Linux Security Week: August 26th, 2019

Ls Default Copy 1

Anthony Pell

2 - 4 min read Aug 26, 2019

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

What we Can Learn from the Recent VLC Security Vulnerability Fiasco: A Conversation with VideoLAN President Jean-Baptiste Kempf - About a week ago, the LinuxSecurity staff started tracking a security issue related to VLC , the popular open source media player. Security vulnerabilities are a regular part of the software development lifecycle. These vulnerabilities are identified, then a solution is created and distributed to its users. In this case, it wasnt completely clear whether thats what happened, though. We decided to find out.

LinuxSecurity.com Launches New site, Celebrates 20 Years of Following Open Source Security News and Resources - LinuxSecurity.com, the open-source communitys go-to source for security news and information, has revealed a completely new site design and a renewed focus on providing timely, authoritative industry content. LinuxSecurity.com is a valuable resource for the open-source community, informing Linux users of the latest cyber security-related news, trends and advisories.

	An introduction to bpftrace for Linux (Aug 19)
	Are you familiar with bpftrace, a new Linux tracer that analyzes production performance problems and troubleshoots software? Learn more in this awesome Opensource.com article:
	The Dangers of Open-Source Vulnerabilities, and What You Can Do About It (Aug 19)
	Neglecting basic security practices exposes companies to long-standing security threats. Learn what you can do to mitigate the risk that security vulnerabilities pose to your business:
	Unlocking the future of blockchain innovation with privacy-preserving technologies (Aug 22)
	Interested in what the future has in store for blockchain? Check out this interesting HelpNetSecurity article:
	Multiple HTTP/2 DoS flaws found by Netflix (Aug 19)
	Have you heard that Netflix has identified several denial of service (DoS) flaws in numerous implementations of HTTP/2, a popular network protocol that underpins large parts of the web? Exploiting them could make servers grind to a halt. These vulnerabilities affect various Linux distributions and open-source vendors and projects. Learn the details in this article:
	61 impacted versions of Apache Struts left off security advisories (Aug 19)
	Are you an Apache Struts user who follows security advisories? If so, they may be giving you a false sense of security.
	4 takeaways from Black Hat 2019 (Aug 23)
	At Black Hat 2019, experts identified new trends and warned of emerging or growing threats, including security's impact on software development and the growing threat social media poses. Learn more an excellent CSO article:
	Google, Apple, and Mozilla won’t budge on Kazakhstan’s sneaky plot to spy on citizens (Aug 21)
	Have you heard that Google and Mozilla have stepped up their efforts to prevent Kazakhstans government from spying on citizens? What is your opinion on this? Learn more in this interesting article:
	Open-source spyware makes it on the Google Play Store (Aug 22)
	Have you heard that spyware based on two-year-old AhMyth RAT has made it past Play Store's scans, despite not being anything special? Learn more in this interesting ZDNet article:
	IT Security Pros: Encryption Backdoors Are Election Hacking Risk (Aug 22)
	The IT security community overwhelmingly believes that government-mandated encryption backdoors will putcountries at a greater risk of election hacking. Are you in agreement? Learn more:
	Microsoft, Intel and others are doubling down on open source Linux security (Aug 22)
	With large corporations' contributions to open-source projects and adoption of open-source programs, your personal data could be kept more securely by big firms
	How an NSA researcher plans to allow everyone to guard against firmware attacks (Aug 22)
	A NSA open-source security projectwill increase security in machines by essentially placing a machine's firmware in a container to isolate it from threat actors. Learn more in an interesting CyberScoop article:
	Red Hat Enterprise Linux 6 and CentOS 6 Receive Important Kernel Security Update (Aug 22)
	Have you heard that the Red Hat Enterprise Linux 6 and CentOS 6 GNU/Linux operating systems have received an important Linux kernel security update that addresses several critical vulnerabilities and fixes various bugs? Learn more about this update:
	Do VPNs Have a Place in Container Security? (Aug 22)
	Learn about the critical role that VPNs can play in container security in this informative Container Journal article:

LinuxSecurity Poll

What is the best browser with a built-in VPN?

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

News

Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Advisories

Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
HOWTOs

Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Features

Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
About Us

Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Powered By

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

© 2024 Guardian Digital, Inc All Rights Reserved