General Esm W900
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

  (Aug 17)
 

This week Julia Reda, Member of the European Parliament for the Pirate Party, visited Pirate Bay founder Peter Sunde in prison to show her support. Today she shares a detailed account of the visit on TorrentFreak, with Sunde sharing his thoughts on prison life, the commercialized Pirate Bay, and the future that lies ahead.
  Paperclip Lock Picking Sets (Aug 17)
 

Lockpicking has become a trademark skill of hackers all across the world, and is regularly taught at hackerspaces and maker faires. But a lot of the time, the sets have already been made or bought online somewhere. However, [Sean] has demonstrated how to create a lock picking set with ordinary paperclips in the video embedded at the end of this post.
  How Secure is Your Security Badge? (Aug 17)
 

Security conferences are a great place to learn about the latest hacking tricks, tools and exploits, but they also remind us of important stuff that was shown to be hackable in previous years yet never really got fixed. Perhaps the best example of this at last week's annual DefCon security conference in Las Vegas came from hackers who built on research first released in 2010 to show just how trivial it still is to read, modify and clone most HID cards -- the rectangular white plastic "smart" cards that organizations worldwide distribute to employees for security badges.
  (Aug 19)
 

Almost three years ago, crackers broke into the kernel.org, Linux's most important site. While no damage was done, it was still worrisome. So, at the Linux Kernel Summit, the Linux Foundation announced that it was securing Linux's Git source code repositories with two-factor authentication.
  (Aug 19)
 

The number of phishing sites was up 10.7-percent as of Q1 this year (over last year) while at the same time almost 32.7-percent of PCs globally were infected with malware, including adware and spyware, indicating that phishing is an increasing issue for the enterprise, according to a report from the Anti-Phishing Working Group of the Internet Engineering Task Force.
  Hacking cars and traffic lights at Def Con (Aug 20)
 

One of the biggest hacking conferences in the world, Def Con, took place earlier this month.Cybersecurity talks included hacking cars, traffic lights and social engineering - where actors tried to get real companies to reveal compromising information.
  (Aug 20)
 

Developers are now encouraged to use an additional layer of security with the introduction of two-factor authentication for code commits.
  Attackers Can