Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

- Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.

- When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.

What are the advantages of open source software? (Apr 9)

Open source software attracts an ever-growing list of advocates. It can save organisations a lot of money while still providing a superior service to that available from proprietary vendors.
The Linux Foundation launches a deep learning foundation (Apr 8)

Despite its name, the Linux Foundation has long been about more than just Linux. These days, it's a foundation that provides support to other open source foundations and projects like Cloud Foundry, the Automotive Grade Linux initiative and the Cloud Native Computing Foundation. Today, the Linux Foundation is adding yet another foundation to its stable: the LF Deep Learning Foundation.
As legal threats rise, this new report aims to guide ethical hackers (Apr 10)

Security researchers, ethical hackers, and bug hunters spend their days trying to make the world safer and more secure. And yet the US legal system makes it almost impossible for them to do their jobs, thanks to flimsy interpretations of long, outdated laws.
(Apr 10)

Verizon's 2018 Data Breach Investigations Report is out. In a summary of findings, Verizon noted that 73 percent of the breaches were perpetrated by outsiders, 50 percent by organized criminal groups, 28 percent involved insiders, 12 percent involved nation-state or state affiliated actors, 2 percent involved partners and another 2 percent involved multiple partners.
(Apr 11)

I was talking to a friend the other day when he said there were no more than 0.0001 percent Linux users. So, so wrong.
Red Hat looks beyond Linux (Apr 9)

The Red Hat Linux distribution is turning 25 years old this week. What started as one of the earliest Linux distributions is now the most successful open-source company, and its success was a catalyst for others to follow its model.
(Apr 11)

Despite being a tactic that pre-dates the internet, and recalls the days of scams surrounding depositing large amounts of money in your bank account, phishing remains a major problem of online security. In fact, research by Ironscales shows that it accounts for up to 95% of successful cyber-attacks worldwide.
(Apr 10)

High-earning cyber-criminals make as much as $2m per year, almost as much as the average FTSE CEO, a new study from Bromium has claimed.
(Apr 12)

One morning in 2016, John turned on his computer. A message on the screen said he had 14 days to pay a ransom in Bitcoin, or all his files would be deleted forever.
Q1 Cyber-Attacks on UK Firms Jump 27% (Apr 13)

Online attacks on UK businesses jumped by over a quarter (27%) year-on-year in the first three months of the year, according to Beaming.
Avoiding the Ransomware Mistakes that Crippled Atlanta (Apr 12)

Last month, five of Atlanta's 13 government offices were "hijacked," as the city's mayor put it, by ransomware that disrupted far-reaching facets of the city's digital infrastructure. From the courts to the police department to public works, government activity was essentially frozen as the hackers gave the city a week to pay the ransom – roughly $50,000 worth of bitcoin – or have critical data and processes deleted permanently.
(Apr 13)

The open source movement changed how companies build software. Facebook, Twitter, and Yahoo employees pitched in during the early days of the data-crunching software Hadoop.