Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. Feature Extras:

Essential tools for hardening and securing Unix based Environments - System administrators are aware as how important their systems security is, not just the runtime of their servers. Intruders, spammers, DDOS attack, crackers, are all out there trying to get into people

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

  Building a new cloud security model (Oct 23)

Despite the numerous advantages presented by cloud computing, security is still the biggest factor holding back more widespread adoption by businesses. A recent survey by AlienVault found that an overwhelming 90 percent of organisations are still concerned about cloud security.

  Western Digital self-encrypting hard drives riddled with security flaws (Oct 22)

Several versions of self-encrypting hard drives from Western Digital are riddled with so many security flaws that attackers with physical access can retrieve the data with little effort, and in some cases, without even knowing the decryption password, a team of academics said.

  Network Time Protocol flaws defy HTTPS, cause network chaos (Oct 22)

Network admins take note: A set of vulnerabilities can bypass HTPPS with ease and result in spying, outages and authentication bypass.

  Red Hat and Black Duck partner to secure containers (Oct 21)

We love Docker and containers. But, the more we use containers the more we worry exactly what it is we're running when we spin them up. So, Linux giant and cloud power Red Hat and Black Duck, a leader in automating securing and managing open-source software, are working together on establishing a secure and trusted model for containerized application delivery.

  (Sep 9)

Venerable hacker publication 2600 is fighting off what looks like an early candidate for the most egregious copyright infringement accusation of 2015.On a 2012 cover, 2600 used an ink-splatter effect. A group naming itself the Trunk Archive

  Linux botnet observed launching powerful DDoS attacks (Oct 1)

Threat actors are leveraging a botnet made up of infected Linux machines to launch powerful distributed denial-of-service (DDoS) attacks against as many as 20 targets per day, according to Akamai's Security Intelligence Response Team (SIRT).

  Is it still possible to do phone phreaking? Yes, with Android on LTE (Oct 23)

In the 1960s and 70s, technically savvy enthusiasts sought to game telecommunications systems to make free calls, keeping telecom engineers on their toes.

  Hacking Fitbit (Oct 23)

This is impressive: "An attacker sends an infected packet to a fitness tracker nearby at bluetooth distance then the rest of the attack occurs by itself, without any special need for the attacker being near," Apvrille says.

  Could VW scandal lead to open-source software for better automobile cybersecurity? (Sep 30)

After Volkswagen used software that manipulated exhaust values and defeated emissions tests, it has affected 11 million VW diesel cars built since 2008. A 2007 letter from VW parts supplier Bosch warned Volkswagen not to use the software for regular operations; in 2011, a Volkswagen technician raised concerns about the illegal practices in connection with the emissions levels.

  This Secret Code in Your Printer is Helping Governments to Spy On You (Oct 21)

According to a latest EFF research, it

  Turnbull: Don't assume government email is more secure than private email (Oct 9)

Concerns over Malcolm Turnbull using his own private email server have been rebuked by the Australian Prime Minister, who said that all parliamentarians use insecure communication methods all the time, most notably, SMS messaging.

  WinRAR Vulnerability Is Complete Bullshit (Oct 1)

So Twitter exploded earlier with calls of a remote code execution WinRAR vulnerability leaving half a BILLION users open for some hardcore exploitation.