Phishing with Unicode Domains

LinuxSecurity.com: Before I explain the details of the vulnerability, you should take a look at the proof-of-concept. Punycode makes it possible to register domains with foreign characters. It works by converting individual domain label to an alternative format using only ASCII characters. For example, the domain “xn--s7y.co” is equivalent to “短.co”.

From: Linux Security

FacebookTwitterGoogle+LinkedInEvernotePocketGoogle Gmail

The Cloud Foundry Approach to Container Storage and Security

LinuxSecurity.com: Recently, The New Stack published an article titled “Containers and Storage: Why We Aren’t There Yet” covering a talk from IBM’s James Bottomley at the Linux Foundation’s Vault conference in March. Both the talk and article focused on one of the central problems we’ve been working to address in the Cloud Foundry Foundation’s Diego Persistence project team, so we thought it would be a good idea to highlight the features we’ve added to mitigate it.

From: Linux Security

FacebookTwitterGoogle+LinkedInEvernotePocketGoogle Gmail

Russian hacker arrested in Spain for bot-herding not election-fiddling

LinuxSecurity.com: Last week ended badly for Russian hackers. The United States Department of Justice revealed that Peter Yuryevich Levashov was picked up in Barcelona a couple of weeks back for his association with the Kelihos botnet. Levashov said he’d been told the arrest was due to his creation of a virus in some way linked to the Russia’s suspected interference in the recent US presidential election.

From: Linux Security

FacebookTwitterGoogle+LinkedInEvernotePocketGoogle Gmail