Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Top Six Advantages of Open Source Development/Products According to Guardian Digital - Open source programs and solutions offer many advantages over proprietary alternatives including better quality, higher levels of security, superior flexibility, lower costs and a thriving community surrounding open source development.

- In this interview, Dave Wreski discusses Guardian Digital's highly effective email security solutions and the myriad advantages of investing in these solutions to secure your email.

(Jun 7)

In March 2017, the New York State Department of Financial Services (DFS) implemented 23 NYCRR 500, generally referred to as the New York Cybersecurity Regulation. Its aim is to encourage financial services firms doing business in the state to minimize their security risks. Although many experts see the regulation as flawed, 23 NYCRR 500 is expected to set a precedent for cybersecurity laws and regulations in other states.
(Jun 6)

Security firm Snyk has disclosed a widespread and critical flaw in multiple archive file-extraction libraries found in thousands of open-source web application projects from HP, Amazon, Apache, Oracle, LinkedIn, Twitter and others.
(Jun 3)

News of how the Russians are alleged to have infected more than 500,000 home routers worldwide via the VPNFilter malware broke last week, leaving home users and security managers scratching their heads about how to best to lock themselves down.
#Infosec18: Nation State Hacking is Biggest Change in Cyber-Threat Landscape (Jun 7)

The former director general of GCHQ Robert Hannigan took to the keynote stage at Infosecurity Europe 2018 to discuss the evolving cyber-threat landscape, describing how – whilst changes in sophistication of lone actors and cyber-criminals are increasing the challenges of keeping data secure – it is the rise of nation state attacks that is "possibly the biggest change in the last couple of years."
(Jun 8)

Some states are more dangerous, from a cybersecurity standpoint, than others. That's the conclusion of a new report by the Ponemon Institute that ranks each state based on the risks to its citizens and points a finger squarely at Florida as the home of riskiest behavior.
(Jun 6)

MyHeritage, a platform designed to investigate family history, learned of a data breach on June 4, 2018. It reports the incident affected email addresses and hashed passwords of nearly 92.3 million users who signed up for the site before and including Oct. 26, 2017, the date of the incident.
#Infosec18: Regulation is Top Driver of Cybersecurity, Now & in the Future (Jun 5)

Infosecurity has released the findings of a recent survey of senior industry professionals to determine the key trends that are currently driving cybersecurity spending and behaviors, and what factors will drive it in the next five years.
(Jun 4)

Cyberattackers linked to North Korea have appeared to have withdrawn from attacks on the US industrial sector.
(Jun 5)

Major sporting events attract fans and cybercriminals alike. Earlier this year, attackers targeted the 2018 Winter Olympics in Pyeongchang; now their sights are on the 2018 FIFA World Cup. Soccer-related spam is ramping up ahead of the event, which begins in less than two weeks.
Security fail? One in three companies think paying hackers is worth the risk (Jun 4)

A third of organisations would consider paying a ransom to hackers instead of investing more in security a survey has claimed.
Customer Data Flies Away with Ticketfly Hacker (Jun 3)

Ticket distribution service Ticketfly was hacked by a culprit who took responsibility for defacing the company's homepage with a message citing poor security as the reason for not apologizing.
Bug Bounty Payouts Up 73% Per Vulnerability: Bugcrowd (Jun 8)

The past year was a big one for bug bounties, with more programs offering more money to more researchers. Bug bounty programs grew 40% year-over-year, the average payout per vulnerability rose 73% to reach $781, and the number of Bugcrowd researchers grew by 71%.