development team has announced the release of the second beta for version 1.0 of its Mandriva Linux fork. According to the project roadmap, Mageia 1 Beta 2 will be followed by a release candidate on 17 May – the first stable release is expected to arrive on 1 June. Based on the 2.6.38.4 Linux kernel, Mageia 1 Beta 2 features the latest KDE 4.6.2 desktop environment. Other changes over the previous beta include a variety of package updates, including version 12.0.742.0 of the Chromium web browser, Firefox 4.0 and LibreOffice 3.3.2. The developers also note that they froze the software package versions last week, meaning that "no new, big, upstream code changes will be accepted in Mageia until our final release in June". Moving forward, the developers will focus on fixing bugs and "refining and polishing the user experience". As with all development releases, use in

Mandriva 2011 Beta 2 is Available for Testing ! Mandriva 2011 beta 2 was supposed to be released a week ago, but the release schedule was delayed by last minute defects discovered by the development and testing teams. In order to get hold of beta 2, you can visit your favorite Mandriva mirror and check devel/iso/2011. Beta testers are fortunate enough to lay their hands on new login manager functionalities, a new launcher and welcome application, overall look and feel enhancements, new panel, LibreOffice 3.3.0, and new artwork with a default theme. That is what you all see on the surface. At the core, the release is equipped with the latest kernel 2.6.38.3, gcc 4.6.0, systemd 24, and many more system and application packages. Mandriva beta 2 is available for both 32 bit and 64 bit Intel architectures, in the form of Live CDs, which can be installed in the system on demand. Download: Mandriva.2011-beta2.i586.iso (1,492MB) Mandriva.2011-beta2.x86_64.iso (1,520MB)

OpenStack ' floating Linux kernel ' rides VMware hypervisor ! OpenStack – the open source "infrastructure cloud" project founded by Rackspace and NASA – has released a third version of its platform, offering support for all major hypervisors. With the new release, codenamed "Cactus", developers have added support for VMware's vSphere hypervisor – without help from VMware. The vSphere code was built mostly by Citrix, which had previously coded support for the Xen and XenServer hypervisors. "We're so committed to OpenStack and its hypervisor-agnostic approach that we felt it was important, since VMware wasn't going to contribute vSphere support, that we should do it ourselves," Gordon Mangione, vice president of business development for Citrix's datacenter and cloud division, tells  The Register According to Mangione, VMware has "always been invited" to contribute to the project. But this has yet to happen. The virtuali

ESET NOD32 releases Antivirus for Linux 4 ! ESET announced the availability of ESET NOD32 Antivirus 4 Business Edition for Linux Desktop and ESET NOD32 Antivirus 4 for Linux. ESET NOD32 Antivirus 4 for Linux offers protection against cross-platform and emerging threats, enhancing the security of Linux platforms. The scanning engine automatically detects and cleans malicious code, including threats designed for Windows and Mac based systems. ESET NOD32 Antivirus 4 Business Edition for Linux Desktop includes ESET Remote Administrator, which provides IT administrators with a management console to control an entire network from a single screen — supporting tens or thousands of heterogeneous computers. Key benefits and features: Detection and proactive cross-platform protection  – Advanced heuristics technology delivers real-time, proactive protection from malware, hacker attacks and exploits. Product protects against Linux, Windows and Mac malware Small system footprint  – Th

WiFite The WEP/WPA Cracker version r68 released ! Designed for Backtrack4 RC1 distribution of Ubuntu. Linux only; no windows or osx support. Purpose : to attack multiple WEP and WPA encrypted networks at the same time. this tool is customizable to be automated with only a few arguments. wifite can be trusted to run without supervision. Feature : this project is available in French: all thanks goto Matt² for his excellent translation! sorts targets by power (in dB); cracks closest access points first automatically deauths clients of hidden networks to decloak SSIDs numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc) customizable settings (timeouts, packets/sec, channel, change mac address, ignore fake-auth, etc) "anonymous" feature; changes MAC to a random address before attacking, then changes back when attacks are complete all WPA handshakes are backed up to wifite.py's current directory smart WPA deauthentic

PenTBox 1.4 – Penetration Testing Security Suite Download PenTBox, a security framework written in Ruby and multiplatform (actually working even on iOS and Android!). Tools & Features (Updated) Technical features - GNU/GPLv3 License. Free in freedom and in price. - Multi-platform (Ruby: GNU/Linux, Windows, Mac OS, *BSD, iOS, Android, …). - Compatible with Ruby and JRuby. - Multithreading (native threads in Ruby >= 1.9 and JRuby). - Doesn't require additional libraries (non standard are included). - Modular (easy to expand and customize). Tools (SVN Version) - Cryptography tools Base64 Encoder & Decoder Multi-Digest (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160) Hash Password Cracker (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160) Secure Password Generator - Network tools Net DoS Tester TCP port scanner Honeypot Fuzzer DNS and host gathering - Web HTTP directory bruteforce HTTP common files bruteforce A moderate number of people are using it and

François Dupoux has released an updated version of SystemRescueCd, a Gentoo-based live CD containing a collection of utilities for disk management and data rescue tasks. What's new in version 2.1.0? "Updated standard kernels to 2.6.35.12 (long-term kernel: rescuecd + rescue64); alternative kernels re-based on linux-2.6.38.2 (most recent kernel); patched alternative kernels with loop-aes-3.6b (encrypt disks using AES); updated Testdisk to 6.11.3 (checks and undeletes partitions + PhotoRec); updated hdparm to 9.36 (utility to change hard drive parameters); updated the Xfce desktop environment to new major version 4.8; updated gDisk to 0.7.1 (the package has been renamed gptfdisk); 32-bit kernels (rescuecd + altker32) compiled for i586 instead of i686." Change log.  Updated standard kernels to 2.6.35.12 (long-term kernel: rescuecd + rescue64) Alternative kernels rebased on linux-2.6.38.2 (most recent kernel) Patched alternative kernels with loop-aes-3.6b (encrypt d

The Internet System Consortium's (ISC) open source DHCP client (dhclient) allows DHCP servers to inject commands which could allow an attacker to obtain root privileges. The problem is caused by incorrect filtering of metadata in server response fields. By using crafted host names, and depending on the operating system and what further processing is performed by dhclient-script, it can allow commands to be passed to the shell and executed. A successful attack does, however, require there to be an unauthorised or compromised DHCP server on the local network. Dhclient versions 3.0.x to 4.2.x are affected. The ISC has released an update. Alternatively, users can deactivate host name evaluation or add an additional line to dhclient-script. Instructions for doing so can be found in the ISC's advisory. Alongside dhclient-script, X.org's 'X server resource database utility' (xrdb) is also affected, as it also evaluates host names transferred via DHCP. Crafted host name

DB Audit v4.2.29 all-in-one database security and auditing solution ! . DB Audit Expert is a professional all-in-one database security and auditing solution for Oracle, Sybase, DB2, MySQL and Microsoft SQL Server. DB Audit Expert enables database and system administrators, security administrators, auditors and operators to track and analyze any database activity including database security, access and usage, data creation, change or deletion. What makes DB Audit really unique is its built-in support for multiple auditing methods giving you the flexibility to choose the best fit for your database security requirements. Key Benefits Improves system security and ensures system accountability. Captures both regular and "back-door" access to audited database systems. Features centralized security and auditing control of multiple database systems from a single location providing ease of management. Features unified auditing graphical interface that shortens the learning curve and is

I'm assuming everyone reading already knows about Ophcrack – the awesome time/memory trade-off password cracker. Well here is a nifty web-based interface for it. Rainbow Tables are really useful when cracking password hashes, but one major disadvantage of these tables is their size which can be hundreds of gigs for complex tables. The author thought it would be extremely useful to have a personal web interface for your rainbow tables which you can access from anywhere on the web anywhere without having to carry the large tables with you everywhere you go. And well here we are, Wophcrack (Web) Ophcrack. When cracking LM or NTLM hashes Ophcrack is a great tool as we discussed recently, it provides both a GUI and CLI options along with some free and paid tables. The author basically wrote a quick and dirty PHP based web frontend for Ophcrack. Wophcrack was designed to work on Backtrack 4 R2, Although it can be install on any Linux distribution with some small adjustments, Wophcrack can

Hackers have compromised a private e-mail list used by Linux and BSD distributors to share information on embargoed security vulnerabilities and used a backdoor to sniff e-mail traffic, according to the moderator of the list. In a note to " Vendor-Sec " members, moderator Marcus Meissner said he noticed the break-in on January 20 but warned that it might have existed for much longer. I have disabled the specific backdoor, but as I am not sure how the break-in happened it might reappear. So I recommend not mailing embargoed issues to vendor-sec@….de at this time. Immediately after Meissner's warning e-mail, the attacker re-entered the compromised machine and destroyed the installation. The "Vendor-Sec" list is used by distributors of free/open-source OS and software to discuss potential distribution element (kernel, libraries, applications) security vulnerabilities, as well as to co-ordinate the release of security updates by members. This means that a compromise and the captu